IT leaders should continuously seek out innovative technologies to add to their customized, layered defense, said James Scott, senior fellow and co-founder of the Institute for Critical Infrastructure Technology. "Look at where your valuable data is, who is trying to exploit it, and what vulnerabilities are there in protecting it," he added.

To prevent a ransomware attack on your company, experts say IT leaders should do the following:

• Use a layered security approach, with all endpoints protected, as well as protection at the mail server and gateway. "If you can stop these things from ever showing up in an end user's mailbox, you're ahead of the game," Haley said.
• Educate your employees. "The human element is always going to be the weakest element," Scott said. "The organization's infosec team has to continuously update their education for other staff with relevant threats."
• Run risk analyses, and patch vulnerabilities, especially on browsers, browser plugins, and operating systems. "Infosec teams should be savvy enough to continuously pen test the organization to hunt for vulnerabilities," Scott said. "It's important that they do that with the same vigor as the adversary would."
• Build a comprehensive backup solution, and backup often. "If your files get encrypted, you don't have to pay the ransom--you just restore the files," Haley said. Most businesses back up, but some have not tested whether or not these backups work in an emergency.
• Track behavior analytics to detect abnormalities among users.
• Limit access to file shares to only those who absolutely need access.

Some organizations are using AI products to predict threats, Scott added. "A year ago, the technology to detect and respond to threats was what everyone was talking about," he said. "Now, it's detect, respond, and predict."