The bad news is that the last week has seen an unprecedented number of ransomware attacks around the world which have hit some large organizations very hard.
The good news is that these particular attacks are entirely preventable with some easy short term steps, which are cornerstones of a larger cybersecurity strategy that can prevent others.
The short term steps are
1) Install the latest updates for (in this case) Windows
2) Run backups and check that they are good
3) Keep doing the above steps and look at a wider cybersecurity framework.
The longer term steps are
1) CIS Controls
For a simple checklist approach, follow the "top 20" list of CIS Controls.
It is mandatory in the State of California
2) NIST CsF
For a more nuanced and risk-based approach, follow NIST's Cybersecurity Framework and the various standards that it embodies for your particular vertical.
It is mandatory for Federal Agencies, the preferred standard for US Critical Infrastructure.
The best news
The best news is that legacy desktop and server computers were the targets and not Internet of Things (IoT) systems where ransomware or malware targets infrastructure from traffic lights, to trucking fleets, to dams and the electric grid, with the potential to cause property damage, bodily injury, death and debilitation of national security.
Delivering todays's business outcomes requires hardware, software, services, processes and people.
In the past, many of these had to be procured and assembled separately, requiring armies of contractors
Today, the cloud and Software-As-A-Service (SaaS) bring together the hardware and software although their rough edges can still require armies of skilled staff to integrate, deploy and maintain them.
The best tools mitigate attacks directly, minimize their impact and facilitate analysis and response without also adding heavy expenses, long time lines and new staffing resources, or worse requiring re-engineering or rip and replace approaches.
Some emerging technology tools include:
- RunSafe Security - automatically makes embedded systems and device functionally identical but logically unique, taking away economies of scale from cyber attackers
- Packet Viper - sits on the network edge automatically reducing up to 70% of illegitimate network traffic, reducing loads on existing firewalls and network engineers alike
- CyVision Cauldron - visually models environments automatically as part of cybersecurity assessments, allowing highest priority threats to be quickly identified and remediated first
Simon is part of a growing family of DC-based cybersecurity, mobility and IoT startups including RunSafe Security and 202 Partners, and a member of SAE’s IoT Cybersecurity Committee. RunSafe’s technology was developed within the DARPA High-Assurance Cyber Military Systems (HACMS) contract, focusing on cybersecurity for military vehicles, drones and medical devices, and in testing with law enforcement, government agencies and commercial fleets.
Previously, VP of Sales at Kaprica Security (acquired by Samsung), Mobile Program Director, DMI, market leader in enterprise managed mobility and head of sales at Thursby Software, market leader in strong iPhone security. Prior executive sales and management roles include Red Hat, HP, Capgemini, a $9B hedge fund, a $50MM dot com and a background in nuclear software engineering. Holds BSc (Hons.) Physics from Manchester University, MS Law and Cybersecurity from University of Maryland Carey Law, CISSP, CEH and CMDSP certifications.