Blog Post

Part II: Diving into Internal System Enhancements after Apex HCM Ransomware Attack

This is post is a part of a 4 blog series on the Apex HCM ransomware attack. To view the remaining blog posts, click here.

According to ZDNet, 76% of U.S. businesses have experienced a cyberattack in the past year. While at the time of our ransomware attack we were actively utilizing 3 different AV programs, a new variant of ransomware caused us to become a part of the 76%. Since the Apex HCM ransomware attack, we have taken it upon ourselves to enhance every facet of our internal system security measures even further; because proper protection begins within.

Our Internal System Enhancements

Managed detection and response

When it comes to protecting our business from the threat of future cyberattacks, we are handling it with a predict-and-prevent approach. As we have learned, quick and diligent response times are crucial to protecting both our business and customers. With this being said, we have implemented third-party cyber endpoint monitoring that merges elite responders and forensic experts that will be conducting 24/7 endpoint monitoring enhanced by behavioral and forensic analytics. 

Employee cyber education and prevention training

Varonis reported that 34% of data breaches begin from within your organization at the fault of employees. While attacks that occur due to employee fault are usually unintentional, they can be easily prevented by simply implementing employee training programs to educate your team on how to minimize the risk of a cyberattack. While our ransomware attack did not stem from an employee misstep, we have taken all the proper steps to ensure that all of our employees receive extensive monthly training and verification testing from a highly regarded team of cybersecurity consultants.

Enforcement of strict password enhancements

Weak passwords are a leading cause of cyberattacks. For this reason, we immediately began enforcing strict password enhancements and practices throughout our corporate directory to ensure all passwords meet strength and security requirements. We will also begin requiring multi-factor authentication in order to access any and all data internally.

We take security seriously, because to us, nothing is as important as protecting our customers and their trust. To learn more about Apex HCM, feel free to reach out to us with questions, or visit our page here.