CISA Releases Guidance for Ransomware Defense & ResponseCISA Releases Guidance for Ransomware Defense & Response
Officials' recommendations include having encrypted backups and creating an incident response plan.
August 18, 2021
After several months of disruptive and headline-making ransomware attacks on large businesses in the United States, the DHS' Cybersecurity and Infrastructure Security Agency (CISA) has released a list of recommendations for preventing and responding to these kinds of incidents.
The fact sheet, titled Protecting Sensitive and Personal Information from Ransomware-Caused Data Breaches, includes several suggestions such as maintaining offline, encrypted backups and implementing a basic incident response and communications plan. The document also urges readers not to pay a ransom if hit with an attack.
"CISA strongly discourages paying a ransom to criminal actors," the sheet reads. "Paying a ransom may embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of ransomware, and/or may fund illicit activities. Paying the ransom also does not guarantee that a victim’s files will be recovered."
The full data sheet can be read here.
About the Author(s)
You May Also Like
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What's In Your Cloud?Nov 30, 2023
Everything You Need to Know About DNS AttacksNov 30, 2023