Ransomware Attack

The Ransomware Attack that Sparked Ostra Cybersecurity

With cyber-attacks and security breaches on the rise, the need for better cybersecurity solutions and reputable data protection services is no longer something to “think about for the future.” While large companies spend millions of dollars protecting their digital assets, small and mid-sized companies struggle to find solutions that work and are both affordable and maintainable.

The market is full of “free” and “low-cost” tools that trap business owners – requiring them to purchase additional products and services to maintain security, or actually infecting their systems with malicious viruses designed to steal their information. Too many small businesses take steps to protect themselves only to learn software they trusted has led to a virus, ransomware attack or keylogger data theft. The challenge is real, and it became our mission to develop a solution to protect the little guys.

With a background in IT project management, mergers and acquisitions, leadership consulting, and organizational development – I enjoy finding new ideas and building new businesses. But cybersecurity was not on my radar until I led a $100 million global security initiative for a Fortune 10 company. A combination of industry connections and personal experiences challenged me to protect small businesses from the growing threat of online attackers.

Listening to the industry beg for knowledge of how to prevent ransomware and seeking affordable data protection services motivated me to develop a better way for companies of all sizes to have effective cloud data protection.

The Ransomware Attack that Sparked Ostra Cybersecurity

Several years ago, while sitting around a firepit at deer camp, a good friend began sharing a story about the cyberattack his company was currently facing. His company was in the midst of a ransomware event – someone was holding their data hostage for payment. I was asking him questions like, “What are you going to do? How will you stop it?” His reply stopped me in my tracks. He said there’s nothing they could do … they simply had to pay the ransom.

Digging further I learned he had called the FBI, but unfortunately the ransom amount was “small enough” that it wasn’t something the FBI would pursue. My friend’s company paid several hundred thousand dollars to get their data back. That ransomware attack could have been prevented if smaller companies only had access to the same security protection as the Fortune 100.

I do not consider myself a cybersecurity expert, but I am extremely passionate about taking care of business data the same way I want to protect my own family and friends. Listening to him struggle with a ransomware attack that was preventable, entirely avoidable – that really solidified it for me. We need to educate people. We need to provide the tools. There IS a better way for small business to be protected … it just requires the right layered approach to security.

Listen to Ostra Cybersecurity’s origin story in this video blog >>

Ostra’s Beginnings

Tapping into the knowledge and expertise of my professional connections, I began to evaluate how the small business market was looking at cybersecurity. To my chagrin, the market was flooded non-cohesive solutions for security assessments, virus software, and firewall and endpoint protection. You would never find a Fortune 100 company using bits and pieces of cybersecurity, and certainly not trusting free tools.

This is why Ostra Cybersecurity was founded – to build a company on a mission to provide big company tools in a cost-effective and manageable way for every company to adopt and manage. The tools are available, but the know-how to bring them together in a suite of services that is affordable for companies of all sizes … that was the challenge.

Our goal is to enable small to medium-sized business to have the cybersecurity protection we see larger organizations spend millions on each year. Even better, to put our combined cybersecurity solution in the hands of the most reputable companies serving small businesses with IT solutions means that Ostra Cybersecurity’s positive impact for small business owners multiplies. We are taking down the barriers that stop small businesses from protecting their data, their systems, their employees and their customers.

The Concept Behind Ostra’s “Suite of Services”

ostra-cybersecurity-suite-of-servicesBack to the idea of protecting your home with a security system … if you put locks on the windows and doors, but then leave them wide open – your home is not secure. Many of the so-called “enterprise” solutions are like door locks – they only work if they are engaged. We believe in layered solutions that watch and pay attention regardless of whether the window or door is locked … that let you know if you’ve left something open.

We’ve designed a system – a suite of services – providing small and mid-sized companies real protection, just like the big guys deliver for the Fortune 100. We have multiple security tools in place, run constant simulations, have firewalls watching for types of malware, IPS (intrusion prevention system), anti-virus solutions, email security protection … and we have all these systems talking to each other in real-time. THAT is layered data protection services that work for small business.

Avoid Cyber-Actors, Follow Industry Leaders

Many companies push their enterprise-level solutions, enterprise meaning sized for Fortune 500 or Fortune 1000 level organizations and not sized for small to medium-sized business, or home office solutions. Additionally, lesser solutions promote themselves as “enterprise” even when they don’t meet the standard set by industry-leading technology groups and independent researchers like Gartner.

In March 2021, Gartner published a digital article called “Organizations who recognize the value of a security leader, but can’t afford a traditional CISO should consider virtual options.” This article discusses the emerging recognition of smaller companies to be more strategic regarding cybersecurity and the necessity to have a leader, a CISO, responsible for guiding company cybersecurity protocol.

A CISO is the chief information security officer for a company – large companies can easily pay the $200 – $500K average salaries for these strategic security leaders, but what about companies that can’t? Gartner’s article goes on to encourage smaller companies to consider a “virtual CISO,” and lists ways that companies can pursue industry standard cybersecurity at an affordable price.

(From Gartner Article) At the most basic level, virtual CISO offerings are a hybrid of:

  1. Traditional staff augmentation, involving an on-site or virtual presence in meetings, events, operations and strategy planning
  2. Consultative engagement and management to drive creation and implementation of security and risk program artifacts, such as strategic and tactical roadmaps, architecture and policy, and to run risk management and risk assessment processes
  3. Project management of architecting and deploying security and risk solutions
  4. Coaching or advisory services to train full-time staff on how to leverage created artifacts, develop communicating plans and train the next generation of security and risk leaders

Ostra Cybersecurity – Solving Problems Before They Happen

With Ostra Cybersecurity comes a team of experts in the field of relationship management, IT integrations and decades of combined cyber security expertise. We operate behind the scenes to protect businesses by managing Detection and Response before threats get in. This saves our clients time and tens of thousands of dollars dealing with costly problems associated with simply reacting to threats and data breaches after they occur.

Ostra makes it manageable for small companies to have access to Fortune 1000 services and to understand how to prevent ransomware from infiltrating their systems. We provide cloud data protection to avoid the various types of malware. Waiting until an attack happens isn’t a sound strategy, and we have made it our mission to provide data protection services to companies of all sizes.

By making cybersecurity technology simple, comprehensive and accessible to business of all sizes, Ostra is helping create a world with greater data privacy and protection for all of us.

Start taking a proactive approach to cybersecurity by scheduling a free security audit with our expert team today.

Cybersecurity: Frequently Asked Questions

What is cybersecurity?

Cybersecurity is the protection of computers and systems from attacks. Just like protecting your home by investing in a security system with cameras and sensors, cybersecurity protects your company’s systems, computers and data from hackers. The right solution will protect your personal information, customer lists and financial details from “cyber actors” who are constantly roaming the web looking for unprotected assets. Mike Kennedy, Founder of Ostra

What is ransomware?

Want to understand how to prevent ransomware? It starts with understanding the threat. The Cybersecurity and Infrastructure Security Agency (CISA) defines ransomware as: an ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption. Ransomware actors often target and threaten to sell or leak exfiltrated data or authentication information if the ransom is not paid. In recent years, ransomware incidents have become increasingly prevalent among the Nation’s state, local, tribal, and territorial (SLTT) government entities and critical infrastructure organizations.

What are the types of Malware?

According to Cisco, Malware is intrusive software that is designed to damage and destroy computers and computer systems. Malware is a contraction for “malicious software.” Examples of common malware includes viruses, worms, Trojan viruses, spyware, adware, and ransomware.

What is cloud data protection?

Companies large and small still struggle with the idea of data protection services, specifically cloud data protection. Is my data really safe in the cloud? Norton answers questions about cloud safety in this excerpt from Cloud Security: How Secure is Cloud Data?

The data that you save with cloud service providers may likely be safer than the information you’ve stored in your computer’s hard drive. Remember, hackers can use malware and phishing emails to get the information stored on your own devices. They might freeze your computer, demanding a ransom before they’ll release the files and data they’ve frozen.

The security measures undertaken by larger companies providing cloud services are likely to be more robust and powerful than what you have protecting your home computer and devices.