Wednesday, February 5, 2020

Yet more on the "Year of Anti-Ransomware" - Disaster Recovery & Business Resumption Planning




When we open Pandor's Box and look inside at these horrific possibilities, we all wrap our arms around and hold tight to our bias's. Some might call it wishful thinking.  In any case, it's disastrous.  Resist the temptation.

In the event of a catastrophic ransomware attack how will you recover workstations? Do you have the capability to manufacture and deploy CD's or DVD's with critical business software applications and links to business critical applications? Where will you get them? 

PRO TIP:  The big box stores will not function as your supply chain for this.

Do you have a Mimikatz defense plan? An enterprise password manager could be a massive risk mitigation play for Mimikatz defense planning. It's no silver bullet but it's cost effective and provides real risk mitigation value. 

Great Mimikatz Info

Do you have a few trusted technical folks, maintaining an offline Domain Controller on a laptop? Synchronizing at random (never any two on the network at one time), storing in a secured location? This will be an absolute lifesaver - and talk about cost effective.

Do you have a plan to migrate from your current SIEM to a SOAR? 

PRO TIP: Integrate this into your Network Access Control [802.1x] planning. 

Do you have a DNS Firewall capability that is monitoring the trusted interfaces on all points of egress from your Enterprise Network? 

No time like the present! 

Copyright © 2020 by"the Secret CISO"

All Rights Reserved.

 

1 comment: