As #RansomwareWeek draws to a close here on the (ISC)² blog, we turn our attention to how organizations can defend themselves. Yesterday, we announced that (ISC)² has granted free access to its "Ransomware: Identify, Protect, Detect, Recover" course through the Professional Development Institute to anyone who is interested in learning more about prevention and remediation. That’s because the consequences can be dire for organizations. The days of ransomware attackers demanding a few hundred dollars for a decryption key are long gone. Attacks have gotten more severe, and perpetrators have become bolder, demanding multimillion-dollar payouts from their victims. In March, CNA Financial reportedly paid ransomware attackers $40 million. Paying ransom, however, may solve one company’s problems but could make it worse

In conjunction with #RansomwareWeek, today (ISC)² announced that its popular Professional Development Institute (PDI) course titled “Ransomware: Identify, Protect, Detect, Recover,” is now free to the public through July 31, 2021. (ISC)² recognizes the intense demand for ransomware prevention and mitigation content and has opened registration to anyone who is interested in the topic. The two-hour ransomware course is Quality Matters (QM) approved and upon successful completion, learners earn a certification of completion and digital badge. Successful course completion will also unlock a 25% discount off all PDI courses through July 31, including the All-Access Pass and the Express Bundle. There are also two related courses that are recommended for those interested in learning more about ransomware: Techniques for Malware Analysis and Navigating

Welcome back to #RansomwareWeek here on the (ISC)² Blog! Today we’re linking you up with eight episodes from the award-winning (ISC)² webinar program that touch on ransomware and cover the key components surrounding the state of cybersecurity threats. These sessions can help teams to better understand cybersecurity attacks, prepare for defense and plan a response in the event of a security breach. Anatomy of a Targeted Industrial Ransomware Attack Ransomware-New variants and Better Tactics to Defend and Defeat These Threats Darktrace #1: Ransomware in Focus: How AI Stays One Step Ahead of Attackers Ransomware Deep Dive: Examining Disturbing Ransomware Trends Working with Law Enforcement and the FBI Your Data Held Hostage: Understanding the Extensive Ransomware Threat Nice to Have or Have

Welcome to #RansomwareWeek on the (ISC)² Blog. Ransomware attacks are receiving increased exposure in global news coverage with recent high-profile incidents at SolarWinds and Colonial Pipeline. These events have prompted many companies who previously may have felt secure in their practices to take a deeper look at their security measures and engage in deeper conversations surrounding threat management, cybercriminals, and cybersecurity training. This week we’ll be providing content resources that may be helpful to you, the reader, as your organization wrestles with ransomware prevention and remediation policies and best practices. As the first item in this week’s coverage, the massive Colonial Pipeline attack has served as a wake-up call about the dangers of ransomware, compelling the U.S. Department of Justice to

As a security practitioner, perhaps you have found yourself in meetings about Risk Management. Or, perhaps, you are part of the incident response team, where you are responsible for everything from preparation, through post-incident reporting. The common thread that runs through risk management and incident response are the “what if this happens” scenarios. Whatever your involvement in these preparatory exercises, the overarching concern of all involved is: When will the business be up and running normally again? When confronted with such dire circumstances, the realization of the need for Business Continuity and Disaster Recovery becomes as important as the business itself. These are no longer “what if” moments. When a business disruption occurs, it becomes a “what now” moment. When