Manage episode 179885329 series 12330
SFS Podcast - Episode 196
Wannacry: Woulda, Coulda, Shoulda
First and foremost: Why was medical hit so hard by WannaCry? See Episode 189 - Medical Device Security and Risky Business 455 - https://risky.biz/RB455/
- The Lead-Up
- Threat Intelligence is A Thing
- Threat Intelligence is Hard
- Threat Intelligence Feeds are [REDACTED] for many/most
- Stay Calm
- You have finite human resources
- You have finite time
- Prioritize Your Responses
- Episode 192 - Security Waste
- Know what all your tools can do and be ready to use them
- Your Business Continuity Program can inform that
- You do have a BCP, right?
- Know what area to focus on first
- Be willing to cut off an arm to save the body
- When you can remember that Herd Immunity is a Thing.
- Scare the Children
- Waffle in decision making
- This is not the time to point out for the millionth time that your patching program is suboptimal
- This is not the time to point out that if you’d only gotten that BlinkyBox last capital season this wouldn’t be an issue
- Focus on what you can’t do
- Stay Calm
- When the Crisis Arrives
- Be sure you’re in Aftermath and not still in Crisis
- Do a Hot Wash and a full After Action Review/Post-Mortem
- Document your lessons learned and distribute them widely
- Follow Up, Follow Up, FOLLOW UP!!
- The Aftermath
133 episodes available. A new episode about every 18 days averaging 27 mins duration .