Ransomware-Malware: Don’t Just Prepare for the Attack – Plan for the Recovery

Security Really Begins With the Just the Basics

Hi everyone. This is Bill, I wanted to give you an update from the RSA Conference 2018. I went to a session about malware and ransomware. It was a really powerful session. I listened to the guy who actually stopped the WannaCry virus. He was a security researcher over in the UK and he actually stopped WannaCry. He and a bunch of other people talked about not paying the ransoms – continuing to emphasize “Do Not Pay the ransoms” that are being asked of you. Upon payment, about 30% of the ransomware keys are not even received by companies. So, there’s a 30% chance that you’re not going to be able to decrypt your data.

It was really interesting to hear the NIST team. They have compiled information for best-practices on malware prevention. In September 2017, they released a draft of the NIST Cybersecurity Practice Guide SP 1800-11, Data Integrity: Recovering from Ransomware and Other Destructive Events. Here is the link to that so you can go check it out, https://www.nccoe.nist.gov/projects/building-blocks/data-integrity/recover.

See if you can check the boxes and see if you have the ability to recover fast. I do think that defense is the new offense and having a resilient organization is just being able to recover from these really practical threats.

Ransomware and malware – this is stuff that you have to plan for and assume it’s going to happen – assume the breach is going to happen, and the question is not when, but “How quickly can I recover? – How resilient am I so I can get back up?” It’s sort of like a football player who is blocked and goes to the ground and they’re on defense so that have to get up fast and make the tackle. I think that’s the ability needed for the business to recover quickly and that’s your responsibility. I definitely thought that session was really powerful it’s a really strong reminder for you to pay attention to the details – pay attention to the blocking and tackling.

One speaker talked about the OWASP list of The Ten Most Critical Web Application Security Risks that was republished in 2017. When the list was compared to the list published four years before, in 2014 – the lists hadn’t changed that much. Things aren’t changing that quickly and the lists showed the same security vulnerability patterns. Click here to go to the 2017 OWASP list so you can see these top ten security risks.

It’s really about the basics – just turning on automatic updates is essentially the best thing you can do. Very few of you want to do that, I know, but that’s one thing that could help prevent most of the security problems right now.
Have a great evening, Bye.

Thank you for watching this video. To learn more about innovative defense strategies email: defenseinnovation@redzonetech.net.