Ransomware Summit Solutions Track 2024

  • Friday, 31 May 2024 10:00AM EDT (31 May 2024 14:00 UTC)
  • Speaker: Matt Bromiley

Stop Waiting for the Adversary

It’s 2024. Ransomware is no longer new, the threats and risks are well known, the cases and payouts are public. Even with this ominous threats, why are security teams still caught off guard when their environments fall victim? It’s 2024 - the year we stop waiting for the adversary.

In this 2024 Ransomware Summit, let’s explore all the angles. How ransomware actors find success, where they get in, and why organizations are still paying. Then let’s look at how we can change - for the better. We will examine how technology is a necessity in defending against these threats. From human education and training to advanced, AI-based preventative mechanisms, it’s time to upgrade our security arsenals. It’s time to take a stand and say “not my network, not today.”

Why you should attend - Ransomware is a threat to us all. Threat actors don’t discern between technologies, incomes, sectors, or geographies. In this summit, we’ll look at how ransomware impacts us all, and how we can make a change to better secure our networks.

--> To view the full agenda for this event, please scroll down.


Thank You To Our Sponsors

NEW-duoLogo-web.pngCorelight_Transparent.pngExtraHop Networks logohpe_aruba_orange_pos_rgb.svglogo_1000.pngcortex_RGB_logo_Vertical_Lockup_Positive.pngsophos logoVMRay Logo - Dark Bluexage-logo-full-color.pngZscaler_BrandAssets_LogoLockup_Blue.png

Full Agenda

Timeline (EDT)Session Details
10:00am - 10:10amEvent Kickoff & Introduction

Matt Bromiley, Event Chairperson & SANS Certified Instructor
10:15am - 10:50amElevate Your Ransomware Defense with SSE
Ransomware continues to be a critical concern, with attacks becoming more sophisticated and targeted. In 2023, total ransomware payments nearly doubled, reaching over $1 billion, signaling a surge in the threat landscape. As we navigate through 2024, the adoption of hybrid and remote work models has only expanded the attack surface for cyber criminals. In response, security teams are increasingly leveraging the principles of zero trust access, underpinned by the advancements in Security Service Edge (SSE) platforms.

Learn from industry experts about how SSE enhances your ransomware protection strategy, SSE best practices, and the future of cybersecurity with SSE.

John Spiegel, Director, Network Transformation (Field CTO) at HPE Aruba Networking
Darren Tidwell, Senior System Engineer at HPE Aruba Networking
10:55am - 11:30amUnpacking a Ransomware Attack, Minute by Minute
If you could detect every inflection point of a ransomware attack as it unfolded in real time, what would you do differently? Join ExtraHop as we delve into the intricacies of a real ransomware breach. By dissecting an attack, we’ll highlight the pivotal role of increased network visibility in preventing or mitigating such incidents.

We'll highlight:
- The need for a multi-faceted defense strategy.
- A deep dive into network visibility tools, and how they complement traditional perimeter defenses.
- A real-time analysis of a ransomware attack, showcasing the critical moment where NDR solutions can provide invaluable insights.

Jamie Moles, Senior Manager, Technical Marketing at ExtraHop
11:35am - 12:10pmRansomware Whack-a-Mole: The Takedown & Reemergence of LockBit's Raas Platform
Join Andrew Maguire and Patrick Staubmann of VMRay as they provide insight into the current malware threat landscape and the takedown and sudden reemergence of the LockBit Ransomware as a Service (RaaS) platform. Together, they will cover the multi-stage attack chain methods from initial infection to ransomware deployment using phishing and malware loaders, as well as the impact of anti-sandbox evasion checks and why it’s important when performing Dynamic Sandbox Analysis. Wrapping up with a VMRay Analysis review of LockBit 3.0, Patrick explains how the malware threat data, IOCs, and artifacts can be used to help threat-hunting efforts to mitigate the impact of an ongoing ransomware attack.

Andrew Maguire, Senior Product Marketing Manager at VMRay
Patrick Staubmann, Team Lead Threat Analysis at VMRay
12:15pm - 1:00pmLUNCH BREAK
1:00pm - 1:35pmStop Ransomware with Zero Trust Architecture
Ransomware attacks dominate headlines, posing a growing threat to businesses. As attackers leverage AI to evolve rapidly, defenders must prevent new, advanced threats. Zscaler offers comprehensive ransomware protection, disrupting every stage of the attack life cycle.

Join Emily Laufer and Will Seaton from Zscaler, as they explore the latest trends, detail attack scenarios, and demonstrate how a robust zero trust architecture can prevent real-world attacks. Discover cutting-edge techniques to defend against ransomware and safeguard your critical assets.

Emily Laufer, Director, PMM ThreatLabz at Zscaler
Will Seaton, Senior PMM ThreatLabz at Zscaler
1:40pm - 2:15pmHow to Not Get Mauled By A Bear:
Can Ransomware Be Stopped? A Layered Security Ecosystem is The Only Way
The core tactics of ransomware haven’t changed, but the scale of attacks, and the size of demands, has grown. What will it take to stop this scourge on modern enterprises?
Attendees of this session will get a close look at how valid credentials and compromised identities power every stage of the ransomware playbook, and actionable steps to block attackers at each layer.

We'll discuss:
- A close look at common ransomware initial access and lateral movement tactics that still work even though they haven't changed for years, and how to finally stop them.
- The biggest security gaps that let ransomware in the door, and how to plug them for good with a layered ecosystem of detection and prevention approaches.
- Residual Risk: Why 80% of security leaders have been surprised by attack tactics they thought they had controls in place for, and how to stop getting caught off guard.
- How to stay proactive against ransomware, even if you think it is already inside your walls.

You might not be able to eradicate ransomware from the face of the earth, but you can stop your company from being its next headline-making victim.

Michael Leonard, Senior Solutions Engineer at Xage Security
2:20pm - 2:35pmBREAK
2:35pm - 3:10pmEmerging Cybersecurity Threats and Trends
Based on The 2024 Sophos Threat Report, the greatest cybersecurity challenge facing small businesses-and organizations of all sizes - is data protection. More than 90% of attacks reported by our customers involve data or credential theft in one way or another, whether the method is a ransomware attack, data extortion, unauthorized remote access, or simply data theft. Criminal syndicates are counting on smaller companies to be less well-defended and to not have deployed modern, sophisticated tools to protect their users and assets. The key to successfully defending against these threats is to prove their assumptions wrong: Educate your staff, deploy multifactor authentication on all externally facing assets, patch servers and network appliances with the utmost priority and consider migrating difficult to manage assets like Microsoft Exchange servers to SaaS email platforms.

Organizations also need to respond at a faster velocity by ensuring that telemetry across security solutions can be captured and monitored to provide threat containment and corrective incident response. This has created a deep need for MDR solutions that can provide 24/7 monitoring and response.

Michael Pertuit,
Senior Sales Engineer at Sophos
3:15pm - 3:50pmAdapting to a New Paradigm in Security: Implementing Identity Threat Detection and Response (ITDR) in Your SOC
Identity professionals have traditionally focused on compliance and governance activities, while leaving Security Operations to the Cybersecurity team to monitor the endpoint (EDR) and network (NDR), potentially missing Identity Threats. Cloud adoption has made identity a primary target for cyber security attacks, making it one of the key vectors of attack expansion after infiltration. As a result, Identity professionals need to consider an Identity Threat Detection and Response (ITDR) program and how to integrate it into their organization’s larger Security Operations Center (SOC).

In this webinar, we will discuss the considerations that should be made when bringing on an ITDR program and how to incorporate it into an organizations larger SOC program. By doing so, you can ensure that your organization is well-protected against identity-based cyber threats.

Tyler Reese, Product Director for the Identity and Access Management Portfolio at Netwrix
3:55pm - 4:30pmMapping the Network Path of Ransomware: From Entry Point to Blast Radius to Containment and Eradication Validation
Explore the challenges of defending against ransomware by focusing on the attack lifecycle. Leveraging advanced network telemetry and Open Network Detection and Response (NDR), we will delve into how attackers gain initial access, the techniques they use to spread laterally, and the importance of identifying the blast radius.

Attendees will learn how network telemetry can provide critical visibility into suspicious behavior, helping security teams identify and respond to intrusions quickly.

James Pope, Director of Technical Marketing Engineering at Corelight
4:35pm - 5:10pmBest Practices for Modern Ransomware Defense
Ransomware attacks are perpetually evolving to bypass security and maximize impact. Adversaries commonly borrow cyberwarfare techniques such as lateral movement and privilege escalation to infect as many endpoints as possible.
In this webinar, our experts will dive into some of the most advanced tactics used in ransomware attacks and the steps you can take to stop them.

Tune in to learn more about:
- Ransomware attacks in the wild, and the cybercrime trend of 'multiextortion'
- Best practices for ransomware prevention and containment, incident response technologies and services that can protect your organization.

Register for this informative session now to ensure your team is prepared in the event of a ransomware attack.

Dan Flaherty, Senior Product Marketing Manager at Palo Alto Networks Cortex XDR
Tanya Wilkins, Senior Product Marketing Manager, Unit 42 at Palo Alto Networks
5:15pm - 5:30pmEvent Recap & Closing Remarks

Matt Bromiley, Event Chairperson & SANS Certified Instructor