2021 Cyber and Technology Risk Management Forum

Department of Treasury Announcement

 October 1, 2020 – Office of Foreign Assets Control (OFAC)  Bans Payments to “Sanctioned Entities” or “Embargoed Regions”  Civil Penalties or Fines  Mitigating Factors  Report/Cooperate with Law Enforcement  Prevention Training  Ransom Risk Analysis in Incident Response Plan  https://home.treasury.gov/system/files/126/ofac_ransomware_adviso ry_10012020_1.pdf

U.S.Departmentof Homeland Security United States Secret Service

Ransomware

 Preventive Measures

Incident Response Plan/Testing Protected Back Ups Employee Awareness and Training

Approved Application List File Integrity Monitoring Block IP Addresses Network Segmentation Software Updates Scheduled AV/AM Scans Configure Access Control (Least Privilege) Disable/Configure Remote Access

U.S.Departmentof Homeland Security United States Secret Service