Louisiana governor declares state emergency after local ransomware outbreak

At first blush, many of us would see this article and immediately file it away in the back of our minds as yet another example of the pervasiveness and destructive nature of ransomware.  To be honest, we would not be wrong to reach that conclusion, but I want to challenge you to read a little closer this morning.  There is a small ray of hope in this article that can be easily overlooked.  The governor of Louisiana is declaring a state of emergency because of these ransomware attacks, but he is doing so because the state of Louisiana has a plan!  

The state of Louisiana has a Cybersecurity Commission and a well defined, properly tested and well funded incident response plan.  They are prepared to respond to and address these ransomware outbreaks.  Resources from state police, the Governor’s office of Homeland Security and the Louisiana National Guard are being coordinated and rallied to the cause of mitigating these attacks.  That fact is both noteworthy and exciting.  Preparation and proper incident response is an absolutely vital component to any cybersecurity program.  Far too often, organizations find themselves shocked, flat footed and lost when ransomware strikes.  But not in the Bayou state.  Kudos to Louisiana for having a plan!


23 Incident Response Tips for Home Computer Use or Unwanted Social Media Attention

This is very sound advice.  Think about bookmarking this list or printing it off and having it handy in the event of malware or a social media intrusion.


Why A Ransomware Event Is Not A Data Breach

Though I agree in principle that ransomware is not a breach in the strictest sense of the word, I would say there is tremendous value in adding the reactive weight of a breach in how we perceive and respond to a ransomware incident.  Incident is the correct word to use in this situation.  Ransomware is a significant security incident and should be treated as such.  Unfortunately, many of us lock into the “Confidentiality” component of IT Security and only react when data is accessed or exposed.  “Availability” is still a very important leg of the IT security triad and deserves significant consideration.