Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Joint Cybersecurity Advisory Outlines Approaches to Discovering and Remediating Attacks

    cyberattack approachThis newly-released report is the result of a collaborative effort by cybersecurity authorities in Australia, Canada, New Zealand, the United Kingdom, and the United States.

    Nothing says “this is the standard” like a set of guidelines that are written by and agreed upon by the world’s leading experts in cybersecurity. The Joint Cybersecurity Advisory: Technical Approaches to Uncovering and Remediating Malicious Activity provides organizations with technical approaches, mitigation steps, and best practices designed to “enhance incident response among partners and network administrators along with serving as a playbook for incident investigation.”

    Some of the most important content in this advisory is its mitigation content; having a planned response *is* important, but it’s better to keep an attack from happening. Some of the familiar recommendations include disallowing unrestricted RDP access (a commonly-used tactic for ransomware attacks) and disabling the interactive logon of service accounts (used as part of lateral movement activity), among others.

    It also provides guidance around best practices to put in place prior to an incident occurring. These include:

    • Application whitelisting
    • Limiting privileged access
    • Maintain backups of essential data and systems
    • Use and maintain a secure workstation image

    In addition, the collective cybersecurity authorities see the user as “the frontline security of [an] organization,” citing the need for “User Education.” According to the advisory, the education focuses on malicious downloads and phishing emails, as well as how to respond should they either come face to face with an attack, as well as should they fall for one.

    Security Awareness Training helps to address these recommendations, educating the user with practical examples of modern attacks, while emphasizing the importance of the user’s role in organizational security.

    Take a look at this advisory; it provides great context into what you should be doing both before and after an attack.

     

    Return To KnowBe4 Security Blog

    Request A Demo: Security Awareness Training

    products-KB4SAT6-2-1New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn't a one and done deal, continuous training and simulated phishing are both needed to mobilize users as your last line of defense. Request your one-on-one demo of KnowBe4's security awareness training and simulated phishing platform and see how easy it can be!

    Request a Demo!

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://www.knowbe4.com/kmsat-security-awareness-training-demo

    Topics: Security Awareness Training, Cybersecurity

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews