What You Need to Know about Ransomware and HIPAA Compliance

In today’s digital world, insider threats are more prevalent than ever, but not any less difficult to detect and deter. Whether they’re malicious or unintentional, they must be guarded against equally. While you can’t directly control human behavior, you can implement safeguards to protect, detect, and respond to insider threats.

One of the best ways to address insider threats is to implement a formal insider threat program in your organization. But what does an effective program look like, and who should be involved in developing it?

If you’d like to learn more about preventing and detecting insider threats, join Delta Risk for this live 45-minute webinar. Our experts will discuss essential elements of an insider threat program, and why you need one now more than ever.

WHAT YOU’LL LEARN:
•Differences between malicious and unintentional insider threats
•Understanding the motivations of internal and external threat actors
•Real world examples of insider threats and organizational effects
•Elements to building an effective insider threat program

To develop an effective program, you need good cross communication and participation across various departments, including information technology, security, cyber security, legal, and human resource. There are many roles and subject matter experts within these departments and others (i.e., system or network administrator, security analyst, data or network architect, information assurance specialist, legal specialist, financial specialist, behavioral specialist, etc.) who should participate in your insider threat program, and who will benefit from this webinar.

ABOUT THE SPEAKERS
Mike Jansen is a Senior Consultant with Delta Risk with more than 14 years of experience in cyber security and cyber operations. He areas of expertise include computer network operations, network security, acquisition and life-cycle management, testing and evaluation, training, cyber security frameworks, and cyber security technical controls.

With resources shrinking and data centers aging, many organizations are moving at least some of their physical IT infrastructure to the cloud. Since cloud providers have already invested in massive infrastructure to support high-availability performance needs, organizations are often hard-pressed to achieve the same goals within their own budget. To put it more simply, cloud outsourcing just makes good business sense for most organizations.

From a security perspective, however, managing a cloud environment can be complex. Do you know who’s connecting to your cloud services? Do you know what they’re doing? Since cloud services are accessible from anywhere, at any time, anyone can potentially gain access to your systems and data. Therefore, getting visibility into your cloud activity is critical. Join us Thursday, May 11, at 1:00 ET as Delta Risk experts examine the increasing importance of cloud monitoring and how it can protect your organization.

In this 45-minute live webinar, you’ll learn:
•Why old business models are being forced to evolve
•Who could be trying to access your cloud environment
•What you can see with cloud monitoring that you might otherwise miss
•When to implement a cloud monitoring solution
•Cloud security recommendations from industry experts

Mike is Director of Technical Consulting Services for Delta Risk. Prior to joining Delta Risk, he was the Director of Information Risk Management and Information Security Officer for ING’s U.S. Financial Services division.

External penetration testing, also known as ethical hacking, is an independent engagement that can help pinpoint common attack vectors and patterns hackers look for in your network. Delta Risk research has identified the attack vectors bad actors most commonly use to get initial access to a network and spread across the rest of the organization. In this 45-minute webinar, our pen testers offer recommendations on how to combat various scenarios and outline the key mistakes defenders must avoid when protecting their security operations.

WHAT YOU’LL LEARN:
• Lessons learned from our 2016 external assessments
• Common weaknesses our testers exploited such as kerberoasting and password reuse
• Methods our testers use to quickly locate high value assets
• Vendor-neutral solutions for protecting sensitive information
• Why third-party penetration testing is in demand

About the Presenters:
Paul Brandau is the Managing Consultant with Delta Risk LLC. He has more than 10 years of experience in the cyber security domain providing a unique perspective on cyber exercises, operational (red team) assessments, and training in offensive network operations. He has helped design and lead a Red Team for the United States Department of Homeland Security. Prior to Delta Risk, his duties included reverse engineering malware and threat profile creation.

Mike Warren is VP of Cyber Resiliency Services for Delta Risk LLC. He has more than 14 years of experience in the cyber security domain providing a threat perspective, operational (red team) assessments, enterprise vulnerability assessments (blue team), and training in defensive and offensive network operations. Prior to Delta Risk, he was an active duty Air Force Communications and Information Engineer Officer.

What is it like to find out you’re on the trail of an advanced cyber criminal? What are the tools and skills you need to track them? What is the mindset you need to approach the hunt? And what indicators and intelligence can you use to see who the attacker is? In this webinar, our experts will discuss all of these questions and more, based on an actual case study.

When it comes to securing an organization’s network, most stakeholders understand that cyber security education and training are not a luxury – they're a necessity. In this webinar we will discuss how best to spend those precious training dollars to get a solid return on investment.

In a world where compromise is always a risk, one of the best ways to protect your organization is by ensuring that your response capabilities are effective, and one of the most valuable steps in strengthening a response capability is learning from others’ experiences. This webinar will discuss many issues that security professionals deal with when responding to incidents, and how they can address them.

The healthcare industry is one of the top targets for ransomware attacks, and the US Dept. of Health and Human Services Office for Civil Rights (OCR) has now stated that ransomware incidents should be treated the same way as other data breaches under the Health Insurance Portability and Accountability Act (HIPAA) unless there is substantial evidence to the contrary.

In this webinar, we'll discuss:
-Why the OCR guidelines are important
-Why attackers are going after healthcare firms
-How to detect a ransomware attack
-Steps you can take to protect your organization

Are you confident attackers aren’t on your network right now? Preventing a determined attacker is nearly impossible. According to recent studies, the average attacker hides for an estimated 250 days before being discovered, often by a third party. In this webinar, Delta Risk experts will discuss how threat hunting enables you to find attackers your security team missed so you can stay in control and minimize damage. We’ll focus on the mindset, people, and capabilities you need to detect undiscovered attackers that could be costing you money and putting your business at risk. Don’t be caught off-guard – get out and hunt.

How prepared is your organization to react to and handle cyber incidents? Whether you’re developing your first cybersecurity exercise program or have a mature program in place, it’s important to know if your organization is evolving or just checking the box. In this webinar, we’ll discuss why cyber exercises give you the most realistic training and gap analysis to improve incident response results and your overall security program. We’ll also show how you to turn cyber exercises into a comprehensive, ongoing workforce development plan.