Ransomware attacks have dramatically increased over the last several years and the attackers are recruiting new members. Renting the ransomware infrastructure for a cut of the ransom money is now very common, allowing many low-tech criminal organizations to join in performing the ransomware attacks. 

This E-Focus is the final of four articles we will present on Ransomware Readiness – this article is focused on long term planning.

Ransomware has evolved over the last decade and as long as cyber criminals continue to make money, they will continue developing new variants. Long term, we need to incorporate our efforts into a sustainable security program that evolves and adapts to the threats.

• Risk Assessments – every organization needs to evaluate risks annually to identify new potential threats and risks. As fast as technology and these attacks are developing, we recommend going through the exercise annually and after any major change. The Risk Assessment results will guide the development and implementation of additional protective and detective controls, and technology to protect the environment.
• Security Awareness Training – security awareness training that adapts to the evolving threats will continue to make personnel human firewalls. Security awareness should include an annual training plan with a mix of presentations, videos, and phishing assessments. 
• Vulnerability and Patch Management – keep the system updated with patches and the latest software versions. Use vulnerability scans to check the patch status after each patching cycle.
• Regular Testing – regular testing involves the appropriate combination of technical (penetration) testing, process reviews, comparison against security frameworks, and training reviews. Using a third party, internal audit, or some combination will provide feedback to the organization on how the organization is addressing the risks and where additional focus is needed.

As technology changes are made to make the organization more efficient, or add new capabilities, it also changes the risks that need to be addressed. The long term strategies presented here are designed adapt to the changes in threats and risks over time. 

We hope this four-part series on Ransomware Readiness helps organizations reduce the likelihood and impact of a ransomware (or other security) incident. Preparing for these events ahead of time and periodically updating controls will greatly reduce the chaos and stress of these kinds of evens when they occur.

As always, if you need information or assistance with cyber security, please feel free to contact the RubinBrown’s Cyber Security teams at any time.

 

^{Readers should not act upon information presented without individual professional consultation.}

^{Any federal tax advice contained in this communication (including any attachments): (i) is intended for your use only; (ii) is based on the accuracy and completeness of the facts you have provided us; and (iii) may not be relied upon to avoid penalties.}

 

 

Published: 10/21/2022

_{^{Readers should not act upon information presented without individual professional consultation.}}

_{^{Any federal tax advice contained in this communication (including any attachments): (i) is intended for your use only; (ii) is based on the accuracy and completeness of the facts you have provided us; and (iii) may not be relied upon to avoid penalties.}}