Contact Us      General Enquiries: +44 (0) 1273 834 000   Support / Service Desk: +44 (0) 113 360 9696

PAV IT

  • About Us
    • Careers
    • Our Green Credentials
    • Privacy Policy
  • IT Certainty
    • Legal and Accountancy
    • Manufacturing Sector
    • Retail Sector
    • Case Studies
    • Customer Testimonials
  • Services
    • Backup and Disaster Recovery
    • IT Support Monitoring
    • Project Delivery
    • Cloud Services
    • Application Packaging
    • Pavilion Service Credits
  • News & Events
    • BLOG
    • Events
    • Newsletters
    • News
  • Technology Solutions
    • Communication and Collaboration
    • Modern Workspaces
    • Data and Governance
CONTACT SALESsupport
  • Home
  • Our latest Blogs
  • Blog
  • Ransomware Defence Assessment
June 25, 2022

Ransomware Defence Assessment

Thursday, 22 July 2021 / Published in Blog

Ransomware Defence Assessment

Ransomware Defence Assessment

The Ransomware Defence Assessment is a blended approach of both paper audit checks and hands-on manual testing, aiming to thoroughly assess your administrative and technical controls, as well as your detection processes. We also test your ability to restore business activities quickly and efficiently should a successful attack take place.

This assessment is split into 3 key areas: Audit Checks, Infrastructure Testing & Attack Simulation.

Audit Checks

Robust and regularly tested procedures, policies, guidelines, and awareness training are critical components in the business-wide approach to ransomware defence. Therefore the ‘Audit Tests’ aim to ensure that the most appropriate policies and procedures are in place along with suitable technical controls to mitigate the risk of a ransomware attack. Typical tests would include confirming backup and recovery activities, automated patch management, malware controls, CIRP and DR plans, and distribution of awareness training.

Infrastructure Testing

The infrastructure includes a wide range of hosts and services, all with unique security configurations, and each providing a key technical control.

The ‘Infrastructure Testing’ aims to provide assurance that your current configurations across your key hosts and services are effective and appropriate. Tests include confirming that mail filters block the most recently used malicious attachments, that data backups are appropriately secured, that compromised user accounts cannot easily access sensitive information, and that remote access solutions are configured with the most secure authentication controls.

Attack Simulation

The ‘Audit Checks’ and ‘Infrastructure Testing’ could be considered as part of the ‘Preparation Stage’ of incident response. However, the remaining steps from detection through to recovery should also be examined.

The ‘Simulation Tests’ aim to examine the effectiveness of your defence systems, but also the responsiveness of the IT team. The tests simulate ransomware activity in a controlled and non-disruptive way, allowing all stages of incident response to be played out, identifying any opportunities for improvement.

Client Benefits

  • Includes a ransomware focused workshop with a senior consultant, discussing how the configuration of the client’s infrastructure compares with industry best-practice recommendations.
  • Simulates the most probable internal and external attacks used to deliver ransomware payloads in a safe and controlled manner.
  • Tests the effectiveness of the SIEM solution in detecting malicious behaviour on the infrastructure typical of an imminent ransomware attack.
  • Includes an assessment of the configuration of the key technical controls in place to mitigate the risk of ransomware attacks, such as mail filters, anti-virus, and network segmentation.
  • A concise report containing both technical and non-technical recommendations for how the risk of a ransomware attack on the client’s infrastructure could be reduced.

Key Benefits

  • Simulates the most probable internal and external attacks used to deliver ransomwarepayloads in a safe and controlled manner.
  • Tests the effectiveness of the SIEM solution in detecting malicious behaviour on the infrastructure typical of an imminent ransomware attack.
  • Includes an assessment of the configuration of the key technical controls in place to mitigate the risk of ransomware attacks, such as mail filters, anti-virus, and network segmentation.
  • A concise report containing both technical and non-technical recommendations for how the risk of a ransomware attack on the client’s infrastructure could be reduced.
  • Includes a Ransomware focused workshop with a senior consultant, discussing how the configuration of the client’s infrastructure compares with industry best-practice recommendations.

Contact us to find out more.

Pavilion Service Credits

Pavilion have a comprehensive IT services portfolio covering reactive and pro-active IT support, hosting, cloud as well as application services. These services meet many of our customers day to day general IT support requirements.

Find out more HERE

What you can read next

Understanding XDR
Understanding XDR, the Latest Evolution in Threat Detection and Response
blog_header_modern_workspace
What does “digital” do for your business
Cybercriminals Escalate Impersonation Attacks During Tax Season, bookkeeping
Cybercriminals Escalate Impersonation Attacks During Tax Season

Recent Posts

  • Sophos Event Blog Header

    Better cyber protection doesn’t have to cost you more

    Most campaigns that vendors / resellers run is ...
  • Cyber Insurance Blog

    Cyber insurance: there’s bad news and there’s good news

    The threat environment is more challenging than...
  • Evolving Cyberattacks header

    How Common Types of Cyberattacks are Evolving

    Cyberattacks are ever changing. Read about cybe...
  • Watchguard MFA Header

    Protecting User Identity and Securing Business Trust with Multi-Factor Authentication

    THE EVOLUTION OF AUTHENTICATION – HOW WE GOT HE...
  • CRN Nomination 2022 Header

    CRN Best Company to Work For Nomination 2022

    Why is your company such a great place to work?...

Categories

  • Applications
  • Blog
  • Cisco
  • Commvault
  • Events
  • Legal
  • Manufacturing
  • Microsoft
  • Mimecast
  • Networking
  • News
  • Newsletters
  • Other News
  • Retail
  • Sophos
  • Watchguard

pavilion logo small

A leading IT infrastructure solution and support provider that has been delivering flexible and modular solutions and consultancy to businesses across the UK since 1988.

GET IN TOUCH

  • General Enquiries: +44 (0)1273 834 000
  • Support Desk: +44 (0)1273 834 433
  • Email: info@pav.co.uk
  • PAV I.T. Services
  • The Old Corn Mill, Bullhouse Mill
  • Lee Lane, Millhouse Green
  • Sheffield S36 9NN
  • View on Google Maps
  • About Us
    • Careers
    • Our Green Credentials
    • Privacy Policy
  • IT Certainty
    • Legal and Accountancy
    • Manufacturing Sector
    • Retail Sector
    • Case Studies
    • Customer Testimonials
  • Services
    • Backup and Disaster Recovery
    • IT Support Monitoring
    • Project Delivery
    • Cloud Services
    • Application Packaging
    • Pavilion Service Credits
  • News & Events
    • BLOG
    • Events
    • Newsletters
    • News
  • Technology Solutions
    • Communication and Collaboration
    • Modern Workspaces
    • Data and Governance

Pav IT © 2022 All rights reserved.

  • GET SOCIAL
TOP