Presentation delivered to the Minnesota Counties Computer Cooperative (MNCCC) on February 5, 2020.
In this presentation, Evan Francen (CEO of SecurityStudio) outlines the current threat landscape for ransomware affecting state, county, and municipal government. He also takes the attendees through the free Ransomware Readiness Assessment, then closes with the key risk indicators.
n the world of DevOps and the cloud, most developers have to learn new technologies and methodologies. The focus tends to be on adding capabilities such as resilience and scaling to an application. One critical aspect consistently overlooked is security.
In this session, learn about a few of the simple actions you can take (and some behaviors you must change) to create a more secure Java application for the cloud. The world of the cyber criminal is closer than you realize. Hear how at risk your application may be, see practical examples of how you can inadvertently leave the doors open, and understand what you can do to make your Java solution more secure.
n the world of DevOps and the cloud, most developers have to learn new technologies and methodologies. The focus tends to be on adding capabilities such as resilience and scaling to an application. One critical aspect consistently overlooked is security.
In this session, learn about a few of the simple actions you can take (and some behaviors you must change) to create a more secure Java application for the cloud. The world of the cyber criminal is closer than you realize. Hear how at risk your application may be, see practical examples of how you can inadvertently leave the doors open, and understand what you can do to make your Java solution more secure.
TITLE: WANTED – People Committed to Solving Our Information Security Language Problem, the presentation given at the inaugural BSides Harrisburg Conference on October 2nd, 2019.
We need to get on the same page as an industry if we stand any hope of getting this right. It starts with understanding and agreeing to fundamentals, including the terminology we use.
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?Steve Poole
Cybercrime how bad can it be? Organised attacks around the world in 2016 have shown how unprepared we are to deal with the growth of Cybercrime. In this talk learn a little about the scale of the challenge developers face from assaults on our systems. Be prepared to be appalled and scared. Fainting is not allowed. Discover how to fight back and see how you can change your behaviour and your code to defend against these attacks.
Your destiny is clear - it’s time to be come a Cyber Defender
WANTED – People Committed to Solving our Information Security Language ProblemEvan Francen
The information security industry is broken. It's our duty to fix it, and it starts with getting on the same page. The model isn't broken, but our application is. How do we apply the basics and fundamentals on a wider scale? It starts with defining a common language and a common approach. Next, make it all free.
Cybercrime and the Developer: How to Start Defending Against the Darker SideSteve Poole
In the world of DevOps and the cloud, most developers have to learn new technologies and methodologies. The focus tends to be on adding capabilities such as resilience and scaling to an application. One critical aspect consistently overlooked is security. In this session, learn about a few of the simple actions you can take (and some behaviours you must change) to create a more secure Java application for the cloud. The world of the cybercriminal is closer than you realize. Hear how at risk your application may be, see practical examples of how you can inadvertently leave the doors open, and understand what you can do to make your Java solution more secure.
This collection of slides are meant as a starting point and tutorial for the ones who want to understand AI Ethics and in particular the challenges around bias and fairness. Furthermore, I have also included studies on how we as humans perceive AI influence in our private as well as working lives.
Edward Marchewka, Head of Information Security at Chicago Public Schools, discussed how organizations can measure their security levels in his presentation at the 2014 Chief Information Security Officer (CISO) Leadership Forum in Chicago on Nov. 19. In his presentation, Marchewka noted that confidentiality, integrity and availability of security data are key for organizations.
According to Marchewka, security measures and metrics must relate to the business outcomes an organization ultimately wants to achieve. Marchewka also pointed out that an organization must be able to present its security results and ensure compliance with state and federal regulations if necessary. In addition, Marchewka said an organization must find ways to tie its measures and metrics together: “Your measures, what you’re counting; your metrics, what they mean; and your business outcomes. Those two things, those two ‘m’ words, are tied together by your story, what you’re putting together, to hit business outcomes because with whatever you’re doing, if it doesn’t touch the business outcome, then it doesn’t matter.”
Marchewka noted that an organization should consider a wide variety of security data to ensure its sensitive information is protected at all times. If an organization can organize this information, Marchewka said, it can bolster its security levels: “It’s kind of like a balance sheet, cash flow statement and the income statement. One alone doesn’t tell the whole picture of the business, but all three of them give you a much better idea of the health. Sometimes you need to bring things together.”
- See more at: http://www.argylejournal.com/chief-information-security-officer/2014-chief-information-security-officer-ciso-leadership-forum-edward-marchewka-head-of-information-security-chicago-public-schools/#sthash.QUvC4nas.dpuf
Cyber Risk in Real Estate Sales - Workshop PresentationBrad Deflin
The presentation is for the real estate sales professional seeking to protect themselves, their clients, and their practice from information theft, fraud, and cyber crime.
EVOLVE to demand. demand to evolve by Igor VolovichEC-Council
Igor Volovich presently serves as Vice President and head of Information Security and Cyber Risk Management of Schneider Electric for the Americas region.
Schneider Electric is a global leader in energy, efficiency, process, and operations management, industrial automation software and systems, and energy and safety controls. Following a recent merger with Invensys plc, the combined enterprise represents more than 185,000 personnel working in over 120 countries, with annual revenues in excess of €23 billion.
This presentation will contrast traditional risk assessment with some emerging techniques that use internal and market risk event (incident ) data to drive a more accurate risk model.
RIPE 83: How much 'bad traffic' should I be seeing from each economy?APNIC
APNIC Product Manager Information Products George Michaelson presented at the MAT WG on the 'bad traffic' feature in DASH and some aggregated statistics by economy.
Cyber Security Resilience from Metro Louisville Govt. Dawn Yankeelov
Metro Louisville's Chief Security Officer James Meece spoke at the Technology Association of Louisville Kentucky's CyberSecurity Summit 2019 in June on Cyber Resilience.
The title is "Cybersecure Schools, Parents, and Kids. The talk was delivered to ~250 people attending the summit. Tackling information security at school and at home requires us to agree to and apply the fundamentals. The S2Org is helping schools become more secure, and the S2Me is helping at home.
People Committed to Solving our Information Security Language ProblemSecurityStudio
The talk given at the ISSA Phoenix Q4 2019 Chapter Meeting on 12/5/19. Four parts to the talk; housekeeping (where we establish some credibility), meat (where we discuss our information security language problem, the dream (where we talk about security America), and the call to action (get involved and get stuff done).
More Related Content
Similar to Ransomware Readiness 101 - How prepared are you?
TITLE: WANTED – People Committed to Solving Our Information Security Language Problem, the presentation given at the inaugural BSides Harrisburg Conference on October 2nd, 2019.
We need to get on the same page as an industry if we stand any hope of getting this right. It starts with understanding and agreeing to fundamentals, including the terminology we use.
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?Steve Poole
Cybercrime how bad can it be? Organised attacks around the world in 2016 have shown how unprepared we are to deal with the growth of Cybercrime. In this talk learn a little about the scale of the challenge developers face from assaults on our systems. Be prepared to be appalled and scared. Fainting is not allowed. Discover how to fight back and see how you can change your behaviour and your code to defend against these attacks.
Your destiny is clear - it’s time to be come a Cyber Defender
WANTED – People Committed to Solving our Information Security Language ProblemEvan Francen
The information security industry is broken. It's our duty to fix it, and it starts with getting on the same page. The model isn't broken, but our application is. How do we apply the basics and fundamentals on a wider scale? It starts with defining a common language and a common approach. Next, make it all free.
Cybercrime and the Developer: How to Start Defending Against the Darker SideSteve Poole
In the world of DevOps and the cloud, most developers have to learn new technologies and methodologies. The focus tends to be on adding capabilities such as resilience and scaling to an application. One critical aspect consistently overlooked is security. In this session, learn about a few of the simple actions you can take (and some behaviours you must change) to create a more secure Java application for the cloud. The world of the cybercriminal is closer than you realize. Hear how at risk your application may be, see practical examples of how you can inadvertently leave the doors open, and understand what you can do to make your Java solution more secure.
This collection of slides are meant as a starting point and tutorial for the ones who want to understand AI Ethics and in particular the challenges around bias and fairness. Furthermore, I have also included studies on how we as humans perceive AI influence in our private as well as working lives.
Edward Marchewka, Head of Information Security at Chicago Public Schools, discussed how organizations can measure their security levels in his presentation at the 2014 Chief Information Security Officer (CISO) Leadership Forum in Chicago on Nov. 19. In his presentation, Marchewka noted that confidentiality, integrity and availability of security data are key for organizations.
According to Marchewka, security measures and metrics must relate to the business outcomes an organization ultimately wants to achieve. Marchewka also pointed out that an organization must be able to present its security results and ensure compliance with state and federal regulations if necessary. In addition, Marchewka said an organization must find ways to tie its measures and metrics together: “Your measures, what you’re counting; your metrics, what they mean; and your business outcomes. Those two things, those two ‘m’ words, are tied together by your story, what you’re putting together, to hit business outcomes because with whatever you’re doing, if it doesn’t touch the business outcome, then it doesn’t matter.”
Marchewka noted that an organization should consider a wide variety of security data to ensure its sensitive information is protected at all times. If an organization can organize this information, Marchewka said, it can bolster its security levels: “It’s kind of like a balance sheet, cash flow statement and the income statement. One alone doesn’t tell the whole picture of the business, but all three of them give you a much better idea of the health. Sometimes you need to bring things together.”
- See more at: http://www.argylejournal.com/chief-information-security-officer/2014-chief-information-security-officer-ciso-leadership-forum-edward-marchewka-head-of-information-security-chicago-public-schools/#sthash.QUvC4nas.dpuf
Cyber Risk in Real Estate Sales - Workshop PresentationBrad Deflin
The presentation is for the real estate sales professional seeking to protect themselves, their clients, and their practice from information theft, fraud, and cyber crime.
EVOLVE to demand. demand to evolve by Igor VolovichEC-Council
Igor Volovich presently serves as Vice President and head of Information Security and Cyber Risk Management of Schneider Electric for the Americas region.
Schneider Electric is a global leader in energy, efficiency, process, and operations management, industrial automation software and systems, and energy and safety controls. Following a recent merger with Invensys plc, the combined enterprise represents more than 185,000 personnel working in over 120 countries, with annual revenues in excess of €23 billion.
This presentation will contrast traditional risk assessment with some emerging techniques that use internal and market risk event (incident ) data to drive a more accurate risk model.
RIPE 83: How much 'bad traffic' should I be seeing from each economy?APNIC
APNIC Product Manager Information Products George Michaelson presented at the MAT WG on the 'bad traffic' feature in DASH and some aggregated statistics by economy.
Cyber Security Resilience from Metro Louisville Govt. Dawn Yankeelov
Metro Louisville's Chief Security Officer James Meece spoke at the Technology Association of Louisville Kentucky's CyberSecurity Summit 2019 in June on Cyber Resilience.
The title is "Cybersecure Schools, Parents, and Kids. The talk was delivered to ~250 people attending the summit. Tackling information security at school and at home requires us to agree to and apply the fundamentals. The S2Org is helping schools become more secure, and the S2Me is helping at home.
People Committed to Solving our Information Security Language ProblemSecurityStudio
The talk given at the ISSA Phoenix Q4 2019 Chapter Meeting on 12/5/19. Four parts to the talk; housekeeping (where we establish some credibility), meat (where we discuss our information security language problem, the dream (where we talk about security America), and the call to action (get involved and get stuff done).
ISSA-OC and Webster University Cybersecurity Seminar Series PresentationSecurityStudio
The slide deck used on 11/21/19. There are four parts to this talk; housekeeping (establishing credibility with the audience), the meat (our information security language problem and our solution), the dream (securing America), and the call to action (get your free S2Org and S2Me risk assessments).
WANTED – People Committed to Solving our Information Security Language ProblemSecurityStudio
The presentation shared with the Greater KC ISACA chapter on 11/14/19. The talk starts with housekeeping, then progresses into the heart of our language problem before ending with the dream to secure America. The talk was very well received, and now you can use it however you wish.
WANTED – People Committed to Solving our Information Security Language ProblemSecurityStudio
Presentation deck delivered to the Rochester ISSA chapter members as part of the SecurityStudio Roadshow on November 7th, 2019. This presentation explains the language problem we're fighting in the information security industry and contains a realistic call to action for all of us.
Presentation delivered to the Minnesota Counties Computer Cooperative (http://mnccc.org/) on October 30, 2019. The talk was given by SecurityStudio's CEO, Evan Francen and focused on how local governments play a role in protecting all of us.
What is the point of small housing associations.pptxPaul Smith
Given the small scale of housing associations and their relative high cost per home what is the point of them and how do we justify their continued existance
Canadian Immigration Tracker March 2024 - Key SlidesAndrew Griffith
Highlights
Permanent Residents decrease along with percentage of TR2PR decline to 52 percent of all Permanent Residents.
March asylum claim data not issued as of May 27 (unusually late). Irregular arrivals remain very small.
Study permit applications experiencing sharp decrease as a result of announced caps over 50 percent compared to February.
Citizenship numbers remain stable.
Slide 3 has the overall numbers and change.
Understanding the Challenges of Street ChildrenSERUDS INDIA
By raising awareness, providing support, advocating for change, and offering assistance to children in need, individuals can play a crucial role in improving the lives of street children and helping them realize their full potential
Donate Us
https://serudsindia.org/how-individuals-can-support-street-children-in-india/
#donatefororphan, #donateforhomelesschildren, #childeducation, #ngochildeducation, #donateforeducation, #donationforchildeducation, #sponsorforpoorchild, #sponsororphanage #sponsororphanchild, #donation, #education, #charity, #educationforchild, #seruds, #kurnool, #joyhome
Up the Ratios Bylaws - a Comprehensive Process of Our Organizationuptheratios
Up the Ratios is a non-profit organization dedicated to bridging the gap in STEM education for underprivileged students by providing free, high-quality learning opportunities in robotics and other STEM fields. Our mission is to empower the next generation of innovators, thinkers, and problem-solvers by offering a range of educational programs that foster curiosity, creativity, and critical thinking.
At Up the Ratios, we believe that every student, regardless of their socio-economic background, should have access to the tools and knowledge needed to succeed in today's technology-driven world. To achieve this, we host a variety of free classes, workshops, summer camps, and live lectures tailored to students from underserved communities. Our programs are designed to be engaging and hands-on, allowing students to explore the exciting world of robotics and STEM through practical, real-world applications.
Our free classes cover fundamental concepts in robotics, coding, and engineering, providing students with a strong foundation in these critical areas. Through our interactive workshops, students can dive deeper into specific topics, working on projects that challenge them to apply what they've learned and think creatively. Our summer camps offer an immersive experience where students can collaborate on larger projects, develop their teamwork skills, and gain confidence in their abilities.
In addition to our local programs, Up the Ratios is committed to making a global impact. We take donations of new and gently used robotics parts, which we then distribute to students and educational institutions in other countries. These donations help ensure that young learners worldwide have the resources they need to explore and excel in STEM fields. By supporting education in this way, we aim to nurture a global community of future leaders and innovators.
Our live lectures feature guest speakers from various STEM disciplines, including engineers, scientists, and industry professionals who share their knowledge and experiences with our students. These lectures provide valuable insights into potential career paths and inspire students to pursue their passions in STEM.
Up the Ratios relies on the generosity of donors and volunteers to continue our work. Contributions of time, expertise, and financial support are crucial to sustaining our programs and expanding our reach. Whether you're an individual passionate about education, a professional in the STEM field, or a company looking to give back to the community, there are many ways to get involved and make a difference.
We are proud of the positive impact we've had on the lives of countless students, many of whom have gone on to pursue higher education and careers in STEM. By providing these young minds with the tools and opportunities they need to succeed, we are not only changing their futures but also contributing to the advancement of technology and innovation on a broader scale.
This session provides a comprehensive overview of the latest updates to the Uniform Administrative Requirements, Cost Principles, and Audit Requirements for Federal Awards (commonly known as the Uniform Guidance) outlined in the 2 CFR 200.
With a focus on the 2024 revisions issued by the Office of Management and Budget (OMB), participants will gain insight into the key changes affecting federal grant recipients. The session will delve into critical regulatory updates, providing attendees with the knowledge and tools necessary to navigate and comply with the evolving landscape of federal grant management.
Learning Objectives:
- Understand the rationale behind the 2024 updates to the Uniform Guidance outlined in 2 CFR 200, and their implications for federal grant recipients.
- Identify the key changes and revisions introduced by the Office of Management and Budget (OMB) in the 2024 edition of 2 CFR 200.
- Gain proficiency in applying the updated regulations to ensure compliance with federal grant requirements and avoid potential audit findings.
- Develop strategies for effectively implementing the new guidelines within the grant management processes of their respective organizations, fostering efficiency and accountability in federal grant administration.
A process server is a authorized person for delivering legal documents, such as summons, complaints, subpoenas, and other court papers, to peoples involved in legal proceedings.
3. This is an interactive presentation.
I want you to come away with something real, something tangible.
Do THIS - Go download the Ransomware Readiness Assessment.
https://wp.me/aaDXKz-xl
We’re going to use this in a little bit…
Housekeeping Item #1
4. IMPORTANT!
Before I get started…
• The World Health Organization states that over 800,000
people die every year due to suicide. Suicide is the second
leading cause of death in 15-29-year-olds.
• 5 percent of adults (18 or older) experience a mental illness
in any one year
• In the United States, almost half of adults (46.4 percent) will
experience a mental illness during their lifetime.
• In the United States, only 41 percent of the people who had a
mental disorder in the past year received professional health
care or other services.
• https://www.mentalhealthhackers.org/resources-and-links/
5. ME: Evan Francen, CEO & Founder of FRSecure and SecurityStudio
I do a lot of security stuff…
• Co-inventor of SecurityStudio® (or S²), S²Score, S²Org, S²Vendor,
S²Team, and S²Me
• Made a little, simple, and free ransomware readiness assessment
• 25+ years of “practical” information security experience (started
as a Cisco Engineer in the early 90s)
• Worked as CISO and vCISO for hundreds of companies.
• Developed the FRSecure Mentor Program; six students in 2010,
532 last year, and more than 750 signed up already for this year.
• Advised legal counsel in very public breaches (Target, Blue
Cross/Blue Shield, etc.)
How do we secure America?
AKA: The “Truth”
MANTRA: Information security isn’t about information or security as
much as it is about people. Information security is ALWAYS about people.
6. UNSECURITY: Information Security Is Failing. Breaches Are Epidemic.
How Can We Fix This Broken Industry?
Published January, 2019
How do we secure America?
7. UNSECURITY: Information Security Is Failing. Breaches Are Epidemic.
How Can We Fix This Broken Industry?
Published January, 2019
How do we secure America?
Russian friend.
Chinese friend.
8. FREE STUFF
#1 – Most relevant to today’s discussion.
Go get your Ransomware Readiness Assessment - https://wp.me/aaDXKz-xl
#2 – Go get your free S²Org information security risk assessment
– https://securitystudio.com/
#3 – Go get your free S²Me personal information security risk
assessment – https://s2me.io
#4 – Sign up for the FRSecure CISSP Mentor Program –
https://frsecure.com/cissp-mentor-program/
All free, in exchange for feedback and participation.
11. Ransomware – How Bad Is It?
It’s pretty bad.
• Everybody knows about Baltimore right? ~$18MM
12. Ransomware – How Bad Is It?
It’s pretty bad.
• Everybody knows about Baltimore right? ~$18MM
• Atlanta was almost as bad. ~$17MM
13. Ransomware – How Bad Is It?
It’s pretty bad.
• Everybody knows about Baltimore right? ~$18MM
• Atlanta was almost as bad. ~$17MM
• New Orleans? ~7MM
14. Ransomware – How Bad Is It?
It’s pretty bad.
• Everybody knows about Baltimore right? ~$18MM
• Atlanta was almost as bad. ~$17MM
• New Orleans? ~7MM
• Riviera Beach (FL)? $600K (paid the ransom)
15. Ransomware – How Bad Is It?
It’s pretty bad.
• Everybody knows about Baltimore right? ~$18MM
• Atlanta was almost as bad. ~$17MM
• New Orleans? ~7MM
• Riviera Beach (FL)? $600K (paid the ransom)
• Lake City (FL)? $530K (paid the ransom)
16. Ransomware – How Bad Is It?
It’s pretty bad.
• Everybody knows about Baltimore right? ~$18MM
• Atlanta was almost as bad. ~$17MM
• New Orleans? ~7MM
• Riviera Beach (FL)? $600K (paid the ransom)
• Lake City (FL)? $530K (paid the ransom)
• Tillamook County (OR)? Still down – attacked on 1/22
17. Ransomware – How Bad Is It?
It’s pretty bad.
• Everybody knows about Baltimore right? ~$18MM
• Atlanta was almost as bad. ~$17MM
• New Orleans? ~7MM
• Riviera Beach (FL)? $600K (paid the ransom)
• Lake City (FL)? $530K (paid the ransom)
• Tillamook County (OR)? Still down – attacked on 1/22
• Duplin County (NC)? Still down – attacked 2/3
18. Ransomware – How Bad Is It?
It’s pretty bad.
• Everybody knows about Baltimore right? ~$18MM
• Atlanta was almost as bad. ~$17MM
• New Orleans? ~7MM
• Riviera Beach (FL)? $600K (paid the ransom)
• Lake City (FL)? $530K (paid the ransom)
• Tillamook County (OR)? Still down – attacked on 1/22
• Duplin County (NC)? Still down – attacked 2/3
• Racine (WI)? Still down – attacked 1/31
19. Ransomware – How Bad Is It?
It’s pretty bad.
• Everybody knows about Baltimore right? ~$18MM
• Atlanta was almost as bad. ~$17MM
• New Orleans? ~7MM
• Riviera Beach (FL)? $600K (paid the ransom)
• Lake City (FL)? $530K (paid the ransom)
• Tillamook County (OR)? Still down – attacked on 1/22
• Duplin County (NC)? Still down – attacked 2/3
• Racine (WI)? Still down – attacked 1/31
Most of them thought they were fine. Like you and
me, I suppose.
20. Ransomware – How Bad Is It?
It’s pretty bad.
• Everybody knows about Baltimore right? ~$18MM
• Atlanta was almost as bad. ~$17MM
• New Orleans? ~7MM
• Riviera Beach (FL)? $600K (paid the ransom)
• Lake City (FL)? $530K (paid the ransom)
• Tillamook County (OR)? Still down – attacked on 1/22
• Duplin County (NC)? Still down – attacked 2/3
• Racine (WI)? Still down – attacked 1/31
Most of them thought they were fine. Like you and
me, I suppose.
But, you’ve got “cyber” insurance right? So no big.
21. Ransomware – How Bad Is It?
It’s pretty bad.
• Everybody knows about Baltimore right? ~$18MM
• Atlanta was almost as bad. ~$17MM
• New Orleans? ~7MM
• Riviera Beach (FL)? $600K (paid the ransom)
• Lake City (FL)? $530K (paid the ransom)
• Tillamook County (OR)? Still down – attacked on 1/22
• Duplin County (NC)? Still down – attacked 2/3
• Racine (WI)? Still down – attacked 1/31
Most of them thought they were fine. Like you and
me, I suppose.
But, you’ve got “cyber” insurance right? So no big.
23. Ransomware – How Bad Is It?
It’s pretty bad.
• In the 4th quarter of 2019, FRSecure responded to 19
incidents, and most of them were ransomware.
24. Ransomware – How Bad Is It?
It’s pretty bad.
• In the 4th quarter of 2019, FRSecure responded to 19
incidents, and most of them were ransomware.
• And are you ready for the next thing?
25. Ransomware – How Bad Is It?
It’s pretty bad.
• In the 4th quarter of 2019, FRSecure responded to 19
incidents, and most of them were ransomware.
• And are you ready for the next thing?
26. Ransomware – How Bad Is It?
It’s pretty bad.
• In the 4th quarter of 2019, FRSecure responded to 19
incidents, and most of them were ransomware.
• And are you ready for the next thing?
The next thing(s) are combination
ransomware/extortion attacks.
27. Ransomware – How Bad Is It?
It’s pretty bad.
Source:
https://www.coveware.com/blog/2020/1/2
2/ransomware-costs-double-in-q4-as-ryuk-
sodinokibi-proliferate
OK, great. Now what?!
Simple (sort of). Get ready.
28. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
• Originally created in 2017
• Nothing has changed.
• Same attack vectors
• Same preventative controls.
• Same detective controls.
• Same responsive controls.
• Same corrective controls.
• No matter what you do, you will not be able to prevent all
bad things from happening. This is NOT the goal anyway.
• The name of the game is risk management (possible) and
NOT risk elimination (impossible).
• Assess the problem before trying to fix the problem.
Free and open source. Released under the
Creative Commons License.
30. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
Keyword “simply”.
31. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
Keyword “simply”.
Can’t manage what
you can’t measure.
32. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
Keyword “simply”.
Can’t manage what
you can’t measure.
INCOMPLETE (until
it’s not)
33. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
Keyword “simply”.
Can’t manage what
you can’t measure.
INCOMPLETE (until
it’s not)
Need a translation for
the “normal” people
34. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
Six tabs containing
sections that correlate
here.
35. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
Six tabs containing
sections that correlate
here.
Six Sections:
1. Clients
2. Storage
3. Practices
4. Antivirus
5. Network
6. Servers
36. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
Client Systems
37. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
Client Systems
Key Risk Indicators are
red.
38. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
Client Systems
Key Risk Indicators are
red.
Just answer “Yes” or
“No” (25 questions)
39. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
After all questions are
answered, a score is
calculated.
40. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
After all questions are
answered, a score is
calculated.
If you don’t know the
answers, then this is a
great education tool.
You should know.
41. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
Back on the dashboard,
scores have been
updated.
43. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
StorageOnly seven questions
here!
44. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
Same thing. Score after
?s are answered and an
updated dashboard.
45. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
10 questions about
“Practices”.
46. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
10 questions about
“Antivirus”.
47. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
13 questions about the
“Network”.
48. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
Finally, nine “Server”
questions.
49. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
FINAL RESULTS?!
Back to the Dashboard.
50. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
FINAL RESULTS?!
Back to the Dashboard.
51. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
FINAL RESULTS?!
Back to the Dashboard.
I was sort of hoping for
better than “Poor”.
Give me hope and a dollar, and I’ve
got a dollar. Need action too!
52. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
Quick recap of KRIs.
1. Stay up to date with all software (OS, applications, etc.).
2. Do backups, protect your backups, and (PLEASE) test your
backups often.
3. Establish solid incident response capabilities (policy,
procedures, training, testing, etc.).
4. Default deny is your friend.
5. Restrict permissions/privileges everywhere. Someday,
you’re going to have to get your hands around this.
53. WISDOM: Plan for the worst, hope for the best.
Quick recap of KRIs.
1. Stay up to date with all software (OS, applications, etc.).
2. Do backups, protect your backups, and (PLEASE) test your
backups often.
3. Establish solid incident response capabilities (policy,
procedures, training, testing, etc.).
4. Default deny is your friend.
5. Restrict permissions/privileges everywhere. Someday,
you’re going to have to get your hands around this.
The Ransomware Readiness Assessment
This won’t get your files or
systems back.
54. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
Quick recap of KRIs.
1. Stay up to date with all software (OS, applications, etc.).
2. Do backups, protect your backups, and (PLEASE) test your
backups often.
3. Establish solid incident response capabilities (policy,
procedures, training, testing, etc.).
4. Default deny is your friend.
5. Restrict permissions/privileges everywhere. Someday,
you’re going to have to get your hands around this.
This won’t get your files or
systems back.
But this will.
55. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
Quick recap of KRIs.
1. Stay up to date with all software (OS, applications, etc.).
2. Do backups, protect your backups, and (PLEASE) test your
backups often.
3. Establish solid incident response capabilities (policy,
procedures, training, testing, etc.).
4. Default deny is your friend.
5. Restrict permissions/privileges everywhere. Someday,
you’re going to have to get your hands around this.
Multi-factor authentication, especially for (or starting with) externally
accessible systems.
There are ZERO acceptable reasons for not protecting external resources with MFA.
ZERO as in NONE or NO or NADA or NIL or ZILCH.
56. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
Takeaways…
1. Don’t just rely on experience or “gut” feel.
2. Plan for a ransomware attack. It’s more likely than you
think.
3. The Ransomware Readiness Assessment is just a guide.
4. The Ransomware Readiness Assessment is a learning tool
for you, your colleagues, and others.
5. Don’t assume anything. (empty spaces always get filled)
That’s it.
57. The Ransomware Readiness Assessment
WISDOM: Plan for the worst, hope for the best.
Thank you!
Where you can find me…
Personal Website: https://evanfrancen.com
UNSECURITY Podcast (weekly)
Twitter: @evanfrancen
LinkedIn: https://www.linkedin.com/in/evanfrancen/