While solution providers have to make sure to protect their clients from ransomware attacks, they said it is just as, if not even more important, that they protect themselves.
"We have to make sure we're protected first, especially since our systems touch so many other systems. We need to make sure we're as protected as we can be," Matt Johnson, CEO of Baltimore, Md.-based Phalanx Secure Solutions, said.
Johnson said his company uses the same products it recommends to its clients, as well as its own solution Trident CMP for continuous network security monitoring.
[Related: 8 Security Trends Affecting The Midmarket]
Johnson wasn't alone; all of the partners CRN spoke to at XChange Solution Provider 2017 this week in National Harbor, Md. said it is critical they protect themselves as best they can from ransomware attacks against their own businesses, just as they do for their clients.
John Lazo, president of Murray, Utah-based LazoTEK Computer Solutions, said it arguably even more important for solution providers to be on top of their game when it comes to ransomware. They can be, he said, as they can be a third-party attack vector to clients or force a customer to report a HIPAA compliance violation if hit by a ransomware attack.
"It's really a liability, or we risk becoming a liability for them," Lazo said.
Ransomware attacks have grabbed the headlines and become an increasingly worrisome attack method over the past year. Matthew Hickey, director of sales engineering, enterprise, at Sophos, said in a presentation at XChange that more than 50 percent of organizations have been hit by ransomware.
The trend is only continuing to grow, Hickey said, with the $250 million paid in ransom in 2015 jumping to more than $1 billion in 2016. Those numbers do not include additional costs around recovering data, security analysis, and lost business, he said.
"We're seeing this more and more," Hickey said. "This is something that will be here for a while."