Ransomware attacks on the rise means organizations require a crisis plan


State & local government agencies can follow IT best practices to create a cybersecurity crisis plan

The term: “Everything is bigger in Texas” now includes randsomware attacks, according to a CPO magazine article publish on September 2, 2019. Over the Labor Day holiday weekend, 22 Texas municipalities were hit with ransomware attacks that crippled key city services.

Unfortunately, these attacks are becoming more common place and during our Security Week at Cradlepoint I want to address how municipalities and cities can be prepared and create a cybersecurity emergency crisis plan — much like an emergency management disaster recovery plan — for virtual crisis events.

The perfect place to start is to ensure that I.T. best practices are followed:

  1. Educate end users
    From passwords to phishing, educating a company’s staff early and often is one of the most effective ways to mitigate cyber security risks.
  2. Deploy Parallel Networks
    Distributed enterprises create Parallel Networks by designating each application to its own isolated network (also known as air-gapped networks). This physical separation prohibits attackers from using a compromised device to pivot to servers and networks that hold sensitive data.
  3. Ensure all facets of your systems are PCI Compliant — and CJIS, HIPAA and any other governing auditing body
    Organizations that process credit card, criminal justice, or healthcare information must make sure every aspect of their operations meets compliance guidelines.
  4. Remotely manage the network’s edge from the cloud
    A remote cloud management tool automates network security configurations and checklists and provides geo-fencing and location services — even for remote branch offices and vehicle fleets.
  5. BYON — require partners and contractors to “Bring Your Own Network”
    Companies that invite kiosks, partner retailers, or temporary pop-up entities into their stores can reduce risk by requiring such groups to “Bring Your Own Network” (BYON).
  6. Vigilantly update and patch software; use live threat intelligence solutions
    Consistently updating and patching software is a proactive component of risk management at your company. Additionally, utilizing a threat intelligence solution that monitors global threats increases real-time protection against advanced persistent threat attempts.
  7. Regularly perform penetration testing
    Robust, frequent penetration testing by an outside company provides an unbiased look at potential weak areas in your network infrastructure. Also, verify that applications within your network have completed their own “pen testing.”
  8. Focus on detection and response — not just prevention
    Because no security software solution can successfully prevent every attack, rapid detection and proper response are essential layers of network security.
  9. Implement IPS/IDS via routing solutions at the network’s edge
    A comprehensive intrusion prevention and detection system (IPS/IDS) via routing solutions at the Network’s edge defends against evasion attacks, improves network availability, and protects sensitive data.
  10. Implement two-factor authentication (2FA)
    Risk of breaches are greatly reduced when a company’s staff login process requires a verification code along with the username and password.

The next place is the State Cyber Disruption Response Plans issue brief by the National Governors Association that was released in July 2019. This report outlines how experienced public safety and emergency management teams prepare, respond, and recover from human-made disasters. It also examines state cyber disruption response plans. City, county, and local agencies can leverage this report to know what resources they have to respond to an incident, their roles and responsibilities, and how they can coordinate resources. These plans also align with the U.S. department of Homeland Security (DHS) National Cyber Incident Response Plan (NCIRP).

Smart Cities and Smart States can only be smart when their agencies prepare for digital transformation and cybersecurity crisis events. Network security and network onramps should be part of the planning process and not an afterthought — that clearly is not working for agencies being held ransom — don’t be next.

Discover more methods to keep your agency’s network secure in this white paper: “Cradlepoint Provides Connectivity for CJIS Security Policy Compliant Environments”.

You might be interested in

Does your agency have a continuity plan?

Does your agency have a continuity plan?

How to keep public safety and election operations running when emergencies arise Public sector agencies provide critical services and perform essential functions that citizens depend on every day as well as during emergencies. Continuity plans ensure that the essential functions of agencies stay operational if a natural or manmade emergency should occur. While it’s difficult […]

Security at the network edge is a year-round endeavor

Security at the network edge is a year-round endeavor

Cradlepoint offers security features that help protect branch, mobile & IoT networks Our first Cradlepoint Security Week has come and gone. We had some great conversations, learned a lot, and enjoyed sharing what we know about security at the network’s edge with you. When we planned this weeklong conversation about network and data security, we didn’t know how […]

Context matters: turning data into threat intelligence

Context matters: turning data into threat intelligence

Guest Post Written By Webroot 1949, 1971, 1979, 1981, 1983 and 1991. Yes, these are numbers. You more than likely even recognize them as years. However, without context you wouldn’t immediately recognize them as years in which Sicily’s Mount Etna experienced major eruptions. Data matters, but only if it’s paired with enough context to create meaning. […]