What You Need to Know about Ransomware and HIPAA Compliance

Digital transformation - we hear about it all the time, but what does it really mean for security? As organizations transition users, applications, workloads, and data from on-premise into the cloud to improve agility and competitiveness - how does that change their security landscape and threat model? And how can organizations address the challenge of protecting both legacy on-premise systems, while at the same time, also having to secure dynamic multi-cloud-based environment?

Join today's episode to learn about the reality many organizations are facing when it comes to juggling on prem and multi-cloud security, what the key differences are and how to address them for your organization. The panel will also discuss the following topics:

- What are the differences between Cloud Security vs On-Premise Security and why do they matter for organizations in 2020?
- Can we normalize our security posture across the legacy and hybrid/multi-cloud environments?
- Is it possible to improve security as part of a digital transformation program?
- What kind of cyber hygiene do we need to practice? What should be added and what can be taken off security teams' plates?
- Where does DevOps (or DevSecOps) fit into all of this?
- Are cloud security failures the customer's fault?
- What is SASE and how will it impact your organization?

This episode is part of The (Security) Balancing Act series with Diana Kelley. Viewers are encouraged to ask questions during the live Q&A.

This short webcast offers a quick overview of how to prevent phishing and ransomware with next generation endpoint detection and response, aka next gen EDR. In this 12-minute presentation we'll discuss who's impacted most by threats like phishing and ransomware, why new endpoint solutions are required, and how you can implement EDR faster and manage it more easily with managed security services.

The public sector has been reeling from ransomware attacks in the past year that have shut down state and local governments around the country. Cyber attacks like these have cost public sector organizations millions of dollars in damages, cyber insurance, and mitigation. In some cases, organizations are still trying to recover months later from attacks.

In this webinar, we'll discuss:
- Lessons learned from 2019 ransomware attacks
- What you need to develop an effective defense
- Responding to ransomware: what to do when under attack
- Whether or not to pay the ransom
- In-house and third-party solutions

Speakers:
Keith Melancon, CISSP,
Director of Public Sector Policy and Governance

Rich Burke
Vice President of Public Sector Operations
Presenter :Keith Melancon, CISSP, Director of Public Sector Policy and Governance, Rich Burke VP of Public Sector Operations

Cloud solutions such as Microsoft Office 365 have simplified IT operations for thousands of companies. But trusting your business to off-site servers can present unique challenges as well.

If your servers are hosted in the cloud, you can save money on your network's operational costs. However, you may be giving up control of your own security. How can you position yourself to proactively detect and prevent security incidents before they occur?

In this presentation, Delta Risk experts will share their experience gained through securing thousands of Office 365 environments. They will discuss the technical, business, and strategic aspects of securing this cloud environment, including:

- The relationship between Microsoft and your business under the Office 365 Shared Responsibility Model (hint: in many ways, you're on your own!)
- Top Office 365 security risks, and how to combat them
- How to maximize Office 365's native security functions, and where third-party solutions can help fill the gaps

If you’re curious about the answers to these questions, we invite you to join us!

How can you plan for, detect, and respond to attacks in your hybrid environment, including cloud and on-premise?

Join us for this webinar to find out. We'll explore differences and similarities between your approach for each, and what to keep in mind when looking for solution providers.

What you’ll learn:
•Why a solid incident response plan must account for hybrid cloud and on-premise environments
•What’s changed with the move to cloud apps and services, and what’s the same
•Who to include in your incident response planning
•What tools can help you detect attacks more quickly and efficiently
•How a solid plan can reduce recovery time from an attack

Macie Thompson is Director of Delta Risk’s Incident Response team, providing incident response and compromise assessment support to commercial customers. She has more than eight years of experience in cyber security operations and training. Macie supports federal training and exercise programs, using her operational experience to develop realistic offensive and defensive cyberspace training curriculum and exercise vignettes for government clients.

As Director of Critical Infrastructure Cyber Security at Delta Risk, Chris Murphy provides operational and strategic guidance for commercial and government clients. He specializes in helping organizations define and develop processes for incident response, monitoring infrastructures for security events, and detecting attacks. He has extensive experience in establishing and operating Computer Security Incident Response Teams (CSIRTs) and Computer Emergency Response Teams (CERTs), Cyber Security Operations Centers (SOCs), and investigative response teams, including those dealing with SCADA/Industrial Control Systems (ICS).

Despite the cost and complexity of implementation, many organizations rely on security information and event management (SIEM) for network detection and response for on-premises applications. With the move to the cloud, however, traditional SIEM approaches won’t work.
Nearly all organizations (90 percent) have at least one application in the cloud currently, or plan to in the next 12 months, according to IDG’s 2018 Cloud Computing study. Although cloud providers include security measures, IT professionals still face a variety of security challenges with software-as-a-service (SaaS), including lack of visibility into who is accessing applications and insufficient access controls.
Join our experts for a live webinar with a Q&A for more insights on the cloud security landscape and why you should consider a cloud security solution in today’s hybrid IT environment.
We’ll discuss:
•Current cloud security landscape
•Pros and cons of SIEM versus cloud-specific solutions
•Steps to implement a cloud security solution
•How Delta Risk’s cloud security solutions can help
About the Speaker
John Hawley is Vice President of Product Strategy for Delta Risk. Prior to joining Delta Risk in 2017, he served as Vice President, Portfolio Strategy for the Worldwide Security business CA Technologies.

As the managed service market continues to grow as a whole, managed security is becoming an attractive option for organizations of all sizes looking to outsource their security needs or supplement in-house expertise. Industry analysts predict the managed security services market will grow to $40 billion market by 2022, fueled by a cyber security skills shortage and the rapid rise of new threats.

Managed service providers (MSPs) looking to meet customer demands for managed security are faced with the challenges of building their portfolio from the ground up and finding staff. Partnering with a managed security services provider (MSSP) helps MSPs gain the advantages of a full suite of security solutions and access to highly-skilled cyber security analysts.

Join our experts for a live webinar with a Q&A for more insights on the benefits of teaming with an MSSP, and why Delta Risk may be the right partner for your business.

We’ll discuss:
- The current MSSP landscape and why it’s growing
- Why MSPs need to add managed security to their services
- Pros and cons of partnering with an MSSP vs. building your own solutions
- The value of working with Delta Risk as an MSSP


About the Speaker

John Hawley is Vice President of Product Strategy for Delta Risk. Prior to joining Delta Risk in 2017, he served as Vice President, Portfolio Strategy for the Worldwide Security business CA Technologies.

Your managed security services provider (MSSP) should be a partner in your business. Today’s MSSPs must balance emerging challenges from application, software, cloud, and network security threats while delivering assessment and response capabilities so you can focus on your business. The landscape has changed and there’s no turning back. Can your MSSP keep up?

If you’re frustrated by complex pricing and feel like you still have to solve most of your problems, you’re probably in a bad MSSP relationship. Odds are, your business needs more than what a traditional MSSP delivers – but what defines a modern MSSP?

Join our experts for a live webinar with Q&A to learn what characteristics and capabilities a modern MSSP has, and why it may be time to break up with your current provider. If you’re not yet using an MSSP, this webinar will offer valuable advice on how to find the right one for your organization.

We’ll discuss:
•Why the traditional MSSP approach isn’t working
•What characteristics and capabilities define the modern MSSP
•Why the modern MSSP is a better solution for today’s threats
•How to tell if it’s time to hire or replace an MSSP
•What questions to consider if you’re changing providers

About the Speakers
John Hawley is Vice President of Product Strategy for Delta Risk. Prior to joining Delta Risk in 2017, he served as Vice President, Portfolio Strategy for the Worldwide Security business CA Technologies.

Stephanie Ewing, CISSP, CISM, PMP, is a Solution Expert with Delta Risk. She has 16 years of experience in information technology and information security leadership. Stephanie serves as Delta Risk’s cyber exercise capability lead and supports several key clients in industries such as Telecommunications, Financial Services and Energy.

Stop Worrying, You’re Already Hacked: Threat Hunting Experts Show How to Spot Network Attackers Faster to Limit the Damage

Organizations must take a proactive approach to look for attackers on their network, because malicious hackers and criminals are always refining their techniques to avoid security tools and controls.Threat hunting and compromise assessments are terms that are used interchangeably to describe this activity, but there are some distinct differences.

Join our experts for a live webinar with Q&A to learn why you need to devote resources to threat hunting and compromise assessments, whether it’s through dedicated teams or third-party services.

What you’ll learn:
•A clear definition of threat hunting and compromise assessments
•How to convince the C-Level or executive team to buy in
•What’s changed with the move to cloud apps and services
•Common mistakes and misconceptions
•Consequences for delaying hunting and assessments

About the Speakers
Chris Gerritz, founder of Infocyte, is a retired Air Force officer and service-disabled veteran who is a pioneer in defensive cyberspace operations, having established and led the U.S. Air Force's first enterprise-scoped hunt team. Infocyte is the result of Chris’ experience hunting adversaries within some of the largest and most targeted defense networks in the world.

Andrew Cook, CISSP, is the Manager of Delta Risk's ActiveResponse service. Drawing from his Air Force background, he is one of the firm's leading subject matter experts in cyber threat hunting and incident response. With more than six years of experience in cyber security operations, research, and development, Andrew is adept at managing technical teams and skilled in host forensics, network security analysis, malware reverse engineering and enterprise security assessments.

In today’s threat landscape, it isn’t a question of if you’ll experience an incident, but when. When a security incident strikes, you’ll need a well-prepared staff and with a battle-tested plan. A mature incident response plan keeps everyone on the same page. It can clearly outline who’s in charge, what resources are available, and what options there are for detection and containment. Having a documented, tested process brings order to chaotic situations and keeps everyone focused on solving urgent issues.

So, how can you test your incident response plan and ensure your team is ready to handle the next breach?

Join our incident response experts for a 45-minute presentation plus Q&A to learn how you can quickly contain the impact of a breach, resolve an incident, and get back to business as quickly as possible.

What you’ll learn:
• Proper taxonomy for writing an incident response plan
• Recommendations for developing and building in cyber exercises
• How to use your knowledge management system to keep plans agile
• Avoiding scope creep and identifying likely scenarios to test

About the Speakers:
Stephanie Ewing is a Solutions Expert with Delta Risk. She has 17 years of experience in information technology and information security leadership. Prior to joining Delta Risk, she spent several years working with leaders of critical infrastructure organizations across the nation to improve their security programs. Through workshops, training classes, and tabletop exercises, Stephanie has worked to educate executive level leadership and elected officials on security threats and risk management strategies.

Ryan Clancy is a Senior Associate for Security Operations Services with Delta Risk. He has more than 15 years of experience in the IT and cyber security domain providing consulting services, hunt operations, threat intelligence, cyber exercises, enterprise defense assessments, and training in defensive and offensive network security operations.

In this webinar, we'll take a look at 2017 cloud data breaches: what went wrong and how to avoid the same fate.

Is your organization using SaaS apps like Office 365 or G Suite? How about cloud infrastructure like AWS, Google Cloud, or Azure? The pace of business demands a cloud-first approach to move fast. The use of these services might not be new, but the accelerated rate of breaches on these services is alarming. The services themselves are secure but the task of configuring and using them securely is often left to your IT leaders, development teams, or even line of business managers. Cloud services introduce a new management plane, unfamiliar to every organization. The lack of visibility and control around these services is resulting in some of the most significant data breach incidents of 2017.

What are some of the telltale signs a misconfiguration is going to put your critical assets at risk? How can you avoid a misconfiguration in the future? Join our team of cloud security experts for a 45-minute webinar to learn more about the steps you can take to improve your cloud security posture and keep your critical information protected.

What you’ll learn about:

• New risks related to the use of cloud services
• What went wrong with cloud breaches you’ve seen in the news
• Common factors between these incidents
• Methods and technology to prevent a misconfiguration

SPEAKERS

Mike Piscopo is Director of Technical Consulting Services for Delta Risk. Prior to joining Delta Risk, he was the Director of Information Risk Management and Information Security Officer for ING’s U.S. Financial Services division.

John Hawley is Vice President of Product Strategy for Delta Risk. Prior to joining Delta Risk in 2017, he served as Vice President, Portfolio Strategy for the Worldwide Security business CA Technologies.

Tools and technology can play a critical role in insider threat detection. However, tools alone are not enough to address the complexity of human behavior and determined threat actors. By combining technology with people and processes, however, you can create a human solution to solve a human problem.

During this webinar, cybersecurity experts will discuss how to implement a holistic monitoring and detection solution to maximize your insider threat capabilities to improve your security posture. You will learn:

• How to characterize different insider threats
• Key differences between insider threats
• What insider threat technologies are most effective for detection
• How professional services enable you to get the most out of your technology

Ensuring you have an approach to incident response, a plan for technical recovery, and the ability to maintain patient care and business continuity in the event of an attack is key. How prepared is your organization? Join fellow CIOs, CISOs, and other IT and cyber security professionals for this interactive discussion on how to secure healthcare operations.

Learn more about how to reduce the risks that cyber attacks can pose in this live 45-minute webinar presented by experts from Stanford Children's Health, Delta Risk, and Huntzinger Management Group as they discuss essential elements of how to respond to a cyber-attack and properly prepare a business continuity plan.

What you’ll learn:
• Key cyber-hygiene best practices to implement
• What the essentials are for incident response
• How to set technical recovery priorities
• Patient care and business continuity considerations

SPEAKERS

Ed Kopetsky is Chief Information Officer at Stanford Children’s Health and an Advisor with Next Wave Health Advisors. He is responsible for the strategic direction for information technology and biomedical systems, and serves on multiple advisory boards for healthcare technology companies.

Chris Holda is a Sr. Management Consultant with Huntzinger Management Group. He has more than 20 years of experience in IT Operations and 15 years in Healthcare IT. His areas of expertise include technical operations, technical infrastructure, system integrations, licensing and contracting. As a licensed attorney, he brings a unique hands-on perspective within Healthcare IT.

Mike McKinley has more than two decades of experience in cyber and information security in both the private and public sectors. He serves as VP and GM at Delta Risk, where he manages a team of skilled consultants who specialize in providing healthcare and other critical infrastructure clients with advisory services, managed cyber security solutions, and incident response.

In today’s digital world, insider threats are more prevalent than ever, but not any less difficult to detect and deter. Whether they’re malicious or unintentional, they must be guarded against equally. While you can’t directly control human behavior, you can implement safeguards to protect, detect, and respond to insider threats.

One of the best ways to address insider threats is to implement a formal insider threat program in your organization. But what does an effective program look like, and who should be involved in developing it?

If you’d like to learn more about preventing and detecting insider threats, join Delta Risk for this live 45-minute webinar. Our experts will discuss essential elements of an insider threat program, and why you need one now more than ever.

WHAT YOU’LL LEARN:
•Differences between malicious and unintentional insider threats
•Understanding the motivations of internal and external threat actors
•Real world examples of insider threats and organizational effects
•Elements to building an effective insider threat program

To develop an effective program, you need good cross communication and participation across various departments, including information technology, security, cyber security, legal, and human resource. There are many roles and subject matter experts within these departments and others (i.e., system or network administrator, security analyst, data or network architect, information assurance specialist, legal specialist, financial specialist, behavioral specialist, etc.) who should participate in your insider threat program, and who will benefit from this webinar.

ABOUT THE SPEAKERS
Mike Jansen is a Senior Consultant with Delta Risk with more than 14 years of experience in cyber security and cyber operations. He areas of expertise include computer network operations, network security, acquisition and life-cycle management, testing and evaluation, training, cyber security frameworks, and cyber security technical controls.

With resources shrinking and data centers aging, many organizations are moving at least some of their physical IT infrastructure to the cloud. Since cloud providers have already invested in massive infrastructure to support high-availability performance needs, organizations are often hard-pressed to achieve the same goals within their own budget. To put it more simply, cloud outsourcing just makes good business sense for most organizations.

From a security perspective, however, managing a cloud environment can be complex. Do you know who’s connecting to your cloud services? Do you know what they’re doing? Since cloud services are accessible from anywhere, at any time, anyone can potentially gain access to your systems and data. Therefore, getting visibility into your cloud activity is critical. Join us Thursday, May 11, at 1:00 ET as Delta Risk experts examine the increasing importance of cloud monitoring and how it can protect your organization.

In this 45-minute live webinar, you’ll learn:
•Why old business models are being forced to evolve
•Who could be trying to access your cloud environment
•What you can see with cloud monitoring that you might otherwise miss
•When to implement a cloud monitoring solution
•Cloud security recommendations from industry experts

Mike is Director of Technical Consulting Services for Delta Risk. Prior to joining Delta Risk, he was the Director of Information Risk Management and Information Security Officer for ING’s U.S. Financial Services division.

External penetration testing, also known as ethical hacking, is an independent engagement that can help pinpoint common attack vectors and patterns hackers look for in your network. Delta Risk research has identified the attack vectors bad actors most commonly use to get initial access to a network and spread across the rest of the organization. In this 45-minute webinar, our pen testers offer recommendations on how to combat various scenarios and outline the key mistakes defenders must avoid when protecting their security operations.

WHAT YOU’LL LEARN:
• Lessons learned from our 2016 external assessments
• Common weaknesses our testers exploited such as kerberoasting and password reuse
• Methods our testers use to quickly locate high value assets
• Vendor-neutral solutions for protecting sensitive information
• Why third-party penetration testing is in demand

About the Presenters:
Paul Brandau is the Managing Consultant with Delta Risk LLC. He has more than 10 years of experience in the cyber security domain providing a unique perspective on cyber exercises, operational (red team) assessments, and training in offensive network operations. He has helped design and lead a Red Team for the United States Department of Homeland Security. Prior to Delta Risk, his duties included reverse engineering malware and threat profile creation.

Mike Warren is VP of Cyber Resiliency Services for Delta Risk LLC. He has more than 14 years of experience in the cyber security domain providing a threat perspective, operational (red team) assessments, enterprise vulnerability assessments (blue team), and training in defensive and offensive network operations. Prior to Delta Risk, he was an active duty Air Force Communications and Information Engineer Officer.

What is it like to find out you’re on the trail of an advanced cyber criminal? What are the tools and skills you need to track them? What is the mindset you need to approach the hunt? And what indicators and intelligence can you use to see who the attacker is? In this webinar, our experts will discuss all of these questions and more, based on an actual case study.

In a world where compromise is always a risk, one of the best ways to protect your organization is by ensuring that your response capabilities are effective, and one of the most valuable steps in strengthening a response capability is learning from others’ experiences. This webinar will discuss many issues that security professionals deal with when responding to incidents, and how they can address them.

The healthcare industry is one of the top targets for ransomware attacks, and the US Dept. of Health and Human Services Office for Civil Rights (OCR) has now stated that ransomware incidents should be treated the same way as other data breaches under the Health Insurance Portability and Accountability Act (HIPAA) unless there is substantial evidence to the contrary.

In this webinar, we'll discuss:
-Why the OCR guidelines are important
-Why attackers are going after healthcare firms
-How to detect a ransomware attack
-Steps you can take to protect your organization