Chapter 4
rahkon
UpdatedSurveyQuestions.pdf
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
1 / 25
Q1
Your selection of agree means that you understand your rights listed above and agree to participate in this study.
Yes
Q2
What are the impediments for the application of ransomware-specific preventative controls by small business owners?
What preventive measures is your organization adopting against
ransomware?
We provide technologies by Macafee and user awareness.
How would describe your organization’s preparedness to curb
ransomware?
Use awareness on red flag like blindly opening up emails and clicking links.
What are the physical, administrative and technical barriers to
ransomware prevention in your organization
Ensuring that users are not only are educated but they are using what they learned. Also ensuring that vendors have the right type of technology to look for the latest ransomware.
Q3
What are the impediments for the application of ransomware-specific detective controls by small business owners?
How would you describe your organization’s security event log
checking?
Automated and scrubbed by splunk.
What are the weaknesses of your systems in detecting network
intrusion?
Definitions and bandwidth capacity
How would you describe the effectiveness and weaknesses of
your system in detecting malicious codes?
7 out of 10
#1#1 COMPLETECOMPLETE
Collector:Collector: Web Link 1 Web Link 1 (Web Link)(Web Link) Started:Started: Tuesday, August 30, 2022 8:11:16 PMTuesday, August 30, 2022 8:11:16 PM Last Modified:Last Modified: Tuesday, August 30, 2022 8:25:39 PMTuesday, August 30, 2022 8:25:39 PM Time Spent:Time Spent: 00:14:2200:14:22 IP Address:IP Address: 166.205.147.141166.205.147.141
Page 1: Consent Letter
Page 2: A Qualitative Study on the Impediments to the Application of Preventative, Detective, and Corrective
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
2 / 25
Q4
What are the impediments for the application of ransomware-specific corrective controls by small business owners?
How do you define the firm’s effectiveness in adopting the
automatic threat removal?
Very aggressive
After your previous attack, what weaknesses did you identify
regarding correcting the problem?
Virus definition update failure. Always check to make sure it applied.
What are the inadequacies of your organization’s recovery
plans?
Mostly it would be the down time to recover.
What measures is the firm considering to prohibit the future
attacks?
Have the right security team in place and also user education.
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
3 / 25
Q1
Your selection of agree means that you understand your rights listed above and agree to participate in this study.
Yes
Q2
What are the impediments for the application of ransomware-specific preventative controls by small business owners?
What preventive measures is your organization adopting against
ransomware?
Yearly mandatory training
How would describe your organization’s preparedness to curb
ransomware?
Periodically send emails that could potentially lead to ransomware to check the employees knowledge
What are the physical, administrative and technical barriers to
ransomware prevention in your organization
Email and content filters in place to catch spam, phishing, and ransomware style emails. Using cloud based storage so no critical information is stored directly on machines
Q3
What are the impediments for the application of ransomware-specific detective controls by small business owners?
How would you describe your organization’s security event log
checking?
Event logs are monitored daily
What are the weaknesses of your systems in detecting network
intrusion?
Insider threats
How would you describe the effectiveness and weaknesses of
your system in detecting malicious codes?
The controls in place are effective but with the ever- changing environment in the World of IT we struggle to keep up with the latest trends and have to make business decisions based on the financial commitments we have as a small business.
#2#2 COMPLETECOMPLETE
Collector:Collector: Web Link 1 Web Link 1 (Web Link)(Web Link) Started:Started: Wednesday, August 31, 2022 8:27:40 AMWednesday, August 31, 2022 8:27:40 AM Last Modified:Last Modified: Wednesday, August 31, 2022 8:40:11 AMWednesday, August 31, 2022 8:40:11 AM Time Spent:Time Spent: 00:12:3000:12:30 IP Address:IP Address: 166.205.147.22166.205.147.22
Page 1: Consent Letter
Page 2: A Qualitative Study on the Impediments to the Application of Preventative, Detective, and Corrective
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
4 / 25
Q4
What are the impediments for the application of ransomware-specific corrective controls by small business owners?
How do you define the firm’s effectiveness in adopting the
automatic threat removal?
Very effective
After your previous attack, what weaknesses did you identify
regarding correcting the problem?
Haven’t had an attack
What are the inadequacies of your organization’s recovery
plans?
Insider threat where an employee moves important documents to there local machine instead of keeping them on the cloud server
What measures is the firm considering to prohibit the future attacks?
Despite not being attacked we are committed to yearly training for our employees
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
5 / 25
Q1
Your selection of agree means that you understand your rights listed above and agree to participate in this study.
Yes
Q2
What are the impediments for the application of ransomware-specific preventative controls by small business owners?
What preventive measures is your organization adopting against
ransomware?
User awareness and training, backup of critical information, segregation of networks to protect sensitve information, documentation of standard operating procedures
How would describe your organization’s preparedness to curb
ransomware?
Organization's personnel are continually reminder that information security is everyone responsbility by placing flyers in stragetic locations
What are the physical, administrative and technical barriers to ransomware prevention in your organization
Lack of knowledge to properly utilize some of the tools/software necessary, financial and manpower resources are limited, necessary documentation may not exist
Q3
What are the impediments for the application of ransomware-specific detective controls by small business owners?
How would you describe your organization’s security event log checking?
Personnel are inundated with the overwhelming number of logs that need to be checked
What are the weaknesses of your systems in detecting network intrusion?
No security devices implemented within the environment to aggregrate and correlate all logs within a centralized location
How would you describe the effectiveness and weaknesses of
your system in detecting malicious codes?
There is no system in place that can effectively increase the efficiency of detecting malicious code
#3#3 COMPLETECOMPLETE
Collector:Collector: Web Link 1 Web Link 1 (Web Link)(Web Link) Started:Started: Wednesday, August 31, 2022 8:04:38 PMWednesday, August 31, 2022 8:04:38 PM Last Modified:Last Modified: Wednesday, August 31, 2022 8:44:48 PMWednesday, August 31, 2022 8:44:48 PM Time Spent:Time Spent: 00:40:0900:40:09 IP Address:IP Address: 108.18.158.220108.18.158.220
Page 1: Consent Letter
Page 2: A Qualitative Study on the Impediments to the Application of Preventative, Detective, and Corrective
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
6 / 25
Q4
What are the impediments for the application of ransomware-specific corrective controls by small business owners?
How do you define the firm’s effectiveness in adopting the
automatic threat removal?
The progress to implement effective automated operations for the removal of threat has been impeded
After your previous attack, what weaknesses did you identify
regarding correcting the problem?
Documentation of policies and procedures have either been outdated or missing vitial information
What are the inadequacies of your organization’s recovery
plans?
The recovery plans were essentially non-existent and has to be documented and approved.
What measures is the firm considering to prohibit the future
attacks?
Conduct a Security Impact Analysis determine the extent to which a change to the information system may have affected the security posture of the system
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
7 / 25
Q1
Your selection of agree means that you understand your rights listed above and agree to participate in this study.
Yes
Q2
What are the impediments for the application of ransomware-specific preventative controls by small business owners?
What preventive measures is your organization adopting against
ransomware?
Only responding to encrypted messages outside of our domain/network.
How would describe your organization’s preparedness to curb
ransomware?
Highly prepared having used the DoD software for early detection.
What are the physical, administrative and technical barriers to
ransomware prevention in your organization
Using unsecured websites and new employees not being equipped on what to look out for. We try and provide training to show how ransomeware works and how it can effect a company.
Q3
What are the impediments for the application of ransomware-specific detective controls by small business owners?
How would you describe your organization’s security event log
checking?
Through the DoD systems, we are alerted of potential attacks before they actually come about. They are checked around the clock.
What are the weaknesses of your systems in detecting network intrusion?
Not being able to detect imitation or mirrored accounts that look similar to the person who is being copied.
How would you describe the effectiveness and weaknesses of your system in detecting malicious codes?
It’s really effective because it detects and prevents most malicious codes before they actually reach account holders by blocking them.
#4#4 COMPLETECOMPLETE
Collector:Collector: Web Link 1 Web Link 1 (Web Link)(Web Link) Started:Started: Wednesday, August 31, 2022 8:40:09 PMWednesday, August 31, 2022 8:40:09 PM Last Modified:Last Modified: Wednesday, August 31, 2022 8:55:01 PMWednesday, August 31, 2022 8:55:01 PM Time Spent:Time Spent: 00:14:5200:14:52 IP Address:IP Address: 68.134.110.4468.134.110.44
Page 1: Consent Letter
Page 2: A Qualitative Study on the Impediments to the Application of Preventative, Detective, and Corrective
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
8 / 25
Q4
What are the impediments for the application of ransomware-specific corrective controls by small business owners?
How do you define the firm’s effectiveness in adopting the
automatic threat removal?
Always looking to improve all levels of security, we take all measures to ensure that new systems are better than what we currently have by test and trial analysis.
After your previous attack, what weaknesses did you identify regarding correcting the problem?
Have not experienced an attack yet.
What are the inadequacies of your organization’s recovery plans?
We try to keep data off of our personal work space and upload everything in the cloud to prevent any accidental loss of data.
What measures is the firm considering to prohibit the future
attacks?
Staying in alignment with the DoD software and keeping data stored in the cloud.
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
9 / 25
Q1
Your selection of agree means that you understand your rights listed above and agree to participate in this study.
Yes
Q2
What are the impediments for the application of ransomware-specific preventative controls by small business owners?
What preventive measures is your organization adopting against
ransomware?
Internal security drills and training for employees
How would describe your organization’s preparedness to curb
ransomware?
Training for the employee’s to recognize potential threats
What are the physical, administrative and technical barriers to
ransomware prevention in your organization
None
Q3
What are the impediments for the application of ransomware-specific detective controls by small business owners?
How would you describe your organization’s security event log
checking?
A third-party application in real time collects this data in an organization archive
What are the weaknesses of your systems in detecting network
intrusion?
None
How would you describe the effectiveness and weaknesses of
your system in detecting malicious codes?
Very effective with detecting zero day vulnerabilit
#5#5 COMPLETECOMPLETE
Collector:Collector: Web Link 1 Web Link 1 (Web Link)(Web Link) Started:Started: Wednesday, August 31, 2022 8:15:30 PMWednesday, August 31, 2022 8:15:30 PM Last Modified:Last Modified: Wednesday, August 31, 2022 9:13:47 PMWednesday, August 31, 2022 9:13:47 PM Time Spent:Time Spent: 00:58:1600:58:16 IP Address:IP Address: 174.216.147.23174.216.147.23
Page 1: Consent Letter
Page 2: A Qualitative Study on the Impediments to the Application of Preventative, Detective, and Corrective
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
10 / 25
Q4
What are the impediments for the application of ransomware-specific corrective controls by small business owners?
How do you define the firm’s effectiveness in adopting the
automatic threat removal?
Very effective as there are on-site vendors to support the applications
After your previous attack, what weaknesses did you identify
regarding correcting the problem?
N/a no attack
What are the inadequacies of your organization’s recovery
plans?
Available resources
What measures is the firm considering to prohibit the future
attacks?
Insider threat training
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
11 / 25
Q1
Your selection of agree means that you understand your rights listed above and agree to participate in this study.
Yes
Q2
What are the impediments for the application of ransomware-specific preventative controls by small business owners?
What preventive measures is your organization adopting against
ransomware?
Training to make members aware of threats.
How would describe your organization’s preparedness to curb
ransomware?
An aggressive posture with recurring training and reminders.
What are the physical, administrative and technical barriers to
ransomware prevention in your organization
Barriers include firewalls, system scans, and training
Q3
What are the impediments for the application of ransomware-specific detective controls by small business owners?
How would you describe your organization’s security event log
checking?
Security event logs must be timely, accurate, and relevent
What are the weaknesses of your systems in detecting network
intrusion?
Weakness can include security patches and updates not being conducted as scheduled/required.
How would you describe the effectiveness and weaknesses of
your system in detecting malicious codes?
Ensuring a system receives security updates can be key to an effective malicious code detection posture.
#6#6 COMPLETECOMPLETE
Collector:Collector: Web Link 1 Web Link 1 (Web Link)(Web Link) Started:Started: Wednesday, August 31, 2022 9:53:58 PMWednesday, August 31, 2022 9:53:58 PM Last Modified:Last Modified: Wednesday, August 31, 2022 10:43:26 PMWednesday, August 31, 2022 10:43:26 PM Time Spent:Time Spent: 00:49:2800:49:28 IP Address:IP Address: 73.135.2.873.135.2.8
Page 1: Consent Letter
Page 2: A Qualitative Study on the Impediments to the Application of Preventative, Detective, and Corrective
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
12 / 25
Q4
What are the impediments for the application of ransomware-specific corrective controls by small business owners?
How do you define the firm’s effectiveness in adopting the
automatic threat removal?
An automatic threat removal process helps to eliminate the risks associated with human effor.
After your previous attack, what weaknesses did you identify
regarding correcting the problem?
A major weakness is not knowing the correct actions to take once an attack has occurred and ensuring the processes are followed.
What are the inadequacies of your organization’s recovery plans?
Inadequacies include location (distance) and resource limitations
What measures is the firm considering to prohibit the future attacks?
One measure that must be in place is one a appropriateness. one size does not fit all.
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
13 / 25
Q1
Your selection of agree means that you understand your rights listed above and agree to participate in this study.
Yes
Q2
What are the impediments for the application of ransomware-specific preventative controls by small business owners?
What preventive measures is your organization adopting against
ransomware?
We install firewalls and virus protection software
How would describe your organization’s preparedness to curb
ransomware?
Somewhat prepared but not a primary focus
What are the physical, administrative and technical barriers to
ransomware prevention in your organization
not enough qualified personal
Q3
What are the impediments for the application of ransomware-specific detective controls by small business owners?
How would you describe your organization’s security event log
checking?
It is very good
What are the weaknesses of your systems in detecting network
intrusion?
Not aware of any
How would you describe the effectiveness and weaknesses of
your system in detecting malicious codes?
Very good
#7#7 COMPLETECOMPLETE
Collector:Collector: Web Link 1 Web Link 1 (Web Link)(Web Link) Started:Started: Wednesday, August 31, 2022 10:59:17 PMWednesday, August 31, 2022 10:59:17 PM Last Modified:Last Modified: Wednesday, August 31, 2022 11:10:06 PMWednesday, August 31, 2022 11:10:06 PM Time Spent:Time Spent: 00:10:4800:10:48 IP Address:IP Address: 71.179.28.14671.179.28.146
Page 1: Consent Letter
Page 2: A Qualitative Study on the Impediments to the Application of Preventative, Detective, and Corrective
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
14 / 25
Q4
What are the impediments for the application of ransomware-specific corrective controls by small business owners?
How do you define the firm’s effectiveness in adopting the
automatic threat removal?
It is the best method
After your previous attack, what weaknesses did you identify
regarding correcting the problem?
Have not had any
What are the inadequacies of your organization’s recovery
plans?
Not enough practice time
What measures is the firm considering to prohibit the future
attacks?
Better firewall protection
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
15 / 25
Q1
Your selection of agree means that you understand your rights listed above and agree to participate in this study.
Yes
Q2
What are the impediments for the application of ransomware-specific preventative controls by small business owners?
What preventive measures is your organization adopting against
ransomware?
We have intrusion protection systems in place to prevent attacks from outside the network. We have AES- 128 level encryption on all nodes of our network. Finally we have file level access control and file encryption protocols that require our TPM.
How would describe your organization’s preparedness to curb ransomware?
We are as prepared as we can afford to be, our biggest concern is the price of the tools needed and the manpower to utilize those tools.
What are the physical, administrative and technical barriers to
ransomware prevention in your organization
We are currently at the best posture that we can afford, and we accept the residual risk to our network. Physically, we are relatively secure, but ransomewhere is not a overtly physical attack. Administrative and technical barriers come down to cost. We strive to keep the security of our network commensurate with the value of the data on the network. As data becomes more valuable, the need to increase expenditures to match become more difficult. With new available tools, you need an icrease in personnel, or extensive training to utilize the tool appropriately.
#8#8 COMPLETECOMPLETE
Collector:Collector: Web Link 1 Web Link 1 (Web Link)(Web Link) Started:Started: Wednesday, August 31, 2022 11:23:45 PMWednesday, August 31, 2022 11:23:45 PM Last Modified:Last Modified: Thursday, September 01, 2022 12:06:29 AMThursday, September 01, 2022 12:06:29 AM Time Spent:Time Spent: 00:42:4300:42:43 IP Address:IP Address: 173.69.183.150173.69.183.150
Page 1: Consent Letter
Page 2: A Qualitative Study on the Impediments to the Application of Preventative, Detective, and Corrective
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
16 / 25
Q3
What are the impediments for the application of ransomware-specific detective controls by small business owners?
How would you describe your organization’s security event log
checking?
Our intrusion pretection system contains detection technology, when an intrusion is detected, a notificaiton is sent to our network administrator. The administrator will then review the logs and decide our best course of action. Ransomeware is only on attack we are vigilant about.
What are the weaknesses of your systems in detecting network
intrusion?
The mechanisms we have in place are the best of class for our size of business. It is not as robust as some enterprise lever solutions, and it does not have all of the features as well. We also have limited manpower, so the weakness is we have a single point of failure in terms of if our network engineer is not available we may not be advised of an attack in a timely manner.
How would you describe the effectiveness and weaknesses of your system in detecting malicious codes?
Our solution maintains malicous code signatures and is updated on a regular basis as soon as the tool send new signatures. For the most part, signatures are shared by all malcious code solutions, and our tool get updated regularly by the vendor.
Q4
What are the impediments for the application of ransomware-specific corrective controls by small business owners?
How do you define the firm’s effectiveness in adopting the
automatic threat removal?
We have our server set up to require admin access to run code. We also have our files configured to only encrypt with the servers TPM.
After your previous attack, what weaknesses did you identify regarding correcting the problem?
One of weaknesses identified by one of our recent tabletop excersized was our back-up procedure was not as robust as needed to satisfy our postrue. Since then we have augmented our back-up procudres to satisfy our needed posture.
What are the inadequacies of your organization’s recovery
plans?
Due to the size of our company, our manpower is limited. Everyone wears multiple hats, and due to the stress of securing our network, we have chances of burnout from our team. Also, size also means we have many single points of failure.
What measures is the firm considering to prohibit the future attacks?
We provide awareness training, conduct tabletop excercises, and enhanced role based training for incident response personnel.
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
17 / 25
Q1
Your selection of agree means that you understand your rights listed above and agree to participate in this study.
Yes
Q2
What are the impediments for the application of ransomware-specific preventative controls by small business owners?
Respondent skipped this question
Q3
What are the impediments for the application of ransomware-specific detective controls by small business owners?
Respondent skipped this question
Q4
What are the impediments for the application of ransomware-specific corrective controls by small business owners?
Respondent skipped this question
#9#9 INCOMPLETEINCOMPLETE
Collector:Collector: Web Link 1 Web Link 1 (Web Link)(Web Link) Started:Started: Thursday, September 01, 2022 11:32:55 AMThursday, September 01, 2022 11:32:55 AM Last Modified:Last Modified: Thursday, September 01, 2022 11:35:19 AMThursday, September 01, 2022 11:35:19 AM Time Spent:Time Spent: 00:02:2400:02:24 IP Address:IP Address: 73.172.203.8273.172.203.82
Page 1: Consent Letter
Page 2: A Qualitative Study on the Impediments to the Application of Preventative, Detective, and Corrective
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
18 / 25
Q1
Your selection of agree means that you understand your rights listed above and agree to participate in this study.
Yes
Q2
What are the impediments for the application of ransomware-specific preventative controls by small business owners?
What preventive measures is your organization adopting against
ransomware?
Good Cyber hygiene policies.
How would describe your organization’s preparedness to curb
ransomware?
Very effective which includes employee training, recognizing insider threats and effective cyber policies.
What are the physical, administrative and technical barriers to
ransomware prevention in your organization
Physical barriers are secured piv controlled access Administrative: patch management, firmware updates and firewalls Technical Cyber policies
Q3
What are the impediments for the application of ransomware-specific detective controls by small business owners?
How would you describe your organization’s security event log checking?
This is controlled by the systems owner of each system
What are the weaknesses of your systems in detecting network intrusion?
Having multiple systems performing this operation
How would you describe the effectiveness and weaknesses of your system in detecting malicious codes?
Our systems are very effective using multiple vendors to detect malicious codes, enhanced cyber policies and working closely with the vendor to recognize zero day vulnerabilities
#10#10 COMPLETECOMPLETE
Collector:Collector: Web Link 1 Web Link 1 (Web Link)(Web Link) Started:Started: Thursday, September 01, 2022 1:03:12 AMThursday, September 01, 2022 1:03:12 AM Last Modified:Last Modified: Thursday, September 01, 2022 11:45:03 AMThursday, September 01, 2022 11:45:03 AM Time Spent:Time Spent: 10:41:5010:41:50 IP Address:IP Address: 172.58.187.79172.58.187.79
Page 1: Consent Letter
Page 2: A Qualitative Study on the Impediments to the Application of Preventative, Detective, and Corrective
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
19 / 25
Q4
What are the impediments for the application of ransomware-specific corrective controls by small business owners?
How do you define the firm’s effectiveness in adopting the
automatic threat removal?
This is 80 percent completed as there are false positives being worked
After your previous attack, what weaknesses did you identify
regarding correcting the problem?
Vendor inability to recognize zero day vulnerabilities
What are the inadequacies of your organization’s recovery
plans?
Getting the vendor of the application and the security application to work together
What measures is the firm considering to prohibit the future
attacks?
Implementing a cloud solution as a back up plan.
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
20 / 25
Q1
Your selection of agree means that you understand your rights listed above and agree to participate in this study.
Yes
Q2
What are the impediments for the application of ransomware-specific preventative controls by small business owners?
What preventive measures is your organization adopting against
ransomware?
Knowledge and budget
How would describe your organization’s preparedness to curb
ransomware?
Most organizations are not prepared for this type of attack .
What are the physical, administrative and technical barriers to
ransomware prevention in your organization
Annual training and removal of USB ports from laptops.
Q3
What are the impediments for the application of ransomware-specific detective controls by small business owners?
How would you describe your organization’s security event log
checking?
Most organizations only audit after an event happens.
What are the weaknesses of your systems in detecting network
intrusion?
False- positive not being confirmed
How would you describe the effectiveness and weaknesses of
your system in detecting malicious codes?
Very effective because we have redundant systems monitoring .
#11#11 COMPLETECOMPLETE
Collector:Collector: Web Link 1 Web Link 1 (Web Link)(Web Link) Started:Started: Thursday, September 01, 2022 8:11:31 PMThursday, September 01, 2022 8:11:31 PM Last Modified:Last Modified: Thursday, September 01, 2022 8:29:43 PMThursday, September 01, 2022 8:29:43 PM Time Spent:Time Spent: 00:18:1200:18:12 IP Address:IP Address: 98.117.222.23998.117.222.239
Page 1: Consent Letter
Page 2: A Qualitative Study on the Impediments to the Application of Preventative, Detective, and Corrective
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
21 / 25
Q4
What are the impediments for the application of ransomware-specific corrective controls by small business owners?
How do you define the firm’s effectiveness in adopting the
automatic threat removal?
Automation is always the best practice to eliminate human error.
After your previous attack, what weaknesses did you identify
regarding correcting the problem?
misconfigured systems, human error, unpatched systems and software flaws.
What are the inadequacies of your organization’s recovery
plans?
staff wasn't properly trained, ensure systems are patched and updated regularly.
What measures is the firm considering to prohibit the future
attacks?
Back up often, consider insurance, train users
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
22 / 25
Q1
Your selection of agree means that you understand your rights listed above and agree to participate in this study.
Yes
Q2
What are the impediments for the application of ransomware-specific preventative controls by small business owners?
What preventive measures is your organization adopting against
ransomware?
Yearly mandatory training
How would describe your organization’s preparedness to curb
ransomware?
Organization's personnel are continually reminder that information security is everyone responsbility by placing flyers in stragetic locations
What are the physical, administrative and technical barriers to ransomware prevention in your organization
Using unsecured websites and new employees not being equipped on what to look out for. We try and provide training to show how ransomeware works and how it can effect a company
Q3
What are the impediments for the application of ransomware-specific detective controls by small business owners?
How would you describe your organization’s security event log checking?
A third-party application in real time collects this data in an organization archive
What are the weaknesses of your systems in detecting network intrusion?
Weakness can include security patches and updates not being conducted as scheduled/required.
How would you describe the effectiveness and weaknesses of your system in detecting malicious codes?
Very good so far
#12#12 COMPLETECOMPLETE
Collector:Collector: Web Link 1 Web Link 1 (Web Link)(Web Link) Started:Started: Friday, September 02, 2022 9:34:14 AMFriday, September 02, 2022 9:34:14 AM Last Modified:Last Modified: Friday, September 02, 2022 9:40:12 AMFriday, September 02, 2022 9:40:12 AM Time Spent:Time Spent: 00:05:5700:05:57 IP Address:IP Address: 73.212.207.14573.212.207.145
Page 1: Consent Letter
Page 2: A Qualitative Study on the Impediments to the Application of Preventative, Detective, and Corrective
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
23 / 25
Q4
What are the impediments for the application of ransomware-specific corrective controls by small business owners?
How do you define the firm’s effectiveness in adopting the
automatic threat removal?
We have our server set up to require admin access to run code. We also have our files configured to only encrypt with the servers TPM.
After your previous attack, what weaknesses did you identify regarding correcting the problem?
Thankfully we have not had any as of yet
What are the inadequacies of your organization’s recovery plans?
Inadequacies include location (distance) and resource limitations
What measures is the firm considering to prohibit the future attacks?
Insider threat training, Staying in alignment with the DoD software and keeping data stored in the cloud.
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
24 / 25
Q1
Your selection of agree means that you understand your rights listed above and agree to participate in this study.
Yes
Q2
What are the impediments for the application of ransomware-specific preventative controls by small business owners?
What preventive measures is your organization adopting against
ransomware?
Consistently monitor for vulnerabilities. Regularly update systems with the appropriate security patches to ensure cybercriminals can’t take advantage of known flaws, gain access to networks, and distribute ransomware. Audit patching processes and evaluate technologies and policies that can make them more effective, leveraging automation whenever possible.
How would describe your organization’s preparedness to curb ransomware?
We take data backups seriously. We don’t just back up data daily. Always ensure you have thoroughly tested your ability to recover systems and data in the event of an attack. Consider removing critical assets to offline cold storage. Your backups are less vulnerable to attack if they’re disconnected from the network.
What are the physical, administrative and technical barriers to ransomware prevention in your organization
We Adopted a multi-factor authentication. Most ransomware gains access through the hijacking of static passwords. Enabling multi-factor authentication on accounts across the network can help you thwart attackers by requiring additional information. A phishing attack may net them a user’s credentials, but it won’t provide biometric data or the answer to a personal security question.
#13#13 COMPLETECOMPLETE
Collector:Collector: Web Link 1 Web Link 1 (Web Link)(Web Link) Started:Started: Friday, September 02, 2022 10:53:57 AMFriday, September 02, 2022 10:53:57 AM Last Modified:Last Modified: Friday, September 02, 2022 10:58:04 AMFriday, September 02, 2022 10:58:04 AM Time Spent:Time Spent: 00:04:0600:04:06 IP Address:IP Address: 73.212.207.14573.212.207.145
Page 1: Consent Letter
Page 2: A Qualitative Study on the Impediments to the Application of Preventative, Detective, and Corrective
Copy of The Ongoing Threat of Ransomware on Small to Medium-Sized
Businesses
SurveyMonkey
25 / 25
Q3
What are the impediments for the application of ransomware-specific detective controls by small business owners?
How would you describe your organization’s security event log
checking?
We Monitor file activity. Implementing FAM can provide you with real-time and historical records of all file and folder activity on your network file shares. It enables you to quarantine infected users and devices in real- time, so you can block and investigate ransomware activities.
What are the weaknesses of your systems in detecting network
intrusion?
Insider Threats
How would you describe the effectiveness and weaknesses of
your system in detecting malicious codes?
Excellent
Q4
What are the impediments for the application of ransomware-specific corrective controls by small business owners?
How do you define the firm’s effectiveness in adopting the
automatic threat removal?
It helps to process threat data to better understand their attackers, respond faster to incidents, and proactively get ahead of a threat actor's next move.
After your previous attack, what weaknesses did you identify regarding correcting the problem?
Thank God we haven’t had any of these issues as of yet
What are the inadequacies of your organization’s recovery plans?
I would have to say the resources readily available
What measures is the firm considering to prohibit the future attacks?
Provide continuous security awareness training to ensure your employees follow good cyber hygiene practices on all devices — such as strong passwords and secure Wi-Fi connections and help them detect and react to the latest phishing techniques.
