Don't Panic - Practical Guide to Dealing with Security Incidents
If your organization has never been breached, think again, it probably happened and more than once. If you have dealt with a data breach before, you know how stressful and painful this can be. But let’s take a step back and examine:
- The basics for the incident response
- How to deal with the worst that the hackers can throw at you and still re-emerge successfully.
RecordedMar 22 201863 mins
Your place is confirmed, we'll send you email reminders
COVID-19 impacted us all in different ways. In certain ways it made us stronger and more resilient but in some cases it highlighted our weaknesses. In my world of cybersecurity, I see cybercriminals prospering and cyber security professionals are struggling to stay abreast. I want to share my experiences and advice on how to keep your cyber security team strong so it can rise to an occasion in times of crisis.
Every year tens of thousands of individuals are getting recruited by cybercriminals for legitimately looking jobs of reshipping clerks, accounting specialists, and many other positions. This year, due to the pandemic, these work-from-home jobs got a new level of legitimacy and unprecidented demand. We will examine current schemes for stolen goods re-shipment, charity scheming, money laundering, and more. What your organization should be aware of, how you are impacted, what you should be doing to stay ahead of this ever-changing networks of money and goods mules.
Many years ago we decided that protecting our data just behind username and password authentication is a bad idea. Yet today, we are still heavily relying only on this technology. And, in turn, cybercriminals rely on stolen credentials to enter our realm to wreak havoc. Let’s take a look at how your credentials are valued today, how they are stolen and abused. Then let’s discuss available safeguards including not only MFA but other viable defenses for our society that still holds on to its P@ssword1!
After the recent Twitter account compromise many questions come into focus about security of our social media and events leading to account takeovers. Our investigations of similar cryptocurrency schemes show a pattern of abuse of people’s trust. However, the current Twitter incident is significantly more than meets the eye. The magnitude and impact do not match the financial gains. Sophistication of the breach of high-profile accounts pales in comparison to a sophomoric monetization scheme. Let’s examine what we know and what else to expect next.
We often don’t realize the full impact of cyber crime, which then relapses us into repeating the same mistakes. Even large companies do not completely understand how their data and services are being abused. I want to take you on a journey of observing credit card fraud and abuse from stealing a credit card to trafficking of stolen goods. Learning about these vectors of abuse will help you and your organization to mitigate a number of common attacks and abuses.
In August 2019, Hold Security ran a table top exercise with Wisconsin Ingragard focusing on potential electronic tampering of the 2020 Wisconsin elections by foreign influences. We leveraged our insights in identifying and reporting Russian interference during the 2016 US election to derive critical lessons. The results were fascinating and scary. In this session, we will focus on the 2020 US election through our unique cybersecurity perspective focusing on current events and technical understanding to analyze use of social media manipulations, civil unrest, disinformation campaigns, cyber attacks, and more.
Today, as we are trying to adjust to the new normal, cyber criminals are rushing to take advantage of our drive towards learning. Phishing using COVID-19 related messages is rising to a new high with not only a number of phishing attacks but with a number of victims who are falling for it. We will discuss the new trends and techniques that you should be implementing within your organization to minimize impact of phishing in this new normal.
In the midst of the Coronavirus pandemic, our society is struggling to adjust to the necessary and unexpected changes. In the information security space, we are prepared for many things, but dealing with a pandemic crisis leaves many unprepared.
Cybercriminals operate on a different level and are ahead of the game taking advantage of the global crisis with many others joining their ranks. We will discuss critical issues facing information security during this crisis.
We will also review what you need to know, what you need to be concerned about, and the steps to take today to get your organization more secure and prepared to minimize the potential impact the crisis.
Security threats mutate and lately they are becoming more bold than ever. What is driving this pattern? We will examine new patterns in ransomware, phishing, and data exposures that are greatly affecting our security posture as well as provide better guidelines for mitigating these threats.
As our journey towards better security continues, we need to learn from mistakes of the past. We will discuss capitalization on past successful experiences and learn cautionary tales from failures. Secure-by-design is our goal but it cannot be at the expense of user experience or product quality.
On the way to maturity, we are to learn from our own mistakes but how well do we do it? Are we also able to learn from mistakes of our peers and our industry? We will examine the common pitfalls and provide actionable advice on improving the information security posture for organization on many levels.
Technology and threats pace exceeds our ability to educate everyone about secure use of technology and defensive tactics. We will discuss current threats like ransomware, credentials abuse, data exposures, and many others. We will map defensive techniques that you need to know about these and emerging threats.
We invest a lot of time, skill, and technology into our defenses yet the hackers are still successful. What lessons can we learn from the recent attack techniques and breaches to make our networks less vulnerable?
Alex Holden, CISO and President Hold Security, LLC
The Dark Web is a dark world inhabited by hackers covertly trading stolen data, information, and unlawful goods, therefore not a place many of us visit. This community of criminals continues to thrive, so let’s analyze this dark world and investigate the systems they use to steal our data and gain a better understanding of their targeting techniques, as well as learn about the Black-Market dynamics. The best way to stop or prevent a breach is by understanding this world of criminals and learn to beat them at their own game.
As our electronic footprint is growing, we attach our personal and corporate identity not only to computers, networks, and clouds but also to a countless number of devices in the Internet of Things. From medical devices, to home devices, to complex devices in manufacturing, and beyond we will discuss how your identity can be impacted by a security breach. What are the right steps that you should be taking for the IOT security? What are the most common pitfalls?
Phishing and website impersonations are one of the most common and harmful techniques that cause a substantial amount of damage. Mining DNS data can be a great and effective way to prevent these attacks from ever taking off. We will discuss how to detect and blacklist sites before the first fraudulent email or first web connection is made.
Learn about techniques and tools available to stop these attacks at root.
One of the toughest fights in information security is the fight for your budget. The most integral part of your budget are your employees. We will discuss how strategic investments into the human capital can make or break your security posture. How to get the right talent, and also how to retain it. The human side of economics is usually the most unpredictable one and you need to know how to navigate it.
The simplest way to compromise systems is not by hacking but through use of previously stolen information like credentials that would let the bad guys walk in through the front door and take everything.
Therefore, stolen credentials have a high demand on the Dark Web and we are constantly barraged by news about massive credentials thefts.
You should be protecting your users from losing their credentials and subsequent abuse. However, you should also protect them against misinformation about "new" credentials cache discoveries.
After being credited with the largest legitimate stolen credentials discoveries, I feel like one of the world's foremost experts to provide you with insights about critical thefts.
Learn what kind of challenges the next generations of technology will bring to cybersecurity and what kind of safeguards we are building. From our history of technologies becoming obsolete, to the rise and fall of hacker techniques; we can derive our lessons and not only fantasize about our future but predict it based on a solid track record from the past.
Grown and shaped by market demand, Hold Security, LLC is an Information Security, Threat Intelligence, Risk Management, and Incident Response Company helping businesses of all sizes to stay secure.
Powered by the brightest security experts, Hold Security works with companies around the world to enhance their security posture. Our engineers continue to play lead roles in discovery and investigations of major security breaches, with a proven track record of success.