Thank You To Our Sponsors
Full Agenda
| Timeline (EDT) | Session Details |
|---|---|
| 10:00am - 10:10am | Event Kickoff & Introduction Matt Bromiley, Event Chairperson & SANS Certified Instructor |
| 10:15am - 10:50am | Elevate Your Ransomware Defense with SSE Ransomware continues to be a critical concern, with attacks becoming more sophisticated and targeted. In 2023, total ransomware payments nearly doubled, reaching over $1 billion, signaling a surge in the threat landscape. As we navigate through 2024, the adoption of hybrid and remote work models has only expanded the attack surface for cyber criminals. In response, security teams are increasingly leveraging the principles of zero trust access, underpinned by the advancements in Security Service Edge (SSE) platforms. Learn from industry experts about how SSE enhances your ransomware protection strategy, SSE best practices, and the future of cybersecurity with SSE. John Spiegel, Director, Network Transformation (Field CTO) at HPE Aruba Networking Darren Tidwell, Senior System Engineer at HPE Aruba Networking |
| 10:55am - 11:30am | Unpacking a Ransomware Attack, Minute by Minute If you could detect every inflection point of a ransomware attack as it unfolded in real time, what would you do differently? Join ExtraHop as we delve into the intricacies of a real ransomware breach. By dissecting an attack, we’ll highlight the pivotal role of increased network visibility in preventing or mitigating such incidents. We'll highlight: - The need for a multi-faceted defense strategy. - A deep dive into network visibility tools, and how they complement traditional perimeter defenses. - A real-time analysis of a ransomware attack, showcasing the critical moment where NDR solutions can provide invaluable insights. Jamie Moles, Senior Manager, Technical Marketing at ExtraHop |
| 11:35am - 12:10pm | Ransomware Whack-a-Mole: The Takedown & Reemergence of LockBit's Raas Platform Join Andrew Maguire and Patrick Staubmann of VMRay as they provide insight into the current malware threat landscape and the takedown and sudden reemergence of the LockBit Ransomware as a Service (RaaS) platform. Together, they will cover the multi-stage attack chain methods from initial infection to ransomware deployment using phishing and malware loaders, as well as the impact of anti-sandbox evasion checks and why it’s important when performing Dynamic Sandbox Analysis. Wrapping up with a VMRay Analysis review of LockBit 3.0, Patrick explains how the malware threat data, IOCs, and artifacts can be used to help threat-hunting efforts to mitigate the impact of an ongoing ransomware attack. Andrew Maguire, Senior Product Marketing Manager at VMRay Patrick Staubmann, Team Lead Threat Analysis at VMRay |
| 12:15pm - 1:00pm | LUNCH BREAK |
| 1:00pm - 1:35pm | Stop Ransomware with Zero Trust Architecture Ransomware attacks dominate headlines, posing a growing threat to businesses. As attackers leverage AI to evolve rapidly, defenders must prevent new, advanced threats. Zscaler offers comprehensive ransomware protection, disrupting every stage of the attack life cycle. Join Emily Laufer and Will Seaton from Zscaler, as they explore the latest trends, detail attack scenarios, and demonstrate how a robust zero trust architecture can prevent real-world attacks. Discover cutting-edge techniques to defend against ransomware and safeguard your critical assets. Emily Laufer, Director, PMM ThreatLabz at Zscaler Will Seaton, Senior PMM ThreatLabz at Zscaler |
| 1:40pm - 2:15pm | How to Not Get Mauled By A Bear: Can Ransomware Be Stopped? A Layered Security Ecosystem is The Only Way The core tactics of ransomware haven’t changed, but the scale of attacks, and the size of demands, has grown. What will it take to stop this scourge on modern enterprises? Attendees of this session will get a close look at how valid credentials and compromised identities power every stage of the ransomware playbook, and actionable steps to block attackers at each layer. We'll discuss: - A close look at common ransomware initial access and lateral movement tactics that still work even though they haven't changed for years, and how to finally stop them. - The biggest security gaps that let ransomware in the door, and how to plug them for good with a layered ecosystem of detection and prevention approaches. - Residual Risk: Why 80% of security leaders have been surprised by attack tactics they thought they had controls in place for, and how to stop getting caught off guard. - How to stay proactive against ransomware, even if you think it is already inside your walls. You might not be able to eradicate ransomware from the face of the earth, but you can stop your company from being its next headline-making victim. Michael Leonard, Senior Solutions Engineer at Xage Security |
| 2:20pm - 2:35pm | BREAK |
| 2:35pm - 3:10pm | Emerging Cybersecurity Threats and Trends Based on The 2024 Sophos Threat Report, the greatest cybersecurity challenge facing small businesses-and organizations of all sizes - is data protection. More than 90% of attacks reported by our customers involve data or credential theft in one way or another, whether the method is a ransomware attack, data extortion, unauthorized remote access, or simply data theft. Criminal syndicates are counting on smaller companies to be less well-defended and to not have deployed modern, sophisticated tools to protect their users and assets. The key to successfully defending against these threats is to prove their assumptions wrong: Educate your staff, deploy multifactor authentication on all externally facing assets, patch servers and network appliances with the utmost priority and consider migrating difficult to manage assets like Microsoft Exchange servers to SaaS email platforms. Organizations also need to respond at a faster velocity by ensuring that telemetry across security solutions can be captured and monitored to provide threat containment and corrective incident response. This has created a deep need for MDR solutions that can provide 24/7 monitoring and response. Michael Pertuit, Senior Sales Engineer at Sophos |
| 3:15pm - 3:50pm | Adapting to a New Paradigm in Security: Implementing Identity Threat Detection and Response (ITDR) in Your SOC Identity professionals have traditionally focused on compliance and governance activities, while leaving Security Operations to the Cybersecurity team to monitor the endpoint (EDR) and network (NDR), potentially missing Identity Threats. Cloud adoption has made identity a primary target for cyber security attacks, making it one of the key vectors of attack expansion after infiltration. As a result, Identity professionals need to consider an Identity Threat Detection and Response (ITDR) program and how to integrate it into their organization’s larger Security Operations Center (SOC). In this webinar, we will discuss the considerations that should be made when bringing on an ITDR program and how to incorporate it into an organizations larger SOC program. By doing so, you can ensure that your organization is well-protected against identity-based cyber threats. Tyler Reese, Product Director for the Identity and Access Management Portfolio at Netwrix |
| 3:55pm - 4:30pm | Mapping the Network Path of Ransomware: From Entry Point to Blast Radius to Containment and Eradication Validation Explore the challenges of defending against ransomware by focusing on the attack lifecycle. Leveraging advanced network telemetry and Open Network Detection and Response (NDR), we will delve into how attackers gain initial access, the techniques they use to spread laterally, and the importance of identifying the blast radius. Attendees will learn how network telemetry can provide critical visibility into suspicious behavior, helping security teams identify and respond to intrusions quickly. James Pope, Director of Technical Marketing Engineering at Corelight |
| 4:35pm - 5:10pm | Best Practices for Modern Ransomware Defense Ransomware attacks are perpetually evolving to bypass security and maximize impact. Adversaries commonly borrow cyberwarfare techniques such as lateral movement and privilege escalation to infect as many endpoints as possible. In this webinar, our experts will dive into some of the most advanced tactics used in ransomware attacks and the steps you can take to stop them. Tune in to learn more about: - Ransomware attacks in the wild, and the cybercrime trend of 'multiextortion' - Best practices for ransomware prevention and containment, incident response technologies and services that can protect your organization. Register for this informative session now to ensure your team is prepared in the event of a ransomware attack. Dan Flaherty, Senior Product Marketing Manager at Palo Alto Networks Cortex XDR Tanya Wilkins, Senior Product Marketing Manager, Unit 42 at Palo Alto Networks |
| 5:15pm - 5:30pm | Event Recap & Closing Remarks Matt Bromiley, Event Chairperson & SANS Certified Instructor |
