Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
How to Strengthen Enterprise Defenses against Ransomware
Newest First  |  Oldest First  |  Threaded View
Joe Stanganelli
100%
0%
Joe Stanganelli,
User Rank: Ninja
3/1/2015 | 2:57:49 AM
Honeypot the employees
One technique that some companies engage in (and consultants advise) is to purposely send "phishing" emails to a random selection of employees each month.  If the employee clicks, he is advised that it was a phishing email and he is required to complete a brief, five-minute training session online.

From what I understand, it works like a charm in reducing successful phishing attempts while fostering a strong security culture.
aws0513
100%
0%
aws0513,
User Rank: Ninja
2/27/2015 | 1:13:14 PM
The Basics
A good article that would be presentable to organization managers.

Of course, this is the 50,000 ft level.  There are so many security controls to consider that it is easy to get lost in the forest of things that should be in place without knowing if there is a path out of the maze.

When I work with organizations struggling with how to implement an information security program, I talk about the same things provided in the article, but within the Critical Security Controls (CSC) framework.  The CSC framework helps managers prioritize efforts to establish a foundation of security controls from the ground up.  Some controls just need to be operationalized before other controls can be effective.
For regulatory data environments, the CSC maps out very well to other security control and risk management frameworks.

In the end, the concepts of least privilege, least functionality, separation of duties, and need-to-know are the concepts that all employees need to learn and understand, not just in IT, but in any information handling environment. 
I dare say that end users...  customers...  the general public... also need to know those core concepts.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
2/27/2015 | 10:20:25 AM
Great Points!
All these points are great, but 4, 5 and 7 rank highest in priority for me with something like cryptolocker and other ransomware. I think in situations like this it is important to have a means of recovering your files as expediently as possible while not allowing the infiltrating software to glean upper level credentials and I feel 4, 5 and 7 are strong points in this regard.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Enterprises are Attacking the Cybersecurity Problem
Concerns over supply chain vulnerabilities and attack visibility drove some significant changes in enterprise cybersecurity strategies over the past year. Dark Reading's 2021 Strategic Security Survey showed that many organizations are staying the course regarding the use of a mix of attack prevention and threat detection technologies and practices for dealing with cyber threats.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-30315
PUBLISHED: 2021-10-20
Improper handling of sensor HAL structure in absence of sensor can lead to use after free in Snapdragon Auto
CVE-2021-30316
PUBLISHED: 2021-10-20
Possible out of bound memory access due to improper boundary check while creating HSYNC fence in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CVE-2021-42739
PUBLISHED: 2021-10-20
The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
CVE-2021-1980
PUBLISHED: 2021-10-20
Possible buffer over read due to lack of length check while parsing beacon IE response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, S...
CVE-2021-1983
PUBLISHED: 2021-10-20
Possible buffer overflow due to improper handling of negative data length while processing write request in VR service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables