Microsoft has shared three key steps organizations can take to ensure a ransomware attack doesn’t cripple their entire network in an attempt to extract a multimillion dollar ransom or leak sensitive corporate data on the internet.
Microsoft developed the three-step advice as part of its feedback to the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST)’s recent call for expert approaches to preventing and recovering from ransomware and other destructive cyberattacks.
In brief, the three steps are “prepare, limit, and prevent”, which include: prepare your recovery plan to enable recovery without paying; limit the scope of damage by protecting privileged roles; and make it harder to get in by incrementally removing risks.
The steps work on the assumption that attackers will eventually breach a network. It’s part of the so-called Zero Trust strategy that tech vendors and the US government is interested in.
“This may seem
The article Ransomware: Take these three steps to protect yourself from attacks and make it easier to recover originally appeared on ZDNet.