This is an archived article and the information in the article may be outdated. Please look at the time stamp on the story to see when it was last updated.

HUNTSVILLE, Ala. – Even though it appears the ransomware attack against Colonial Pipeline has been resolved, the cybersecurity industry is once again asking companies to take a closer look at their cyber defenses.

Gray Analytics in Huntsville says the best defense against ransomware starts with every single employee at a business, even if they are not tech-focused.

“It starts with the employees. Your employees are your first line of defense. Comprehensive security training is very important,” said Scott Gray, the President of Gray Analytics.

North Alabama has seen school districts and entire local governments compromised by ransomware.

“I think some of us have that vision of a cyber criminal being somebody in their basement, trying to attack someone. But really these are pretty sophisticated crime syndicates,” says Gray who notes that not long ago businesses big and small claimed they would never get “hit” by ransomware.

“It’s alarming how many people do not have backups of their systems,” said Gray.

That’s just one of many “must have’s or do’s” when trying to protect yourself from ransomware.

This kind of training is common with any defense or tech job in North Alabama. Gray says the practice should extend beyond defense-focused companies. Being able to detect suspicious emails and learning to check before clicking or downloading can be the difference in compromising an entire system.

“You simulate that kind of email. Send them out to your employees and see how many of them actually click on the link or the file to download it,” said Gray.

Policies, according to Gray are the second defense behind employees. Does your company have strict password policies? Can you put things on USB drivers? The third defense is technology like firewalls and other tricks.

“End-point protection to cover everything from your phones, to your iPad, to your laptops,” said Gray.

Hackers can enter a system and be there for some time, according to Gray, learning for a period of time without being detected. Meaning regular scans of any internet system should be implemented.

“Find an ethical hacker to see if they can fight through the defenses and the technology defenses you have in place,” said Gray.

Gray Analytics says on one hand, ransomware attacks have increased public awareness which can help fight low-level attacks. However, the successful higher level attacks like the Colonial Pipeline show hackers continue to push the limits of what was thought to be possible.