MTradecraft: Cybersecurity Compliance Tradecraft for SEC and FINRA Registered Investment Firms
Picture
  • Home
  • SEC and FINRA Services
  • Chief Hacking Officer
  • Red Team
  • Penetration Testing
  • Threatwire Articles
    • The SEC OCIE Cybersecurity Observations Decoded
    • The SEC and Cybersecurity Documentation
    • The Dark Web and Advisory Firms
    • DIY Guide to SEC and FINRA Cybersecurity Vulnerability Scanning
    • The Biggest Cybersecurity Mistake
    • Hackers and Remote Workers
    • A Criminal's Retirement Plan
    • Home Security System Hacking
    • IT Asset Inventory
  • Schedule a Meeting

7/30/2019

Steps to Safeguard Against Ransomware Attacks

0 Comments

Read Now
 

Steps to Safeguard Against Ransomware Attacks
​

Original release date from CISA: July 30, 2019

The Cybersecurity and Infrastructure Security Agency (CISA), Multi-State Information Sharing & Analysis Center (MS-ISAC), National Governors Association (NGA), and the National Association of State Chief Information Officers (NASCIO) have released a Joint Ransomware Statement with recommendations for state and local governments to build resilience against ransomware:
  1. Back up systems—now (and daily). Immediately and regularly back up all critical agency and system configuration information on a separate device and store the backups offline, verifying their integrity and restoration process. If recovering after an attack, restore a stronger system than the one lost, fully patched and updated to the latest version.
  2. Reinforce basic cybersecurity awareness and education. Ransomware attacks often require the human element to succeed. Refresh employee training on recognizing cyber threats, phishing, and suspicious links—the most common vectors for ransomware attacks. Remind employees of how to report incidents to appropriate IT staff in a timely manner, which should include out-of-band communication paths.
  3. Revisit and refine cyber incident response plans. Have a clear plan to address attacks when they occur, including when internal capabilities are overwhelmed. Make sure response plans include how to request assistance from external cyber first responders, such as state agencies, CISA, and MS-ISAC, in the event of an attack.
​
CISA encourages organizations to review the Joint Ransomware Statement and the following ransomware guidance:
  • MS-ISAC Security Primer on Ransomware
  • CISA Tip Sheet on Ransomware
  • NGA Disruption Response Planning Memo
  • NASCIO Cyber Disruption Planning Guide

Share

0 Comments

Your comment will be posted after it is approved.


Leave a Reply.

Details

    RSS Feed


Picture
  • Home
  • SEC and FINRA Services
  • Chief Hacking Officer
  • Red Team
  • Penetration Testing
  • Threatwire Articles
    • The SEC OCIE Cybersecurity Observations Decoded
    • The SEC and Cybersecurity Documentation
    • The Dark Web and Advisory Firms
    • DIY Guide to SEC and FINRA Cybersecurity Vulnerability Scanning
    • The Biggest Cybersecurity Mistake
    • Hackers and Remote Workers
    • A Criminal's Retirement Plan
    • Home Security System Hacking
    • IT Asset Inventory
  • Schedule a Meeting