Ten years ago, Lockheed Martin introduced the Intrusion Kill Chain. Since then, it has morphed into the Cyber Kill Chain and remains as a widely used framework for cybersecurity and incident response strategy. However, ransomware does not fit into the traditional Cyber Kill Chain attack lifecycle, and many organizations make the mistake of simply folding ransomware attacks into existing incident response programs. What’s really needed is a new “Ransomware Kill Chain,” which can form the framework for ransomware response plans.
In this session, Nicole Hoffman, a Threat Intelligence Analyst and Kurtis Minder, CEO/Expert Ransomware Negotiator, both at GroupSense, will explain the best way to defend against ransomware is “The Ransomware Kill Chain.” They will explain the 15-step framework of the chain – from first access through encryption – by using client case studies and examples of custom-made ransomware playbooks. Discover the power and effectiveness of “The Ransomware Kill Chain” and keep your organization one step ahead during an attack.
Read More
I love vulnerability management as a core discipline of what makes an effective security operations program because it can help to both reduce risk and improve efficiency. However, I still find many organizations are still stuck after rolling out a scanning tool (and then stopping). I've seen the reason for this being one of three main reasons (but there are more).
�1 - Conflicting information between patching processes and vulnerability scanning tools
�2 - Lack of guidance or frameworks to prioritize the growing list of vulnerability
�3 - Very manual process without a clear understanding how to automate activities
This talk is for anyone who is working as a security analyst or leader who directly performs vulnerability management activities (identify, assess, triage, and track). Additionally, this will be really informative for those who have process inputs (any pentesters out there?) or outputs (IT and critical process owners).
This talk will give you all the tools and processes that you'll need to level up your program TODAY, without having to go ask for more budget (again).
Read More
Have you struggled to get security baked into your DevOps process or have your security needs taken a back seat to "run fast and break things"? Just because we’re moving fast doesn't mean we can’t be secure. Join us for this deep dive into adding container scanning to a DevOps pipeline. We'll enumerate the security tool categories, and give you tips for adding these tools to your development workflow, build pipeline, and production monitoring setup. You can achieve a robust security posture and still release continuously.
Read More
While APIs have clear and obvious benefits, they’re also creating a rapidly-growing attack surface that isn’t widely understood and is sometimes completely overlooked by developers and software architects. With recent reports suggesting that by 2022, API abuses will be the most responsible vector for data breaches within enterprise web applications, securing them is a top challenge and must be a bigger priority.
Read More
A common misconception about automation is that it needs to be complicated and requires a specific skillset. This talk is to show that automation CAN be simple and achieve the desired objective. We will discuss how to break larger problems into smaller pieces to develop a repeatable solution.
Read More
The industrial revolution was powered by coal and steam. They were the power that enabled innovation and propelled the world down the road that has brought us to where we are today. The next revolution is on the horizon, and it’s an information revolution. Smartphones, smart homes, and smart assistants are proliferating our lives. Artificial intelligence is becoming in integral contributor to how this technology adds value to the our lives. The capabilities of the cyber security ecosystem must keep pace with this evolution. During this session we will cover how artificial intelligence is being used to fuel the next generation of cyber security ecosystems. We will see how it can be used to improve accuracy, speed and efficiency of enforcement technologies while enhancing the information used to make business and security decisions. On the other hand, how could AI & Machine Learning be used against us? If we have the technology, so do our adversaries.
Read More
In today’s world, we mainly focus on the importance of the cybersecurity analyst, the CIO, the CISO.
But the fact is many other roles are essential to cybersecurity. Michelle Winters initiative to open doors to newcomers to the industry is bringing attention to a larger conversation. As members of the cybersecurity community, how can we help increase inclusion, diversity, and access to untapped talent?
Utilizing her role as manager of customer success, Michelle shares her experience, strategy, and results in generating more opportunities for newcomers to the industry.
Read More
There are two kinds of companies: those where leadership cares and… those where they don't. No amount of personal heroics, technical awesomesauce, or the world's greatest tool is going to change that and have the business suddenly get it. Your leadership is an elephant. Large. Moves only when it wants. Tramples things. And… the cleanup! So, how do we move the elephant when and where we want?
We'll talk how to get leadership buy-in for your risk management program, how to translate this for different kinds of offensive/threat assessments (vulnerability assessments, penetration testing, red teaming, and purple teaming), metrics (including real-world data) derived from a detection maturity model I created with business context (alignment) from my work with blue teams. Come with questions and curiosity, leave with actionable insights to build or mature your risk assessment program.
Read More
While disinformation has been around since the age of antiquity, in recent years it has taken centerstage as a highly disruptive force. In this talk I make some comparison cases for how malware and expanding compromise in a computing environment, has direct parallels to how biases and heuristics are exploited in human cognitive software during a disinformation campaign. The talk will conclude with the introduction of a disinformation kill chain.
Read More