2016 is shaping up to be the year of ransomware. Cyber-attacks are on the rise, with companies losing control of their critical assets. And the problem isn’t going away. Could your company fall victim to these malicious attacks? Everyone is vulnerable, but the good news is that there are simple steps you can take today using security tools you already have. Best practice for security suggests that you should be following a framework, such as the Center for Internet Security's Critical Security Controls (CSC). Frameworks, such as the CSC, suggest that you should have a way to inventory your devices and software. You should also be securing the configurations of your systems and software. The frameworks all agree that you should be monitoring the integrity of your systems and verifying changes against a trusted source. In addition, you should be scanning and managing vulnerabilities on a continuous basis. On top of those key controls, it's important to secure your audit logs and monitor them for suspicious activity. Assuming that you have some or all of those controls, then good news! You have the tools to further secure yourself and prevent and respond to ransomware attacks. Combined with other security solutions, such as a threat intelligence, you have a lot of ways to predict, prevent, detect and respond to ransomware. With vulnerability management and remediation:
- You can detect and drive workflow to remediate vulnerabilities used by ransomware exploit kits
With configuration hardening and remediation:
- Enforce configuration settings that help prevent or counter infection
With integrity monitoring of FIM:
- Threat Intelligence Integration can help identify polymorphic malware
- You can monitor user directories and restrict permissions for suspicious files, either until threat intelligence identifies the change as non-threating, or a security administrator clears the file
- When combined with next-generation firewalls, threat intelligence integration can possibly prevent command and control communication, which is how the current ransomware operates
Integrating these controls together is the final key to success. Join us for a short information-packed webinar on Wednesday, April 27 at 11:00 PST, that will focus on how to leverage basic security controls to protect and detect ransomware attacks before any damage is done.
