Identify and Safeguard Critical Systems
Protecting critical systems and data starts with knowing which critical systems are in a government network and ensuring that they are up to date. Automated scanning solutions such as Tenable One can conduct an initial discovery of an agency’s assets both on-premises and in the cloud to help determine which are most critical. Be certain all critical operating systems and software are updated. Quickly patch any important vulnerabilities to avoid exploitation. Vulnerability scanning must extend to cloud software as well; prioritize scanning and patching the most important assets. If administrators are overwhelmed with critical patch requirements, consider upgrading hardware and/or software to take advantage of security improvements.
Build a Strong Bench Against Phishing
The frontline defense for any organization is its users, who are targeted continuously through attacks that are vectors for ransomware. The most common vector by far is phishing, in which an email may contain a malicious attachment or link to a malicious site. Phishing also can take place via voicemail or phone calls (vishing) or via text messages (smishing.)
Savvy organizations, recognizing that users are constantly targeted by bad actors, can make them part of their first line of defense through continuous security training. This should take place Taking multiple times during the year, heightening awareness about the risks of visiting suspicious websites, clicking on questionable links, responding to dubious messages purportedly coming from executives or opening attachments of unknown origin.
Ransomware perpetrators also know that they can get into networks by guessing passwords. Users should be encouraged to select strong passwords or passphrases and change them frequently. For many organizations, password management systems such as Keeper can generate and store complex passwords, sparing users the frustration of trying to remember them. For critical systems, multifactor authentication is a must, since hackers will likely give up when they encounter MFA.