The ‘WannaCry’ ransomware attack spread across the globe last weekend, with experts estimating that more than 200,000 organisations in 150 countries were affected.
A number of high-profile organizations were targeted in the attack, including Renault, FedEx, Bank of China, Telefonica and Deutsche Bahn. Hospitals in the UK attracted the most attention because thousands of operations had to be canceled and patients were turned away from A&E.
The ransomware used a flaw in Microsoft Windows’ operating system, previously flagged by the National Security Agency and leaked by hackers, to spread rapidly across networks encrypting data and demanding ransom payments in the form of Bitcoin. A security expert managed to slow the attack down by triggering a “kill switch” on Saturday but new versions have now been detected without this feature.
“The global attack that just occurred is a wake up call for every C-Level executive,” according to managing consulting firm Janco Associates. They have released a new Security Manual Template, which contains a world class collection of cybersecurity best practices. They say none of their clients were impacted by the latest incident because they followed these practices.
Janco’s Security Manual Template is over 260 pages in length and includes:
- Best Practices and KPI Metrics for SIEM.
- Identity Protection.
- eReader format for tablets and smartphones.
“Many organizations fail to realize the benefits of security information management due to the often exhaustive financial and human resource costs of implementing and maintaining the software.
“However, the Security Manual Template —the industry standard—provides the infrastructure tools to manage security, make smarter security decisions and respond faster to security incidents and compliance requests within days of implementation. The template provides a framework for evaluating SIM services and shows how they could be applied within your organization.”
The template contains policy templates, checklists, punch lists and over two dozen electronic forms. Some of tools included are:
- Risk Assessment Process
- Security Violation Reporting Process & Forms
- Security Audit Checklist
- Employee Termination Process
- Security Management Compliance Checklist
- HIPAA Audit Program Guidelines
- ISO Security Audit Checklist
- Firewall Security Checklist
- BYOD & Mobile Security Checklist
Stay up-to-date with the latest trending news stories and industry advances with the Research and Markets blog. Don’t forget to connect with us on LinkedIn and Twitter for the latest blog plus information about new products.