It is good to know that the perpetrators have not yet been profitable in their massive global cyber ransomware attack last week Friday. However, the disruption is an enormous and is likely not the end.
It is a good time to self-reflect on your internal security best practices. In case you feel stuck, here are some RedLegg offerings:
Every company and experience is unique. Having a vCISO to turn to in times of questions, timing and planning is important. Your RedLegg vCISO can cordinate Red Team Table Top Exercises where a group of key people sit at a table and go through a potential environmental hack without it really happening. As the experience partakes it will test the process effectiveness and identify the weak links and necessary improvements.
Keep testing your employees. Are they still clicking? Keep teaching them to think before they open and click. Everyone is going to make a mistake but when they do who do they call? How is it fixed? What happens? Practice!
Managed Security Services
Monitoring what is happening is a key component to seeing where, when and how malware is entering the network. RedLegg MSS Engineers monitor alerts coming in from the SIEM, UTM, End Points, ATD and IPS. They use Threat Intel to review and decide on severity level.
Run a self-vulnerability scan once a month or via RedLegg’s Monthly Vulnerability Management Security Service. Identify the gaps and see where the simple vulnerabilities are. At this point, go in and remediate the high and critical.