CompTIAWorld | FALL 2017 38 servers are a veritable goldmine to hackers. They know that they need to take a look at cybersecurity both technologically and operationally, but they’re not sure how best to continue their efforts beyond the work they’re already putting in,” she said. The IT Pro Story New threats – like ransomware – keep popping up and aren’t going away. Businesses large and small, across all verticals, can wind up victims and you better be ready when it happens to you. “Ransomware doesn’t have a target,” Rae said. “It’s an indiscriminate effort to get dollars.” And, while preventing an attack may not be feasible – there are things you can do, he said. First, invest in protection. There are ransomware detection-and-recovery technologies available and affordable to the SMB market. According to Rae, in the long run these technologies save people and companies money. Second, communicate to your employees that everybody is vulnerable. It’s not as easy as forbidding employees to pull up certain websites anymore. These new threats are savvy and find their way into your inbox disguised as a legit sender containing business-related information. Educating your employees about vulnerabilities gives them the power to take initiative and communicate when something goes wrong. And, the sooner you catch it – the better off you’ll be. Third, new skills must be combined into a new approach. In a world of constant, evolving attacks, a mentality of preventing all breaches is outdated. Organizations must shift to proactive measures, including external audits, penetration testing and security training. Strong defenses will always play a role, but they must be coupled with ongoing offensive activity. Want more information? Contact Membership@CompTIA.org. These new threats are savvy and find their way into your inbox disguised as a legit sender containing business-related information.