Before an Attack

Design & Implement

  • Once you have determined your vulnerabilities and the gaps in your defenses, the next step is to decide how to implement the available mitigations
  • NIST Ransomware Practice Guides give reference designs to remediate gaps using existing commercial products
  • No matter how strong your defenses, determined adversaries may penetrate. Implementing resiliency techniques will allow continuation of critical operations during a successful attack.

CJA

  • White paper
  • Tools?

CORA

  • White paper
  • Survey with healthcare additions

ATT&CK Navigator

  • Ransomware specific

Defense Risk Matrix

  • Maps threats to mitigations
  • Identifies gaps

Prioritization

  • Determine most effective mitigations

Pin It on Pinterest

Share This