INTELLIGENT BRANDS // Enterprise Security
Take a proactive approach to ransomware protection
Hielke Veltman , Channel Alliances Manager at NetWitness
It ’ s a terrifying thought : at any moment your organisation ’ s digital infrastructure could be brought down by ransomware . Some unknown cybercriminal , sitting in some cozy spot anywhere in the world , can inflict immeasurable harm without any recourse . Your environment suddenly changes and normal operations are halted .
There ’ s a feeling of powerlessness involved , but you can take proactive steps to defend your organisation . Guidance such as ‘ Stop Ransomware ’ recommendations from the US Cybersecurity & Infrastructure Security Agency ( CISA ) are a great starting point . You can view this by visiting cisa . gov / stopransomware .
NetWitness Ransomware Defense Cloud Services , a subscription-based service to help protect against ransomware and prepare in case you are attacked . This proactive approach to ransomware augments other strategies and adds peace of mind that you ’ ll be safeguarded in this threatening new environment .
With NetWitness Ransomware Defense Cloud Services , your servers and client systems leverage NetWitness Endpoint , a specialised endpoint agent specifically designed to watch for anomalous behaviour and quickly alert you before damage can be imposed .
Like any other advanced persistent threat ( APT ), ransomware must perform operations like reconnaissance , network traversal , and credential harvesting before it can detonate its dangerous payload . Having visibility into these activities is critical , and knowledge of the specific tactics , techniques and procedures ( TTPs ) of ransomware campaigns help protect your organisation from damage .
The NetWitness Professional Services team manages the service on the back end , able to alert your security team when a known TTP is found . Also included in the service is periodic threat hunting sessions that can help your analysts grow their skills .
This added level of protection helps give you confidence that you are doing meaningful things to defend your infrastructure , data and assets . But there are always novel attacks such as supply chain events . In the event of a ransomware attack , the data collected from the IR services can help response activities , including the ability to figure out how it happened and what the attackers achieved .
Optional NetWitness Incident Response services are available to help your organisation hit the ground running . So , while ransomware is inducing a lot of sleepless nights for IT and security professionals , there are ways to defend your critical infrastructure . NetWitness Ransomware Defense Cloud Services is a great way to tilt the playing field back in your direction . p
Current , offline backups are essential , as is a detailed response plan . Other best practices include vulnerability scans and regular patching . But now there ’ s more that you can do .
NetWitness Professional Services has a long history of helping customers prepare for , defend against , and respond to cyberattacks . Our security experts – incessantly battling with the bad actors working to profit from attacks ( including ransomware ) – have built a body of knowledge and specific assets to help your organisation fight back .
60 INTELLIGENTCIO AFRICA www . intelligentcio . com