Name: Making Impossible Cybersecurity Tradeoffs
Start: 2022-03-10T18:00:00Z
End: 2022-03-10T18:00:34.000Z
Location: BrightTALK
Rating: 5

ActZero challenges cybersecurity coverage for SMB and mid-market companies. Our intelligent MDR provides 24/7 monitoring, protection and response support that goes well beyond other third-party software solutions. 

Our teams of data scientists leverage cutting edge technologies like AI and ML to scale resources, identify vulnerabilities and eliminate more threats in less time. We actively partner with our customers to drive security engineering, increase internal efficiencies and effectiveness and, ultimately, build a mature cybersecurity posture. 

Whether shoring up an existing security strategy or serving as the primary line of defence, ActZero enables business growth by empowering customers to cover more ground.


Most cyber defense teams are unaware of how much ransomware evolves over a 24-hour period, which is part of why ransomware "is present in almost 70% of malware breaches this year", according to Verizon's 2022 Databreach Investigations Report. It constantly evolves and targets to beat even the most popular tools and prevention methods.

You've spent much of your cybersecurity efforts over the past few years, but how confident are you that your organization is ransomware ready? Have you run simulations that are up to date with emerging threats? If so, how recent? What did those tests tell you? What did you do next?

Watch Adam Mansour, Chief Security Officer, and Jim Skidmore, Vice-President - Solutions Group at IntiGrow, in this webinar on-demand as they discuss the following concepts and how to assess them:

- What are the essential concepts of Zero-Trust? At what point is 'Zero' or "least privilege"?
- What roles can't Identity & Access Management play in ransomware protection? 
- What goes into managing the effectiveness of your threat detection and response service (EDR, MDR, XDR, mXDR, WTHDR)?

About our guest speaker:

For over two decades, Jim Skidmore has been consulting with many category-leading Fortune One Thousand
Private and Public sector organizations all over the world. This has led to Advisory Board Member Membership with
some of the industry's largest security product and service companies as well as strategic consulting engagements
with various newer stage companies as well. Jim also consults with strategic public sector entities regularly.

Jim speaks also regularly on behalf of RSA, Think, Industry ISAC's, Black Hat, industry blogs, technology journalist news
sources, and network TV spots including CBS This Morning. He has a never-ending passion for solving client challenges
relating to risk mitigation and compliance.

Steps to Test Your Ransomware Readiness Posture

In this last of five sessions, we explore the impact of ransomware on the cyber insurance market and how the Blueprint can help organizations build their cyber resilience. With the rise in volume and sophistication of ransomware, insurance companies and their insureds struggle with how to respond. This has driven new underwriting requirements and price changes but also innovation.

Join John Banghart (Venable LLP), Davis Hake (Resilience), Prashant Pai (SecurityScorecard), and Monica Shokrai (Google) as they discuss current trends in the cyber insurance space, how the Blueprint can prepare your organization for your next renewal, and how innovation in the market is driving cyber resilience for insureds and smarter underwriting by carriers.

In the session you’ll learn:

- The current state of the cyber insurance market as it relates to ransomware, what is covered and what is not.
- What parts of the Blueprint are relevant to the underwriting process?
- What is cyber resilience vs defense?
- New innovation in the insurance market that returns data to make clients safer.

Cyber Resilience and Insurance Innovation

Join cybersecurity experts from two AI-powered organizations, Adam Mansour of ActZero.ai and Zach Atya of Measured Insurance, as they discuss the implementation of AI to combat Ransomware across its lifecycle. 

BEFORE: Zach focuses on using AI to scale DarkWeb monitoring to be able to predict attacks before they begin, and the actuary science processes that power this. And the use of AI to underwrite and price cyber insurance policies using this data.

Both our speakers cover the proactive steps we can take to reduce the likelihood of Ransomware landing in the first place - for those companies without an AI engine to help defend them. Focus on controls, hardening, using MFA, email protection (DMARC, etc.), and other items that Measured looks for in the underwriting process.

DURING: Adam covers use of AI in the detection of Ransomware when it does land, and how AI enables the sub-second responses required to overcome it.

AFTER: Adam covers some breach reporting/disclosure elements, teases initial steps to recovery, Zach covers how insurance can offset the cost…the support that cyber insurance provides during an incident and claims process.

They acknowledge that AI is not a panacea, but highlight the method in order to:

- Enable others to leverage it in their defenses against Ransomware;
- Provide resources on it, to improve incident response;
- Provide an offer so companies at a less mature stage of cybersecurity readiness can take advantage of these solutions that include AI.

AI vs Ransomware: Before, During and After

‘Hosted by’ statement:  This webinar series is graciously hosted by ActZero, who is a contributing member of the Blueprint for Ransomware Defense working group.  Hosting of this webinar does not constitute an endorsement or promotion of any participants’ solutions.

Now that you’ve inventoried your assets and built a strong foundation for protecting your devices, network and people, it’s time to add the next layer of Safeguards.  This 3rd session of our 5-part series focuses on the actionable Safeguards required to block a ransomware attack.  

Join Karen Evans (CRI), Brian Cute (GCA), Shehzad Mirza (CyberWA), and Josh Franklin (CIS) as they discuss the set of practices an enterprise must implement in order to effectively manage devices and the people who use them.

In the session you’ll learn:

- Best practices for software management
- Practitioner advice on managing access controls, and the tools to help out
- How identity protection plays such an important role in ransomware defense, and why multifactor authentication is a game changer to your security
- Methods for optimizing vulnerability and patch management processes

Actionable Safeguards: Identify & Protect

‘Hosted by’ statement:  This webinar series is graciously hosted by ActZero, who is a contributing member of the Blueprint for Ransomware Defense working group.  Hosting of this webinar does not constitute an endorsement or promotion of any participants’ solutions.

By now, through attending our earlier webinars you’ve learned how to build a great wall of defense against ransomware attacks. Yes, we know that ransomware actors are a very determined bunch and, if dedicated, will do everything they can to exploit any unforeseen gaps. This 4th session of our 5-part series will focus on the Actionable Safeguards that are responsive measures to help manage a ransomware attack - should it occur.  

Join Valecia Stocchetti (CIS) | Adnan Baykal (CyberWA) | Daniel Cuthbert (Banco Santander) | Deborah (Debbi) Blyth (Crowdstrike) as they discuss the set of practices an enterprise must implement in order to effectively and rapidly block, respond to, and recover from a ransomware attack to get your business back up and running quickly.

In the session you’ll learn:

- How to test and optimize incident reporting processes
- Who to contact should an incident occur
- Best practices for collecting and storing logs
- How to optimize data back and recovery efforts

Containing and Recovering From Ransomware Attacks

‘Hosted by’ statement:  This webinar series is graciously hosted by ActZero, who is a contributing member of the Blueprint for Ransomware Defense working group.  Hosting of this webinar does not constitute an endorsement or promotion of any participants’ solutions.

Small and medium-sized businesses (SMBs) have recently been given a tremendous opportunity to ease the process of protecting themselves against the scourge of ransomware by following guidance offered by the Blueprint for Ransomware Defense, released by the Ransomware Task Force (RTF) on August 4th, 2022, under guidance from the Institute for Security and Technology (IST).

The Blueprint provides 40 foundational and actionable Safeguards, intended to be recommendations of defensive actions that SMBs can take to guard against and respond to ransomware and other cyberattacks.

Join members of the Blueprint for Ransomware Defense Working Group, along with a collection of invited cybersecurity experts, for Webinar 1, Foundational Safeguards: Tips and Tricks for Building Your Cybersecurity Foundation of this 5-part webinar series, where they’ll guide users and implementation specialists through the Blueprint’s various Safeguards.  The sessions will add depth to why each Safeguard was selected, best practices for planning and implementation, and a discussion on available tools to help. 

The webinar series will include the following topics and more:

- Foundational Safeguards - Identify & Protect
- Foundational Safeguards - Respond & Recover
- Actionable Safeguards - Identify & Protect
- Actionable Safeguards - Respond & Recover
- Cyber Resilience and Insurance Innovation

Foundational Safeguards: Building Your Cybersecurity Foundation

With attention given to cybersecurity awareness month, Jennifer Mitchell, Chief of Staff and Gwen Way, Technical Account Team Manager with ActZero, discuss various applications of The Collaborative Approach to Cybersecurity. 

They provide baseline interpretations of the approach across security functions, other (non-security and even non-technical) stakeholders within the organization, and external vendors and providers. Additionally, they offer resources to support organizations implementing such an approach.

The Collaborative Approach to Cybersecurity

‘Hosted by’ statement:  This webinar series is graciously hosted by ActZero, who is a contributing member of the Blueprint for Ransomware Defense working group.  Hosting of this webinar does not constitute an endorsement or promotion of any participants’ solutions.

While preventing a ransomware attack is your chief priority, ransomware actors are increasingly sophisticated and may get past even the most robust defenses. This second session of our 5-part series will focus on the Foundational Safeguards that are responsive measures to help manage a ransomware attack - should it occur.  

Join Valecia Stocchetti (CIS), Adam Mansour (ActZero), Davis Hake (Resilience) and John Banghart (Venable) as they discuss the set of practices an enterprise must implement in order to effectively prepare their organizations to rapidly respond to and recover from a ransomware attack.

In the session you’ll learn:

- Best practices for building incident reporting processes
- The importance of creating a log management process that works
- Laying the foundation to ensure data recovery
- The criticality of these fundamentals to essential cyber hygiene and obtaining cyber insurance

Every step forward in your cybersecurity journey is one in the right direction.  Join us as we serve as your guide to achieving ransomware resiliency.

Building Resilience in the Face of a Ransomware Attack

Security expert Rory McKay discusses the differences between MDR and MSSP services regarding security outcomes. He provides a breakdown of particular use cases with given technologies (such as EDR, SIEM, prevention technologies like AV and Firewall, and more). Additionally, he offers criteria for which type of IT organization best suits each service type.

MDR vs MSSP: New Challenges

Successful IT and security leaders in the new world focus on the people, but why didn't they always? Leaders have to become the trusted advisor to the board and lead engaged and inspired teams. IT and security executives need to be associated with transformation and collaboration as much as with the tactics of day-to-day security operations.

Join Chris Finan, Chief Operations Officer & President and Aaron McIntosh, Director of Product Marketing at ActZero, for this fireside chat as they discuss: 

- IT and security executives placed on the board
- How to build the team as a transformation team
- Managing the resource and skill shortage 
- What you need to lead a digital transformation team

Healthcare Cybersecurity: CIOs and CISOs as Transformation Leaders

Ever wonder why cybersecurity vendors can claim “100% coverage” against frameworks like MITRE, yet their solutions still fall victim to breaches? 

Adam Mansour, Chief Security Officer, stacks ActZero MDR’s performance against DarkWeb-sourced malware, relative to “top tier” security vendors’ solutions.

Endpoint attack simulation performance is evaluated using three critical measures: block rate, dwell time, and signal-to-noise ratio - redefined to elucidate the differences between real-world performance, and scoring publications and frameworks like AV-Test.org, eicar, MITRE, and others.

We define these critical measures, describe the assessment method, and compare them to established frameworks. We then explain why POC’s that leverage such measures are critical for:

- Choosing cybersecurity solutions, and accurately assessing the outcomes they drive
- Determining whether such solutions will be able to keep response times below relevant thresholds
- Understanding whether the outputs are actually actionable, to stop the attack itself

MITRE Test: Evaluating Cybersecurity Solutions Against Ransomware

To help mitigate the fallout of data breaches on citizens and businesses alike,  governments and policymakers introduced rules and guidelines to help keep customer data secure.  But these laws, frameworks and policies tend not to remain constant.  They evolve with the threat landscape and are full of nuances and details, often making it difficult to understand, manage and apply - let alone stay compliant. The healthcare industry, in particular, has been saddled with numerous compliances, including the Payment Card Industry (PCI) requirements, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and the General Data Protection Regulation (GDPR), and other local state laws.
 
Addressing the specific regulations and controls that affect your organization’s cybersecurity compliance can be overwhelming. Join Adam Mansour, Chief Security Officer, and Aaron McIntosh, Director of Product Marketing at ActZero, for this fireside chat as they discuss how businesses can more effectively work within regulatory and compliance frameworks, including: 

- An examination of the current compliance and frameworks landscape
- How to streamline and prioritize overlapping or conflicting controls requirements
- The right mix of technology and automation to deliver the proper security-based outcomes needed

Healthcare Cybersecurity: Combining Multiple Frameworks

There’s no better time to deal with a cybersecurity incident than before it has ever happened. Most midsize businesses have at the very least a bare-bones incident response (IR) plan in place. But will it work when the ultimate test arrives - an active attack on your business?

Understanding the basic concepts of triage, incident definition, and escalation is essential. But there are so many critical components in IR plans that can easily be missed or devalued. 

Join Adam Mansour, Chief Security Officer, and Aaron McIntosh, Director of Product Marketing at ActZero, for this fireside chat as they discuss: 

- How to prepare for the improvement of an existing plan (or the development of a new one), starting with some timely self-assessment
- How regular practicing of your IR plan can pay huge dividends if and when it needs to be put into action
- What it takes to create a better plan

The Critical ‘3 P’s’ of Incident Response Planning

Healthcare providers and organizations are highly targeted for their electronic protected health information (ePHI). It’s more valuable than other data types and generally attracts more money on the Dark Web.  It’s no wonder that we see escalating ransomware attacks on the healthcare industry.  

To manage risk, healthcare organizations are ramping their investments in cybersecurity, but those strategies often neglect consideration of a critical threat vector - third-party risk exposures.  

Join Adam Mansour, Chief Security Officer, and Aaron McIntosh, Director of Product Marketing at ActZero, for this fireside chat as they discuss: how to mitigate third-party risk.

- Key cybersecurity risks and building a strategy and practice for managing the risks
- The importance of SOC2 to measure preparedness
- Policies and processes to ensure due diligence of 3rd party vendors and partners.

Healthcare Cybersecurity: Securing Your Supply Chain

Healthcare providers have been increasingly targeted by ransomware actors. In the second discussion of our five-part healthcare fireside chat series, Adam Mansour Chief Security Officer at ActZero dives into:
 
- Where does healthcare target spending to avoid Ransomware
- How do tools leverage AI to stop attacks on these systems
- How you should prioritize these capabilities when assessing solutions

Healthcare Cybersecurity: The Rise of Ransomware on Healthcare Organizations

For the first episode of our five-part Fireside Chat series, Chief Security Officer Adam Mansour talks about a primary focus for Healthcare providers; Protecting Patient Information. 

In this chat, he discusses;

- What hackers use patient data for, how they typically get it, and the difficulty in identifying when data has genuinely been infiltrated. 
- What to do if you only think the data is missing.
- How to take an objective look at your current tech stack to understand what’s working and what’s missing.

Healthcare Cybersecurity: Protecting Patient Information

Adam Mansour discusses cyber-attack scenarios with different configurations of resources assigned to data monitoring, and proactive preparedness at small to mid-sized organizations. 

One of the biggest cybersecurity tradeoffs such face is balancing the focus of their security teams (or IT teams tasked with security) across critical security functions, such as monitoring for attacks, and proactive hardening through remediation and configuration. 

He discusses the nuances of this tradeoff for small and mid-size security teams, and answers the following questions: 

- What should be the focus of such employees, when it comes to identifying and stopping attacks? Where does this leave a security team’s “primary responsibilities?” 
- How much raw data can this team reasonably look at, while reacting to (how many) critical alerts, while still looking at (how many) critical vulnerabilities/threat intelligence? 
- Where does this dictate use of in-house, co-managed, or outsourced resources, for particular security functions?

Making Impossible Cybersecurity Tradeoffs

Cyber Security

Cyber Attacks

Threat Intelligence

Threat Detection

Data Science

Artificial Intelligence

Machine Learning

Cyber Incident Response

Information Security

IT as a Service

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Get powerful help desk and support insights from influential experts. Connect with thought leaders and colleagues to get the most up-to-date knowledge on the help desk and support strategies that effect business value and growth.

Help Desk and Support

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

In today’s economic climate, successful small businesses need to overcome an array of challenges. Client dependence, legal issues, small business financing… as an entrepreneur, where can you find the information you need to help inform your decisions? In the small business management community, discover how you can create a successful small business from the business plan up!

Small Business

Get powerful operations insights for your business. Connect with experts and colleagues to get the most up-to-date knowledge on which systems and processes are driving operational efficiency, maximizing value and customer success.

Operations

In the business management community, commercial experts will be sharing webinars and videos on an array of subjects. From sales and marketing, to finance, productivity and growth, this content will help you stay up-to-date with the current economic environment and provide timely management insight to drive business growth.

Making Impossible Cybersecurity Tradeoffs

Presented by

About this talk

More from this channel