The FEHBlog hopes that his readers enjoyed the 400th Thanksgiving holiday.
Congress will be in session for the next two weeks. Cyberscoop brings us up to date on the legislative effort to include a data breach and ransomware reporting provision in the must pass National Defense Authorization Act bill for the current federal fiscal year.
As we enter our country’s major holiday season, Tech Republic reports that “An alert issued Monday [November 22] by the Cybersecurity and Infrastructure Security Agency [CISA] and the FBI urged organizations to be on guard for ransomware attacks that take advantage of worker downtime during Thanksgiving [etc.].”
In the alert, CISA stressed that neither it nor the FBI have identified any specific threats that might occur on or around Thanksgiving. But with or without advanced warning, organizations need to be prepared for attacks designed to take advantage of the holiday.
ISACA offers an expert column on using zero trust and XDR to stop ransomware. The FEHBlog has linked to several columns on zero trust but he had not heard of XDR. It turns out that
XDR brings together information about possible attack elements (e.g., indicators of compromise [IoCs]) with logs of network traffic, quirky endpoint behavior, cloud and Software-as a-Service (SaaS) service requests, and server events for analysis. The power of XDR is that it goes beyond security information and event management (SIEM) which aggregates log data to include correlation, analysis and machine learning (ML)-augmented modelling. This forms the basis for an effective response.
By deploying an XDR solution (which can detect many attack elements) with a zero trust-enabled architecture (which hardens infrastructure against malicious attacks), one can substantially improve survivability against ransomware. So, deploy an IAM tool. Use multifactor authentication (MFA), at least for high-privilege accounts. Segment the network. And put an XDR tool in place for the security operations center (SOC). You will have a much calmer, more predictable, less eventful day-to-day work experience.
Because Bleeping Computer’s The Week in Ramsomware was not published Thanksgiving week, here is a Health IT Security overview of cybersecurity issues affecting the healthcare sector.