![\"Best](\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2019\/06\/World-Password-Day-mod.jpg\")
<\/p>\n<\/p>\n
Solutions Review compiles the best endpoint security advice from the first half of 2021.\u00a0<\/i><\/b><\/p>\n
As part of our ongoing research into the cybersecurity<\/a><\/strong><\/span> market, Solutions Review frequently covers the latest in data breaches, cyber-attacks, and authentication failures. When we do this, we try to accompany the facts with expert advice and perspectives from some of the most recognized voices in cybersecurity.\u00a0<\/span><\/p>\n As a result, we\u2019ve accumulated several relevant pieces of endpoint security<\/a><\/strong><\/span> advice from the first half of 2021, generated by attacks and breaches. We decided to curate our favorites into one article. Here they are:\u00a0<\/span><\/p>\n Javvad Malik is Security Awareness Advocate at <\/span><\/i>KnowBe4<\/span><\/i><\/a>.<\/span><\/i><\/p>\n From: <\/span>Expert Commentary on the CD Projekt Ransomware Attack<\/b><\/a><\/span><\/p>\n \u201cWe\u2019ve seen ransomware evolve, not only is it enough for criminals to encrypt data, but they will spend time within the victim\u2019s organization, stealing valuable data, working out which data is worth encrypting, and how much they should set the ransom at.<\/span><\/p>\n In many cases, these criminals go undetected in victim organizations for many months at a time.<\/span><\/p>\n So, it\u2019s important that organizations have the right controls in place to prevent these attacks from being successful in the first place and have some form of monitoring and threat detection in place to see when they have been breached and to respond quickly.<\/span><\/p>\n The ransom demands are interesting because the criminals know that the organization can likely recover from backups. In this case, the ransomware itself isn\u2019t the issue \u2013 it\u2019s more of a statement to signal that they have breached the organization. The fact that the ransom note was addressed to them shows it was a targeted attack.<\/span><\/p>\n While ransomware itself can cause issues and not everything may be backed up. The real demand for payment is in exchange for the criminals not leaking the information they\u2019ve stolen. However, the issue with this approach is that even if the victim pays the money, there is no way to guarantee the criminals will actually delete the data.\u201d<\/span><\/p>\n Purandar Das is CEO and Co-Founder of <\/span><\/i>Sotero Software<\/span><\/i><\/a>.<\/span><\/i><\/p>\n From: <\/span>Kia Motors America Suffers $20 Million Ransomware Attack: Expert Commentary<\/a><\/span><\/strong><\/span><\/p>\n \u201cOne more ransomware incident. While the focus is on recovering the stolen data, minimizing customer exposure, and restoring normal operation, as it rightfully should be, companies ought to start revisiting their security approaches. There are two parts to this. One is to start by making the data useless when stolen. That eliminates a big part of the leverage the criminals have. The data is just as valuable as the operational aspects of the system that are affected. The stolen data also causes long-term damage to innocent consumers who trust organizations to protect their data and privacy. Adopting newer encryption technologies that keep data encrypted, even while in use is a must. Second, enabling secure backups of operational systems with fast recovery paths is another. Layering on more security products is not a viable or scalable solution.\u201d<\/span><\/p>\n Tony Lambert is an Intelligence Analyst at <\/span><\/i>Red Canary<\/span><\/i><\/a>.<\/span><\/i>\u00a0<\/span><\/p>\n From: <\/span>Alleged Ransomware Attack Hits Molson Coors; Expert Commentary<\/b><\/a><\/span><\/p>\n \u201cAt the moment multiple reports indicate Molson Coors fell victim to a ransomware attack, but the precise family of ransomware hasn\u2019t been specified. For manufacturing organizations, ransomware poses a major threat to data and system availability. Not only do corporate systems lose access to data, systems managing the manufacturing process may come to a halt as well, preventing the successful production and even delivery of products. This obviously presents a huge problem for companies that sell the products: every hour their lines are down can mean major profit losses.<\/span><\/p>\n In situations like these, we\u2019ve seen organizations take two paths. The first is to pay the ransom so they can restore availability as fast as possible to prevent major losses. The second is to avoid paying a ransom and restoring from backups\u2026Finally, it\u2019s important to keep in mind that organizations can do many things to take steps toward ransomware prevention. Consider using mail gateways, spam filters, or other email security tools to curb the delivery of malicious attachments or links. If feasible, organizations may consider disallowing archive or document attachments in email. Consider implementing controls to limit the use of Windows script execution tools such as `wscript.exe`.<\/span><\/p>\n To secure public-facing applications from exploitation, apply patches as soon as possible. Evaluate any web applications for remote code execution vulnerabilities. To secure trusted relationships such as those with Managed Service Providers (MSPs), consider discussing security measures and checklists with vendors periodically to ensure they meet your needs and protect your interests. To mitigate exploitation via supply chain compromise, only download software from official sources such as directly from the developer. To hinder the execution of this and other malware, restrict administrative access where possible and employ the principle of least-privilege where feasible.\u201d<\/span><\/p>\n Stephan Chenette is Co-Founder & CTO of <\/span><\/i>AttackIQ<\/span><\/i><\/a>.<\/span><\/i><\/p>\n From: <\/span>IoT Maker Sierra Wireless Suffers Ransomware Attack<\/a><\/strong><\/span><\/p>\n \u201cThis ransomware attack highlights the complexity and far-reaching damage of a B2B data breach. The incident not only impacts Sierra Wireless itself but also its customers, who rely on up-to-date information to keep their operations moving forward. As evidenced by this and many other recent ransomware attacks, it\u2019s no longer an issue of just whether or not to pay the ransom. Because of this, it\u2019s important to adopt a proactive and threat-informed approach to security strategy that allows for an organization to know it can thwart ransomware attacks.<\/span><\/p>\n To best defend against ransomware, it\u2019s important to understand the common tactics, techniques, and procedures used by the adversary. In doing so, companies can build more resilient security detection, prevention, and response programs mapped specifically to those known behaviors. Additionally, companies should use automated solutions that safely validate their defensive controls against ransomware campaigns and their techniques to avoid falling victim.\u201d<\/span><\/p>\n Gary Ogasawara is CTO of <\/span><\/i>Cloudian<\/span><\/i><\/a>.\u00a0<\/span><\/i><\/p>\n From: <\/span>The Colonial Pipeline Hack: What to Know and Commentary<\/b><\/a><\/span><\/p>\n \u201cThe ransomware attack on the Colonial Pipeline is a reckoning for how impactful an assault like this can be on a country\u2019s critical infrastructure. Even as Colonial attempts to contain the attack by taking some of its systems offline, every day that goes by without Colonial fully restoring operations increases the downstream disruption. As ransomware groups around the world observe the effect this attack has had, more may follow.<\/span><\/p>\n Having strong cybersecurity defenses in place has never been more important, particularly ensuring that businesses can recover quickly and easily from a ransomware attack. One of the best ways to do so is by securing data at the storage level with an immutable backup copy. This way, the data is rendered unchangeable for a certain time period, preventing encryption by malware and enabling easy recovery of an unencrypted data copy in the event of an attack.\u201d<\/span><\/p>\n Thanks to these experts for their time and endpoint security advice. For more on cybersecurity and the marketplace, check out the Endpoint Security<\/a><\/strong><\/span> and the EDR<\/a><\/strong><\/span> Buyer\u2019s Guides.<\/span><\/p>\n Solutions Review compiles the best endpoint security advice from the first half of 2021.\u00a0 As part of our ongoing research into the cybersecurity market, Solutions Review frequently covers the latest in data breaches, cyber-attacks, and authentication failures. When we do this, we try to accompany the facts with expert advice and perspectives from some of […]<\/p>\n","protected":false},"author":41,"featured_media":3953,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[2,335],"tags":[862,31,1433,75,226,22,13,1084,40,616,23,1403,84,1489],"acf":[],"yoast_head":"\n
Widget not in any sidebars
\nBest Endpoint Security Advice from the First Half of 2021<\/b><\/h3>\n
<\/div><\/p>\nJavvad Malik<\/b><\/h3>\n
<\/div><\/p>\nPurandar Das<\/b><\/h3>\n
<\/div><\/p>\nTony Lambert<\/strong><\/h3>\n
<\/div><\/p>\nStephan Chenette<\/b><\/h3>\n
<\/div><\/p>\nGary Ogasawara<\/b><\/h3>\n
<\/div><\/p>\n
Widget not in any sidebars
\n","protected":false},"excerpt":{"rendered":"