ransomware-proof-your-habitsRecently I came across an article in the New York Times discussing the need for the familiar. In these times of pandemic where what once was normal now is thrown into chaos, the author was arguing that our brains require daily structure. We naturally try to categories, classify and predict outcomes. We unintentionally find patterns where no pattern actually exists. We see faces in walls and dragons in clouds.

In the pandemic, many of us are longing for old routines. What the authors conclude? We need to find some new ones.

Our reality in the pandemic—as it is with increased ransomware attacks—is that we crave for normalcy. We want patterns. We need an assemblance of routine and ritual. Without these simple inserts in the day, we struggle to get by sorting through mundane or chaos (or anything in between).

Our problem is that we were biologically engineered to rely on routines, and these are the very things that are lacking. In fact, our brains are statistical organs built to predict what will happen next. Its goal is to minimize surprise.

Now shouldn’t we be able to ransomware-proof our behaviors as well?

I’m sure your goal is to have the ability—and possibly fortune—to predict what is to come when. Order from the chaos and solutions to problems (tickets). What psychologists suggest for breaking the pandemic depression in my head is very similar to what we must do to break our ransomware nightmare. Sticking to routines and habits that will help you to predict your network’s health rather than those that might not are crucial to ransomware-proofing your network going forward.

What are some examples of routines and behaviors your team might want to incorporate into their daily, weekly or monthly habits?

Keep up on the latest news—set aside 15 or 20 minutes a day or watch a security operations (SecOps) call and figure out a few areas of continual improvement either personally within their workspace or for the company at large. Whatever your team does, focusing on learning and being exposed to current events within cybersecurity is a critical part of figuring out how to overall avoid a ransomware disaster.

Getting your tasks done—keep your security strategy to a routine. Have tasks that your team members can do regularly—assignments that are kept to a schedule rather than things that will get done eventually. The more you prioritize and schedule this work out, the easier security will be (and less reactive responses you will need to have). We assign and prioritize security within our Galactic Portal to make security accomplishments a norm.

Celebrate small and large wins in your security posture—our brains gravitate toward accomplishments. The more small wins we build up, the more winning your team will be doing. If you start celebrating accomplishments in security, you will certainly start building momentum within your team.

Create visibility—whether a mistake that someone on your team went through or something that came up in the news that hits close to home, the more your team sees mistakes, their consequences and how to avoid them is invaluable information that provides context to our security issues.

The more you’re able to put security into a routine for your team to easily follow, the less they’ll have to think about it. In fact, routines tend to conserve brainpower by at least 20 percent. When confronted to react to security issues, your team’s bandwidth will diminish.

Of course, your team could take routines too far, but for most of us, just having some assemblance of a framework to make sure security is working will make getting security tasks done much easier.

Overall, find out what works for your organization. The security behaviors will need to be regular to help you achieve a good security baseline. The best habits will help you and your team provide structure and order, but also a sense of accomplishment upon task completion.

Setting aside a little time and creating a routine that maintains consistency will go a long way in completing your security initiatives.