Last week I was reminded why we created Fresh Security.
I was attending a conference on the future of cybersecurity. Ransomware talks were my priority.
To save you half a day of your time, I will summarise the talks:
- 2 x product demos - one was a backup tool, and the other was about documentation. I think... I got lost.
- 1 x "I'm a rebel CISO" - summary: "Security needs to work for the business, not just focus on tech."
- 2 x we've invented a new acronym - let me explain what it means...
I felt nostalgic - like it was 2010…
There was one notable WTF moment.
"Antivirus was invented when mobile phones were larger than briefcases… so it's obsolete tech, which means you really shouldn't use it".
There's a trivial question about the evolution of antivirus vs endpoint protection vs XDR...
I think the point being made was: We don't believe we're antivirus. We're different. I'm not convinced how different the tool actually was.
The bright spot was Threatlocker.
Essentially they posed the question - Why should MSWord be able to use Powershell by default, which then has access to every folder and shared drive on your system?
It was good advice which used to be called OS hardening. Now it's called zero trust… or one version of it.
What still baffles me is that there wasn't a single insight or reference on how to counter ransomware.
So here is the Fresh Security summary:
There is no silver bullet to solve the ransomware threat. It takes a cybersecurity programme that implements a set of good practices.
The priority areas to address are:
- Reduce the chance of infection - Find vulnerable systems and keep patching up to date.
- Find and remove viruses - Use endpoint protection and scan for malware.
- Create and test backups - This is how you restore to a known good state.
- Have a plan. Test it. Fix the problems - It's easy to decide if you would ever consider paying a ransom when there isn't a timer counting down.
Fill in the gaps with further improvements in account management, access controls, and turning off services you don't need.
Simple. Just never spoken about. 🤷♂️