Earn up to 6.5 CPE credits by attending this virtual event.
Ransomware isn’t just an IT security problem. It’s a business problem that impacts and involves just about every corporate department and employee in one way or another. So it’s no surprise that any official response to an attack typically first must have the blessing of executive leadership to ensure the company’s best interests are being served. This eSummit on November 15-16 will feature sessions that look at ransomware impact, compliance, preparedness, prevention, response and recovery – each from the perspective of a key internal or external stakeholder. Content will include:
- Results from CyberRisk Alliance’s exclusive ransomware research
- Ensuring your ransomware strategy achieves executive buy-in and business alignment
- Why cyber insurers are denying your applications and how you can change that
- Strategies for communicating with crisis-fatigued employees, panicking partners and skeptical investors
TUESDAY, NOVEMBER 15 AGENDA
OPENING KEYNOTE | 11:00 AM | Critical considerations before paying ransomware demands
Among the key decisions one is faced with when contending with a ransomware attack is whether or not to pay. Paying may invite further attacks, but taking a “no payment” position can mean losing access permanently to systems and data. Organizations may decide there’s no choice but to pay up. But the reality is more complex. Paying ransoms, typically in cryptocurrency, requires organizations to develop technical, legal and corporate processes and infrastructure before they are needed. Not preparing effectively risks delays and further problems. Questions abound: How does one trade cryptocurrency? How to account for payment? Are you breaking the law? Join this session for an informative look at the many critical considerations that companies must take into account when ransomware strikes.
11:30 AM
Ready or Not? Test Your Ransomware Defenses Against Real-World Playbooks
Tom Eston: AVP of Consulting, Red Team Practice Director, Bishop Fox
“What is our ransomware strategy, and how are you evaluating if it works?”
Have you gotten this question from your leadership? How do you answer it? How do you know?
The fact is the only way to know your ransomware defenses are effective is to either experience a real-world attack – or better yet, to emulate one using the same playbooks the criminal gangs use.
Join our session to see how real-world attack emulations not only help you find opportunities to improve your security controls such as detection and prevention techniques, but also the blue team’s processes for the current state of preparedness. We will also delve into how to prepare a value map of your Incident Response investments to show ROI to the board and C-suite as well as illustrate the value of, and build consensus for, recommended improvements.
Join the offensive security experts from Bishop Fox as they break down how to develop a real-world ransomware attack testing methodology and then reap the benefits. Learn how to:
- Design emulation exercises using the same tactics, techniques, and procedures as real-world adversaries
- Leverage findings to strengthen your incident response playbooks, security controls, and systems
- Uncover vulnerabilities in your infrastructure and social engineering avenues that adversaries commonly target
- Translate outcomes into artifacts that enable business stakeholders to easily understand your strategy and increase investment in future resources.
12:00 PM
E-Crime & ransomware threat landscape overview
Jason Rivera: Director, Strategic Threat Advisor Group, CrowdStrike
This brief will cover CrowdStrike’s latest and most relevant intelligence trends pertaining to criminal cyber threat actors, ransomware capabilities, and their associated tactics, techniques, & procedures (TTPs). Topics covered will include:
- Initial access mechanisms
- Post-exploitation techniques
- Ransomware capabilities and TTPs
12:30 PM
CRA BI study takeaways: Ransomware
Bill Brenner: VP, CRA
Dana Jackson: VP, CRA
In October 2022, 200 security practitioners participated in a CRA BI study on efforts to battle ransomware. Join Bill Brenner, CRA VP of content strategy, and Dana Jackson, CRA VP of research, for a look at where security teams continue to struggle, which tools have proven most helpful, and where they will make investments in the coming year.
1:15 PM
Break
1:30 PM
Technology Alone Can’t Stop Cyberattacks: Your Guide to Human-Led Threat Hunting
Peter Mackenzie: Director of Incident Response, Sophos
Technology solutions alone cannot prevent every cyberattack. Ransomware actors are increasingly exploiting legitimate IT tools, stolen credentials and unpatched vulnerabilities to penetrate organizations without being detected.
The need for human-led threat detection is needed now more than ever. It can make the difference between stopping an advanced cyberattack and falling victim to one.
In this webinar, learn why both technology and people are critical for an effective cybersecurity strategy. We’ll cover:
- The varying types of cyberattacks that you should be aware of
- The similarities between cybersecurity and physical security
- Why incident investigation is crucial following cyberattacks
- A real-world cyberattack walkthrough: what happened when a car manufacturer discovered they had been compromised for 2 months
2:00 PM
Why Ransomware is really HEATing up
Neko Papez: Sr. Manager, Cybersecurity Strategy, Menlo Security
Ransomware continues to torment security leaders today and the problem is only getting worse as threat actors continue to hone their tactics to evade legacy security technology. The shift to hybrid work and cloud apps as a standard isn’t helping. These digital enhancements couple with users relying on the web browser as the primary working tool today have expanded the attack surfaces and created new opportunities for cyber miscreants, giving rise to Highly Evasive Adaptive Threats (HEAT), which are used as entry points for initiating ransomware, data theft, and account takeovers.
During this insightful session, Menlo Security will discuss why HEAT attacks are the next-class of browser-based attacks taking advantage of today’s remote and hybrid workforce and will discuss how organizations can better prepare themselves to defend against HEAT attacks and ransomware.
2:30 PM
Cloud and endpoint security is your first and last lines of defense
Brian McMahon: Technical Marketing Engineer, Cisco
Nirav Shah: Product Marketing Manager, Cisco
Today, securing your network is more challenging than ever. You need to secure users, devices, apps, and data at the point of access, working at the cloud edge to deliver protection and performance.
To meet new challenges like delivering a secure access service edge (SASE) architecture, you’ll need to partner with the best of the best. Learn why Umbrella is the best solution to secure your network and partner behind the platform matter just as much as the platform itself. You need a proven leader in networking and security with the experience and the vision to support you as your organization grows and evolves.
CLOSING KEYNOTE | 3:00 PM | Cyber insurance and the shifting sands of coverage policies
As costly ransomware attacks continue to proliferate at a break-neck pace, it’s becoming increasingly difficult and expensive for companies to qualify for cyber insurance coverage. Insurance providers’ standards are higher and their risk tolerance is lower. How can one improve their odds of making the cut and also ensuring a full payout if an incident happens? This session will examine how businesses must acclimate to the current state of the cyber insurance industry, and what additional changes may soon be on the horizon.
WEDNESDAY, NOVEMBER 16 AGENDA
OPENING KEYNOTE | 11:00 AM | The Uber CSO conviction: Do you need to rethink your ransomware response?
Former Uber CSO Joseph Sullivan was convicted in federal court in October 2022 after being found guilty of trying to cover up a 2016 hacking and data theft incident. Suddenly, the possibility that a poor cyber incident response following a ransomware attack could lead to criminal charges on top of regulatory fines seems a lot more than theoretical.
Watch this session for a better sense as to how companies may want to rethink and shore up their ransomware incident response policies and procedures in light of the recent Uber legal developments.
11:30 AM
Benefit from PAM to Improve Cyber Security Outcomes
Tony Goulding: Senior Technical Marketing Director, Delinea
With the massive rise in ransomware and data breaches, insurance carriers are applying much more scrutiny on organizations. Before coverage is approved, insurers are demanding greater proof that you’re proactively managing your cybersecurity program and that you have effective security controls in place to reduce risk. You can’t wait until you’re shopping for an insurance policy or negotiating your renewal to ensure you can answer their questions. This session will discuss what’s changed, why, and how modern Privileged Access Management can help. It will also introduce tools to help guide you through the top questions most insurance companies ask when you apply for cyber insurance.
12:00 PM
Stop the [Ransomware] Spread with Check Point
Daniel Taney: CCES / CCSA / CCSE Cyber Security Evangelist, Office of the CTO Security Architect – US East, Check Point
Attacks per Organization worldwide have reached a staggering 1,200 per week. Education & Research Institutions have seen a 53% increase in attacks year over year. And, globally, 1 out of 40 organizations have been impacted by Ransomware attacks. These are staggering numbers showing the accelerated increase in Cyber Attacks year over year.
Join Security Architect, and Check Point Evangelist, Dan Taney for a look at how Check Point can help solve the challenges presented by multi-vector attacks which often lead to Ransomware attacks spreading throughout an Organization.
THOUGHT LEADERSHIP PANEL | 12:30 PM | Ransomware response: public vs. private vs. CI sectors
Derek Johnson: Senior Editor & Reporter, SC Media
Brandon Pugh, Esq.: Senior Fellow & Policy Counsel, Cybersecurity and Emerging Threats, R Street Institute
Kristy Westphal: VP Security Operations, HealthEquity
Ransomware attacks are universally reviled and unwelcome, but the considerations that go into preventing and responding to them can differ depending on what kind of organization you run. This panel session will look at ransomware from three distinct points of view — those of the public sector, private business and critical infrastructure. Join us to discover where their anti-ransomware perspectives and strategies align, where they diverge, and how they can best support each other as the battle with cybercriminal organizations rages on.
1:15
Break
1:30 PM
The Root Causes of Ransomware and How to Defend
Roger Grimes: Data-Driven Defense Evangelist, KnowBe4
In this webinar, KnowBe4 Data-driven Defense Evangelist Roger Grimes, explores the root causes of ransomware based on a review of industry research and offers advice for mitigating ransomware risk. The data Roger collected and comments on leads to the conclusion that social engineering is the most consistent number one root cause of ransomware.
He discusses:
- How ransomware typically finds its way into a network
- The prevalence of various kinds of ransomware entry points, such as phishing, unpatched software, credential theft and remote server attacks
- Tips for mitigating ransomware risk
2:00 PM
Ransomware Protection: What’s Working and What’s Not
Andrew Wildrix: CIO, Intrusion
Ransomware is on the rise. But why? Andrew Wildrix talks about why commoditized ransomware is so great (for criminals) and the anatomy of an attack.
You’ll walk away with actionable prevention measures for every step and what businesses are doing that’s working and not working.
CLOSING KEYNOTE | 2:30 PM | Why I go to the dark web every day
The dark web is a scary place. Yet Alex Holden feels confident exploring its dangerous grounds and searching for intelligence he can use to defend potential victims. For this session, Alex invites you on a journey venturing far beyond your defense perimeter, to a place where cybercriminals are planning their attacks, in order teach you how you can use this knowledge as defensive skills to prevent ransomware attacks and other incursions from happening in the first place.
*Please check back for updates to this agenda*