Tuesday, June 25, 2024
Opening remarks and introductory presentation | Insurance coverage for ransomware: What you need to know

Cyber insurance is more important than ever in light of ransomware attacks. It's also harder than ever to get the coverage you need. In this fireside chat, we'll explore the latest hurdles and guidance, including:

  • Carriers have shifted from focusing on post-breach solutions, to pre & post-breach solutions. Not just solutions, but which pre-breach solutions have the greatest impact
  • Insurance is being tailored to meet the needs of the clients; the support that we are providing to our customers, clients have valued the access to services. What has changed is the sophistication of those services that carriers can offer their clients.
  • Ransomware is an economy.  While victims and their carriers are evolving their models, the threat actors are also evolving their tactics so they can keep making money.
  • Ransom attacks shifting from just disabling servers to disable business, but data exfiltration and exposure, affecting more of the CIA triad we work to protect. And they don’t just affect direct accounts, but third party/supply chain connections as well.
  • Best Practices for Ransomware resilience with the attack focus shifting, and general ways to look at maturing your org in the face of that.
Elisabeth Case Bill Brenner Mea Clift
Breakout Session 3 | How To Create Successful Malware and Defend with Zero Trust

In a world where anyone can create successful malware or have AI generate it for them, it's important to know how malware can be successful so you can better defend. Starting from a default-deny posture, learn how adopting Zero Trust principles can keep your data safe and operations running regardless of hacking attempts by man or machine.

Ryan Bowman
Breakout Session 1 | Ransomware Defense Blueprint: Safeguard Your Business Against Advanced Cyber Threats

Ransomware remains a pervasive threat impacting businesses globally, with small to medium-sized businesses (SMBs) facing heightened vulnerability. Our 2024 SMB Ransomware Readiness report underscores the disproportionate targeting of SMBs, especially those with fewer than 500 employees and annual revenues under $100 million, by ransomware attacks.
 
Join Spence Hutchinson, Staff Threat Intelligence Researcher, as he delves into the ransomware landscape, emphasizing its amplified impact on smaller organizations. Drawing from recent findings by our Threat Response Unit (TRU), Spence unveils critical insights into concerning patterns and the escalating complexity of ransomware exploiting vulnerabilities inherent in SMBs.
 
Key discussion points will cover:

  • Common ransomware entry points, such as unmanaged devices and exploitations of inadequate network defenses.
  • The role of Dark Web markets in facilitating ransomware operations, spanning malware-as-a-service to initial access intermediaries.
  • Practical cybersecurity enhancements for SMBs, emphasizing multi-factor authentication and bolstered network monitoring.
  • Direct costs linked to ransomware incidents, excluding ransom payouts, alongside proactive approaches for detecting and mitigating threats.
  • Actionable guidance from TRU on preparing for, enduring, and recovering from sophisticated ransomware incidents.

Join this session to equip your organization with the knowledge to prepare for ransomware attacks effectively and safeguard against business disruption.

Spence Hutchinson
Breakout Session 2 | Is Your Browser Leaving You Vulnerable? Combat Today's Evasive Ransomware with AI-powered Browser Security

The rise of remote work and cloud services has fundamentally changed the way we operate. With employees primarily accessing applications through browsers like Chrome and Edge, traditional security measures are falling short. Network and endpoint security lack the visibility and protection needed within the browser, leaving your organization susceptible to:

  • Sophisticated Ransomware: Modern ransomware can easily bypass traditional defenses and exploit browser vulnerabilities.
  • Evasive Phishing Techniques: Phishing attacks are becoming increasingly sophisticated, making them harder to detect and prevent.

This session will explore:

  • Why browsers are the new attack vector for cybercriminals.
  • The limitations of traditional security solutions in the browser environment.
  • How a preventive-first approach with browser security can:
  • Mitigate the risk of evasive ransomware.
  • Secure your most vulnerable attack surface.
  • Protect your organization from data breaches and financial losses.

Don't miss this opportunity to learn how to effectively secure your most vulnerable attack surface in today's evolving threat landscape.

Neko Papez
Panel Discussion | Ransomware resilience: Navigating challenges and building defenses

Join us for an insightful virtual panel discussion focused on the continuing and evolving threat of ransomware and the imperative strategies to combat it effectively. In recent years, ransomware attacks have surged, posing significant challenges to organizations of all sizes and industries. Led by cybersecurity experts and industry leaders, this panel will provide a comprehensive exploration of the multifaceted challenges associated with ransomware, from evolving attack vectors to the devastating impacts on businesses and communities.
 

Julian Mihai Keegan Keplinger Matthew Cerny
Ransomware: 2024 Outlook

Chahak Mittal, Cybersecurity Governance Risk and Compliance Manager at Universal Logistics Holdings and an esteemed member of Cybersecurity Collaborative’s Detroit chapter, joins CRA’s Bill Brenner to discuss the 2024 threat landscape as it relates to ransomware, including security best practices to follow going forward.

Chahak Mittal
Roll of the dice: Lessons from ransomware attacks against MGM, Caesars and more

When an organization suffers a ransomware attack, its actions in the first few hours can mean the difference between survival or disaster. In this interview with CRA’s Bill Brenner, Reddit Head of Software Security Matt Johansen discusses recent ransomware attacks against MGM, Caesars, and others, exploring what makes for a successful response vs. one that can make matters worse.

Matt Johansen
CRA Business Intelligence study takeaways: Ransomware

Dive into the realm of ransomware with CRA Business Intelligence producers Bill Brenner and Paul Wagenseil as they dissect the latest findings from their comprehensive study. Uncover the evolving tactics of ransomware attacks, examine the responses and defenses deployed by security teams, and discover the anticipated investments aimed at fortifying organizations against ransomware threats in the coming year.

Bill Brenner Paul Wagenseil