The news has been full of stories regarding recent high-profile ransomware attacks including pipelines, meat processing plants, and Fujifilm. It would be easy to conclude that this is only a big-business problem, but the fact is this is an every business problem, regardless of size, industry, or any other factors. As a result, we’re fielding more and more questions from clients who have been wondering what exactly Suite3 does to help prevent the likelihood of a ransomware attack.
From an approach standpoint, Suite3 has mapped our technical security offerings to the NIST Cyber Security Framework. At its highest level, there are five functions of the framework – Inspect, Protect, Detect, Respond, and Recover – and we offer many technical solutions and processes for each function. However, the majority of the NIST Cyber Security Framework’s detailed categories and subcategories are administrative and not technical, and require our clients to plan, implement, and maintain associated policies and procedures accordingly.
As part of many of our engagements, we offer an assortment of Protection and Detection services which can reduce the likelihood of a ransomware incident. Upon request, we can provide access to more information that goes over not only the technologies in place, but our internal processes behind the implementation and management of our security services. In particular, Suite3’s SecureSuite ThreatHunter and ZeroTrust solutions specifically monitor for traffic indicative of access by a malicious actor prior to their launching an attack, as well as the blocking of any unauthorized software, including a bad-actor’s ransomware encryption tools, from being installed.
Regarding response and recovery, should an Indicator of Compromise be detected either at Suite3 or at a client, we rewrote our Incident Response Plan earlier this year. As we’ve pointed out before, CyberLiability Insurance is a critical component of any business’ recovery plan and needs to be in place at every client because while our insurance covers our data, you need your own insurance to cover yours.
For more information regarding ransomware, see Suite3 President Dave DelVecchio’s recent interview on WWLP’s Mass Appeal, a mid-day news and infotainment show.