Skip to content
  • Sign In
  • Try Now
View all events
Ransomware

Security Superstream: Ransomware

Published by O'Reilly Media, Inc.

Intermediate content levelIntermediate

In a ransomware attack, hackers use malware to encrypt network files, locking users out of the system until a ransom is paid to a cybercriminal. Within hours, a thriving business can be completely cut off from its sensitive data. So how do you protect yourself and your organization? Join security pros for four hours of sessions on how to better assess threats and develop a security-aware mindset and how to detect and prevent risks and find inflection points. You'll also explore pragmatic approaches for recovering files without paying a ransom, defending against and responding to attacks, handling pitfalls if you do pay, and more.

About the Security Superstream Series: This two-part series of events will cover some of the most challenging topics facing those who are concerned with security—ransomware and zero trust—with sessions that will get you up to speed on key techniques and best practices for ransomware prevention and mitigation, perimeter security, and more.

What you’ll learn and how you can apply it

What you’ll learn and how you can apply it:

  • Explore the fundamentals of security, including how to improve security within your organization
  • Learn the key characteristics of ransomware attacks and how to assess potential security risks
  • Understand the protection strategies and remediation plans for ransomware attacks that should be in place ahead of time

This live event is for you because...

This course is for you because:

  • You’re a security practitioner interested in combating ransomware.
  • You’re a developer new to or looking to enter a security role.
  • You're the incident response plan owner for your organization.
  • You want to become well-versed in the foundations and best practices of security.
  • You want to learn about ransomware.
  • You want to get started with bug hunting.

Prerequisites

Prerequisites:

  • Come with your questions
  • Have a pen and paper handy to capture notes, insights, and inspiration

Recommended follow-up:

Schedule

The time frames are only estimates and may vary according to how the class is progressing.

Chloé Messdaghi: Introduction (5 minutes) - 8:00am PT | 11:00am ET | 3:00pm UTC/GMT

  • Chloé Messdaghi welcomes you to the Security Superstream.

Alissa Knight: Meet the Expert—Lessons Learned from High-Profile Attacks (45 minutes) - 8:05am PT | 11:05am ET | 3:05pm UTC/GMT

  • Join Alissa Knight as she shares lessons learned from recent high-profile ransomware attacks, including those that led to the deaths of several patients after hospitals were knocked offline and unable to provide life-saving services. You’ll discover the tactics and techniques involved—and what those organizations could have or should have done to prevent them.
  • Alissa Knight is a recovering hacker of 22 years, a serial entrepreneur who’s sold several cybersecurity startups to publicly traded companies, a board member, and a published author. She runs a number of family companies with her wife at Knight Events, Knight Capital, Knight Ink, and Knight Studios, where she’s a screenwriter and filmmaker for cybersecurity brands.

Cynthia Brumfield: Ransomware Threats—An Overview of the History, Players, and Best Practices (30 minutes) - 8:50am PT | 11:50am ET | 3:50pm UTC/GMT

  • Ransomware has evolved quickly over the past four years from petty malware aimed at home users to a massively destructive threat crippling major corporations and government offices worldwide. Cynthia Brumfield walks you through the rise of ransomware, covering the malicious actors who deploy it, emerging trends, and the technologies and best practices that organizations can use to best position themselves in the event of an attack.
  • Cynthia Brumfield is a veteran communications and technology analyst who’s currently focused on cybersecurity. She writes regular columns for CSO Online, runs the cybersecurity news destination site Metacurity.com, and consults with companies through her firm DCT Associates. She’s the author of Cybersecurity Risk Management: Mastering the Fundamentals Using the NIST Cybersecurity Framework, published by Wiley in December 2021.
  • Break (10 minutes)

Edna Conway: Mitigating Risk in the Supply Chain—A Comprehensive Approach (45 minutes) - 9:30am PT | 12:30pm ET | 4:30pm UTC/GMT

  • Enterprises face a constant stream of threats, many of which may be attributed to their supply chain and third-party ecosystem. The growing challenge of sustaining business operations in this hyperconnected world has created a need for a comprehensive strategy for tackling risk across the supply chain. Join Edna Conway to learn a real-world, tangible approach to address supply chain security and resilience.
  • Edna Conway is VP of security, risk, and compliance for cloud infrastructure at Microsoft, where she’s responsible for the security, resiliency, and governance of the cloud infrastructure upon which Microsoft’s Intelligent Cloud business operates. Previously, she was Cisco’s chief security officer for its global value chain, driving a comprehensive security architecture across Cisco’s third-party ecosystem. Edna has been recognized domestically (by the US Presidential Commissions) and globally (by NATO) as the developer of architectures delivering value chain security, sustainability, and resiliency. She currently serves on the executive committee of the US Department of Homeland Security Task Force on ICT Supply Chain Risk Management and is actively involved in other public-private initiatives.

Kellyn Wagner Ramsdell: The Most Dangerous Ransomware Groups and How to Prepare for Them (45 minutes) - 10:15am PT | 1:15pm ET | 5:15pm UTC/GMT

  • Ransomware groups today operate as businesses intent on disrupting your business. Knowing how these groups operate, including their tactics and objectives, can help organizations prepare for modern ransomware attacks now and in the future. As ransomware groups diversify their operations and evolve to find new ways of monetizing their attacks, being prepared requires understanding the business incentives driving many modern ransomware groups. Kellyn Wagner Ramsdell examines some noteworthy ransomware groups and describes how their tactics evolved to have devastating impacts on nearly every industry. MITRE Public Release 22-0867
  • Kellyn Wagner Ramsdell is a senior cyber intelligence analyst at the MITRE Corporation, where she works at advancing and professionalizing cyberthreat intelligence. She gained much of her experience fighting ransomware as part of the Northern California Regional Intelligence Center, where she developed intelligence and supported incident response and law enforcement investigations into ransomware, fraud, computer intrusions, and all other crimes involving computers.
  • Break (5 minutes)

Laurie Iacono: The Psychology of Ransomware (45 minutes) - 11:05am PT | 2:05pm ET | 6:05pm UTC/GMT

  • Join Laurie Iacono to learn how ransomware operators use human psychology to manipulate organizations into meeting their demands. From the ransom note to pressure tactics, these groups use an modus operandi of inspiring fear in an attempt to “shame” an organization into paying a ransom. In addition, they target one of an organization’s most significant vulnerabilities—its end users—to gain initial access for many of these tactics. Laurie will map the psychological components of these incidents and provide insight into how to use this information to reduce the impact of such an event.
  • Laurie Iacono is an associate managing director at Kroll, managing the day-to-day operations of the cyberintelligence analysts who support the company’s Cyber Risk Practice. Laurie provides investigative and technical support to clients experiencing active cyber incidents as well as consultative dark web monitoring to organizations interested in understanding their digital exposure. She specializes in tracking threat actor groups affiliated with ransomware-as-a-service operations and has authored multiple articles on the tactics, techniques, and procedures of such groups. Previously, Laurie managed the Brand and Consumer Protection Program at the National Cyber-Forensics Training Alliance (NCFTA), an information-sharing organization bringing together government, academia, and private industry partners to identify and mitigate cybercrimes.

Chloé Messdaghi: Closing Remarks (5 minutes) - 11:50am PT | 2:50pm ET | 6:50pm UTC/GMT

  • Chloé Messdaghi closes out today’s event.

Upcoming Security Superstream events:

  • Zero Trust - October 12, 2022

Your Host

  • Chloé Messdaghi

    Chloé Messdaghi serves as the Head of Threat Intelligence at HiddenLayer, where she spearheads efforts to fortify security for AI measures and fosters collaborative initiatives to enhance industry-wide security practices for AI. A highly sought-after public speaker and trusted authority for national and sector-specific journalists, Chloé's expertise has been prominently featured across various media platforms. Her impactful contributions to cybersecurity have earned her recognition as a Power Player by esteemed publications such as Business Insider and SC Media.