SlideShare uma empresa Scribd logo

Ransomware Readiness 101 - How prepared are you?

Transferir como PPTX, PDF
SecurityStudio
SecurityStudio

Presentation delivered to the Minnesota Counties Computer Cooperative (MNCCC) on February 5, 2020. In this presentation, Evan Francen (CEO of SecurityStudio) outlines the current threat landscape for ransomware affecting state, county, and municipal government. He also takes the attendees through the free Ransomware Readiness Assessment, then closes with the key risk indicators.

Governo e ONGs
1 de 57
Ransomware Readiness 101 – How prepared are you? Preparing, detecting, and responding to ransomware in local government
Agenda - Format Solving our Information Security Language Problem
This is an interactive presentation. I want you to come away with something real, something tangible. Do THIS - Go download the Ransomware Readiness Assessment. https://wp.me/aaDXKz-xl We’re going to use this in a little bit… Housekeeping Item #1
IMPORTANT! Before I get started… • The World Health Organization states that over 800,000 people die every year due to suicide. Suicide is the second leading cause of death in 15-29-year-olds. • 5 percent of adults (18 or older) experience a mental illness in any one year • In the United States, almost half of adults (46.4 percent) will experience a mental illness during their lifetime. • In the United States, only 41 percent of the people who had a mental disorder in the past year received professional health care or other services. • https://www.mentalhealthhackers.org/resources-and-links/
ME: Evan Francen, CEO & Founder of FRSecure and SecurityStudio I do a lot of security stuff… • Co-inventor of SecurityStudio® (or S²), S²Score, S²Org, S²Vendor, S²Team, and S²Me • Made a little, simple, and free ransomware readiness assessment • 25+ years of “practical” information security experience (started as a Cisco Engineer in the early 90s) • Worked as CISO and vCISO for hundreds of companies. • Developed the FRSecure Mentor Program; six students in 2010, 532 last year, and more than 750 signed up already for this year. • Advised legal counsel in very public breaches (Target, Blue Cross/Blue Shield, etc.) How do we secure America? AKA: The “Truth” MANTRA: Information security isn’t about information or security as much as it is about people. Information security is ALWAYS about people.
UNSECURITY: Information Security Is Failing. Breaches Are Epidemic. How Can We Fix This Broken Industry? Published January, 2019 How do we secure America?
UNSECURITY: Information Security Is Failing. Breaches Are Epidemic. How Can We Fix This Broken Industry? Published January, 2019 How do we secure America? Russian friend. Chinese friend.
FREE STUFF #1 – Most relevant to today’s discussion. Go get your Ransomware Readiness Assessment - https://wp.me/aaDXKz-xl #2 – Go get your free S²Org information security risk assessment – https://securitystudio.com/ #3 – Go get your free S²Me personal information security risk assessment – https://s2me.io #4 – Sign up for the FRSecure CISSP Mentor Program – https://frsecure.com/cissp-mentor-program/ All free, in exchange for feedback and participation.
Ransomware – How Bad Is It?
Ransomware – How Bad Is It? It’s pretty bad.
Ransomware – How Bad Is It? It’s pretty bad. • Everybody knows about Baltimore right? ~$18MM
Ransomware – How Bad Is It? It’s pretty bad. • Everybody knows about Baltimore right? ~$18MM • Atlanta was almost as bad. ~$17MM
Ransomware – How Bad Is It? It’s pretty bad. • Everybody knows about Baltimore right? ~$18MM • Atlanta was almost as bad. ~$17MM • New Orleans? ~7MM
Ransomware – How Bad Is It? It’s pretty bad. • Everybody knows about Baltimore right? ~$18MM • Atlanta was almost as bad. ~$17MM • New Orleans? ~7MM • Riviera Beach (FL)? $600K (paid the ransom)
Ransomware – How Bad Is It? It’s pretty bad. • Everybody knows about Baltimore right? ~$18MM • Atlanta was almost as bad. ~$17MM • New Orleans? ~7MM • Riviera Beach (FL)? $600K (paid the ransom) • Lake City (FL)? $530K (paid the ransom)
Ransomware – How Bad Is It? It’s pretty bad. • Everybody knows about Baltimore right? ~$18MM • Atlanta was almost as bad. ~$17MM • New Orleans? ~7MM • Riviera Beach (FL)? $600K (paid the ransom) • Lake City (FL)? $530K (paid the ransom) • Tillamook County (OR)? Still down – attacked on 1/22
Ransomware – How Bad Is It? It’s pretty bad. • Everybody knows about Baltimore right? ~$18MM • Atlanta was almost as bad. ~$17MM • New Orleans? ~7MM • Riviera Beach (FL)? $600K (paid the ransom) • Lake City (FL)? $530K (paid the ransom) • Tillamook County (OR)? Still down – attacked on 1/22 • Duplin County (NC)? Still down – attacked 2/3
Ransomware – How Bad Is It? It’s pretty bad. • Everybody knows about Baltimore right? ~$18MM • Atlanta was almost as bad. ~$17MM • New Orleans? ~7MM • Riviera Beach (FL)? $600K (paid the ransom) • Lake City (FL)? $530K (paid the ransom) • Tillamook County (OR)? Still down – attacked on 1/22 • Duplin County (NC)? Still down – attacked 2/3 • Racine (WI)? Still down – attacked 1/31
Ransomware – How Bad Is It? It’s pretty bad. • Everybody knows about Baltimore right? ~$18MM • Atlanta was almost as bad. ~$17MM • New Orleans? ~7MM • Riviera Beach (FL)? $600K (paid the ransom) • Lake City (FL)? $530K (paid the ransom) • Tillamook County (OR)? Still down – attacked on 1/22 • Duplin County (NC)? Still down – attacked 2/3 • Racine (WI)? Still down – attacked 1/31 Most of them thought they were fine. Like you and me, I suppose.
Ransomware – How Bad Is It? It’s pretty bad. • Everybody knows about Baltimore right? ~$18MM • Atlanta was almost as bad. ~$17MM • New Orleans? ~7MM • Riviera Beach (FL)? $600K (paid the ransom) • Lake City (FL)? $530K (paid the ransom) • Tillamook County (OR)? Still down – attacked on 1/22 • Duplin County (NC)? Still down – attacked 2/3 • Racine (WI)? Still down – attacked 1/31 Most of them thought they were fine. Like you and me, I suppose. But, you’ve got “cyber” insurance right? So no big.
Ransomware – How Bad Is It? It’s pretty bad. • Everybody knows about Baltimore right? ~$18MM • Atlanta was almost as bad. ~$17MM • New Orleans? ~7MM • Riviera Beach (FL)? $600K (paid the ransom) • Lake City (FL)? $530K (paid the ransom) • Tillamook County (OR)? Still down – attacked on 1/22 • Duplin County (NC)? Still down – attacked 2/3 • Racine (WI)? Still down – attacked 1/31 Most of them thought they were fine. Like you and me, I suppose. But, you’ve got “cyber” insurance right? So no big.
Ransomware – How Bad Is It? It’s pretty bad.
Ransomware – How Bad Is It? It’s pretty bad. • In the 4th quarter of 2019, FRSecure responded to 19 incidents, and most of them were ransomware.
Ransomware – How Bad Is It? It’s pretty bad. • In the 4th quarter of 2019, FRSecure responded to 19 incidents, and most of them were ransomware. • And are you ready for the next thing?
Ransomware – How Bad Is It? It’s pretty bad. • In the 4th quarter of 2019, FRSecure responded to 19 incidents, and most of them were ransomware. • And are you ready for the next thing?
Ransomware – How Bad Is It? It’s pretty bad. • In the 4th quarter of 2019, FRSecure responded to 19 incidents, and most of them were ransomware. • And are you ready for the next thing? The next thing(s) are combination ransomware/extortion attacks.
Ransomware – How Bad Is It? It’s pretty bad. Source: https://www.coveware.com/blog/2020/1/2 2/ransomware-costs-double-in-q4-as-ryuk- sodinokibi-proliferate OK, great. Now what?! Simple (sort of). Get ready.
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. • Originally created in 2017 • Nothing has changed. • Same attack vectors • Same preventative controls. • Same detective controls. • Same responsive controls. • Same corrective controls. • No matter what you do, you will not be able to prevent all bad things from happening. This is NOT the goal anyway. • The name of the game is risk management (possible) and NOT risk elimination (impossible). • Assess the problem before trying to fix the problem. Free and open source. Released under the Creative Commons License.
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best.
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Keyword “simply”.
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Keyword “simply”. Can’t manage what you can’t measure.
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Keyword “simply”. Can’t manage what you can’t measure. INCOMPLETE (until it’s not)
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Keyword “simply”. Can’t manage what you can’t measure. INCOMPLETE (until it’s not) Need a translation for the “normal” people
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Six tabs containing sections that correlate here.
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Six tabs containing sections that correlate here. Six Sections: 1. Clients 2. Storage 3. Practices 4. Antivirus 5. Network 6. Servers
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Client Systems
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Client Systems Key Risk Indicators are red.
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Client Systems Key Risk Indicators are red. Just answer “Yes” or “No” (25 questions)
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. After all questions are answered, a score is calculated.
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. After all questions are answered, a score is calculated. If you don’t know the answers, then this is a great education tool. You should know.
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Back on the dashboard, scores have been updated.
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Storage
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. StorageOnly seven questions here!
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Same thing. Score after ?s are answered and an updated dashboard.
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. 10 questions about “Practices”.
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. 10 questions about “Antivirus”.
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. 13 questions about the “Network”.
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Finally, nine “Server” questions.
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. FINAL RESULTS?! Back to the Dashboard.
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. FINAL RESULTS?! Back to the Dashboard.
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. FINAL RESULTS?! Back to the Dashboard. I was sort of hoping for better than “Poor”. Give me hope and a dollar, and I’ve got a dollar. Need action too!
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Quick recap of KRIs. 1. Stay up to date with all software (OS, applications, etc.). 2. Do backups, protect your backups, and (PLEASE) test your backups often. 3. Establish solid incident response capabilities (policy, procedures, training, testing, etc.). 4. Default deny is your friend. 5. Restrict permissions/privileges everywhere. Someday, you’re going to have to get your hands around this.
WISDOM: Plan for the worst, hope for the best. Quick recap of KRIs. 1. Stay up to date with all software (OS, applications, etc.). 2. Do backups, protect your backups, and (PLEASE) test your backups often. 3. Establish solid incident response capabilities (policy, procedures, training, testing, etc.). 4. Default deny is your friend. 5. Restrict permissions/privileges everywhere. Someday, you’re going to have to get your hands around this. The Ransomware Readiness Assessment This won’t get your files or systems back.
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Quick recap of KRIs. 1. Stay up to date with all software (OS, applications, etc.). 2. Do backups, protect your backups, and (PLEASE) test your backups often. 3. Establish solid incident response capabilities (policy, procedures, training, testing, etc.). 4. Default deny is your friend. 5. Restrict permissions/privileges everywhere. Someday, you’re going to have to get your hands around this. This won’t get your files or systems back. But this will.
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Quick recap of KRIs. 1. Stay up to date with all software (OS, applications, etc.). 2. Do backups, protect your backups, and (PLEASE) test your backups often. 3. Establish solid incident response capabilities (policy, procedures, training, testing, etc.). 4. Default deny is your friend. 5. Restrict permissions/privileges everywhere. Someday, you’re going to have to get your hands around this. Multi-factor authentication, especially for (or starting with) externally accessible systems. There are ZERO acceptable reasons for not protecting external resources with MFA. ZERO as in NONE or NO or NADA or NIL or ZILCH.
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Takeaways… 1. Don’t just rely on experience or “gut” feel. 2. Plan for a ransomware attack. It’s more likely than you think. 3. The Ransomware Readiness Assessment is just a guide. 4. The Ransomware Readiness Assessment is a learning tool for you, your colleagues, and others. 5. Don’t assume anything. (empty spaces always get filled) That’s it.
The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Thank you! Where you can find me… Personal Website: https://evanfrancen.com UNSECURITY Podcast (weekly) Twitter: @evanfrancen LinkedIn: https://www.linkedin.com/in/evanfrancen/

Recomendados

CT June July 2016
CT June July 2016CT June July 2016
CT June July 2016
Jeff Sandy, CFE, CAMS, PI
 
Secure America Now - CPAC 2011
Secure America Now - CPAC 2011Secure America Now - CPAC 2011
Secure America Now - CPAC 2011
SecureAmericaNow
 
DYN Jul-Aug 2016 reduced file size_wlinks
DYN Jul-Aug 2016 reduced file size_wlinksDYN Jul-Aug 2016 reduced file size_wlinks
DYN Jul-Aug 2016 reduced file size_wlinks
Ann Longmore-Etheridge
 
Letter to ec 2
Letter to ec 2Letter to ec 2
Letter to ec 2
miketaricone
 
#TeamClinton vs. #TeamTrump #Election2016
#TeamClinton vs. #TeamTrump #Election2016#TeamClinton vs. #TeamTrump #Election2016
#TeamClinton vs. #TeamTrump #Election2016
Empowered Presentations
 
Politics targets report
Politics targets reportPolitics targets report
Politics targets report
Interstack
 
centre-for-study-of-intelligence-operations-26-oct-2016
centre-for-study-of-intelligence-operations-26-oct-2016centre-for-study-of-intelligence-operations-26-oct-2016
centre-for-study-of-intelligence-operations-26-oct-2016
Agha A
 
Progscon cybercrime and the developer
Progscon cybercrime and the developerProgscon cybercrime and the developer
Progscon cybercrime and the developer
Steve Poole
 

Recomendados

CT June July 2016
CT June July 2016CT June July 2016
CT June July 2016
Jeff Sandy, CFE, CAMS, PI
 
Secure America Now - CPAC 2011
Secure America Now - CPAC 2011Secure America Now - CPAC 2011
Secure America Now - CPAC 2011
SecureAmericaNow
 
DYN Jul-Aug 2016 reduced file size_wlinks
DYN Jul-Aug 2016 reduced file size_wlinksDYN Jul-Aug 2016 reduced file size_wlinks
DYN Jul-Aug 2016 reduced file size_wlinks
Ann Longmore-Etheridge
 
Letter to ec 2
Letter to ec 2Letter to ec 2
Letter to ec 2
miketaricone
 
#TeamClinton vs. #TeamTrump #Election2016
#TeamClinton vs. #TeamTrump #Election2016#TeamClinton vs. #TeamTrump #Election2016
#TeamClinton vs. #TeamTrump #Election2016
Empowered Presentations
 
Politics targets report
Politics targets reportPolitics targets report
Politics targets report
Interstack
 
centre-for-study-of-intelligence-operations-26-oct-2016
centre-for-study-of-intelligence-operations-26-oct-2016centre-for-study-of-intelligence-operations-26-oct-2016
centre-for-study-of-intelligence-operations-26-oct-2016
Agha A
 
Progscon cybercrime and the developer
Progscon cybercrime and the developerProgscon cybercrime and the developer
Progscon cybercrime and the developer
Steve Poole
 
Harrisburg BSides Presentation - 100219
Harrisburg BSides Presentation - 100219Harrisburg BSides Presentation - 100219
Harrisburg BSides Presentation - 100219
Evan Francen
 
Keynote @ ISC2 Cyber Aware Dallas
Keynote @ ISC2 Cyber Aware DallasKeynote @ ISC2 Cyber Aware Dallas
Keynote @ ISC2 Cyber Aware Dallas
Evan Francen
 
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and AfraidAECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
Phil Agcaoili
 
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
Steve Poole
 
Declaration of Mal(WAR)e
Declaration of Mal(WAR)eDeclaration of Mal(WAR)e
Declaration of Mal(WAR)e
NetSPI
 
Holistic Rubric Persuasive Essay - Writefiction581.Web
Holistic Rubric Persuasive Essay - Writefiction581.WebHolistic Rubric Persuasive Essay - Writefiction581.Web
Holistic Rubric Persuasive Essay - Writefiction581.Web
Katie Harris
 
WANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language ProblemWANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language Problem
Evan Francen
 
Cybercrime and the Developer: How to Start Defending Against the Darker Side
Cybercrime and the Developer: How to Start Defending Against the Darker SideCybercrime and the Developer: How to Start Defending Against the Darker Side
Cybercrime and the Developer: How to Start Defending Against the Darker Side
Steve Poole
 
Cybersecurity Awareness- Libya' 1st Cybersecurity Days Conference (CDC)
Cybersecurity Awareness- Libya' 1st Cybersecurity Days Conference (CDC)Cybersecurity Awareness- Libya' 1st Cybersecurity Days Conference (CDC)
Cybersecurity Awareness- Libya' 1st Cybersecurity Days Conference (CDC)
Esam Abulkhirat
 
A Tutorial to AI Ethics - Fairness, Bias & Perception
A Tutorial to AI Ethics - Fairness, Bias & Perception A Tutorial to AI Ethics - Fairness, Bias & Perception
A Tutorial to AI Ethics - Fairness, Bias & Perception
Dr. Kim (Kyllesbech Larsen)
 
Telling the InfoSec Story
Telling the InfoSec StoryTelling the InfoSec Story
Telling the InfoSec Story
Argyle Executive Forum
 
Cyber Risk in Real Estate Sales - Workshop Presentation
Cyber Risk in Real Estate Sales - Workshop PresentationCyber Risk in Real Estate Sales - Workshop Presentation
Cyber Risk in Real Estate Sales - Workshop Presentation
Brad Deflin
 
Bcc risk advisory irisscon 2013 - vulnerability management by the numbers a...
Bcc risk advisory irisscon 2013 - vulnerability management by the numbers a...Bcc risk advisory irisscon 2013 - vulnerability management by the numbers a...
Bcc risk advisory irisscon 2013 - vulnerability management by the numbers a...
Eoin Keary
 
EVOLVE to demand. demand to evolve by Igor Volovich
EVOLVE to demand. demand to evolve by Igor VolovichEVOLVE to demand. demand to evolve by Igor Volovich
EVOLVE to demand. demand to evolve by Igor Volovich
EC-Council
 
Data Driven Risk Assessment
Data Driven Risk AssessmentData Driven Risk Assessment
Data Driven Risk Assessment
Resolver Inc.
 
R af d
R af dR af d
R af d
William L. McGill
 
Risk Analysis for Dummies
Risk Analysis for DummiesRisk Analysis for Dummies
Risk Analysis for Dummies
William L. McGill
 
RIPE 83: How much 'bad traffic' should I be seeing from each economy?
RIPE 83: How much 'bad traffic' should I be seeing from each economy?RIPE 83: How much 'bad traffic' should I be seeing from each economy?
RIPE 83: How much 'bad traffic' should I be seeing from each economy?
APNIC
 
Cyber Security Resilience from Metro Louisville Govt.
Cyber Security Resilience from Metro Louisville Govt. Cyber Security Resilience from Metro Louisville Govt.
Cyber Security Resilience from Metro Louisville Govt.
Dawn Yankeelov
 
Threat Finance – How financial institutions and governments can choke off fin...
Threat Finance – How financial institutions and governments can choke off fin...Threat Finance – How financial institutions and governments can choke off fin...
Threat Finance – How financial institutions and governments can choke off fin...
emermell
 
Keynote @ ECMECC School Security Summit
Keynote @ ECMECC School Security SummitKeynote @ ECMECC School Security Summit
Keynote @ ECMECC School Security Summit
SecurityStudio
 
People Committed to Solving our Information Security Language Problem
People Committed to Solving our Information Security Language ProblemPeople Committed to Solving our Information Security Language Problem
People Committed to Solving our Information Security Language Problem
SecurityStudio
 

Mais conteúdo relacionado

Semelhante a Ransomware Readiness 101 - How prepared are you?

Declaration of Mal(WAR)e
Declaration of Mal(WAR)eDeclaration of Mal(WAR)e
Declaration of Mal(WAR)e
NetSPI
 
Cybercrime and the Developer: How to Start Defending Against the Darker Side
Cybercrime and the Developer: How to Start Defending Against the Darker SideCybercrime and the Developer: How to Start Defending Against the Darker Side
Cybercrime and the Developer: How to Start Defending Against the Darker Side
Steve Poole
 
Telling the InfoSec Story
Telling the InfoSec StoryTelling the InfoSec Story
Telling the InfoSec Story
Argyle Executive Forum
 
Bcc risk advisory irisscon 2013 - vulnerability management by the numbers a...
Bcc risk advisory irisscon 2013 - vulnerability management by the numbers a...Bcc risk advisory irisscon 2013 - vulnerability management by the numbers a...
Bcc risk advisory irisscon 2013 - vulnerability management by the numbers a...
Eoin Keary
 
Threat Finance – How financial institutions and governments can choke off fin...
Threat Finance – How financial institutions and governments can choke off fin...Threat Finance – How financial institutions and governments can choke off fin...
Threat Finance – How financial institutions and governments can choke off fin...
emermell
 

Semelhante a Ransomware Readiness 101 - How prepared are you? (20)

Harrisburg BSides Presentation - 100219
Harrisburg BSides Presentation - 100219Harrisburg BSides Presentation - 100219
Harrisburg BSides Presentation - 100219
 
Keynote @ ISC2 Cyber Aware Dallas
Keynote @ ISC2 Cyber Aware DallasKeynote @ ISC2 Cyber Aware Dallas
Keynote @ ISC2 Cyber Aware Dallas
 
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and AfraidAECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
AECF: A Look into Cyber Crime - Doomsday Preppers for the Naked and Afraid
 
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
 
Declaration of Mal(WAR)e
Declaration of Mal(WAR)eDeclaration of Mal(WAR)e
Declaration of Mal(WAR)e
 
Holistic Rubric Persuasive Essay - Writefiction581.Web
Holistic Rubric Persuasive Essay - Writefiction581.WebHolistic Rubric Persuasive Essay - Writefiction581.Web
Holistic Rubric Persuasive Essay - Writefiction581.Web
 
WANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language ProblemWANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language Problem
 
Cybercrime and the Developer: How to Start Defending Against the Darker Side
Cybercrime and the Developer: How to Start Defending Against the Darker SideCybercrime and the Developer: How to Start Defending Against the Darker Side
Cybercrime and the Developer: How to Start Defending Against the Darker Side
 
Cybersecurity Awareness- Libya' 1st Cybersecurity Days Conference (CDC)
Cybersecurity Awareness- Libya' 1st Cybersecurity Days Conference (CDC)Cybersecurity Awareness- Libya' 1st Cybersecurity Days Conference (CDC)
Cybersecurity Awareness- Libya' 1st Cybersecurity Days Conference (CDC)
 
A Tutorial to AI Ethics - Fairness, Bias & Perception
A Tutorial to AI Ethics - Fairness, Bias & Perception A Tutorial to AI Ethics - Fairness, Bias & Perception
A Tutorial to AI Ethics - Fairness, Bias & Perception
 
Telling the InfoSec Story
Telling the InfoSec StoryTelling the InfoSec Story
Telling the InfoSec Story
 
Cyber Risk in Real Estate Sales - Workshop Presentation
Cyber Risk in Real Estate Sales - Workshop PresentationCyber Risk in Real Estate Sales - Workshop Presentation
Cyber Risk in Real Estate Sales - Workshop Presentation
 
Bcc risk advisory irisscon 2013 - vulnerability management by the numbers a...
Bcc risk advisory irisscon 2013 - vulnerability management by the numbers a...Bcc risk advisory irisscon 2013 - vulnerability management by the numbers a...
Bcc risk advisory irisscon 2013 - vulnerability management by the numbers a...
 
EVOLVE to demand. demand to evolve by Igor Volovich
EVOLVE to demand. demand to evolve by Igor VolovichEVOLVE to demand. demand to evolve by Igor Volovich
EVOLVE to demand. demand to evolve by Igor Volovich
 
Data Driven Risk Assessment
Data Driven Risk AssessmentData Driven Risk Assessment
Data Driven Risk Assessment
 
R af d
R af dR af d
R af d
 
Risk Analysis for Dummies
Risk Analysis for DummiesRisk Analysis for Dummies
Risk Analysis for Dummies
 
RIPE 83: How much 'bad traffic' should I be seeing from each economy?
RIPE 83: How much 'bad traffic' should I be seeing from each economy?RIPE 83: How much 'bad traffic' should I be seeing from each economy?
RIPE 83: How much 'bad traffic' should I be seeing from each economy?
 
Cyber Security Resilience from Metro Louisville Govt.
Cyber Security Resilience from Metro Louisville Govt. Cyber Security Resilience from Metro Louisville Govt.
Cyber Security Resilience from Metro Louisville Govt.
 
Threat Finance – How financial institutions and governments can choke off fin...
Threat Finance – How financial institutions and governments can choke off fin...Threat Finance – How financial institutions and governments can choke off fin...
Threat Finance – How financial institutions and governments can choke off fin...
 

Mais de SecurityStudio

Mais de SecurityStudio (6)

Keynote @ ECMECC School Security Summit
Keynote @ ECMECC School Security SummitKeynote @ ECMECC School Security Summit
Keynote @ ECMECC School Security Summit
 
People Committed to Solving our Information Security Language Problem
People Committed to Solving our Information Security Language ProblemPeople Committed to Solving our Information Security Language Problem
People Committed to Solving our Information Security Language Problem
 
ISSA-OC and Webster University Cybersecurity Seminar Series Presentation
ISSA-OC and Webster University Cybersecurity Seminar Series PresentationISSA-OC and Webster University Cybersecurity Seminar Series Presentation
ISSA-OC and Webster University Cybersecurity Seminar Series Presentation
 
WANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language ProblemWANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language Problem
 
WANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language ProblemWANTED – People Committed to Solving our Information Security Language Problem
WANTED – People Committed to Solving our Information Security Language Problem
 
How to Secure America
How to Secure AmericaHow to Secure America
How to Secure America
 

Último

Private Call Girls Bidar 9332606886Call Girls Advance Cash On Delivery Service
Private Call Girls Bidar 9332606886Call Girls Advance Cash On Delivery ServicePrivate Call Girls Bidar 9332606886Call Girls Advance Cash On Delivery Service
Private Call Girls Bidar 9332606886Call Girls Advance Cash On Delivery Service
kumargunjan9515
 
Competitive Advantage slide deck___.pptx
Competitive Advantage slide deck___.pptxCompetitive Advantage slide deck___.pptx
Competitive Advantage slide deck___.pptx
ScottMeyers35
 
Vasai Call Girls In 07506202331, Nalasopara Call Girls In Mumbai
Vasai Call Girls In 07506202331, Nalasopara Call Girls In MumbaiVasai Call Girls In 07506202331, Nalasopara Call Girls In Mumbai
Vasai Call Girls In 07506202331, Nalasopara Call Girls In Mumbai
Priya Reddy
 
Call Girls AS Rao Nagar - 8250092165 Our call girls are sure to provide you w...
Call Girls AS Rao Nagar - 8250092165 Our call girls are sure to provide you w...Call Girls AS Rao Nagar - 8250092165 Our call girls are sure to provide you w...
Call Girls AS Rao Nagar - 8250092165 Our call girls are sure to provide you w...
kumargunjan9515
 
2024 asthma jkdjkfjsdklfjsdlkfjskldfgdsgerg
2024 asthma jkdjkfjsdklfjsdlkfjskldfgdsgerg2024 asthma jkdjkfjsdklfjsdlkfjskldfgdsgerg
2024 asthma jkdjkfjsdklfjsdlkfjskldfgdsgerg
MadhuKothuru
 
Nagerbazar @ Independent Call Girls Kolkata - 450+ Call Girl Cash Payment 800...
Nagerbazar @ Independent Call Girls Kolkata - 450+ Call Girl Cash Payment 800...Nagerbazar @ Independent Call Girls Kolkata - 450+ Call Girl Cash Payment 800...
Nagerbazar @ Independent Call Girls Kolkata - 450+ Call Girl Cash Payment 800...
HyderabadDolls
 
Call Girls Mehsana / 8250092165 Genuine Call girls with real Photos and Number
Call Girls Mehsana / 8250092165 Genuine Call girls with real Photos and NumberCall Girls Mehsana / 8250092165 Genuine Call girls with real Photos and Number
Call Girls Mehsana / 8250092165 Genuine Call girls with real Photos and Number
Sareena Khatun
 
Call Girls Koregaon Park - 8250092165 Our call girls are sure to provide you ...
Call Girls Koregaon Park - 8250092165 Our call girls are sure to provide you ...Call Girls Koregaon Park - 8250092165 Our call girls are sure to provide you ...
Call Girls Koregaon Park - 8250092165 Our call girls are sure to provide you ...
Sareena Khatun
 

Último (20)

tOld settlement register shouldnotaffect BTR
tOld settlement register shouldnotaffect BTRtOld settlement register shouldnotaffect BTR
tOld settlement register shouldnotaffect BTR
 
NGO working for orphan children’s education
NGO working for orphan children’s educationNGO working for orphan children’s education
NGO working for orphan children’s education
 
9867746289 Independent Call Girls in Mumbai Airport 24/7 - Mumbai Escorts
9867746289 Independent Call Girls in Mumbai Airport 24/7 - Mumbai Escorts9867746289 Independent Call Girls in Mumbai Airport 24/7 - Mumbai Escorts
9867746289 Independent Call Girls in Mumbai Airport 24/7 - Mumbai Escorts
 
Private Call Girls Bidar 9332606886Call Girls Advance Cash On Delivery Service
Private Call Girls Bidar 9332606886Call Girls Advance Cash On Delivery ServicePrivate Call Girls Bidar 9332606886Call Girls Advance Cash On Delivery Service
Private Call Girls Bidar 9332606886Call Girls Advance Cash On Delivery Service
 
NAP Expo - Delivering effective and adequate adaptation.pptx
NAP Expo - Delivering effective and adequate adaptation.pptxNAP Expo - Delivering effective and adequate adaptation.pptx
NAP Expo - Delivering effective and adequate adaptation.pptx
 
The NAP process & South-South peer learning
The NAP process & South-South peer learningThe NAP process & South-South peer learning
The NAP process & South-South peer learning
 
Antisemitism Awareness Act: pénaliser la critique de l'Etat d'Israël
Antisemitism Awareness Act: pénaliser la critique de l'Etat d'IsraëlAntisemitism Awareness Act: pénaliser la critique de l'Etat d'Israël
Antisemitism Awareness Act: pénaliser la critique de l'Etat d'Israël
 
Contributi dei parlamentari del PD - Contributi L. 3/2019
Contributi dei parlamentari del PD - Contributi L. 3/2019Contributi dei parlamentari del PD - Contributi L. 3/2019
Contributi dei parlamentari del PD - Contributi L. 3/2019
 
2024 UN Civil Society Conference in Support of the Summit of the Future.
2024 UN Civil Society Conference in Support of the Summit of the Future.2024 UN Civil Society Conference in Support of the Summit of the Future.
2024 UN Civil Society Conference in Support of the Summit of the Future.
 
Competitive Advantage slide deck___.pptx
Competitive Advantage slide deck___.pptxCompetitive Advantage slide deck___.pptx
Competitive Advantage slide deck___.pptx
 
Lorain Road Business District Revitalization Plan Final Presentation
Lorain Road Business District Revitalization Plan Final PresentationLorain Road Business District Revitalization Plan Final Presentation
Lorain Road Business District Revitalization Plan Final Presentation
 
2024: The FAR, Federal Acquisition Regulations, Part 32
2024: The FAR, Federal Acquisition Regulations, Part 322024: The FAR, Federal Acquisition Regulations, Part 32
2024: The FAR, Federal Acquisition Regulations, Part 32
 
Sustainability by Design: Assessment Tool for Just Energy Transition Plans
Sustainability by Design: Assessment Tool for Just Energy Transition PlansSustainability by Design: Assessment Tool for Just Energy Transition Plans
Sustainability by Design: Assessment Tool for Just Energy Transition Plans
 
Vasai Call Girls In 07506202331, Nalasopara Call Girls In Mumbai
Vasai Call Girls In 07506202331, Nalasopara Call Girls In MumbaiVasai Call Girls In 07506202331, Nalasopara Call Girls In Mumbai
Vasai Call Girls In 07506202331, Nalasopara Call Girls In Mumbai
 
Call Girls AS Rao Nagar - 8250092165 Our call girls are sure to provide you w...
Call Girls AS Rao Nagar - 8250092165 Our call girls are sure to provide you w...Call Girls AS Rao Nagar - 8250092165 Our call girls are sure to provide you w...
Call Girls AS Rao Nagar - 8250092165 Our call girls are sure to provide you w...
 
AHMR volume 10 number 1 January-April 2024
AHMR volume 10 number 1 January-April 2024AHMR volume 10 number 1 January-April 2024
AHMR volume 10 number 1 January-April 2024
 
2024 asthma jkdjkfjsdklfjsdlkfjskldfgdsgerg
2024 asthma jkdjkfjsdklfjsdlkfjskldfgdsgerg2024 asthma jkdjkfjsdklfjsdlkfjskldfgdsgerg
2024 asthma jkdjkfjsdklfjsdlkfjskldfgdsgerg
 
Nagerbazar @ Independent Call Girls Kolkata - 450+ Call Girl Cash Payment 800...
Nagerbazar @ Independent Call Girls Kolkata - 450+ Call Girl Cash Payment 800...Nagerbazar @ Independent Call Girls Kolkata - 450+ Call Girl Cash Payment 800...
Nagerbazar @ Independent Call Girls Kolkata - 450+ Call Girl Cash Payment 800...
 
Call Girls Mehsana / 8250092165 Genuine Call girls with real Photos and Number
Call Girls Mehsana / 8250092165 Genuine Call girls with real Photos and NumberCall Girls Mehsana / 8250092165 Genuine Call girls with real Photos and Number
Call Girls Mehsana / 8250092165 Genuine Call girls with real Photos and Number
 
Call Girls Koregaon Park - 8250092165 Our call girls are sure to provide you ...
Call Girls Koregaon Park - 8250092165 Our call girls are sure to provide you ...Call Girls Koregaon Park - 8250092165 Our call girls are sure to provide you ...
Call Girls Koregaon Park - 8250092165 Our call girls are sure to provide you ...
 

Ransomware Readiness 101 - How prepared are you?

  • 1. Ransomware Readiness 101 – How prepared are you? Preparing, detecting, and responding to ransomware in local government
  • 2. Agenda - Format Solving our Information Security Language Problem
  • 3. This is an interactive presentation. I want you to come away with something real, something tangible. Do THIS - Go download the Ransomware Readiness Assessment. https://wp.me/aaDXKz-xl We’re going to use this in a little bit… Housekeeping Item #1
  • 4. IMPORTANT! Before I get started… • The World Health Organization states that over 800,000 people die every year due to suicide. Suicide is the second leading cause of death in 15-29-year-olds. • 5 percent of adults (18 or older) experience a mental illness in any one year • In the United States, almost half of adults (46.4 percent) will experience a mental illness during their lifetime. • In the United States, only 41 percent of the people who had a mental disorder in the past year received professional health care or other services. • https://www.mentalhealthhackers.org/resources-and-links/
  • 5. ME: Evan Francen, CEO & Founder of FRSecure and SecurityStudio I do a lot of security stuff… • Co-inventor of SecurityStudio® (or S²), S²Score, S²Org, S²Vendor, S²Team, and S²Me • Made a little, simple, and free ransomware readiness assessment • 25+ years of “practical” information security experience (started as a Cisco Engineer in the early 90s) • Worked as CISO and vCISO for hundreds of companies. • Developed the FRSecure Mentor Program; six students in 2010, 532 last year, and more than 750 signed up already for this year. • Advised legal counsel in very public breaches (Target, Blue Cross/Blue Shield, etc.) How do we secure America? AKA: The “Truth” MANTRA: Information security isn’t about information or security as much as it is about people. Information security is ALWAYS about people.
  • 6. UNSECURITY: Information Security Is Failing. Breaches Are Epidemic. How Can We Fix This Broken Industry? Published January, 2019 How do we secure America?
  • 7. UNSECURITY: Information Security Is Failing. Breaches Are Epidemic. How Can We Fix This Broken Industry? Published January, 2019 How do we secure America? Russian friend. Chinese friend.
  • 8. FREE STUFF #1 – Most relevant to today’s discussion. Go get your Ransomware Readiness Assessment - https://wp.me/aaDXKz-xl #2 – Go get your free S²Org information security risk assessment – https://securitystudio.com/ #3 – Go get your free S²Me personal information security risk assessment – https://s2me.io #4 – Sign up for the FRSecure CISSP Mentor Program – https://frsecure.com/cissp-mentor-program/ All free, in exchange for feedback and participation.
  • 9. Ransomware – How Bad Is It?
  • 10. Ransomware – How Bad Is It? It’s pretty bad.
  • 11. Ransomware – How Bad Is It? It’s pretty bad. • Everybody knows about Baltimore right? ~$18MM
  • 12. Ransomware – How Bad Is It? It’s pretty bad. • Everybody knows about Baltimore right? ~$18MM • Atlanta was almost as bad. ~$17MM
  • 13. Ransomware – How Bad Is It? It’s pretty bad. • Everybody knows about Baltimore right? ~$18MM • Atlanta was almost as bad. ~$17MM • New Orleans? ~7MM
  • 14. Ransomware – How Bad Is It? It’s pretty bad. • Everybody knows about Baltimore right? ~$18MM • Atlanta was almost as bad. ~$17MM • New Orleans? ~7MM • Riviera Beach (FL)? $600K (paid the ransom)
  • 15. Ransomware – How Bad Is It? It’s pretty bad. • Everybody knows about Baltimore right? ~$18MM • Atlanta was almost as bad. ~$17MM • New Orleans? ~7MM • Riviera Beach (FL)? $600K (paid the ransom) • Lake City (FL)? $530K (paid the ransom)
  • 16. Ransomware – How Bad Is It? It’s pretty bad. • Everybody knows about Baltimore right? ~$18MM • Atlanta was almost as bad. ~$17MM • New Orleans? ~7MM • Riviera Beach (FL)? $600K (paid the ransom) • Lake City (FL)? $530K (paid the ransom) • Tillamook County (OR)? Still down – attacked on 1/22
  • 17. Ransomware – How Bad Is It? It’s pretty bad. • Everybody knows about Baltimore right? ~$18MM • Atlanta was almost as bad. ~$17MM • New Orleans? ~7MM • Riviera Beach (FL)? $600K (paid the ransom) • Lake City (FL)? $530K (paid the ransom) • Tillamook County (OR)? Still down – attacked on 1/22 • Duplin County (NC)? Still down – attacked 2/3
  • 18. Ransomware – How Bad Is It? It’s pretty bad. • Everybody knows about Baltimore right? ~$18MM • Atlanta was almost as bad. ~$17MM • New Orleans? ~7MM • Riviera Beach (FL)? $600K (paid the ransom) • Lake City (FL)? $530K (paid the ransom) • Tillamook County (OR)? Still down – attacked on 1/22 • Duplin County (NC)? Still down – attacked 2/3 • Racine (WI)? Still down – attacked 1/31
  • 19. Ransomware – How Bad Is It? It’s pretty bad. • Everybody knows about Baltimore right? ~$18MM • Atlanta was almost as bad. ~$17MM • New Orleans? ~7MM • Riviera Beach (FL)? $600K (paid the ransom) • Lake City (FL)? $530K (paid the ransom) • Tillamook County (OR)? Still down – attacked on 1/22 • Duplin County (NC)? Still down – attacked 2/3 • Racine (WI)? Still down – attacked 1/31 Most of them thought they were fine. Like you and me, I suppose.
  • 20. Ransomware – How Bad Is It? It’s pretty bad. • Everybody knows about Baltimore right? ~$18MM • Atlanta was almost as bad. ~$17MM • New Orleans? ~7MM • Riviera Beach (FL)? $600K (paid the ransom) • Lake City (FL)? $530K (paid the ransom) • Tillamook County (OR)? Still down – attacked on 1/22 • Duplin County (NC)? Still down – attacked 2/3 • Racine (WI)? Still down – attacked 1/31 Most of them thought they were fine. Like you and me, I suppose. But, you’ve got “cyber” insurance right? So no big.
  • 21. Ransomware – How Bad Is It? It’s pretty bad. • Everybody knows about Baltimore right? ~$18MM • Atlanta was almost as bad. ~$17MM • New Orleans? ~7MM • Riviera Beach (FL)? $600K (paid the ransom) • Lake City (FL)? $530K (paid the ransom) • Tillamook County (OR)? Still down – attacked on 1/22 • Duplin County (NC)? Still down – attacked 2/3 • Racine (WI)? Still down – attacked 1/31 Most of them thought they were fine. Like you and me, I suppose. But, you’ve got “cyber” insurance right? So no big.
  • 22. Ransomware – How Bad Is It? It’s pretty bad.
  • 23. Ransomware – How Bad Is It? It’s pretty bad. • In the 4th quarter of 2019, FRSecure responded to 19 incidents, and most of them were ransomware.
  • 24. Ransomware – How Bad Is It? It’s pretty bad. • In the 4th quarter of 2019, FRSecure responded to 19 incidents, and most of them were ransomware. • And are you ready for the next thing?
  • 25. Ransomware – How Bad Is It? It’s pretty bad. • In the 4th quarter of 2019, FRSecure responded to 19 incidents, and most of them were ransomware. • And are you ready for the next thing?
  • 26. Ransomware – How Bad Is It? It’s pretty bad. • In the 4th quarter of 2019, FRSecure responded to 19 incidents, and most of them were ransomware. • And are you ready for the next thing? The next thing(s) are combination ransomware/extortion attacks.
  • 27. Ransomware – How Bad Is It? It’s pretty bad. Source: https://www.coveware.com/blog/2020/1/2 2/ransomware-costs-double-in-q4-as-ryuk- sodinokibi-proliferate OK, great. Now what?! Simple (sort of). Get ready.
  • 28. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. • Originally created in 2017 • Nothing has changed. • Same attack vectors • Same preventative controls. • Same detective controls. • Same responsive controls. • Same corrective controls. • No matter what you do, you will not be able to prevent all bad things from happening. This is NOT the goal anyway. • The name of the game is risk management (possible) and NOT risk elimination (impossible). • Assess the problem before trying to fix the problem. Free and open source. Released under the Creative Commons License.
  • 29. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best.
  • 30. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Keyword “simply”.
  • 31. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Keyword “simply”. Can’t manage what you can’t measure.
  • 32. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Keyword “simply”. Can’t manage what you can’t measure. INCOMPLETE (until it’s not)
  • 33. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Keyword “simply”. Can’t manage what you can’t measure. INCOMPLETE (until it’s not) Need a translation for the “normal” people
  • 34. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Six tabs containing sections that correlate here.
  • 35. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Six tabs containing sections that correlate here. Six Sections: 1. Clients 2. Storage 3. Practices 4. Antivirus 5. Network 6. Servers
  • 36. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Client Systems
  • 37. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Client Systems Key Risk Indicators are red.
  • 38. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Client Systems Key Risk Indicators are red. Just answer “Yes” or “No” (25 questions)
  • 39. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. After all questions are answered, a score is calculated.
  • 40. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. After all questions are answered, a score is calculated. If you don’t know the answers, then this is a great education tool. You should know.
  • 41. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Back on the dashboard, scores have been updated.
  • 42. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Storage
  • 43. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. StorageOnly seven questions here!
  • 44. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Same thing. Score after ?s are answered and an updated dashboard.
  • 45. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. 10 questions about “Practices”.
  • 46. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. 10 questions about “Antivirus”.
  • 47. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. 13 questions about the “Network”.
  • 48. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Finally, nine “Server” questions.
  • 49. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. FINAL RESULTS?! Back to the Dashboard.
  • 50. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. FINAL RESULTS?! Back to the Dashboard.
  • 51. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. FINAL RESULTS?! Back to the Dashboard. I was sort of hoping for better than “Poor”. Give me hope and a dollar, and I’ve got a dollar. Need action too!
  • 52. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Quick recap of KRIs. 1. Stay up to date with all software (OS, applications, etc.). 2. Do backups, protect your backups, and (PLEASE) test your backups often. 3. Establish solid incident response capabilities (policy, procedures, training, testing, etc.). 4. Default deny is your friend. 5. Restrict permissions/privileges everywhere. Someday, you’re going to have to get your hands around this.
  • 53. WISDOM: Plan for the worst, hope for the best. Quick recap of KRIs. 1. Stay up to date with all software (OS, applications, etc.). 2. Do backups, protect your backups, and (PLEASE) test your backups often. 3. Establish solid incident response capabilities (policy, procedures, training, testing, etc.). 4. Default deny is your friend. 5. Restrict permissions/privileges everywhere. Someday, you’re going to have to get your hands around this. The Ransomware Readiness Assessment This won’t get your files or systems back.
  • 54. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Quick recap of KRIs. 1. Stay up to date with all software (OS, applications, etc.). 2. Do backups, protect your backups, and (PLEASE) test your backups often. 3. Establish solid incident response capabilities (policy, procedures, training, testing, etc.). 4. Default deny is your friend. 5. Restrict permissions/privileges everywhere. Someday, you’re going to have to get your hands around this. This won’t get your files or systems back. But this will.
  • 55. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Quick recap of KRIs. 1. Stay up to date with all software (OS, applications, etc.). 2. Do backups, protect your backups, and (PLEASE) test your backups often. 3. Establish solid incident response capabilities (policy, procedures, training, testing, etc.). 4. Default deny is your friend. 5. Restrict permissions/privileges everywhere. Someday, you’re going to have to get your hands around this. Multi-factor authentication, especially for (or starting with) externally accessible systems. There are ZERO acceptable reasons for not protecting external resources with MFA. ZERO as in NONE or NO or NADA or NIL or ZILCH.
  • 56. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Takeaways… 1. Don’t just rely on experience or “gut” feel. 2. Plan for a ransomware attack. It’s more likely than you think. 3. The Ransomware Readiness Assessment is just a guide. 4. The Ransomware Readiness Assessment is a learning tool for you, your colleagues, and others. 5. Don’t assume anything. (empty spaces always get filled) That’s it.
  • 57. The Ransomware Readiness Assessment WISDOM: Plan for the worst, hope for the best. Thank you! Where you can find me… Personal Website: https://evanfrancen.com UNSECURITY Podcast (weekly) Twitter: @evanfrancen LinkedIn: https://www.linkedin.com/in/evanfrancen/