This interview is a terrific primer for preparing your agency to prevent ransomware.  We have four experienced thought leaders who discuss issues like knowing what is on your system, where to find free prevention resources for a limited staff, and best practices for maintaining a safe network. 

Knowing what is on your system is the basic starting point for security, however, this simple concept can be difficult to accomplish.  Auditing your system can be compromised through users avoiding consolidation through shadow IT.

The term “shadow IT” has had Its peaks and valleys of interest in the past decades – some refer to it as “unauthorized modifications.” The origins are obvious.  If a system administrator makes it onerous to comply with security directives, users will come up with a workaround and use a credit card for an application, unknown to management.

The federal government understands the staffing challenges of state and local governments. As a result, the Cybersecurity & Infrastructure Security Agency (CISA) provides guides and training for these groups. During the interview, we learn that CISA is developing guidelines for an attestation letter.  This would act as a trust mechanism for smaller agencies concerned about malicious code coming from vendors.

Even if your system is thoroughly reviewed and current with updates and patches, you can still be vulnerable.  One simple instance of best practices is offered by Bill Harrod from Ivanti.  He suggests that each update must be tested and validated before being installed.  This is because of the complicated nature of hybrid systems today.  One update can have an impact on another system that is dependent on it.

Much to unpack in the group discussion – they talk about automation, machine learning, and the software lifecycle as it is applied to the software supply chain.