The Cybersecurity and Infrastructure Security Agency (CISA), working with multiple other agencies has published an updated version of the “ #StopRansomware Guide ”. This latest version is an all-in-one resource to assist organizations in reducing ransomware related incidents through the implementation of best practices. Included are methodologies related to the detection, prevention, response & recovery enhanced by valuable lessons learned since the document’s initial release in 2020. Typical topics include:
- Recommendations for the prevention of compromised credentials and passwords.
- Guidance to avoid advanced forms of social engineering, psychological manipulation of people to gather sensitive information and/or initiation of other compromising actions.
- Suggestions for phishing-resistant multifactor authentication (MFA), identity and access management (IAM) systems, and cybersecurity awareness training tips within the organization.
- Configuration of protective domain name systems (DNS).
- Threat hunting tips for detection and analysis.
- Updated suggestions regarding the latest Zero Trust architecture… and more.
The document can be found by clicking here.
Actions and/or Recommendations
The #StopRansomware Guide is a highly beneficial resource for every organization, government, and business unit to help establish a set of baseline cybersecurity protections and response plans against today’s ransomware. Implementing the proposed actions, however, can be daunting without proper planning. You can begin the process by developing a comprehensive Cybersecurity Business Plan that minimally includes:
- Business Continuity Objectives – Expectations, impact analyses, prioritization, recovery, and testing criteria.
- Implementation Strategies – Risk assessment/strategies, security controls, training, and compliance.
- Resiliency Targets – People/process/technology readiness to prepare, withstand and recover from an incident.
- Financial Objectives – Time-based budget plan, cost management, return on investment, and compliance costs.
It is recommended that OT Cybersecurity experts be mobilized to achieve the greatest possible results from your cybersecurity business plan, remediation strategies, and recommendations. Mangan OT Cybersecurity can help.
About REAL Matters and Mangan Inc.
REAL Matters advisories are published to communicate cybersecurity threats and risks within the Operational Technology (OT) environment and where Critical Infrastructure vulnerabilities are identified. The purpose of this newsletter is to inform, propose suggested approaches to mitigate the risk as well as provide feedback on how Mangan Cybersecurity is approaching the issue(s) addressed.
Mangan Inc. is a nationally-recognized Specialty Engineering, Automation, and Integration company, providing a full-range of services to the Oil & Gas, Refining, Pipeline, Chemicals, and Life Sciences Industries. Established in Long Beach, California in 1990, Mangan’s multiple office locations include sites in California, Georgia, New Hampshire, North Carolina, Texas, and Louisiana. Mangan’s 350+ employee-owners bring expertise, innovation, and safety as their core mission to some of the largest companies in the world.