Ransomware Resilience & Recovery Summit

At this point, the classic quote from Mike Tyson, "Everyone has a plan until they get punched in the face," has almost become overused in cybersecurity. But, it still rings true in ransomware response. Organizations think they have planned for a ransomware attack, they think they are protected then the punch in the face happens and they are left scrambling for months recovering from a ransomware attack.
This talk will review how to:

• Use tabletop exercises to effectively prepare the entire organization for a ransomware attack
• Review what the current defenses are
• Uncover weaknesses and work on an improvement plan before the "punch" comes

Josh Zelonis is a Field CTO and Evangelist for Palo Alto Networks where he works closely with organizations to help them adapt their architecture, policies, and processes to stay ahead of evolving threats and limit the potential impact of incidents. As a former Forrester analyst and cybersecurity tech founder, Josh has spoken at major conferences around the world and published on subjects ranging from security analytics, cyber intelligence, vulnerability management, SOC operations, and incident response. Above all, he prides himself on a mission to secure the data of the people we’re entrusted to protect.

Ransomware has gotten a lot of attention in 2021, primarily due to the disruption attacks have caused to supply chains around the world. From Colonial Pipeline to Quanta, ransomware has made headlines and shows little sign of slowing down.

This presentation will look at what factors are currently driving today's ransomware threat landscape and discuss how it has evolved in recent years. Crane Hassold, Director of Threat Intelligence at Abnormal Security will discuss:

• How ransomware has evolved in recent years
• Which emerging trends appear in ransomware victimology
• How recent international responses could blunt the impact of this attack type
• What the future of ransomware is in 2022 and beyond

In this session, we will discuss the most current understanding regarding the ever-prevalent ransomware threat and characterize observations around how the ransomware ecosystem has evolved over the last couple years. Attendees will benefit from unique insights into the associated enablers of ransomware, including associated initial access techniques, ransomware-related business models, and the latest data around monetization schemes being leveraged by the eCrime extortion community. Lastly, we will close by proposing actionable recommendations that organizations can undertake in order to harden their cybersecurity environment against the ransomware threat.

Responding to and detecting ransomware attacks can be a complex task involving multiple components within the stack. Traditionally, security teams don’t have the agility to build automation, the automation options have been overly complex, and there was a lack of cross-team collaboration, all of which lead to a poor time-to-value. All of this combined has limited the capabilities security teams possess in the event of an incident.

In this session, Marco Garcia (Field CTO at Torq) will show you how to use an agile-automation approach to power up your SOC with the tools you need to detect and respond to critical events like Ransomware.

As the calendar turns to 2022, the data-theft and data-extortion crisis shows no signs of slowing and there are ominous signs that nation-state APTs are joining the ransomware wealth transfer free-for-all.

In this no-holds-barred discussion, an esteemed panel of Chief Information Security Officers (CISOs) weigh in on current approaches to managing the crisis. Attendees can expect a robust discussion on regulating cryptocurrency payments, hacking-back against criminal gangs, cyber-insurance market disturbances, and the urgent need for long-term, lasting technology solutions.

In this session, a Kaspersky expert will take you through the different phases of an incident handling process related to a ransomware attack. The journey will demonstrate exactly how our endpoint detection and response (EDR) can empower security teams against evasive threats in a complex environment with on-premise and cloud workloads.

The session will cover analysis of:

• Recent cyberattack trends
• Why evasive threats are so dangerous
• The limits of endpoint protection
  

The past two years have been tough for security & availability teams with cyber-attacks becoming more advanced, combined with immense pressure to ensure governance and compliance. 2022 is already shaping up to be demanding for IT professionals. This session will offer practical advice on how to best react to a cyber event, and more importantly, offer best practice advice on steps that can be taken to improve your overall security posture through an enhanced backup and availability practice.

In this session, we'll cover how the internet has shrunk with the evolution of cheap computing power and easy access to bandwidth which has led to a more sophisticated attacker. We'll expand on the emerging Attack Surface Management category as a means to protect your organization and go over some of the best practices organizations can adopt to secure their attack surface. The presenters will also highlight stories from the field on how organizations are integrating ASM into their existing SOC workflows seamlessly.

A ransomware infection is usually a race against time as defenders scramble to implement playbooks to reduce blast radius while keeping the business afloat. A big part of that playbook is the question of whether to pay the data-extortion demand.

In this fireside chat, Coveware CEO Bill Siegel will shine the spotlight on the murky world of ransomware payment negotiations, share tense war stories of business discussions with cybercriminals, making cryptocurrency payments, and the realities of implementing data recovery and backup processes.