Hello, and welcome back to this next TomCast from GuardSight; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints.
Today we begin a technical dive into Ransomware with GuardSight’s own Director of Cybersecurity and Incident Response, Justin Fischer. Welcome Justin!
This technical dive into Ransomware is going to go over further information on Ransomware prevention and why that is so necessary.
[Interview questions listed below. Please listen to the TomCast to hear Justin’s responses.]
- Justin, if you would, please give the listeners a brief overview of what is meant by an incident chain.
- Speaking of phishing, is the same entity that sends out the phish the same one that is deploying the Ransomware?
- Remember the previous TomCast? That main topic surrounded Ransomware prevention and specifically measure you can take to prevent phishing attacks from being successful.
- Moving on, so, theoretically, a Ransomware attack or infection could be multiple threat actors, not just one particular malicious actor?
- What would one of these groups do after initial access or after infecting that first system?
- They are looking to go into storage areas, repositories, document libraries to lock down information you need?
- So how does this knowledge assist in the prevention of a Ransomware attack?
- When you’re dealing with organizational-level backups, how often in your experience does the organization you’re supporting actually validate their backups, or do they even have a backup strategy?
Excellent information, and I hope all of you out there take this information into account. Justin and his team encounter incidents like this on a routine basis, so this is definitely knowledge that can help everyone out there. Stay tuned, the next TomCast will continue this conversation on Ransomware, but Justin and I will focus on the incident response side.
We here at GuardSight thank you for taking the time to listen to this TomCast. Please share this if you believe it would be of assistance to anyone in your contact list, and please provide us some feedback in the comments so we can continue to improve. Thanks!