CISA Releases Guidance for Ransomware Defense & Response
Officials' recommendations include having encrypted backups and creating an incident response plan.
After several months of disruptive and headline-making ransomware attacks on large businesses in the United States, the DHS' Cybersecurity and Infrastructure Security Agency (CISA) has released a list of recommendations for preventing and responding to these kinds of incidents.
The fact sheet, titled Protecting Sensitive and Personal Information from Ransomware-Caused Data Breaches, includes several suggestions such as maintaining offline, encrypted backups and implementing a basic incident response and communications plan. The document also urges readers not to pay a ransom if hit with an attack.
"CISA strongly discourages paying a ransom to criminal actors," the sheet reads. "Paying a ransom may embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of ransomware, and/or may fund illicit activities. Paying the ransom also does not guarantee that a victim’s files will be recovered."
The full data sheet can be read here.
About the Author(s)
You May Also Like
Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024Why Effective Asset Management is Critical to Enterprise Cybersecurity
May 21, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024