The Cyber Threat Intelligence (CTI) team at the Multi-State Information Sharing and Analysis Center (MS-ISAC) worked with CISA, along with other federal partners, to release an updated #StopRansomware Guide, which was published earlier this summer.
The #StopRansomware Guide serves as a one-stop resource to help organizations reduce the risk of ransomware incidents through best practices to detect, prevent, respond, and recover, including step-by-step approaches to potential attacks. The Guide provides network defenders with preparation, prevention, and mitigation best practices for ransomware and data extortion. The guide highlights the importance of maintaining offline, encrypted backups of critical data so that organizations can recover from malicious data encryption. Preparation also involves creating, maintaining, and regularly exercising a basic cyber incident response plan (IRP) and associated communications plans. MS-ISAC stresses that “properly preparing for a ransomware incident means that you must operate under the assumption that it’s not a matter of if you will be attacked but when. Under this assumption, you can begin assessing current plans and defenses before closing relevant gaps.” Members are encouraged to review the updated guide and also the associated Blueprint for Ransomware Defense to help better prepare for this pervasive cybersecurity threat. Access the updated guide at MS-ISAC here.