Cybersecurity Leadership
Explore content featuring this instructor’s insights and expertise.
Ransomware attacks have become some of the most prolific and public intrusions over recent years. Within a matter of hours, organizations can go from normal operations to having an inoperable network and being extorted for tens of millions of dollars. On this webcast, SANS instructor and author Matt Bromiley, as well as sponsor representatives, will share their thoughts on modern detection and response techniques for ransomware breaches.
Over the past few years, ransomware has become one of the defining cyber threats for organizations of all sizes. Organizations have changed their response processes, insurance policies, and staffing requirements based on this pervasive threat. Ransomware operators have made it clear that no industry or organization is safe, as they look to exploit any weakness in Internet-facing devices and services to get in and wreak havoc.
Let’s face it – analysts have far too much data these days. We know how complex the modern enterprise is getting with today’s organizations needing to scale hybrid environments across the globe with a complex remote workforce. Security analysts are charged with protecting these complex environments. However, each new element brings even more data to the security team.
With more and more companies moving their applications and infrastructure to the cloud, the potential attack surface has expanded dramatically. Attackers know they have a window of opportunity and have become savvier at carrying out advanced cloud and container attacks. Within seconds of entering your cloud environment, they can begin conducting cryptomining, supply chain attacks, and other forms of advanced attacks. Without the ability to detect and respond to these attacks in real-time, it’s almost impossible to stop them from causing significant damage.
Performing audits on organizations of any size is no easy task. Successful audits require communication amongst various functions and auditors; all of whom may be operating on different timetables, with different requirements and defined areas of responsibility. Each moment wasted on trying to “gather” audit information is time spent not performing the audit.
As federal agencies and private organizations continue the push to Zero Trust deadlines, we’ve all got some some Trust issues to work on. The best thing to do is get it all out in the open and don’t let your relationship with your networks get toxic. Moving to Zero Trust requires a good foundation that your organization can build trust on. In this Webinar, experts from Corelight’s Public Sector team will discuss how security teams can use network visibility to resolve trust issues in Zero Trust deployment and lay the groundwork for the future.
Managing security and digital operations has become far more challenging due to increasing threats and increasing infrastructure complexity. How can enterprises effectively manage security for their large and dynamic infrastructures? Despite a plethora of security products, most enterprises struggle to minimize breaches, control costs, and avoid analyst burnout.
Topics for this Cyber Solutions Fest track include:* The principles of zero trust architecture and best practices.* How organizations are approaching zero trust implementations, given modern enterprise complexities.* The role of advanced technology, like AI and ML in zero trust.* Real-world case studies and analysis of the challenges and opportunities of implementing a zero trust architecture.Please join us on June 9th for the opportunity to learn from industry leaders and security experts to review the latest trends and capabilities of, and how your organization can benefit from, zero trust architecture. We hope to see you there!
In partnership with Carahsoft, the2023 Government Security Solutions Forumwill take our cybersecurity preparedness back to basics.During this event, we'll look at the top trends in protecting networks and securing them against adversarial threats. Continuing our tradition from last year, our forum will include a wealth of knowledgeable experts and panel discussions, offering advice and guidance on how to best counteract the threats of today, and protect your security program for tomorrow. Join us for live chats and interactive discussions with both speakers and audience, giving you a chance to bring your questions and concerns directly to our experts. We are SO excited to bring you this year's Government Security Solutions Forum on Thursday, July 20th! To view the full agenda, lineup of guest speakers, and details about this event, please visit our event landing page.Save your seat by hitting the 'Register' button below. We'll see you there!
Today’s security operations (SecOps) teams are tasked with protecting progressively sophisticated, fast-paced cyberattacks. Detecting, investigating and stopping advanced hybrid cyber-attacks at scale and speed is becoming increasingly unsustainable with the complexity of people, process and technology SecOps teams have at their disposal. A perfect storm of an ever-expanding attack surface, highly evasive and emerging attacker methods, and increasing SOC analyst workloads is resulting in a vicious spiral of more for SOC teams.In this “Ask the Expert” Webinar, we will explore an independent global study of 2,000 SecOps analysts, and dive headfirst into the spiral of more that SOC analysts face. Join Matt Bromiley of SANS and the author of the State of Threat Detection research Mark Wojtasiak from Vectra AI. We promise it won’t be a regurgitation of stats from the report (you can read it for yourself). Instead, let’s talk about the “why” the spiral of more exists and how we break it before more SOC analysts hit their own breaking point and quit.
Detection engineering has evolved into an art, contributing to the success rates of endpoint and network detection and response tooling capabilities. Used to effectively counter the increasing complexity of today’s cyber threat actors, high-fidelity detections can help an organization discover threats earlier, neutralizing them before further damage can occur.
AI seems to have taken the world by storm lately. From ChatGPT to automated spear phishing techniques, the security world has already seen changes in processes, automation, and threat detection - not to mention attack techniques! The recent surge of AI opens up opportunities for both defenders and adversaries alike. What can we build? What can we automate? How can we use AI to augment security to buy time and add another layer of defense to our enterprise?In this AI-focused solutions forum, we’ll examine how AI will continue to change the security landscape. After all - tools for one are tools for many. Just as defenders benefit from AI capabilities, adversaries have found their own uses. From writing malware to discovering vulnerable systems, threat actors have found efficiencies using AI capabilities. Defenders must be prepared for how AI will help bolster defenses, while adversaries use it to ramp up their attacks.Join us for our first-ever SANS AI & ChatGPT Solutions Forum, where we will discuss the risks, vulnerabilities, and benefits linked with the rapid introduction of machine learning and artificial intelligence in the world. Information security experts will bring their ideas, theories, and case studies of how AI will impact security for years to come.Join in on the action! Connect with fellow attendees and our event chairs in the SANS Solutions Forum Interactive Slack Workspace. Sign in once and you'll be all set for the rest of our 2023 Solutions Forums. We'll see you there!
“People have become the primary attack vector for cyber-attackers around the world,” said Lance Spitzner, SANS Security Awareness Director and co-author of the report, SANS 2022 Security Awareness Report. “Humans rather than technology represent the greatest risk to organizations, and the professionals who oversee security awareness programs are the key to effectively managing that risk.”
What the 2023 MITRE Test Means for YouA role-specific view of what to take awayAs the attack surface expands, and threat actors evolve the sophistication of their attacks, companies continue to explore ways to refine their threat protection and detection capabilities. MITRE Engenuity’s real-world tests examine the behavior of some of the most sophisticated of threats and the potential impact they can have on organizations around the world. Understanding this year’s test and its different phases is an important first step to putting it to good use. Join us for this panel discussion with Symantec’s Distinguished Engineer Mark Kennedy and SANS Analyst Matt Bromiley as they talk about how different members of the security team can use and apply the results of this important assessment. In this session, we will focus on the Security Administrator, the SOC team and the Forensics Analyst and what’s most important about the test to each. You will learn:How the needs of each security role is differentHow the scoring for each phase aligns with their prioritiesWhat each team member can take away from this year’s test.
Today’s cyberattacks use any means necessary to gain access. As enterprises continue to shift to hybrid and multi-cloud environments, embrace digital identities, digital supply chains, and ecosystems — SOC teams are continuously faced with more. More attack surface for attackers to exploit and infiltrate. More methods for attackers to evade defenses and progress laterally. More noise, complexity and hybrid cloud attacks and incidents.
Microsegmentation is hard to achieve via ongoing network monitoring. How do you effectively microsegment hosts and enforce authentication mechanisms while limiting user impact?
There is likely no cyber threat that can cause as much panic, chaos, and concern amongst cybersecurity professionals as ransomware. Causing widespread damage and disruption to organizations of all sizes, ransomware is here to stay. It remains a profitable business for even the most inexperienced adversaries and has created a multi-billion dollar industry that continues growing. In this forum, we bring together experts and industry leaders to discuss the latest developments and best practices in ransomware solutions and security.Topics for this forum include:* The impact of ransomware on organizations* The importance of backup and recovery strategies as it pertains to a ransomware intrusion* The role of advanced security technologies in mitigating the risk of a ransomware attack.* Steps that organizations can take to prevent or minimize the impact of ransomware.Please join us for 2023 SANS Cyber Solutions Fest, on October 26th, for an action-packed, can't-miss session on all things ransomware. We hope to see you there!
Zero Trust remains one of the main topics in the cybersecurity industry. But what is Zero Trust really about? The broad theme of Zero Trust is about reducing implicit trust throughout the enterprise. The goal is to take an organization from an old non-defensible architecture based on compliance, controls, and a static protection oriented mindset, to a defensible security architecture based on continuous dynamic threat informed defense, and risk-based adaptive trust.Join our upcoming Solutions Forum on Zero Trust and learn about the latest use cases, adoption trends, and recommendations for prioritizing your Zero Trust projects and initiatives for 2024. Our presenters, led by Matt Bromiley, will cover the key challenges and opportunities in implementing a Zero Trust approach, and share their insights on best practices for securing your digital assets in today's rapidly evolving threat landscape.Whether you are new to Zero Trust or an experienced practitioner, this forum is a must-attend event to understand the policies, procedures and technologies required to enable a zero-trust strategy. Register now and join us for an engaging and informative discussion!
It seems that every day cyber attackers come up with a new technique or tactic to breach victim organizations. It can seem daunting for security teams to keep up with the constant barrage of the latest threats and capabilities. Despite the best-laid plans, adversaries can still find a way in if security teams don’t prioritize their investments against the tech that protects against the threats targeting them.
Data resiliency is a critical but often challenging aspect for organizations. One of the most significant pain points is ensuring that data remains intact, accessible, and recoverable during a cyber-attack, natural disaster, or another system failure. The complexity of managing large volumes of data across multiple systems can also lead to issues with fragmentation and data silos.In this SANS First Look webcast, Certified Instructor Matt Bromiley reviews Crashplan’s solution, and how the platform leverages a strong end-user focus while maintaining powerful administrative capabilities.Register for this webcast now and be among the first to receive this white paper.
