Name: The April Cyber Lookback: MS Exchange, the PRODAFT chapter, & a hackback debate
Start: 2021-04-02T18:00:00Z
End: 2021-04-02T18:00:56.000Z
Location: BrightTALK
Rating: 4.5

Our mission is to deliver the power of collective cybersecurity to defend companies, sectors, and nations so that people, companies, and nations can live and work with peace of mind in cyberspace.

Cyber attacks are fast becoming the pandemic of 2021. Despite the fact that 90% of our global survey respondents indicate an improved security posture in the past two years, 86% have had a cybersecurity incident so severe in the past year that it required a C-level or Board meeting. In this webinar, IronNet asks “Why?” Join us as we break down the results and significance of our 2021 Cybersecurity Impact Report, based on our commissioned survey of 473 security IT decision makers from the U.S., U.K., and Singapore who work in the technology, financial, public service, and utilities sectors.

Note: This webinar was pre-recorded; since the recording date, Kaseya has issued a patch and is back up and running.

Presenters: 
Major General (Ret.) Brett Williams, IronNet Co-Founder and Cyber Strategist
Kelly LeVoyer, IronNet Director of Content and Communications
John Ford, IronNet Cybersecurity Strategist

A false sense of security?

Join our monthly "look-back" as IronNet Threat Research leaders share their insights on the recent security vulnerability found in medical infusion pumps and docks that could lead hackers to administering higher doses of medication to patients. They’ll dive deeper into the current state of ransomware including updates to the Microsoft exploits involving Lockbit 2.0 and information on the new group Hive Ransomware. We’ll wrap up by continuing the conversation on Apples’ announcement to establish a client-side hashing system from last time. 

Speakers:
Joey Fitzpatrick, IronNet Threat Intel Analyst 
Peter Rydzynski, IronNet Threat Analysis Lead 
Joel Bork, IronNet Senior Threat Hunter

The September Cyber Lookback: From healthcare hacking to more on Apple’s hashing

After sharing a debrief of supporting the Black Hat NOC, IronNet threat analysis leaders will provide their insights on Kaseya and the shut down of Dark Side, the ethics and shortfalls of far-reaching Windows exploitations, and Apple’s announcement to establish a client-side hashing system to search for child pornography on iPhones: is Apple going down a slippery slope? Join this monthly "look-back" webinar for analysis and updates on the latest cyber threats … and learn how to anticipate where these attack campaigns are heading. Respond. Recover. Reap the benefits of our experts' threat analysis.

Speakers:
Peter Rydzynski, IronNet Threat Analysis Lead 
Joey Fitzpatrick, IronNet Threat Intel Analyst 
Joel Bork, IronNet Senior Threat Hunter

The August Cyber Lookback: From Black Hat NOC Recap to Apple's Hashing System

Read the full research or executive summary ahead of time and bring your questions. IronNet threat researchers analyzed multiple lab-detonated ransomware variants and discovered commonalities in the artifacts and metadata that may prove helpful in detection. Factors such as east/west vs. north/south traffic and data file entropy will be discussed. 

Full Research:
https://www.ironnet.com/blog/detecting-ransomware-three-research-based-recommendations

Executive Summary:
https://www.ironnet.com/blog/ransomwares-malevolent-heyday

Ask the experts: Detecting ransomware before the payload

IronNet threat analysis leaders provide their insights on the latest widespread cyber threats and attacks hitting a range of sectors. Join this monthly "look-back" webinar to ensure you have the right threat rules in place to remediate any impact on your organization and learn how to anticipate where these attack campaigns are heading. Respond. Recover. Reap the benefits of our experts' threat intelligence.

Do you see what we see? Two Sides to every coin: Microsoft, South Korea, Russia

If you missed IronNet at the SANS Cloud Security Summit, no worries! Catch Joel Bork & Josh Trout as they discuss hybrid and cloud environments and answer questions from the audience with SANS Institute Chair, Ken Hartman. 

Every organization is scrambling to enable Network Detection and Response capabilities into their enterprise network since the Solarwinds/Solarigate incident. Unfortunately this incident was not directed ONLY to enterprise networks - it impacted cloud and hybrid environments alike.

If that is the case, then how do you get the network traffic out of a hybrid or cloud environment?

This is a question we hear often and in this talk we are answering exactly that and how we at IronNet are using it to monitor our cloud-based build system and devops efforts.

Building in the Cloud? Working in the Cloud? Oh.We need to monitor in the Cloud?

How (not) to steal Tesla’s trade secrets, ransomware Whack-a-Mole, & Iran vs. Israel 

It’s a storyline straight out of (the best show on the planet) The Americans: A Russian citizen attempts to pay a Tesla employee to install malware at the company’s Nevada electric battery plant to steal company secrets for ransom. And IronNet’s threat analysis lead Peter Rydzynski muses: What would Phillip and Elizabeth have done?  In other news, our analysis on the Iranian attack on Israel, and if ransomware groups are backing out of ransomware, where will they resurface?

Speakers: 
Joel Bork, IronNet Senior Threat Hunter 
Peter Rydzynski, IronNet Threat Analysis Lead  
Joey Fitzpatrick, IronNet Threat Intel Analyst

How (not) to steal Tesla’s trade secrets, ransomware Whack-a-Mole & ...

Cloud migration is on nearly every technology company’s docket...and whether those plans were accelerated at the onset of the COVID-19 pandemic or accelerated now after being put on hold, the rush can result in misconfigurations that introduce security vulnerabilities. Learn about how a new, streamlined approach — from assessment, to network and endpoint security, to services and staffing — can help you efficiently tackle these and other infrastructure security challenges.

Speakers:
David Lathrop, VP Utility Strategic Business, Unlimited Technology, 
Christopher Walcutt, VP of Strategy, DirectDefense 
Joel Bork, Senior Threat Hunter, IronNet

Cloud (in)security: Avoiding common cloud misconfigurations

More supply chain attacks and vulnerabilities. Rarely identified CIA malware detailed by Kaspersky. Is Kaspersky compromised due to its connection to Russia and its HQ in  Moscow? Discussions around the ethics of recent FBI actions to clean up Exchange on the heels of international law enforcement community actions to disrupt Emotet. 

Presenters: 
Joel Bork, IronNet Senior Threat Hunter
Peter Rydzynski, IronNet Threat Analysis Lead 
Joey Fitzpatrick, IronNet Threat Intel Analyst

Unraveling supply chain attacks and the ongoing Microsoft Exchange fallout

Security leaders who are new to the MITRE ATT&CK Framework will learn how to make better use of the framework to identify security weak spots —  and where to prioritize budget and project planning, from IR and threat intelligence to SOC operations. Cybersecurity analysts already know how ATT&CK can help identify adversaries by mapping TTPs and behaviors across the framework. In this application, ATT&CK has become a daily tool for hunters and analysts to better connect and anticipate multi-stage or nation-state attacks. But the MITRE ATT&CK framework can also be used to assess your level of strategic coverage and prioritize how you build out your cyber organization.

How to use the MITRE ATT&CK® Framework to prioritize cyber initiatives

Evolving Cybersecurity Policy in the Aftermath of Major Cyber Hacks: A View from the VC Community and C-Suite 

In the aftermath of a series of major cyber incidents, from SolarStorm and Microsoft Exchange to Pulse Secure and Colonial Pipeline, there is much debate about what the government and industry can and should do to improve our nation’s approach to cybersecurity. Please join us as Jamil Jaffer, a former senior advisor on Capitol Hill, talks to Ted Schlein, the managing partner of Kleiner Perkins, one of Silicon Valley’s most storied venture capital firms, and Bill Welch, the co-CEO of IronNet Cybersecurity, a leading leading collective cyber defense company.

Evolving Cybersecurity Policy in the Aftermath of Major Cyber Hacks

There’s a sea of threat intelligence available for cybersecurity analysts —yet the struggle is real to ensure it’s being maximized and is operational enough to add tangible value. As security professionals pivot from one attack to the next, they’re also under the gun to prove their threat intel investments are paying off. In this IronNet webinar, we will be joined by guest speaker Forrester senior security and risk analyst Brian Kime, to discuss:

Moving from single-stream to a collective approach to threat intelligence
What capabilities to look for in a threat intelligence vendor
How can threat intelligence be truly integrated and operationalized?
What is the role of security analysts in improving the quality of threat intelligence?
What can organizations do to refine and optimize threat intel to prioritize investigations?

Presenters: 
George Lamont, IronNet CIO/CISO
Dean Teffer, IronNet VP of Detection and Prioritization 
Oliver Wai, IronNet VP Product Marketing
Featured Guest: Brian Kime, Forrester Senior Analyst

How Collective Defense can create a more robust threat intelligence program

Alert fatigue. The lack of senior analysts. Cyber talent turnover. An ever-expanding threat landscape. What if you could automate some threat investigation steps so your analysts can spend time more strategically? Join our senior threat hunter, senior data scientist, and cybersecurity strategist to discuss the power of machine learning + human insights in leveling up your cyber defense via an automated expert system for threat detection.

Speakers: 
Maj Gen USAF (Ret.) Brett Williams, IronNet Co-Founder & Cyber Strategist 
Dr. Ania Kacewicz, IronNet Senior Data Scientist
Joel Bork, IronNet Senior Threat Hunter

Your SOC. Multiplied

Cyber threat intelligence is inherently designed to reduce risk —  but is it as actionable as it needs to be to match the speed and frequency of attacks?  Join IronNet and our friends at Recorded Future as we explore the people, process and technology of threat intelligence. We’ll examine how to operationalize threat intelligence, use it to turbocharge other risk reduction controls, and apply it to drive measurable business outcomes. 

Speakers:
Levi Gundert, Recorded Future SVP Global Intelligence
Maj GEN (Ret.) Brett Williams, IronNet Co-Founder & Cyber Strategist
Bill Swearingen, IronNet Cyber Strategist

How to apply threat intelligence to drive business outcomes

As an investment company with a net portfolio value of S$306 billion (US$214 billion), Temasek faces a complex security challenge. Driven by the goal to build resilience into their portfolio companies, cybersecurity is a top-3 agenda item. How does an organization of that scale even start to think about a cyber defense-in-depth strategy? IronNet welcomes Jon Allaway, Temasek’s Chief Technology Officer, to discuss the regional, corporate, and technological considerations of protecting itself and its portfolio companies. 

Speakers: 
Jon Allaway, Temasek Chief Technology Officer 
GEN (Ret.) Keith Alexander, IronNet Founder and Co-CEO
Russ Cobb, IronNet CMO

Securing a Singapore sovereign wealth fund: The Temasek story

Refusing to be pushed around by the Russians, Swiss security firm PRODAFT hacked back after being compromised by the SolarWinds attack. Our threat hunters and analysts debate this aggressive response, and welcome your views! We’ll also provide a professorial (as in, your favorite, hippest professor) analysis to compare and contrast the TTPs and cyber attack motives of Russia and China — and, of course, catch up on the latest Microsoft Exchange news.

Presenters:
Joel Bork, IronNet Senior Threat Hunter
Peter Rydzynski, IronNet Threat Analysis Lead
Joey Fitzpatrick, IronNet threat Intel Analyst

The April Cyber Lookback: MS Exchange, the PRODAFT chapter, & a hackback debate

Microsoft

Hackers

Threat Intelligence

Cyber Security

Linux

Vulnerabilities

Cloud Security

Ransomware

DevOps

Hacktivism

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

The April Cyber Lookback: MS Exchange, the PRODAFT chapter, & a hackback debate

Presented by

About this talk

More from this channel