I agree completely with these five steps. I would particularly focus on end user awareness training and vulnerability life cycle management.
SMB
Samba exploit – not quite WannaCry for Linux, but patch anyway!
This is not quite as significant a risk as the WannaCry outbreak, but still worth attention. Please review your SAMBA deployments and adjust accordingly.
Most SMBs Completely Unprepared for Ransomware
This survey mirrors what we are seeing in our community. Preparedness for ransomware requires sound, well tested backup and recovery procedures, good layered IT security defenses and a complete understanding of your cyber insurance options. Please take the time to consider these options and prepare your organization.
http://www.infosecurity-magazine.com/news/most-smbs-completely-unprepared/
New Security Flaw Spans All Versions Of Windows
My complements to the team at Dark Reading for a well written description of this latest vulnerability and the related potential pitfalls. Once again, vulnerability management is proven to be more than simply spinning up a WSUS server and applying patches. Patching is not the singular fix for all vulnerabilities. I sincerely doubt many people have fleshed out their strategy and begun applying Windows 10 Preview patches. This particular flaw in SMB requires a conscience configuration change in the default OS for Windows and updates or exclusions for other applications. Please take the time to develop a real vulnerability life cycle management strategy and take these threats to your infrastructure seriously.
http://www.darkreading.com/endpoint/new-security-flaw-spans-all-versions-of-windows/d/d-id/1319884
IT Security essentials for small and medium enterprises
This is a nice overview of SMB targeted security essentials from the (ISC)2 Blog.
http://blog.isc2.org/isc2_blog/2015/03/it-security-essentials-for-small-and-medium-enterprises.html
