Posts

Ransomware Response Plan

Ransomware Response Plan The Cybersecurity industry is a unique community. One where we find collaboration beats competition 100% of the time. When one of us suffers an attack, we all do. In the spirit of collaboration I am providing a generalized Ransomware Response Plan that is free to use, adopt, and modify to fit your needs. The ability to quickly respond to any ransomware activity is the one item any security professional can control, regardless of technology. This plan is simplified to provide concrete steps in the event of ransomware activity. There are supplemental documents and plans that may be needed like an Incident Response Plan, Disaster Recovery Plan, Threat Level or a Ransomware Recovery Committee. The purpose of the RRP is to have documented procedures for responding to ransomware. I hope this plan may provide you a framework for testing and responding to today's ransomware. Confirm activity is ransomware related (see Threat Level policy) Low confidence is needed ...
Post a Comment
Read more

It's Not When, It's How Bad

Cybersecurity Narratives The narrative in cybersecurity has made many shifts over the years. Some old narratives hang on longer than they should but consistently security leaders are fighting technology that was not initially designed with security in mind. See Roger Grimes' article for more on why that fight is a constant challenge. Security leaders use different narratives to quickly communicate the state of security with executives and other business leaders. In the early 1990s the narrative was, "Size is what matters and only the big companies are a target of malicious actors. We're too small to be a target." That narrative conveyed an early attitude to security and still exist in some circles today (I cringe hearing it). The late 2000s saw a shift in attitude and brought a narrative still used today, "It's not if, it's when." This narrative has supported a shift in security investments across industries and helps convey that no company is exempt...
Post a Comment
Read more