What's the best way to protect against 𝗍̶𝗁̶𝗋̶𝖾̶𝖺̶𝗍̶𝗌̶ ransomware? If we knew the answer we would be billionaires and the dream to go live on a sunny beach with a coconut in our hands would be accomplished. Let’s talk about resilience. Resilience to attacks, resilience to Ransomware. As with everything in security, you need a multi-layered approach that can fit the needs of your business.
Let’s ask the right questions first.
Are you focusing on detecting?
What are you hunting for in your IOCs?
From a technological and human perspective can you then deal with the threat after you detect it?
If you focus on preventing it, are you having too much of a laissez-faire approach where you blindly trust that everything is up to date with the latest evasion techniques?
Focus on back ups seems great and from an operational standpoint as long as you have good procedures in place you can probably be back up and running in a reasonable time.
But how about the reputational damage that may occur?
The impact on SMBs
Let’s look at some figures, 1 in 5 businesses that suffer a major cyberattack are forced to cease operations. It’s not just about the operations being affected but the reputational damage done also. The supply chain is under more scrutiny than ever. If you want to be in the chain of an enterprise you need to show your resilience. Attacks will happen, showing that you have done your due diligence means that you’ve thought about the security of your business and customers.
[source: Mastercard’s 2025 Global SMB Study]
According to Verizon's DBIR ransomware is present in 88% of breaches in SMBs. Ransomware as a service is ever increasing and we won’t mention the two magic letters that make phishing campaigns easier than ever. SMBs usually lack the multi-layered approach that large enterprises can afford. Since the cost of pushing the attacks is getting increasingly lower you can afford to have a wide variety of targets.
We were excited to work with QuellSecure from early stages to help validate and improve their approach. A low cost, hands-off approach is exactly what SMBs should aim for. They usually can’t afford huge teams to deal with attacks. As QuellSecure's approach is to be an addition rather than replacement it tackles the resilience aspect that SMBs usually lack. Their solution focuses on what happens when the usual layers fail. Users will inevitably click on something they are not supposed to. Credentials will leak. They are targeting ransomware once it actually starts encrypting your files.
Our testing focused on measuring the impact of Ransomware on target organisations and how the product can help the organisation stay resilient against these attacks. The approach here is simple at heart, but complex in practice. Get real ransomware against real environments and measure how many files are lost to ransomware. Our targets had 1000s of files from a mix of typical office, editing and development files.
Rather than asking whether ransomware can be stopped entirely, the more meaningful questions are if your business has enough protections in place and how much it can sustain itself when ransomware passes through.
Read more about Ransomware, our testing and the test results here.