| Identify data assets that are important to you and back them up and work out recovery objectives in advance. This may sound complicated at first but follow this to get you started: https://docs.borgbase.com/strategy/ Also a tool like borg [1] will help you ‘do backups right’. If you’re on Windows maybe checkout restic [2]. Next, make sure you patch software as unpatched software may contain vulnerabilities which can be exploited by a threat actor. Quicker is better and automating this allows audit, consistency, and expediency. If you’re on MacOS check out RansomWhere from objective-see : https://objective-see.com/products/ransomwhere.html Educate users so they are aware of the risks of opening emails from people they do not know and how to identify potential phishing. Various anti malware/anti virus software can be used in conjunction with the above but cannot be relied on by itself - defence in depth. Also you shouldn’t feel this is all your responsibility. Try and raise this business risk with the powers that be. See if you can not only get a company mandate but also maybe obtain someone with more expertise? [1] https://www.borgbackup.org/
[2] https://restic.net/ |