Cybersecurity After Dark | Episode 5

It doesn’t take much to expose an organization to ransomware. Whether it’s a vulnerability from not patching or an uninformed employee clicking on an “infected” link, a lot of ransomware attacks happen because of a lack of cybersecurity protocols. That’s why good cybersecurity hygiene is crucial…and also pretty simple. Sean and Dan lay out six key areas for ransomware protection.

Catch the full episode on YouTube! 

1. End-user training

Sean and Dan agree that end-user training should be first and foremost at the top of any cybersecurity protection plan. People are all too often the point of failure for ransomware attacks. It takes one click on a suspicious phishing email, and the organization could be compromised. The best way to curb this habit is to educate your users, especially employees and staff. 

There are many programs out there, but here’s what to look for: 

  • Webinars with lessons and quizzes that must be passed
  • Ensure that the program also has overhead from management that can track program completion
  • How do you know the program works? Test people with synthetic phishing attacks that evaluate the user on their ability to put cybersecurity best practices into action

End-user training should create benchmarks that make people smarter and more aware. Let’s face it not everyone is tech-savvy and even those who claim to be can be fooled. Educating people on what to look out for is the first step in creating a solid ransomware protection program.

2. Phishing Detection 

Phishing detection is a technology that funnels suspect emails before they are delivered to an inbox. A good system will flag and label suspect content and place it in a separate space for review. Then users can identify whether the mail is safe or further inform the phishing detection service that the sender is definitely unsafe.

3. Identity Access Management for ransomware protection

Third on the list is Single-Sign-On (SSO) and Multi-factor Authentication (MFA). These ransomware protections reduce the attack surface. Passwords are vulnerable and access can be easy sometimes, especially when people use their name and birthday consistently (we are all guilty). If you do enact SSO, it’s important to emphasize complex passwords and periodically update those passwords. CISA recently identified SSO as a “bad practice”, so many organizations may begin phasing it out in favor of MFA.

MFA requires two-step or more authentication via virtual or physical tokens. This could mean logging in with a password, and then authenticating the environment with a code sent to your phone. It sets up a whole other level of policy for access controls, by enabling management or IT to allow specified access to applications based on location or level of authority. For instance, it dynamically understands where you are for a successful login and flags suspicious activity. Someone logging in from Washington, D.C. and then an hour later from San Francisco would be flagged due to the sheer impossibility of a person traveling that fast.

4. End-point detection and response

As Dan puts it, the end-point detection response is the “just in time control.” Unfortunately, things do get through signature-based controls. That’s why it’s important to monitor endpoint and network events and record the information in a central database where analysis, detection, reporting, and alerting can take place. This ransomware protection method isolates suspicious activity in systems, sends alerts to the firewall, and upon further investigation can also help with false positives. In the future, there’s a lot of push for this advanced security technology to incorporate AI for end-point detection. Equipped with that kind of knowledge base, the system may even be able to create a self-healing response to cyber attacks.

5. Patch management as ransomware protection

“Patch your stuff!” says Sean. There is nothing more frustrating than a cyber attack that could have been avoided with a simple update. Patching is critical for any organization, especially those that are in a remote or hybrid work environment. Make cyber hygiene routine. Whether weekly or otherwise, create a schedule around these updates and make employees aware of them. About 12 percent of outward-facing exchange servers on the internet are still unpatched, which is baffling to Sean and Dan. Whether it’s laziness or ignorance, doesn’t matter; your IT management needs to be on top of patch management as a ransomware protection method.

6. Network isolation and segmentation 

Network isolation and segmentation should be planned during the design phase of a network infrastructure. The network engineering team should always consider cybersecurity and operations. It prevents ransomware by isolating things in the network so that if ransomware does hit, you can contain the attack within a certain subnet area. It does this by ensuring that things that should communicate do communicate. Those that don’t need to communicate do not have a way to communicate. For instance, your internet should not be reachable from a production system that manufactures automobiles. 

Ransomware protection means prioritizing cybersecurity 

There are too many examples of organizations that have not prioritized cybersecurity protocols and have suffered the consequences of a compromised system. The cost of a ransomware attack far outweighs taking time to train people and investing in strong systems that are built around ransomware protection. As organizations continue to expand their digital experiences and commerce, these six key cybersecurity protocols are essential for securing assets and the organization’s bottom line.

 

Catch the full details from Cybersecurity After Dark

Nichole Kelly

Nichole Kelly

Vice President of Growth

Nichole Kelly brings over two decades of experience in growing organizations top line and bottom line revenue. As one of the leading marketing influencers she is the author of "How to Measure Social Media" and has traveled the world teaching marketers how to build and execute ROI-driven marketing strategies at every major marketing conference. Also an entrepreneur, Kelly was also the founder of SME Digital, a digital marketing agency that was sold to Renegade Marketing.

Kelly leads an active life of service and is the founder of The Bipolar Executive blog and podcast. This project is  designed to help shift the conversation around mental illness to one of mental wellness in Corporate America. 

Kelly holds a Bachelor’s Degree in Business Administration with a minor in Marketing from Saint Leo University.

Connect on my blog The Bipolar Executive

Connect on LinkedIn

Chris Schroeder

Vice President of Engineering, Co-Founder

Chris Schroeder has over 25 years of experience in large complex IT environments from the Fortune 500 to the federal government. Chris has an extensive technology background in mobility, infrastructure operations, and data analytics. Schroeder is a seasoned entrepreneur and co-founder of App47 and the Vice President of Engineering and co-founder of RealOps (sold to BMC).

Chris is an active volunteer in his community coaching boys and girls lacrosse, supporting high school STEM programs, and serving on the Pastoral Council. 

Schroeder holds a Bachelor’s Degree in Computer Science from Radford University and a Masters Degree in Technology Engineering from George Washington University.

Connect on LinkedIn

Sean McDermott

President & CEO, Founder

Sean McDermott’s curiosity for advancing technology began at his first job as a network engineer/architect installing and managing the first private internet for the U.S. Department of Justice. At a time when the internet was just taking off, McDermott was at the forefront and has continued to be on the cutting edge of technology leading Fortune 500 companies through the dot-com bust, 9/11 and the 2008 recession. Sean has over three decades of experience working with CIOs in the Fortune 500 to trail blaze innovation and protect the IT infrastructure of the largest commercial and federal organizations in the world. 

McDermott is a mission-driven, serial entrepreneur who founded Windward Consulting Group, RealOps, Inc. (sold to BMC), App47 and RedMonocle. He is also the founder of the Windward Foundation and Alzheimer’s Caregiver Alliance, an organization dedicated to easing the burden of caregiving for individuals and families touched by Alzheimer’s disease.

McDermott is a member of the Forbes Tech Council and has been featured in Security Boulevard, TechRepublic, IT Visionaries, APM Digest, Inside BigData, DevPro Journal, IT Toolbox and more. He  holds a Bachelor’s Degree in Electrical Engineering from Villanova University and a Masters in Engineering Management from The Catholic University of America. 

Connect on my blog Wheels up World 

Connect on LinkedIn

.