Ransomware attacks on local government and small businesses are on the rise, and everyone needs a response plan in place before an incident occurs. In this case, quick action prevented the virus from spreading deeper into the system, and the city’s ransomware insurance will help defer the costs of a breach. At the same time, many ransomware attacks are initiated by phishing scams, which means that every company should include training on cybersecurity best practices as a part of their ransomware preparedness plan.

This incident underscores the importance of cybersecurity best practices in any organization. A simple oversight gave hackers access to a single account, which compromised the information of 1,000 people. Every organization needs to prioritize training and oversight as a cybersecurity must-have. This data breach, like many others, was entirely preventable, and no organization wants to bear the financial and reputational burden of an avoidable oversight.

Any company reliant on point-of-sale exchanges with their customers must be especially vigilant about protecting the integrity of these systems. Not only is it incredibly costly to repair the technological infrastructure, but the cascading consequences of reputational damage can be even more profound. Companies can (and should) demonstrate their commitment to protecting their employees and customers by taking proactive measures to prevent future breaches.

Failing to understand your organization’s threat landscape can have significant consequences in today’s digital environment. In this case, hackers had access to the university’s database for nearly four months, making it evident that their security standards were not adequate to address relevant threats. Particularly when your university is seen as a premier technological institution, failure in this regard is entirely preventable, embarrassing, and unacceptable.

Ransomware is a growing threat among SMBs. Since it is often injected into a company’s network through phishing scams or other employee errors, consider partnering with an MSP that has the tools to train employees and prevent phishing attacks.