XChange Security University: 5 Ways Partners Can Talk To Customers About Ransomware

The Ransomware Conversation

Ransomware is front and center as a threat to businesses, as made clear by recent high-profile attacks on businesses big and small. At XChange Security University in Orlando, Fla. on Saturday, Sophos North American Enterprise Region Sales Engineering Director Matthew Hickey spoke about ways partners can work to drive awareness with customers and help them protect themselves against a ransomware attack. Those methods include more advanced security techniques, as well as helping customers get back to basics around security. Take a look at five ways Hickey said customers could engage with customers around ransomware.

Extreme Growth In Ransomware

Ransomware is growing not just in the number of attacks, but also the types, Hickey said. He said Sophos has been tracking the rise of Ransomware-as-a-Service, which makes it easier for less sophisticated hackers to create ransomware attacks. He also highlighted two high-profile ransomware attacks earlier this year, with WannaCry and NotPetya both hitting businesses around the globe. Finally, he said Sophos is not only seeing the volume of malware and ransomware increase, but it is also seeing it become more targeted at specific businesses, rather than the same malware hitting many businesses. He said all these growth factors require partners step up with a different and more comprehensive security approach.

Backup And Disaster Recovery

Hickey said backup and disaster recovery solutions are often the first step for solution providers looking to help their customers protect their assets from ransomware. However, he said it is also just part of the larger security discussion partners should have about the threat, as customers can often get re-infected after an attack if they only rely on backups for remediation.

Machine Learning

As attacks get more sophisticated and more targeted, Hickey said one way partners could step up is through machine learning technologies.

"With deep learning or machine learning, you have the capability to address unknown unknowns that are attacking customers," Hickey said. That's an area Sophos, for one, has been investing in, announcing in February the acquisition of machine learning company Invincea for $100 million.

Managed Security Services

Hickey said managed security services is another way partners can step up around ransomware. He said MSSPs have the opportunity to provide a full system of security, rather than a point system, which he said is key to preventing attacks. He said that a full system of security includes technologies across the network and endpoint, as well as education, visibility, and services.


Finally, Hickey said there is an opportunity for partners to help customers step up their understanding of ransomware and how to prevent it. He said education is a key piece of the partner's value proposition to customers, including education on the threats that are out there – including WannaCry, NotPetya and tools such as the CIA tools leaked by the Shadow Brokers – and a plan for how to protect themselves against ransomware attacks. One key way he said partners could educate customers is around phishing, providing anti-phishing training and teaching them how to spot phishing emails.