Ransomware has, over time, emerged as one of the most significant risks of our time. Recently we have seen massive examples of just how big the threat is, such as the recent Colonial Pipeline attack which caused a state of emergency throughout portions of the eastern seaboard as a result of the gas shortage that followed. Even more recently, the information and technology firm Kaseya has estimated that between 800 and 1,500 businesses around the world have been affected by a ransomware attack that was directed at the firm.
Many organizations often manage IT security and changes to IT security on an ad-hoc basis. They move quickly to resolve critical threats, but have little time left over to document security policies or analyze the impact of policy changes on the business. Organizations need to better prepare themselves for the rise of ransomware and defending against ransomware requires better policy management throughout the organization. Too often organizations forget that policies define how systems are to be defended/protected and security maintained. It is often through a lax approach to policies that many systems get compromised. Policies can also protect the organization against social engineering and IT risks by educating employees on security. This is what I like to call “the human firewall”.
The Policy Management Capability Model enables organizations to have structured policy management and enforcement processes to better protect your organization against ransomware. Here are the steps:
o Review your existing policies to ensure they meet your current security policies
o Revise policies as needed, and leverage the Policy Management Capability Model to ensure they are consistently written
o Communicate your policies to employees and train them on them, test their understanding. The Policy Management Capability Model has a whole section on effective communication techniques.
o Monitor your policies to make sure they are being followed in the organizations processes and transactions
o Improve your policies over time as security, processes, and systems evolve.
The Policy Management Capability Model is an effective resource to leverage policies to protect your organization against the rise in ransomware attacks. A well-documented set of policies and training helps the organization to prevent business application outages, compliance violations, and security gaps, and reduces management time and effort.