Let’s pretend that one of your employees replies to a phishing email, infecting his or her computer with ransomware in the process. The ransomware has hijacked the device and “locked up” critical files until a large sum of money is paid.

Considering the fact that 93 percent of phishing emails now contain ransomware, this is a very plausible scenario. So, listen up.

Chances are likely that a ransomware attack would leave you in quite a predicament, for at least one of the following reasons:

It will be unexpected: Think about that sinking feeling of booting up your computer, only to find a blue screen with a foreboding message telling you to pay thousands of dollars or you will never see your files again. Your adrenaline will start flowing. And you’ll fly into panic mode as reality kicks in.

It won’t be clear how you should respond: You will have to make a decision, and fast. Do you pay the ransom (and fund a criminal or maybe a terrorist group in the process) or risk losing your data forever? This is not a question you will want to have to answer.

Your IT team will be just as confused as you are: The unfortunate reality is that your IT team won’t be able to do much to fix the situation. Once ransomware infects a machine, it’s a black and white issue.  You can either pay the fine and get your data, or don’t pay it and never see your files again. There is no in between.

There are steps you can take now, though, to reduce the impact of a ransomware infection.

First and foremost, you need to educate your employees about phishing and malware. For example, they most likely already know how to spot a phishing email; after all, they’re usually rife with misspellings, contain funny messages and are sent from unknown email addresses. What your employees may not know, however, is that many hackers are creating sophisticated messages and using social engineering tactics to deliver them—like assuming the identities of company executives. Your employees need to be trained on how to tell whether an email is official, and what to do when they receive something suspicious.

To help weed out malicious emails, it’s also recommended that you implement the latest email defense software to scan messages for viruses and phishing attempts.

What’s more, make sure to back up your data and store it in a secure offsite location. This way, if your network is infected with ransomware, you can avoid paying the fine. Even if the hackers destroy your data in the process, you will have carbon copies you can easily access.

Lastly, it helps to invest in a managed services provider like Apex Technology Services, which can provide you with ongoing guidance, support and network maintenance. While Apex can’t prevent hackers from attacking your network, it can make sure that your company is up to date with the latest safeguards. Apex even offers cybersecurity training courses to help bring your employees up to speed on the latest cybersecurity trends and best practices on handling these threats.

For more information about how Apex can help your company stay safe online, click here.