HOW TO LEVERAGE CTI TO DEFEND FROM RANSOMWARE

  • Tuesday, 26 May 2020 10:30AM EDT (26 May 2020 14:30 UTC)
  • Speakers: Jess Garca, Ippolito Forni

The ransomware landscape is evolving at a rapid pace as Threat Actors are bringing about new Modi Operandi and new Tactics, Techniques and Procedures to the table. The best approach to mitigate these new threats is to apply countermeasures specific to these news M.O.s and TTPs. In order to be able to accomplish these tasks, organizations ' IT Security Departments need to be in the position to fully understand how ransomware Threat Actors operate and they can do so by leveraging Cyber Threat Intelligence.

In this webinar we will review how CTI can be leveraged in practical terms from a tactic and a strategic point of view. For SOC analysts and Incident Responders, we will review how, by leveraging CTI, a single malicious indicator detected by the SIEM can lead to the discovery of an ongoing attack in progress, the malware and tools being used all the way up to the campaign behind the attack and the Threat Actor leveraging it. For IT Security Departments, we will see how CTI powered advanced knowledge of Threat Actors TTPs allows to focus on strengthening specific sections of the IT infrastructure and/or provide relevant trainings to IT staff and/or the user community. For high level managers and stakeholders, we will see how CTI can provide the strategic awareness necessary to assess the threat level specific for their organization and allocate the appropriate resources to increase the security posture where it is most necessary.