Issue link: https://insights.oneneck.com/i/1093615
CHAPTER 5 Ten Key Ransomware Defense Takeaways 43 These materials are © 2017 John Wiley & Sons, Inc. Any dissemination, distribution, or unauthorized use is strictly prohibited. Leverage Cloud-Based, Real-Time Threat Intelligence Ransomware and other cybersecurity threats are evolving rapidly. Zero-day attacks represent the greatest threat to most organiza- tions. Cloud-based, real-time threat intelligence enables IT teams to deploy the most up-to-date countermeasures as quickly as possible when new threats emerge, and leverage security exper- tise that extends well beyond their organization. Automate Security Actions to Reduce Response Time Wherever possible, security actions should be automated to keep pace with threats that can spread throughout an entire enterprise network within minutes or seconds. Here are some examples of security actions that can be automated: » Distribution and installation of anti-malware and intrusion prevention system (IPS) signature files » Centralized collection, correlation, and analysis of security logs and threat data » Threat protection that blocks requests to malicious destina- tions before a connection is even established and stops threats over any port before they reach your network and endpoints » Dynamic access control lists (ACLs), domain and website whitelisting/blacklisting, and firewall rule creation » Account provisioning/deprovisioning and access rights management See Something, Say Something The U.S. Federal Bureau of Investigation (FBI) is urging ransom- ware victims to report their infection details, which will in turn give the FBI a more comprehensive view of ransomware's spread