This incident is a tragic reminder that, when it comes to data security, timing is everything. Phishing scam awareness training and two-factor authentication can go a long way toward protecting company and customer data, but they need to be in place before an attack occurs. Therefore, installing proactive measures should be a top priority in the days and weeks ahead.

In addition to academic and government institutions, cybercriminals are increasingly targeting businesses that store customer data. Many are now willing to compromise customer data if ransom demands aren’t met, a new reality that significantly increases the potential damage of a ransomware attack.

After this devastating malware attack, Fondren Orthopedic Group announced an update to their cybersecurity practices, a move that is too little, too late for the thousands of patients impacted by the breach. There are many steps companies can take to mitigate the risk of a data breach, but those steps need to be taken before an incident occurs. Otherwise, these measures serve as vanity metrics as opposed to a defensive strategy.

Ransomware attacks often come with cascading consequences that impact every part of a business. Not only does this attack vector come with high up-front expenses, but the reputational damage and opportunity cost can be even more damaging. Every company should assess its threat landscape to ensure that it can adequately defend against a devastating ransomware attack.

Most data breaches begin with a successful phishing scam. Every organization has a responsibility to train its employees in defensive best practices, which is a relative bargain compared to the high cost of a data breach. In doing so, organizations transform a known vulnerability into a valuable asset to their defensive posture..