Even With Cybersecurity... Isolation Is Non Productive
The attached article discusses how state and local governments should collaborate to strengthen their collective cybersecurity posture, and I agree, there is strength in numbers. State and local governments cannot compete with private industry salaries, but they have the same challenges, sometimes even more difficult challenges, like voter security. However, historically, everyone whether governments or corporations, have this fear that if they share information, i.e. make themselves vulnerable, someone will come along and use that against them. I believe this is an outdated premise, no one industry, corporation, nor government can know it all. Various entities see all sorts of threats, some industry specific and some not so much. But if we collaborate, we may be able to learn how a non-related industry threat can wreak havoc on our systems.
Say it with me, your average cyber-criminal doesn't care about your industry, they are attacking a vulnerability that may exist across all industries. Sharing what you are seeing can help everyone! The term Advanced Persistent Threat (APT) is being used so loosely these days it is sort of losing its true meaning. In my experience an APT attack is more of a targeted attack, ransomware is not an APT attack, it could be used as a tool in a cyber criminal’s arsenal but by itself it is not. Just like no one can withstand a federal investigation, no one can withstand a true APT attack. But if we are ranking where a company should put its money, don’t start with securing against an APT attack, start with ransomware. Have a vulnerability management program, actually patch your systems, have tried and TESTED backups off network, make sure you are practicing least privilege on your file shares, these are just a few things that can be done to battle that pesky ransomware bug.