As the dust settles after yesterday's excitement, we're putting together a quick awareness update on the ransomware incident for our subscribers.
US CERT is already on the case with a well-written, straightforward guide and advice on how to mitigate the risk. Good stuff!
To supplement the more technical advisories already circulating, I am preparing a simple one-pager awareness briefing for general employees, plus a management briefing focusing on the information risk management, assurance and governance aspects. Our recent 'ransomwareness' module has materials we can adapt/update to reference the latest incident - an advantage of having a comprehensive library of awareness materials.