Let’s rewind three months back. The press conferences, the evening news reports, lost productivity, service disruption and lost revenues…all of it never happened.
What should we do differently?
Taking a look back, many breaches that have occurred over the past few years originated from a lack of visibility resulting in a gap in defense. A device that someone didn’t know about was left exposed, a port opened, a vulnerability not patched. In any case, the lack of visibility provided an open door for an opportunistic bad actor and merely knowing about some or most of the devices on your network wasn’t good enough.
Ransomware is a serious business in itself and has become more sophisticated than ever reaping hundreds of millions of dollars. The rise of the ransomware-as-a-service model has made it easy for amateur cybercriminals with basic technical knowledge to launch their own customized attacks.
In today’s world, malicious actors are focused on nothing other than penetrating your network, by searching for that one vulnerability, that one human error where someone left an entry point open.
How do you effectively protect your organization from ransomware?
- First, you need to ensure you have complete and continuous visibility to every device that has an IP address on your network.
- Second, know what should and shouldn’t be on the network and have automated, policy-based controls in place to remove devices off the network.
- Third, continuously ensure that managed devices are configured appropriately and mitigate the risks of any misconfigured systems.
To hear more about how ForeScout can help during the various stages of a ransomware attack, be sure to check out my recent webinar, “Post Ransomware Crisis -Tips, Tricks, & Lessons Learned to Stay Protected”.