(844) 627-8267
(844) 627-8267

Lodi, Calif., Built a Ransomware Defense Matrix with Multiple Solutions | #ransomware | #cybercrime


How Powerful Firewall Controls Support Agency Security

For Buecher, backups are just part of the solution. He’s also leveraging modern tools to make the network itself more resilient in the face of ransomware threats.

As part of the city’s security revamp, “we got away from was our traditional firewalls,” Buecher says. Today he leans on Palo Alto Networks.

“With their software-defined networking solutions in their firewalls, Palo Alto gives us more granular control over what’s actually coming and going through this firewall. It also helps us monitor and get better insights into what is actually being used,” he says.

He also utilizes Cortex, an AI-based tool from Palo Alto that monitors the behavioral aspects of the network.

As files come into the system, “we can look for the behavioral patterns of those files after they hit our network, and isolate them immediately on whatever machine they hit, and then go in and fix or take that machine offline if we need to,” he says.

Buecher says that IT leaders should take a hard look at their data stores in order to make a case for needed expenditures.

“You have to put a dollar amount on that data. How much is that worth to you?” he says. “As soon as you put a value on your data, that becomes your selling point to whoever you need to convince.”

LEARN MORE: State and local agencies can fight back against ransomware.

Agencies Prevent Ransomware Through Training and Testing Users

Most ransomware exploits launch via phishing and other user-targeted attacks. That means it’s critical to address not just technological solutions but also the people piece of the cyber puzzle.

To that end, Lodi partners with KnowBe4, leveraging its cybersecurity educational software system to ensure users are on guard against attacks. Employees have been training with KnowBe4 for three years, and KnowBe4 also conducts phishing tests, sending fakes email out to everybody in the organization. The regular testing “is one of those things that everyone looks forward to on a monthly basis,” Buecher says.

The system generates fake a phishing email, “and then we’re able to track who opens it, who clicks on the link,” he says. He’s turned it into a game among the executive team and the directors, who wait eagerly to see how well their teams perform. “It’s even better when a director actually clicks on something and gets caught.”

The training and testing through KnowBe4 has helped everyone realize that “we’re all doing this together,” he says. “It’s not strictly an IT function anymore to protect our organization.”

At the Indiana Information Sharing and Analysis Center, part of the Indiana Office of Technology, Executive Director Tad Stahl also gives KnowBe4 high marks.

“KnowBe4 has a very deep library of training modules, and we are fortunate here to have executive support that allows us to do a training every month. We try to keep that between seven and 12 minutes, and it allows us to keep pertinent training issues top of mind for our workforce,” he says.

“We also run the phishing tool on a quarterly basis to measure performance, and then on an ad hoc basis to help those that need additional training,” he says.

Stahl adds, “KnowBe4’s library may have 20 or 25 modules on phishing, and we will try to run those frequently, at least twice a year. And then we sprinkle in other topics around password security and general social engineering threats. We’ll give them something different every time.”

Source link


National Cyber Security