What do you think?
Rate this book
Ransomware Protection Playbook
Avoid becoming the next ransomware victim by taking practical steps today Colonial Pipeline. CWT Global. Brenntag. Travelex. The list of ransomware victims is long, distinguished, and sophisticated. And it's growing longer every day. In Ransomware Protection Playbook , computer security veteran and expert penetration tester Roger A. Grimes delivers an actionable blueprint for organizations seeking a robust defense against one of the most insidious and destructive IT threats currently in the wild. You'll learn about concrete steps you can take now to protect yourself or your organization from ransomware attacks. In addition to walking you through the necessary technical preventative measures, this critical book will show you how A must-read for cyber and information security professionals, privacy leaders, risk managers, and CTOs, Ransomware Protection Playbook is an irreplaceable and timely resource for anyone concerned about the security of their, or their organization's, data.
320 pages, Paperback
Published October 12, 2021
20 people are currently reading
34 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 4 of 4 reviews
December 3, 2021
In the history of information security, there are countless stories of highly-sophisticated attack, and perhaps the most famous is Stuxnet. The full story is detailed in Kim Zetter's masterpiece Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon. It included hacking of a digital certificate authority, penetration of the Natanz enrichment facility, and more.
Also, there are many very lowly-sophisticated attacks in the history of information security, with ransomware being numbered there. Ransomware is a severe threat to any organization, and it is launching havoc and causing significant damage to organizations across every industry. The danger and threat of ransomware are such that every organization needs to have plans to deal with the prevention, mitigation, and, if required, recovery from ransomware.
As 2021 is coming to a close, one is hard-pressed to go a week this year without reading of major organizations suffering from a ransomware attack. While Colonial Pipeline and Travelex made headline news, countless others affected hospitals, manufacturing, and more that caused devastating losses. Ransomware is a threat such that if a firm does not have a plan to deal with it, they are derelict in their duties to their customers and stockholders.
Early phishing attacks were easy to identify, including blatant spelling and grammatical errors, given the obvious mistakes. But like phishing, ransomware authors have learned from their early mistakes and are using techniques that are becoming more sophisticated. One thing that is lost on many organizations is that even if they have ransomware insurance to pay for the ransom, the cost of the recovery operation from ransomware can be 10 to 15 times more than the ransom, according to Gartner.
In Ransomware Protection Playbook (Wiley), author Roger Grimes has written a highly tactical and practical guide to help organizations deal with the ransomware threat. Light on theory and heavily on tactical details, this book is a go-to guide on how to deal with the scourge known as ransomware.
Many organizations think they can be protected against ransomware via their firewalls, web security gateways, or endpoint anti-virus. But Grimes writes that out of all the ransomware he has tested over the last two years, an anti-virus program ever detected only a single specimen as being malicious.
The only way to effectively deal with the issue is by having a ransomware response plan, which the book shows how to do. As a subpart of an incident response plan, the ransomware response plan will work most effectively if it is tested in advance. In the heat of an active ransomware attack, responders need to know what they are tasked to do and have the experience necessary via previous drills.
A large part of the need for a program to deal with ransomware is that even if a firm does everything right in trying to prevent it, there is nothing firms can do to guarantee they won't be a victim. But by having a plan to deal with it in the event they are attacked, they will be enormously more prepared to deal with it.
For those that are victims, it comes down to the choice of paying the ransom or not. And there are numerous factors, which the book details, which must be considered when deciding to pay or not. And the decision to pay or not will end up creating a distinctly different set of actions moving forward.
When it comes to ransomware, Gartner recommends that security and risk management leaders responsible for endpoint and network security must get ready for ransomware attacks by constructing a pre-incident preparation strategy that includes backup, asset management, and the restriction of user privileges, and to determine whether the organization is ultimately prepared to pay a ransom or not. And to build post-incident response procedures by training staff and scheduling regular drills. While they do not mention the Ransomware Protection Playbook by name, this is an excellent guide to put their advice into action.
In the NFL, a team's playbook is something that is to be guarded and not shared. When it comes to ransomware, this is a playbook that you want every member of your information security team to have, know and share.
Also, there are many very lowly-sophisticated attacks in the history of information security, with ransomware being numbered there. Ransomware is a severe threat to any organization, and it is launching havoc and causing significant damage to organizations across every industry. The danger and threat of ransomware are such that every organization needs to have plans to deal with the prevention, mitigation, and, if required, recovery from ransomware.
As 2021 is coming to a close, one is hard-pressed to go a week this year without reading of major organizations suffering from a ransomware attack. While Colonial Pipeline and Travelex made headline news, countless others affected hospitals, manufacturing, and more that caused devastating losses. Ransomware is a threat such that if a firm does not have a plan to deal with it, they are derelict in their duties to their customers and stockholders.
Early phishing attacks were easy to identify, including blatant spelling and grammatical errors, given the obvious mistakes. But like phishing, ransomware authors have learned from their early mistakes and are using techniques that are becoming more sophisticated. One thing that is lost on many organizations is that even if they have ransomware insurance to pay for the ransom, the cost of the recovery operation from ransomware can be 10 to 15 times more than the ransom, according to Gartner.
In Ransomware Protection Playbook (Wiley), author Roger Grimes has written a highly tactical and practical guide to help organizations deal with the ransomware threat. Light on theory and heavily on tactical details, this book is a go-to guide on how to deal with the scourge known as ransomware.
Many organizations think they can be protected against ransomware via their firewalls, web security gateways, or endpoint anti-virus. But Grimes writes that out of all the ransomware he has tested over the last two years, an anti-virus program ever detected only a single specimen as being malicious.
The only way to effectively deal with the issue is by having a ransomware response plan, which the book shows how to do. As a subpart of an incident response plan, the ransomware response plan will work most effectively if it is tested in advance. In the heat of an active ransomware attack, responders need to know what they are tasked to do and have the experience necessary via previous drills.
A large part of the need for a program to deal with ransomware is that even if a firm does everything right in trying to prevent it, there is nothing firms can do to guarantee they won't be a victim. But by having a plan to deal with it in the event they are attacked, they will be enormously more prepared to deal with it.
For those that are victims, it comes down to the choice of paying the ransom or not. And there are numerous factors, which the book details, which must be considered when deciding to pay or not. And the decision to pay or not will end up creating a distinctly different set of actions moving forward.
When it comes to ransomware, Gartner recommends that security and risk management leaders responsible for endpoint and network security must get ready for ransomware attacks by constructing a pre-incident preparation strategy that includes backup, asset management, and the restriction of user privileges, and to determine whether the organization is ultimately prepared to pay a ransom or not. And to build post-incident response procedures by training staff and scheduling regular drills. While they do not mention the Ransomware Protection Playbook by name, this is an excellent guide to put their advice into action.
In the NFL, a team's playbook is something that is to be guarded and not shared. When it comes to ransomware, this is a playbook that you want every member of your information security team to have, know and share.
October 27, 2024
so depressing...i can recommend watching cute animal videos while listening to this, if possible.
"protection"...but "there's no prevention"...fantastic...
some useful information, it was nice to have found this book randomly on audible...but it was a bit of a sad sunday with it.
it also makes you understand that when we say we're coders (random software engineer, corporate, "strong" and puffed), we're not that much of a coder compared to those who are indirectly named in books like this.
"protection"...but "there's no prevention"...fantastic...
some useful information, it was nice to have found this book randomly on audible...but it was a bit of a sad sunday with it.
it also makes you understand that when we say we're coders (random software engineer, corporate, "strong" and puffed), we're not that much of a coder compared to those who are indirectly named in books like this.
May 21, 2022
Thanks for writing this. Very timely and insightful.
Roger, thank you for writing this. Very well done. Moreover, it appeals to a broad audience with its straight-forward, plain spoke style. That is to say - technical and non-technical - can read and understand it.
Roger, thank you for writing this. Very well done. Moreover, it appeals to a broad audience with its straight-forward, plain spoke style. That is to say - technical and non-technical - can read and understand it.
May 17, 2022
This was a great addition to review the playbook. It's filled with links and best practices which offered an assessment to an existing playbook, or to create on.
Displaying 1 - 4 of 4 reviews