Ransomware Resilience & Recovery Summit

Ransomware Resilience & Recovery Summit

Businesses today with data extortion ransom payments doubling year-over-year, leading to a massive multi-million dollar wealth transfer from U.S. organizations to cybercriminal syndicates.

SecurityWeek’s Ransomware Resilience and Recovery Summit, Presented by Palo Alto Networks, was designed to help businesses to plan, prepare, and recover from a ransomware incident.

2022 Presenting SponsorPalto Alto Networks Cortex

Platinum Sponsors

Recorded FutureAbnormal Security

Gold Sponsors

CrowdStrike

Kaspersky

Torq

Darktrace

At this point, the classic quote from Mike Tyson, "Everyone has a plan until they get punched in the face," has almost become overused in cybersecurity. But, it still rings true in ransomware response. Organizations think they have planned for a ransomware attack, they think they are protected then the punch in the face happens and they are left scrambling for months recovering from a ransomware attack.
This talk will review how to:

  • Use tabletop exercises to effectively prepare the entire organization for a ransomware attack
  • Review what the current defenses are
  • Uncover weaknesses and work on an improvement plan before the "punch" comes

Ransomware has become so common that one could be forgiven for believing these attacks are inevitable. The truth is more nuanced. Join Palo Alto Networks’ Josh Zelonis, Field CTO and Evangelist, as we explore ransomware operations and discuss how we can successfully interrupt their business. In this talk we will highlight:

  • Perspective on how the ransomware ecosystem is similar to traditional breach scenarios, especially when discussing double extortion.
  • Views on critical technologies to help provide your security operations an advantage against ransomware operators.
  • How to prepare your organization to respond to a successful ransomware attack.

Join this informative Keynote on ransomware threats, so you can develop a plan for prevention and containment.

Ransomware has gotten a lot of attention in 2021, primarily due to the disruption attacks have caused to supply chains around the world. From Colonial Pipeline to Quanta, ransomware has made headlines and shows little sign of slowing down.

This presentation will look at what factors are currently driving today's ransomware threat landscape and discuss how it has evolved in recent years. Crane Hassold, Director of Threat Intelligence at Abnormal Security will discuss:

  • How ransomware has evolved in recent years
  • Which emerging trends appear in ransomware victimology
  • How recent international responses could blunt the impact of this attack type
  • What the future of ransomware is in 2022 and beyond

In this session, we will discuss the most current understanding regarding the ever-prevalent ransomware threat and characterize observations around how the ransomware ecosystem has evolved over the last couple years. Attendees will benefit from unique insights into the associated enablers of ransomware, including associated initial access techniques, ransomware-related business models, and the latest data around monetization schemes being leveraged by the eCrime extortion community. Lastly, we will close by proposing actionable recommendations that organizations can undertake in order to harden their cybersecurity environment against the ransomware threat.

Responding to and detecting ransomware attacks can be a complex task involving multiple components within the stack. Traditionally, security teams don’t have the agility to build automation, the automation options have been overly complex, and there was a lack of cross-team collaboration, all of which lead to a poor time-to-value. All of this combined has limited the capabilities security teams possess in the event of an incident.

In this session, Marco Garcia (Field CTO at Torq) will show you how to use an agile-automation approach to power up your SOC with the tools you need to detect and respond to critical events like Ransomware.

As the calendar turns to 2022, the data-theft and data-extortion crisis shows no signs of slowing and there are ominous signs that nation-state APTs are joining the ransomware wealth transfer free-for-all.

In this no-holds-barred discussion, an esteemed panel of Chief Information Security Officers (CISOs) weigh in on current approaches to managing the crisis. Attendees can expect a robust discussion on regulating cryptocurrency payments, hacking-back against criminal gangs, cyber-insurance market disturbances, and the urgent need for long-term, lasting technology solutions.

In this session, a Kaspersky expert will take you through the different phases of an incident handling process related to a ransomware attack. The journey will demonstrate exactly how our endpoint detection and response (EDR) can empower security teams against evasive threats in a complex environment with on-premise and cloud workloads.

The session will cover analysis of:

  • Recent cyberattack trends
  • Why evasive threats are so dangerous
  • The limits of endpoint protection

The past two years have been tough for security & availability teams with cyber-attacks becoming more advanced, combined with immense pressure to ensure governance and compliance. 2022 is already shaping up to be demanding for IT professionals. This session will offer practical advice on how to best react to a cyber event, and more importantly, offer best practice advice on steps that can be taken to improve your overall security posture through an enhanced backup and availability practice.

In this session, we'll cover how the internet has shrunk with the evolution of cheap computing power and easy access to bandwidth which has led to a more sophisticated attacker. We'll expand on the emerging Attack Surface Management category as a means to protect your organization and go over some of the best practices organizations can adopt to secure their attack surface. The presenters will also highlight stories from the field on how organizations are integrating ASM into their existing SOC workflows seamlessly.

New strains of ransomware are leaving organizations vulnerable – too often, security teams lack the ability to respond proportionately to an attack, leading to cyber disruption across the organization.

Join Brianna Leddy, Darktrace’s Director of Analysis, as she unpacks some of today’s most advanced ransomware threats. Learn how Self-Learning AI understands the organization to reveal every stage of a ransomware attack – and takes targeted, autonomous action to stop the threat in its tracks.

This presentation will discuss:

  • Recent ransomware threat trends, including double extortion and RDP attacks
  • How Autonomous Response takes action to contain an emerging attack, even when security teams are out of office
  • Real-world examples of ransomware detected by Darktrace AI – including a zero-day and an attack initiated on Christmas Day

A ransomware infection is usually a race against time as defenders scramble to implement playbooks to reduce blast radius while keeping the business afloat. A big part of that playbook is the question of whether to pay the data-extortion demand.

In this fireside chat, Coveware CEO Bill Siegel will shine the spotlight on the murky world of ransomware payment negotiations, share tense war stories of business discussions with cybercriminals, making cryptocurrency payments, and the realities of implementing data recovery and backup processes.

Event Details
  • Start Date
    January 26, 2022 6:43 am

  • End Date
    January 26, 2022 6:43 am