Sponsors
.png){kind=logo}
Make a Difference in the Cyber Community
This year, SANS is fortunate enough to partner with the Blind Institute of Technology to make a difference in the cyber community. Currently, 81% of people with disabilities are unemployed. The Blind Institute of Technology (BIT) Academy is committed to changing these statistics by working diligently with their candidates and their corporate partners to place people with disabilities in meaningful careers with a clear path for growth. The services offered through the BIT Academy are complimentary for all of their candidates with disabilities. However, it costs BIT $5,400 for each candidate to go through their 16 week Salesforce and Cisco certification classes. As a 501(c)(3) non-profit organization, they are highly dependent on corporate donations, individual donations, and grants. With a retention rate of 93% of its candidates that are placed in meaningful careers, every $5,400 raised enables them to change a person's life forever.
SANS and BIT would greatly welcome and appreciate your financial support to help them continue to change the lives of people with disabilities.
Attendee Information
Rub virtual shoulders with professionals in your field and zero-in on the most relevant cyber solutions by registering for one of our four topic tracks. This event will bring together cyber security professionals of all experience levels from around the world for this two-day immersion into the latest cyber solutions, tools, and techniques to combat today’s threats.
Take a sneak peek of what you can expect from the experts themselves, when you join us to elevate your cyber skills and solutions know-how.
Continuing Professional Education (CPE) Credits are earned by participation in the event!
- 6 CPEs are earned each day for attending Cyber Solutions Fest 2022
- Yes, that's correct. You will earn 12 CPEs total for spending October 13th and 14th with us!
Agenda | October 14, 2022 | 8:30AM - 5:00PM
Timeline (EDT) | Session Details |
|---|---|
8:30 AM | Kickoff & WelcomeMatt Bromiley, Senior Instructor, SANS Institute |
8:45 AM | Fear, Greed and Business - The Evolution of RansomwareRansomware was an epic fail as a crime in 2005. But through a rethinking of social engineering, a steady evolution and some incredible luck, it became the major threat it is today. Join Symantec’s Kevin Haley, Director Security and Response for a look at the failures, evolution, changing technologies and ultimate success of ransomware. You’ll also hear about where this trending form of malware is likely to evolve next and some predictions for the future. Kevin Haley, Director, Security Response, Symantec by Broadcom Software |
9:25 AM | Ransomware: The True Cost to BusinessA GLOBAL STUDY ON RANSOMWARE BUSINESS IMPACT In response to evolving threats, Cybereason has released the second annual Ransomware: The True Cost to Business report, to assist organizations in defending against ransomware attacks. Join Cybereason's CTO and Co-founder, Yonatan Striem-Amit, as we discuss notable findings, as well as measures we can take to proactively defend ourselves and our businesses. Yonatan Striem-Amit, Co-Founder, Cybereason |
10:05 AM | Break |
10:20 AM | Demystifying Gen V Attacks: Ransomware, Nation-State, and Supply Chain Last year, over the US Independence Day weekend, the attack on IT management software firm Kaseya combined two of 2021’s most notorious cyber attack trends—supply chain attacks and ransomware. At least 1,000 businesses are said to have been affected by the attack, with victims identified in at least 17 countries. In May 2021, a major US fuel company fell victim to a ransomware attack which led to its entire fuel distribution pipeline being shut down while it investigated the problem, causing shortages across the East Coast of the United States and influencing oil prices globally. It wasn’t that long ago that ransomware didn’t even exist. How did we get to this point? And is there any way to stop this most popular trend in cybercrime before it’s too late? This session will address these phenomena and describe how organizations can remain protected against this growing global trend. Grant Asplund, Chief Cyber Security Evangelist, Check Point Software |
10:50 AM | Ransomware and the Supply-Chain : A Paradigm Shift for Attackers and DefendersSupply-chain attacks have grown exponentially in number and sophistication over the last couple of years, and Ransomware groups have been benefiting this trend, enabling them to leverage both a less protected entry path and also a easy distribution mechanism to reach a large number of potential victims. The “Shift-left” approach, SBOM analysis and vendor audits are tackling some aspects of this problem but can’t overcome production environment issues and runtime code changes. This presentation will review the different types of attacks, explain where prevalent tools and procedures fail to mitigate this growing threat and suggest a new, innovative approach to address this challenge using Moving Target Defense technology. Hudi Zack, Chief Product Officer, Morphisec |
11:20 AM | The Beginning of the End: Preventing Ransomware with a Zero Trust ArchitectureRansomware has become the single greatest concern in cybersecurity. Attacks rose another 80% this year, driven by RaaS, supply chain attacks, and multi-extortion tactics that make ransomware attacks more accessible and lucrative. In the face of this modern threat landscape we will dive into the motivations, capabilities and operational security of the adversary proving; zero trust strategies are more critical than ever. Join Erik Yunghans from Zscaler’s to learn: Historical as well as the latest trends in ransomware, based on new findings just released from ThreatLabz Emerging attack techniques How zero trust optimizes your ransomware defenses. Erik Yunghans, Principal Product Manager, Advanced Cloud Sandbox & Advanced Threat Protection at Zscaler |
11:50 AM | Break |
12:00 PM | In the Trenches with Top Cyber ExpertsDuring this keynote, SANS’ John Pescatore and several SANS instructors and leaders of the cybersecurity community will share their experiences with from times in their careers where they were brought in by companies and government agencies on cybersecurity incidents, audits/test or other critical business/mission areas. Join this fascinating discussion where they will dive into some breaches and stories of their experiences in the cyber trenches – and maybe also in corporate boardrooms. Moderator: |
1:00PM | Afternoon Kick-offMatt Bromiley, Senior Instructor, SANS Institute |
1:10 PM | Ransomware: Where We Are NowSenior threat intelligence analyst Brigid O Gorman will discuss what has changed since Symantec last published a whitepaper on this topic earlier this year. She will discuss some of the currently most active groups on the ransomware threat landscape, the TTPs deployed by them, and the interesting trends we have observed. Brigid O'Gorman, Senior Research Analyst, Symantec by Broadcom Software |
1:30 PM | Ransomware Range: A Live DeploymentCome join Cybereason's "Ransomware Range", as we provide a briefing on updated ransomware business models and actors, while also allowing participants to see live deployments and prevention of some of the most infamous strains of ransomware. We’ll deploy and explore strains of increasing complexity and sophistication - including: - WannaCry - Conti - BlackCat/ALPHV - Fileless ransomware Come dissect and learn from live ransomware operations - from initial intrusion, lateral movement, privilege escalation, and ultimately full network compromise. Ken Westin, Director of Security Strategy, Cybereason |
1:50 PM | Stop Ransomware Before It Stops YouOver the past couple of years, ransomware has evolved from relatively simple, opportunistic crimes to a prime concern for security and business leaders alike. The evolution of ransomware is a story of innovation as attackers realize that the amount of damage they cause directly corresponds to how big their payday will be. In this session, Tom Clavel, Director of Product Marketing at ExtraHop will discuss common misconceptions about ransomware prevention and remediation and expose where attackers do the most damage on their path to extortion. He will share real life examples of ransomware mitigation and share practical guidance for where defenders should be looking to expose and root out intruders’ malicious behavior. Thomas Clavel, Director of Product Marketing, ExtraHop |
2:20 PM | Dodging Destruction with Detection: Threat Hunting to Stop RansomwareRansomware is a big business. Attacks are becoming more sophisticated, and extortion is the name of the game when it comes to extracting payments from targets. These types of threats, combined with increased supply chain vulnerabilities, require a more proactive approach to securing your organization. To stay ahead of these attacks, security administrators can’t wait for detection to occur. In this session, we will explore the 2022 threat landscape, review common actions adversaries will take once in your environment, and discuss tips and techniques to help neutralize threats before they have the chance to cause any harm. Jeramy Kopacko, Senior Sales Engineer, Sophos |
2:50 PM | The Future State of Ransomware is Closer than We ThinkDigital extortionists have learned how to continue to up the stakes by multiplying their leverage and reducing the time window of negotiation. Join Scott Scheferman, Office of the CTO at Eclypsium as he explores where they are headed, and ask the hard questions about what it will take to get ahead of them. In this session, we will cover: - What is the future of digital extortion campaigns? - What is the nature and magnitude of impacts associated with these? - Where and how does firmware and device trust come into play here? - How do organizations that have fully migrated to 3rd party cloud infrastructure and SaaS services, proactively mitigate risks in this new future? - What can present-day research and attacker campaigns teach us about what is next to come? - What is the next ‘North Star’ for us to aspire to? Is it still Zero Trust? Scott Scheferman, Principal Strategist, Eclypsium |
3:20 PM | Break |
3:35 PM | The Evolution of Ransomware - Prepare to Protect and RespondRansomware groups turned up the pressure in 2021, demanding higher ransoms and using new tactics to increase their demands. In fact, the average ransomware demand in cases handled by Unit 42 in 2021 climbed 144% since 2020. At the same time, there was an 85% increase in the number of victims who had their names and other details posted publicly on dark web “leak sites'' that ransomware groups use to coerce their targets. As the ransomware landscape continues to evolve, threat actors leverage new creative techniques to cripple business operations. Join this session to see how your organization can prepare to stay ahead of the threats. Josh Costa, Global Technical Effectiveness Lead, Unit 42, Palo Alto Networks |
4:05 PM | Panel: Tips and Tricks to Defeat Their Tricks!Don’t let adversaries use their tricks on you! Ransomware threat actors have a wide range of capabilities within their arsenal. We’ve seen, in attack after attack and year after year, adversaries find success in their victim environments despite the best laid plans and security measures. Perhaps it’s time we ask the tough questions: What’s working, and what isn’t? Join us for this panel discussion where we will reflect on the knowledge shared throughout the day, including some of our key takeaways, what organizations are doing right, and what they’re doing wrong. We’ll discuss some of the best tips and tricks that security teams can plan for today, to defeat adversarial tricks of tomorrow! Moderator: Panelists: |
4:55 PM | Wrap-Up and Closing RemarksMatt Bromiley, Senior Instructor, SANS Institute |
.PNG "DFIR_ICON_(1).PNG"){kind=icon}
