https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
  • Events
    • Back
    • 2023 Call for Speakers
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

MSSP Insider


Shutterstock

Ransomware

NIST Taking Public Comment on Ransomware Profile Until Oct. 8

  • Written by Kelly Teal
  • September 27, 2021
Managed security service providers may want to vet the document and chime in on the recommendations.

The National Institute of Standards and Technology (NIST) is taking public comment on the new draft of its Ransomware Profile until Oct. 8. Managed security service providers may want to chime in.

The document contains the recommendations from the agency (which doesn’t have regulatory power) for helping organizations tackle ransomware.

Without a doubt, the issue is a pressing one. In the second quarter of 2021 alone, ransomware activity soared 55,240%. That’s not a typo. That’s the figure from MSSP Nuspire in its 2021 Q2 Quarterly Threat Landscape Report.

With that in mind, here are the “basic preventative steps” NIST details in its Ransomware Profile:

  • Use antivirus software at all times. Set software to automatically scan emails and flash drives.
  • Keep computers fully patched. Run scheduled checks to identify available patches, and install these as soon as feasible.
  • Segment networks. Segment internal networks to prevent malware from proliferating among potential target systems.
  • Continuously monitor directory services (and other primary user stores) for indicators of compromise or active attack.
  • Block access to potentially malicious web resources. For example, use products or services that block access to server names, IP addresses, or ports and protocols known to be malicious or suspected to be indicators of malicious system activity.
  • Allow only authorized apps. Configure operating systems and/or third-party software to run only authorized applications. Establish processes for reviewing, then adding or removing authorized applications on an allowlist.
  • Use standard user accounts versus accounts with administrative privileges whenever possible.
  • Restrict personally owned devices on work networks.
  • Avoid using personal apps – email, chat, social media – on work computers.
  • Educate employees about social engineering. Don’t open files or click on links from unknown sources unless without running an antivirus scan or inspecting links carefully.
  • Assign and manage credential authorization for all enterprise assets and software; also, periodically verify that each account has the appropriate access only.

The Basics Are Always Important

These insights seem rudimentary, but as cyberattacks rise exponentially, the industry has discovered that even the simplest gaps have gone overlooked. That was understandable during the crush last year to shift to remote work because of the pandemic. However, the time has long since passed to review those deployments for holes. In essence, the fundamentals bear repeating and employees – yours and your clients’ – continue to need cybersecurity training.

NIST underscores those points in the draft Ransomware Profile. The agency lays out steps organizations should take now to recover from a ransomware incident later:

  • Make a recovery plan. The effort should feature defined roles and strategies for decision making, and can serve as part of a continuity-of-operations plan, NIST said. Also, identify business-critical services to enable recovery prioritization, as well as business continuity plans for those critical services.
  • Back up data, secure backups and test restoration. Plan, implement and test a data backup and restoration strategy. In addition, secure and isolate backups of important data. This advice is especially prescient after the infamous SolarWinds hack, in which targets did not isolate their backups. From there, it was all too easy for attackers to grab data.
  • Keep your contacts. Maintain an up-to-date list of internal and external contacts, including law enforcement, for ransomware attacks, NIST said.

NIST modeled the Ransomware Profile on its Cybersecurity Framework Version 1.1. The new draft guidance is the second version, following one released this summer. The recommendations come not long after the Biden Administration issued its own measures aimed at fighting ransomware. Government agencies and contractors have suffered heavy attack over the past year from hackers, and they aren’t letting up. Just last week, the feds issued an advisory indicating that more than 400 U.S. and international organizations have come under digital fire from the Conti ransomware.

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Kelly Teal or connect with her on LinkedIn.

 

Tags: MSPs Backup & Disaster Recovery MSSP Insider Security

Most Recent


  • Momentum
    Microsoft Security Now $20 Billion Business with 'Tremendous Momentum'
    One analyst says there's few legitimate obstacles in its path for further growth.
  • ChatGPT
    Ivanti: Everyone Should be Concerned About ChatGPT and Cybersecurity
    ChatGPT can make it easier to become a cybercriminal.
  • Employee-person-man going out exit door
    IT Nation Leader Craig Fulton Leaving ConnectWise After 16 Years
    ConnectWise experienced massive growth during Fulton's tenure.
  • Path
    PagerDuty Layoffs to Slash 7% of Workforce in 'Right Path Forward'
    New roles will be created in cost-effective, high-talent geographies over time.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • hacker
    Cybersecurity Awareness Month Begins Amid Cybercrime Chaos
  • Answer
    Congress Wants Answers on FBI Withholding Kaseya Ransomware Decryption Key
  • ransomware
    As Conti Ransomware Rises, Targeting Backups, MSSPs Must Stay Alert
  • security lock
    Hybrid Work Adoption Will Invite More Cyberattacks

Upcoming Events

View all

Channel Partners Conference & Expo

May 1, 2023 - May 4, 2023

Channel Partners Europe

June 13, 2023 - June 14, 2023

Channel Futures Leadership Summit

October 30, 2023 - November 2, 2023

Galleries

View all

Deal to Buy Unify from Atos Seals New Direction for Mitel, CEO Explains

January 26, 2023

Intelisys, Suppliers, Agents Take Aim at the Partner Marketing Gap

January 26, 2023

Ivanti: Everyone Should be Concerned About ChatGPT and Cybersecurity

January 25, 2023

Industry Perspectives

View all

Make the Most of the Gift of Time in 2023

January 25, 2023

Strong Partnerships Ease Challenging UPS Upgrade

January 24, 2023

The Advantages of Managed Networking and Security During Economic Uncertainty

January 5, 2023

Webinars

View all

Next-Generation MSP Platform: The Building Blocks for Your Business

February 15, 2023

Security Secrets of the MSP 501: How to Be a Cyber Leader in 2023

December 15, 2022
  • 1

Cybersecurity Certifications: Their Evolving Role in the Fight Against Increasing Attacks

December 13, 2022

White Papers

View all

Overcoming Your Endpoint Security Limitations with a Skeleton Crew

October 25, 2022

Embracing the Zero Trust Mindset For Endpoints

October 24, 2022

Endpoints are the Destination

October 24, 2022

Channel Futures TV

View all

Coffee with Craig and James Episode 117: Cato Networks, Video Killed the Podcast Stars

Retired Astronaut Capt. Scott Kelly Previews His CP Expo Keynote

December 21, 2022

Fusion Connect Eyes Future with Intrado UC, Managed Network Customers

September 23, 2022

RingCentral Focused on Hybrid Work, Microsoft Teams, Other Integrations

September 23, 2022

Twitter

ChannelFutures

The CEO of @Mitel discusses the likely outcomes of buying @Atos Unify. Note: @RingCentral will play a role post acq… twitter.com/i/web/status/1…

January 26, 2023
ChannelFutures

.@msftsecurity surpasses $20 billion in annual revenue, analysts say it's a formidable #cybersecurity market conten… twitter.com/i/web/status/1…

January 26, 2023
ChannelFutures

The adoption of cloud-based services ☁️ has spiked in the last few years and is among the top growth segments. See… twitter.com/i/web/status/1…

January 26, 2023
ChannelFutures

[email protected], @NICECXone, @lumencpp, @CiscoPartners joined @IntelisysCorp and partners for a day of marketing worksho… twitter.com/i/web/status/1…

January 26, 2023
ChannelFutures

.@IBM and @SAP announce #layoffs of thousands of employees dlvr.it/ShV2VY https://t.co/7QK1YqVpwa

January 26, 2023
ChannelFutures

#MSPs can boost #Channel business if they personalize the #DigitalExperience for partners, says @AvePoint.… twitter.com/i/web/status/1…

January 26, 2023
ChannelFutures

Consider mental health in the context of DE&I. Create safe spaces where employees can feel comfortable being who th… twitter.com/i/web/status/1…

January 26, 2023
ChannelFutures

.@GoIvanti's CSO says #ChatGPT poses numerous cybersecurity concerns. dlvr.it/ShRmdt https://t.co/n22RZ4PZaO

January 25, 2023

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X