The spate of cyberattacks on Texas cities has left municipalities wondering what can be done. VersaTrust’s owner and CISSP, Danny Owens, dissected the threat and outlined steps municipalities can take to combat the methods cybercriminals use in the interview below.
Danny Owens (DO): No. City governments will continue to be targeted until they implement comprehensive security controls equal to and better than the threats they face.
DO: Today’s hackers are very good at covering their tracks. They also use tactics traditional security tools can’t detect. Effective detection tools need to be in place to identify an attack that is in progress or that has occurred.
DO: Report the incident to your qualified IT/Security personnel who should:
DO: None of our municipal clients have been impacted in the latest attacks. One municipality recently had ransomware accidentally introduced from a phishing scam, however, our advanced endpoint protection software and Security Operations Center neutralized both threats before they could cause damage.
DO: We strongly believe in a layered security approach for all of our clients. It’s also recommended by the U.S. Department of Defense and introduces multiple barriers to halt attackers. Security controls, like real-time scanning and advanced endpoint anti-malware protection are customized based on a client’s risk, requirements and budget. During employee training sessions we show your team what to watch for, so no one falls for a phishing scam or accidentally introduces malware to your network.
We also synchronize local backups to a secure cloud server at least once every 24 hours to minimize data loss. A bulletproof backup is the only guarantee for recovery from data loss and ensures that ransom will never have to be considered as an option.
DO: Robust backups will prevent cities from being in a position where they consider paying a ransom request. If restoring from a backup is not an option, state or federal authorities should be involved in any decisions to be made regarding negotiating with the criminal.
DO: The CFO wanted a backup solution with faster data recovery time and advanced antivirus software to guard against malware and ransomware. Due to budget constraints, they had to choose between implementing stronger anti-malware/DNS protection and the more effective backup solution.
We recommended they add the backup solution first because recovering data is the highest priority after a breach. Then, additional protections can be implemented in a second phase when a budget is made available.
DO: Have an IT security expert conduct an assessment to determine areas where risks exist, like unsecure firewall configurations, no local backups, or lack of employee training. Then they’ll be able to:
VersaTrust is a Fort Worth cybersecurity service provider. We’re ready to assess your network and heighten your security posture to keep your city, data and citizens secure. Contact us today online or by phone (817) 595-0111.
By accepting you will be accessing a service provided by a third-party external to https://www.versatrust.com/
6310 Southwest Blvd
Suite 110
Fort Worth, Texas 76109
Fort Worth:
Phone: (817) 595-0111
Dallas:
Phone: (972) 528-0142
Hours:
8:00 a.m. - 5:00 p.m.
Monday - Friday