So what should you do if you have been impacted by this criminal attack? I’ve had similar considerations in my time as a security leader—here’s my take.
First, if you have cybersecurity insurance, hopefully you have called your insurance provider and you are working with them to obtain the necessary resources to get back up and running.
Second, once you have a minute to stop and think, review what other vendors you depend on to function as a company.
Do you have a payroll provider? If so, you will want to assess the maturity of their security program— perhaps by examining the results of an independent audit, such as a SOC Type II report, to see how they are protecting your data.
Do you have vendor partners who have access to your company network? If so, you want to review how they protect their networks from cybercriminals so that if they are attacked, you don’t become a victim as well.
Do you use an MSP to help you manage your computers? If so, you also want to understand the measures they take to protect you from cybercriminals. Do they require multi-factor authentication (MFA) to access your network? Do they regularly update their computers and network to prevent attacks by cybercriminals using known vulnerabilities? Are they doing the same types of risk reviews you are with their own third-party service providers and vendors? There’s a lot to consider when assessing the security of your supply chain. If you have questions about cybersecurity insurance, what a “SOC Type 2 audit” is and how to interpret the report, or how to know if your MSP is protecting your data, contact the OnX Security practice.
John is a veteran technologist, CTO and CISO. He has nearly 30 years of experience building and running enterprise IT and shepherding information security programs towards maturity, based on industry standards like ISO27K and NIST CSF, as well as regulatory compliance requirements from PCI-DSS, HIPAA, FERPA, A133 and GDPR.
John has several GIAC certifications (GSEC, GCIH and GCWN) and has been active in the local information security community, through groups like Infragard and the Higher Education Security Council for EDUCAUSE. He holds BS and MA degrees from Xavier University and has served as an adjunct professor at Xavier and the University of Cincinnati.