Which is the more realistic and sensible approach to ransomware protection and mitigation?

Encrypting data so if we are hacked, the data can't be read or exploited39%

Multi-factor authentication and phishing awareness training is enough to stop attacks before they get in58%

Something else (comment below)2%


2.2k views2 Comments

CTO in Services (non-Government), 51 - 200 employees
Encrypting will deter data exfiltration, not ransomware. Ransomware will just add another encryption layer.
Director of IT in Education, 5,001 - 10,000 employees
All of the above and a system like Dell Cyber Vault for your most critical data.

Content you might like

CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
40.7k views131 Upvotes319 Comments

Patch management: to reduce attack surface and avoid system misconfigurations39%

Malware and ransomware prevention: to protect endpoints from social engineering attacks59%

Malware and fileless malware detection and response: to protect against malicious software49%

Threat Hunting: to detect unknown threats that are acting or dormant in your environment and have bypassed the security controls33%

Not planning to change endpoint security strategy9%



Yes — always.37%

No, I don't mind sharing my data49%

Not yet, but I might opt out soon9%

Don’t know — I need to check!4%



Director of IT in Education, 5,001 - 10,000 employees
This question requires a long explanation, but in a nutshell, implemented in the Risk Management Framework (NIST RMF). It is a layered protection in every step of the RMF.
Read More Comments
5k views4 Upvotes15 Comments