This month, the National Council of ISACs (NCI) published a new paper, National Council of ISACs Statement of Ransomware, stating, “Ransomware is a threat that the National Council of ISACs (NCI) and its member ISACs have been monitoring for years. With the increasing number of incidents of Ransomware, it is more important than ever that all enterprises take appropriate measures to protect themselves.” The paper lists seven steps the NCI encourages organizations to take in order “to reduce their risk and recover from a successful attack.” The recommended actions include:
- Ensure devices are patched.
- End-user education.
- Backup your data.
- Engage with colleagues.
- Develop a response plan.
- Segment your networks.
- Test Incident Response Plans.
These steps align with other recent guidance, such as that shared by the White House (see The White House Memo to Industry on Ransomware: Take Action (Now).) Read additional details on each step in the NCI post and see and listen to some of our recent podcasts (this July podcast includes a good discussion and a lengthy list of ransomware resources: The Risk Roundtable: EP 21. Ransomware and Terrorism – they never seem to go away) and blog posts for additional perspective and resources relating to ransomware. And hear Intel 471‘s Mark Arena speak to ransomware in this recent Gate 15 Interview, The Gate 15 Interview Ep 15 – Mark Arena, Cyber Intelligence Expert and CEO, Intel 471 and hear our September 2020 podcast with Jeremy Kennelly, a manager and principal analyst on FireEye’s Mandiant Intelligence in The Gate 15 Interview: Ransomware Running Rampant!
Understand the Threats.
Assess the Risks.
Take action! Our team is here to help you build the relationships and capabilities you need and to assist in the development of plans, training, and exercises to support your ability to prevent, protect against, mitigate, respond to, and recover from the threats and hazards that pose the greatest risk to your organization in our complex, all-hazards environment.