Developing a comprehensive approach to addressing ransomware attacks is the key to survival. The National Institute of Standards and Technology (NIST) recently updated its voluntary cybersecurity framework that includes five steps to better manage and reduce cybersecurity risk for critical infrastructures: identify, protect, detect, respond and recover.
By incorporating these five steps, your agency can develop a plan built for its current architecture that has the flexibility to scale and grow along with your operations. Carahsoft can help, with a network of security partners, resellers and cybersecurity integrators to kick-start your agency’s ransomware survival strategy.
This category of tools is concerned with the foundation for any security stack: full hardware and software asset management. These tools provide an understanding of the physical devices and software platforms within an organization. They also provide context into the types of cyber threats out there and identify internal vulnerabilities to those threats.
This category of tools is concerned with making your agency hardened and overall more secure against any attack in the first place. It involves creating effective policies, training employees, implementing network segmentation, removing vulnerabilities, and establishing access control and management of credentials/user identities.
This category of tools is concerned with discovering threats as they traverse the network or endpoints. They are especially adept at inspecting files, packets, or abnormal behavior. These events can be analyzed and understood to find the attacker and method. All of this data can then be collected to help with the response.
This category of tools is concerned with ensuring adequate response and recovery activities when an incident happens. These tools automate response to contain threats and incidents and allow for stakeholders to make real-time quick decisions when needed. Orchestrating communication between teams to then allow teams to contain or neutralize attacks are key characteristics of these tools.
This category of tools is concerned with restoring lost information or having an emergency plan in case of any incident. These tools can copy or backup your data and allow you to restore to a previously “saved” state in case of a major cyber incident like Ransomware.