EXPERT SPEAK
RANSOMWARE PROTECTION PRACTICES FROM HYPERSCALERS
Whether organisations are getting started or building on the cloud , hyperscalers have best practices and specialised resources dedicated to protecting critical systems says Wojciech Bajda from Amazon Web Services .
Ransomware refers to a business model and a wide range of associated technologies that bad actors use to extort money from entities . Whether organisations are just getting started or already building on the cloud , cloud platforms and providers such as AWS have resources dedicated to help these organisations protect their critical systems and sensitive data against ransomware .
They can use these resources to prepare their organisation against an incident , test and build out a strategy to respond during an event and recover more quickly from an event . Notably , companies such as DeepThink Health and Wallester have leveraged AWS to bolster their security
Reducing human access diminishes the risk of exposure due to errors or malicious actors .
Wojciech Bajda , Managing Director , Public Sector Middle East and Africa , Amazon Web Services postures , achieving remarkable milestones in cybersecurity .
In order to proactively protect their business and reduce risks , here are ten actions organisations can take to stop ransomware attacks .
Security framework
Organisations migrating to the cloud should consider using a security framework , like the National Institute of Standards and Technology ’ s , NIST Ransomware Risk Management . Following this framework allows organisations to verify that all areas of their security programme have defined controls , responsibilities , and mechanisms . Organised around five steps – identify , protect , detect , respond , and recover – the NIST framework can help improve the overall security , risk management , and resilience of an organisation .
Harden systems
Known vulnerabilities in software that are yet to be updated with a security patch are commonly targeted by attackers to gain access to an organisation ’ s network . Identifying and patching vulnerabilities in software and hardware is critical to limiting exposure to ransomware attacks .
Long-lived credentials
Access keys and credentials , which are required to access and manipulate cloud resources , are commonly targeted by criminals . If access keys are not continually changed and properly secured there is a risk they will be mistakenly exposed and leave resources open to attack . Try to eliminate long-term access keys and rotate keys on a regular basis .
58 www . intelligenttechchannels . com