Discover our mission, values, and leadership.
Explore benefits that power your success.
Browse our network of businesses.
Explore opportunities to connect and grow.
Don’t miss our upcoming Government Affairs Forum with Massachusetts State Treasurer Deborah B. Goldberg.
12/09/2025
9:45am - 11:00am
Greater Boston Chamber of Commerce
Take advantage of exclusive perks and programs for members.
Browse our directory to find and connect with member community.
Join experiences that build relationships and spark ideas.
City Awake empowers young professionals in a variety of ways that encourages these rising leaders to stay invested in the region’s future success.
Our Boston’s Future Leaders (BFL) program provides emerging leaders with a socially conscious and civically engaged leadership toolkit, as well as the opportunity to apply their knowledge through experiential assignments.
The Massachusetts Apprentice Network convenes employers, training providers, and talent sources interested in developing and implementing apprenticeship programs in occupations across industries and statewide in fields such as tech, advanced manufacturing, healthcare, financial services, and more.
Level up your leadership and communication in this Boston Chamber workshop for professionals—gain essential skills in team alignment.
The Chamber Foundation invites the business community to engage with Boston Public Schools leaders and their students to help build the future workforce.
Learn how we advance talent and small business growth.
Explore our key priorities and strategic efforts.
Join us at our next Foundation event.
Ransomware is a type of malware, or malicious software that encrypts a victim’s files and demands a ransom be paid in order to decrypt them. It’s a growing problem for both individuals and businesses, as the sophistication and reach of ransomware attacks continues to increase. If you’re not familiar with ransomware, this article will give you a quick rundown of what you need to know. I’ll also cover the basics of how to protect your company from ransomware, and what to do if you are hit by an attack.
According to the 2022 Verizon Data Breach Investigations Report, ransomware attacks rose 13% in 2022- more than the last five years combined – and accounted for 25% of all cyber-attacks. It’s important to remember, ransomware by itself is really just a model of monetizing an organization’s access. Ransomware was listed as the third most common attack vector, not far behind the use of stolen credentials and “other” types of attacks not caused by phishing or exploiting vulnerabilities.
Additionally, ransomware accounted for almost 70% of all malware breaches in 2022, resulting in an inability to access company data and jeopardizing an organization’s overall cybersecurity. It is not uncommon for the data of those affected by the ransomware to be sold on the black market, prior to the ransomware payment. Additionally, there is a growing trend for companies to choose not to pay attackers, and instead recover their data from backups. To counter that tactic, the attackers often are deploying Distributed Denial of Service (DDoS) attacks along with ransomware. This strategy overwhelms network resources, rendering them incapable of serving their intended users. Victim companies are unable to conduct business, even if they have viable backup data.
In short, yes. You may be surprised to learn that all companies are targets, regardless of their size. Attackers often identify targets based on the company or organization that will secure the greatest “reward,” or financial impact. That might mean a single, massive attack on a natural gas pipeline, such as the Colonial pipeline incident, or many attacks spread across dozens of smaller organizations. The rise of Ransomware as a Service (RaaS) on the dark web, where the ransomware companies will go as far as setting up a call center to assist with ransomware deployments, does not help the issue.
The reality is that any business with a working email address can be affected by ransomware. This is a question of when, not if. Companies need to have procedures in place that allow them to pivot quickly from “we’ve been threatened” to an effective response plan.
You may think, if large companies like Colonial Pipeline, Apple, or Kaseya with their substantial security budgets are affected by ransomware, my small or medium size business doesn’t stand a chance. Not exactly!
You can take several steps to be more prepared to respond to, or even avoid, ransomware attacks. Below, I have outlined a few of the steps you should consider to respond to a ransomware attack.
Your company should have an enterprise ransomware policy in its incident management program that defines the actions to be taken in the event of a ransomware attack. This policy should be approved by the board of directors or equivalent management body at your company. A ransomware-specific incident response playbook should always include the following:
Alternatively, if your company has hired or partnered with a third-party vendor to manage your incident response plan, ensure they have created a well-defined playbook and have shared it with your team in advance.
While performing annual risk assessments, companies should include the probability and potential impact of a ransomware event, based on real-world scenarios, from their respective industries and company size. Considering ransomware as a risk scenario will allow you to determine the potential impact of refusing payment, and your ability to restore or rebuild from data backups.
Protecting information relies heavily on asset inventory, data classification, and defined data flows. Without knowing what data resides or traverses which systems on your networks, the company will not be able to design adequate controls to protect classified data.
Companies should have approved and implemented Vulnerability and Patch Management Policies to identify, assess, track, and remediate vulnerabilities affecting all data within the enterprise. A good asset inventory will make this job much easier. Having a Software Bill of Materials (SBOM) for each critical application used to operate your business is an added advantage that will set you apart from the competition and enhance the vulnerability remediation process.
Multi-Factor Authentication (MFA) is a common control, that, if implemented properly, can reduce the risk of a ransomware incident. However, recent breaches at several high-profile companies, including Cisco, happened because of MFA fatigue. In this and many other incidents, attackers exploited the human factor and sent repeated MFA push requests, hoping at least one would be approved by the user. When users allow connections that they did not originate, attackers gain access to the enterprise systems.
User education, combined with proper configuration of security controls and settings, can help prevent such incidents.
Most companies have already implemented data backups, but it is also imperative to regularly test to evaluate if backups are sufficient to recover your systems on time. It is equally important to make sure backups are segregated from other normal networks, to protect them from attackers.
Security awareness training plays a big part in your company’s ability to prevent a ransomware attack. Providing regular training, where users learn how to spot, avoid, and report phishing attempts, can reduce the risk of an incident. It is also essential to conduct periodic phishing exercises to make sure employees recognize phishing attempts and report them to appropriate parties.
A ransomware readiness assessment can help identify gaps in the controls, processes, or procedures that make a company vulnerable to a ransomware attack or would hinder their response. Companies can conduct ransomware readiness assessments using internal staff or a trusted partner or choose a hybrid model where they hire a vendor, and utilize their internal team to interact with the third-party vendor to leverage the best knowledge and experience on both sides.
You have the power to respond—not react—to the attack!
Cybersecurity Manager,
Baker Newman Noyes
Popular Resources