SecureWorld Atlanta 2023

Ransomware is a type of malicious software, or malware, that prevents you from accessing your computer files, systems, or networks and demands you pay a ransom for their return. Ransomware attacks can cause costly disruptions to operations and the loss of critical information and data. You can unknowingly download Ransomware onto a computer by opening an email attachment, clicking an ad, following a link, or even visiting a website that’s embedded with malware.

Ransomware attacks are becoming more targeted, sophisticated, and costly, even as the frequency of attacks remains consistent. Since early 2018, the incidence of broad, indiscriminate Ransomware campaigns has declined, but losses from Ransomware attacks have increased significantly, according to complaints received by FBI case information. Although state and local governments have been particularly visible targets for Ransomware attacks, threat actors have also targeted health care organizations, industrial companies, and the transportation sector.

This course helps organizations design, build, update, maintain a comprehensive Ransomware Program.

Course Outline:

Part 1: Ransomware Overview – The Current Threat Landscape

• What is ransomware and how does it work?
• How ransomware attacks have changed—from 2016 to today
• Today’s ransomware attacks: big game hunting
• Ransomware attacks against critical infrastructure
• Ransomware and cyber insurance

Part 2: Ransomware Attacks and the MITRE ATT&CK Framework  

• Discuss ransomware attack stages (initial access, lateral movement, privilege escalation…)
• Review the MITRE ATT&CK Framework (tactics, techniques, procedures)
• Map ransomware attack stages to the MITRE Attack Framework

Part 3:  Ransomware Controls Frameworks, Guides, and Best Practices   

• NIST IR 8374: Cybersecurity Framework Profile for Ransomware Risk Management
• CISA MS-ISAC Ransomware Guide
• NIST SP 1800-25: Identifying and Protecting Assets Against Ransomware & Other Destructive Events
• NIST SP 1800-26: Detecting and Responding to Ransomware & Other Destructive Events
• NIST SP 1800-11: Recovering from Ransomware & Other Destructive Events

Part 4:  Building a Ransomware Program Based on the NIST Risk Management   

• Step 1: Prepare – Essential activities to prepare the organization for a ransomware attack
• Step 2: Categorize– Architect, design, organize critical systems, information, and security tools
• Step 3: Select – Choose the ransomware controls (i.e., CISA_MS-ISAC Ransomware Guide)
• Step 4: Implement – Using security tools / sensors to apply ransomware controls to critical assets
• Step 5: Assess – Determine if controls are in place, operating as intended, producing desired results
• Step 6: Authorize – Communicate ransomware program / assessment with executive management
• Step 7: Monitor – Continuously monitor

This PLUS Course will cover cyber metrics; cyber risk quantification; efficacy (effectiveness) / efficiency ; resource allocation/management; and more.

Come to the Registration desk in the lobby to check-in and get your badge. SecureWorld staff will be available throughout the day if you have any questions.

Your opportunity to visit our solution vendor partners, whose sponsorship makes SecureWorld possible! Booths have staff ready to answer your questions. Look for participating Dash For Prizes sponsors to be entered to win prizes.

Participating professional associations and details to be announced.

This roundtable discussion is for our Advisory Council members only.

Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

Session description coming soon.

Session description coming soon.

Session description coming soon.

Like the main character in the 1981 horror movie, An American Werewolf in London, cybercriminals continue to morph into something evil, lurking in the night (and day) to cause harm to people, organizations, and governments. Cue the Creedence Clearwater Revival song, Bad Moon Rising.

The cybersecurity community is smart and more than capable of thwarting bad actors, fangs and all. They have tools, technologies, partnerships across private and public entities, and solution vendors to help them along the way. Don’t forget about the consultants working hard to stay ahead of those wanting to do harm, as well.

Hear our panelists’ views on the current threat landscape, solutions they have to offer, and ideas they have for turning a bad moon into a harvest moon.

Advisory Council – VIP / INVITE ONLY

Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

Can you “imagine” if The Beatles, when first starting out, had to deal with having their catalog of music hacked, stolen, and held for ransom simply because it was in an unsecure cloud setting? While it is possible for that to happen with their hit-laden collection of songs today, it’s merely a tiny example of how businesses operate at a minimum in a hybrid cloud environment—many in a cloud-only platform.

With that comes security issues and another major area which cybersecurity professionals must work diligently to protect.

Our panel of experts share the good, the bad, and the ugly of operating in a cloud environment, what it takes to make the move to hybrid or multi-cloud successful, how to protect data from insider and outsider threats, and what it takes to provide the support DevOps teams need.

Visit the Exhibitor Hall for vendor displays or connect with attendees in the Networking Lounge.

Session description coming soon.

Session description coming soon.

Visit the solution sponsor booths in the Exhibitor Hall and connect with other attendees.

Participating sponsors will announce their Dash for Prizes winners. Must be present to win.

Savvy would-be customers be research companies and typically prefer to do business with those who have good cyber hygiene. How can a strong security posture be a business driver for your organization?