Ransomware Help; Policy Updates

Share on

Help For Ransomware  

As you know, ransomware attacks have continued to make the news. There has been a significant uptick in attacks in 2021. In fact, one study shows that ransomware in the US alone has risen 185% from the first half of 2020. This same study posted by threatpost shows that government is the number one targeted sector, but education customers have seen more ransomware attempts.

In an effort to be prepared for any possible ransomware attacks or other types of incidents, I recommend visiting these three features on the UTIAsecurity site. Please take a look at these feature pages and bookmark them for easy reference.

  1. Backup Guidelines for Institute-owned Assets and Data – This feature gives you information on why you need a backup plan and what that plan should include. Good backups are key to not paying a ransom should you get attacked by ransomware.
  2. What to do When a Possible Incident Occurs – We have had UTIA IT0122 – Information Security Incident Response Policy and UTIA IT0122P – Information Security Incident Response Plan and Reporting Procedures. These two documents must be followed for any possible incident. The feature highlights how to report an incident or possible incident.
  3. Recommended Secure Browser Settings – This feature gives the recommended settings for the four major browsers we support: Chrome, Firefox, Edge, and Safari. These settings go a LONG way in preventing a compromise through your browser. Ransomware most often comes through spam or phishing emails. It also comes by way of malicious websites and web ads.

Policy Updates

This month I have two policy updates to share with you.

  1. UTIA IT0121 – Information Technology Security Program Plan – This plan lays out the Institute’s entire IT Security Program. The plan shows all the pertinent NIST controls from the Program Management control family. These controls are described and any UTIA IT Security Policy that is associated with a particular control is listed and linked for easy reference.
  2. UTIA IT0123 – Security Awareness, Training, and Education Policy – This policy has important changes, so please read it carefully.
    • The policy is now broken down by control name.
    • The dates for training have changed slightly to keep in line with UT System Administration requests.
    • The training will now begin on 09/15 and will be due no later than 12/17.
    • The policy has always said that access to IT assets may be revoked if the training is not completed, but there are now specific details about how that will happen.
    • Please read this policy closely and be sure you understand the updates.

As always, if you have questions about these updates, please do not hesitate to contact me. It is imperative that we all know what policy says, although I don’t expect anyone to memorize every word of every policy. These are the things I would think everyone should know.

  1. The UTIA Policies and Procedures page is https://utia.tennessee.edu/utia-policies-and-procedures/. Bookmark this page to make it easy to find.
  2. These monthly e-Newletters often highlight any changes to our IT Security Policies.
  3. All monthly e-Newsletters can be found at https://utiasecurity.tennessee.edu/security-awareness/. Bookmark this page to make it easy to find.
  4. UTIA IT Security Policies and Procedures – Brief Summaries is a helpful tool to highlight what the policy is about and to whom it applies.
  5. If you aren’t sure what policy says or means, please let me know.

These policies and procedures are a part of any audit or assessment done by UT Audit and Compliance. They sometimes ask questions about a policy, but they always check processes to make sure policy is being followed. We all have to do our part so the Institute does not have findings because someone failed to follow policy. And remember that results of an audit (or even lack of following policy) are shared with UT’s President, as well as the UT Board of Trustees Audit Committee.

I appreciate all that you do to keep the Institute’s data and IT assets safe. And please contact me anytime you have questions, concerns, or possible issues. I am here to help you.

Thank you all for all that you do!