Security Superstream: Ransomware

Schedule

The time frames are only estimates and may vary according to how the class is progressing.

Chloé Messdaghi: Introduction (5 minutes) - 8:00am PT | 11:00am ET | 3:00pm UTC/GMT

• Chloé Messdaghi welcomes you to the Security Superstream.

Alissa Knight: Meet the Expert—Lessons Learned from High-Profile Attacks (45 minutes) - 8:05am PT | 11:05am ET | 3:05pm UTC/GMT

• Join Alissa Knight as she shares lessons learned from recent high-profile ransomware attacks, including those that led to the deaths of several patients after hospitals were knocked offline and unable to provide life-saving services. You’ll discover the tactics and techniques involved—and what those organizations could have or should have done to prevent them.
• Alissa Knight is a recovering hacker of 22 years, a serial entrepreneur who’s sold several cybersecurity startups to publicly traded companies, a board member, and a published author. She runs a number of family companies with her wife at Knight Events, Knight Capital, Knight Ink, and Knight Studios, where she’s a screenwriter and filmmaker for cybersecurity brands.

Cynthia Brumfield: Ransomware Threats—An Overview of the History, Players, and Best Practices (30 minutes) - 8:50am PT | 11:50am ET | 3:50pm UTC/GMT

• Ransomware has evolved quickly over the past four years from petty malware aimed at home users to a massively destructive threat crippling major corporations and government offices worldwide. Cynthia Brumfield walks you through the rise of ransomware, covering the malicious actors who deploy it, emerging trends, and the technologies and best practices that organizations can use to best position themselves in the event of an attack.
• Cynthia Brumfield is a veteran communications and technology analyst who’s currently focused on cybersecurity. She writes regular columns for CSO Online, runs the cybersecurity news destination site Metacurity.com, and consults with companies through her firm DCT Associates. She’s the author of Cybersecurity Risk Management: Mastering the Fundamentals Using the NIST Cybersecurity Framework, published by Wiley in December 2021.
• Break (10 minutes)

Edna Conway: Mitigating Risk in the Supply Chain—A Comprehensive Approach (45 minutes) - 9:30am PT | 12:30pm ET | 4:30pm UTC/GMT

• Enterprises face a constant stream of threats, many of which may be attributed to their supply chain and third-party ecosystem. The growing challenge of sustaining business operations in this hyperconnected world has created a need for a comprehensive strategy for tackling risk across the supply chain. Join Edna Conway to learn a real-world, tangible approach to address supply chain security and resilience.
• Edna Conway is VP of security, risk, and compliance for cloud infrastructure at Microsoft, where she’s responsible for the security, resiliency, and governance of the cloud infrastructure upon which Microsoft’s Intelligent Cloud business operates. Previously, she was Cisco’s chief security officer for its global value chain, driving a comprehensive security architecture across Cisco’s third-party ecosystem. Edna has been recognized domestically (by the US Presidential Commissions) and globally (by NATO) as the developer of architectures delivering value chain security, sustainability, and resiliency. She currently serves on the executive committee of the US Department of Homeland Security Task Force on ICT Supply Chain Risk Management and is actively involved in other public-private initiatives.

Kellyn Wagner Ramsdell: The Most Dangerous Ransomware Groups and How to Prepare for Them (45 minutes) - 10:15am PT | 1:15pm ET | 5:15pm UTC/GMT

• Ransomware groups today operate as businesses intent on disrupting your business. Knowing how these groups operate, including their tactics and objectives, can help organizations prepare for modern ransomware attacks now and in the future. As ransomware groups diversify their operations and evolve to find new ways of monetizing their attacks, being prepared requires understanding the business incentives driving many modern ransomware groups. Kellyn Wagner Ramsdell examines some noteworthy ransomware groups and describes how their tactics evolved to have devastating impacts on nearly every industry. MITRE Public Release 22-0867
• Kellyn Wagner Ramsdell is a senior cyber intelligence analyst at the MITRE Corporation, where she works at advancing and professionalizing cyberthreat intelligence. She gained much of her experience fighting ransomware as part of the Northern California Regional Intelligence Center, where she developed intelligence and supported incident response and law enforcement investigations into ransomware, fraud, computer intrusions, and all other crimes involving computers.
• Break (5 minutes)

Laurie Iacono: The Psychology of Ransomware (45 minutes) - 11:05am PT | 2:05pm ET | 6:05pm UTC/GMT

• Join Laurie Iacono to learn how ransomware operators use human psychology to manipulate organizations into meeting their demands. From the ransom note to pressure tactics, these groups use an modus operandi of inspiring fear in an attempt to “shame” an organization into paying a ransom. In addition, they target one of an organization’s most significant vulnerabilities—its end users—to gain initial access for many of these tactics. Laurie will map the psychological components of these incidents and provide insight into how to use this information to reduce the impact of such an event.
• Laurie Iacono is an associate managing director at Kroll, managing the day-to-day operations of the cyberintelligence analysts who support the company’s Cyber Risk Practice. Laurie provides investigative and technical support to clients experiencing active cyber incidents as well as consultative dark web monitoring to organizations interested in understanding their digital exposure. She specializes in tracking threat actor groups affiliated with ransomware-as-a-service operations and has authored multiple articles on the tactics, techniques, and procedures of such groups. Previously, Laurie managed the Brand and Consumer Protection Program at the National Cyber-Forensics Training Alliance (NCFTA), an information-sharing organization bringing together government, academia, and private industry partners to identify and mitigate cybercrimes.

Chloé Messdaghi: Closing Remarks (5 minutes) - 11:50am PT | 2:50pm ET | 6:50pm UTC/GMT

• Chloé Messdaghi closes out today’s event.

Upcoming Security Superstream events:

• Zero Trust - October 12, 2022