Attackers may already be in your environment and constantly find new ways to avoid detection. Attacks involving Phishing, Ransomware, Misconfiguration, Stolen credentials, and Mis-delivery continued to increase in 2020 according to Verizon DBIR and 10% of all breaches involved ransomware.
The U.S. Secret Service noted that most organizations had adequate data backup, but cyber actors shifted their focus to the exfiltration of sensitive data and threatening to publicize the data unless additional ransom was paid.
We will discuss how to use the “NIST CYBERSECURITY FRAMEWORK FOR RANSOMWARE” to Prevent Attacks and Recover after Attacks. 80% of all attacks in 2020 involved servers and 53% target WEB servers according to Verizon DBIR. We will discuss the Top 10 Web Application Security Risks according to OWASP and the Top Ten Proactive Controls that describes the most important control and control categories that every architect and developer should include in every project.
Make sure that your data is private and protected in transit, in use, in memory, and at rest. Sensitive data can be secured and protected by a robust data backup plan so systems can quickly be restored. A multi-layered defense can help to create a good security posture and how to discover unusual activity on your sensitive data. We will discuss how to create strong ransomware mitigation can be built on NIST SP 800-207 Zero Trust Architecture (ZTA) to Defend Users and Resources and how Attribute-based access control can dynamically enforce policies based on a wide range of attributes to protect data. We will discuss Data Security for Hybrid Cloud, tokenization, anonymization, encryption, and other privacy models that are defined in the INTERNATIONAL DATA PRIVACY STANDARD ISO/IEC 20889.