Hi [[ session.user.profile.firstName ]]

NotPetya: Ransomware or Wiper? Nation State or Criminal Gang?

On the heels of WannaCry, the world awoke on June 27 to another cyber attack that employs ransomware as a weapon. But this one is different and has fueled much speculation as to whether it is truly a ransomware attack or a wiper/destroyer attack meant to inflict irreversible damage. In this webinar, we will review some of the details of this attack and discuss clues towards motives and potential threat actors behind this attack.

About the Presenter:
Mounir Hahad, Ph.D. is Sr Director at Cyphort, a Security Analytics company headquartered in Santa Clara, CA. Mounir is the head of Cyphort Labs, the group responsible for conducting threat research within Cyphort and driving detection enhancements for Cyphort’s Advanced Detection Fabric which uses behavioral analysis along with machine learning to detect advanced threats and correlate those incidents with ingested information from third party solutions. Mounir holds a Ph.D. in computer science from the University of Rennes.
Recorded Jul 6 2017 37 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Dr. Mounir Hahad, Sr. Director at Cyphort
Presentation preview: NotPetya: Ransomware or Wiper? Nation State or Criminal Gang?

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Using Behavioural Economics to Raise Digital Resilience Amongst Employees Mar 22 2018 9:00 am UTC 60 mins
    Robin Smith, Head of IT Security, South Yorks NHS
    This case study examines how a major NHS organiation used Richard Thaler’s Nudge strategies to redirect employee behaviour and create a culture of cyber vigilance.

    Join this webinar presentation to learn:
    - Key lessons on the value of micro-marketing
    - Lessons from cybernetics
    - The value of cyber resilience in healthcare

    About the Presenter:
    Robin Smith is a former cybersecurity lead analyst in UK Police Service. He has authored four books on cyber security and is currently working on a documentary feature examining the impact of cyber-crime on society for release in 2018. He has previously worked in UK health sector, telecommunications and was formerly a lecturer at Loughborough University in Information Risk Strategy.
  • Security Review & 2018 Predictions for Financial Services Dec 15 2017 5:00 pm UTC 60 mins
    Adam Hamm, Managing Director, Protiviti Global Consulting
    The regulators are coming regarding cybersecurity. Are you ready?

    Join this interactive webinar to learn more about:
    - The NYDFS Part 500 cyber regulations, including insights on implementation and auditing
    - Review the NAIC's new Insurance Data Security Model Law adopted on October 24, 2017

    About the Presenter:
    Adam Hamm is a Managing Director at Protiviti Global Consulting who serves financial services industry clients across the country regarding risk, compliance, and cybersecurity matters. He has deep knowledge of financial services regulation with hands on experience in all insurance supervision and policy related matters. Before he joined Protiviti in January 2017, he was a former President of the National Association of Insurance Commissioners (NAIC), Chairman of the NAIC’s Cybersecurity Task Force, Principal on America’s Financial and Banking Information Infrastructure Committee (the primary national regulatory cybersecurity committee for the financial services sector), Principal on the United States Financial Stability Oversight Council (FSOC), and North Dakota’s elected insurance commissioner from 2007-2016. Adam also spent ten years as a violent crimes prosecutor and civil litigator.
  • Cyber Threat Predictions & Security for 2018 Dec 14 2017 6:00 pm UTC 60 mins
    Diana Kelley | Mark Weatherford | Jon Green | David McGuire | Ashton Mozano
    With major breaches exposing the personal information of hundreds of millions of Americans and disruptive ransomware attacks shaking the world in 2017, we'll examine the lessons learned from these events as a guide to shape CISO strategy for 2018.

    This interactive Q&A panel with security industry experts will explore:
    - The biggest threats on the horizon
    - Key vulnerabilities and how to protect against them
    - Measures for breach prevention, detection and response
    - Which areas to focus on in 2018
    - Recommendations for CISOs

    Speakers:
    - Diana Kelley, Cybersecurity Field CTO, Microsoft
    - David McGuire, CEO, SpecterOps
    - Ashton Mozano, CTO, Circadence
    - Mark Weatherford, Chief Cybersecurity Strategist, vArmour
    - Jon Green, VP and Chief Technologist for Security at Aruba, a Hewlett Packard Enterprise Company
  • Lessons Learned and Recovery from Breaches Dec 14 2017 5:00 pm UTC 60 mins
    Rebecca Herold, CEO and Founder, The Privacy Professor
    In 2016, there were 329 breaches involving 500+ records, amassing a total of 16,471,765 records breached. The reported main cause of the known healthcare data breaches in 2016 was unauthorized access/disclosure. Most could have been avoided by the effective use of data encryption technology, as part of a comprehensive information security and privacy management program.

    Additionally, ransomware accounted for 72% of healthcare malware attacks in 2016; these attacks usually resulted in EHR downtime. Ransomware attacks rose 250% in 2017. Ransomware recovery costs can exceed $10M per covered entity, with daily downtime costs running over $8,500 per hour of downtime. Organizations must understand both the regulatory hurdles and backup/recovery strategies when encountering breaches.

    In this webinar, Rebecca Herold, a highly recognized privacy and security expert, will describe:
    - Real life examples, legal requirements as well as mitigation actions, costs associated with breaches
    - Specific ransomware issues, backup and recovery practices
    - Recommended practices to prevent breaches.

    About the Presenter:
    Rebecca Herold is CEO and Founder of The Privacy Professor® consultancy she established in 2004, and is Co-Founder and President of SIMBUS, LLC, an information security, privacy, technology & compliance management cloud service for organizations of all sizes, in all industries, in all locations founded in 2014. Rebecca is an entrepreneur with over 25 years of systems engineering, information security, privacy and compliance experience. Rebecca created the information security and privacy department functions at a large multi-national financial and health care organization throughout the 1990s. Rebecca has authored 19 books to date, dozens of book chapters, and hundreds of published articles.
  • [Panel] Big Data Analytics vs Privacy: Risks and Opportunities Dec 14 2017 1:00 pm UTC 60 mins
    Panel of data experts
    Using sensitive data for advanced analytics and machine learning is an effective mechanism for increasing revenue and building customer loyalty - among other benefits - but it comes with a set of considerations around utility and privacy, all of which need addressing:

    - How can you extract value from your sensitive data sets?

    - What privacy concerns should you consider?

    - Is encryption enough to protect your data when it is shared?

    Many organisations are sitting on vast amounts of sensitive, yet highly valuable data and are currently unable to maximise its value. That data could be shared with internal teams and third parties, but privacy concerns and compliance restrictions prevent the data from being utilised effectively.

    Unlocking the data’s true value is a challenge, but there are a range of tools and techniques that can help. This live discussion will focus on the data analytics landscape; compliance considerations and opportunities for improving data utility in 2018 and beyond.

    Key takeaways:

    - A view of the data protection landscape

    - Tools and techniques to unlock the value of your sensitive data

    - Considerations for moving data to the cloud and sharing it with internal teams and third parties

    - Opportunities for maximising data utility in 2018
  • Multi-Cloud Storage: Addressing the Need for Portability and Interoperability Dec 12 2017 8:00 pm UTC 75 mins
    John Webster, Senior Partner, Evaluator Group, Mark Carlson, SNIA CSI Co-Chair, Alex McDonald, SNIA CSI Chair
    In a recent survey of enterprise hybrid cloud users, the Evaluator Group saw that nearly 60% of respondents indicated that lack of interoperability is a significant technology-related issue that they must overcome in order to move forward. In fact, lack of interoperability was chosen above public cloud security and network security as significant inhibitors. This webcast looks at enterprise hybrid cloud objectives and barriers with a focus on cloud interoperability within the storage domain and the SNIA’s Cloud Storage Initiative to promote interoperability and portability of data stored in the cloud.
  • CPE Webinar: Critical Actions to Finalize Your GDPR Compliance Program: Part 1 Dec 12 2017 6:00 pm UTC 75 mins
    Dr. Branden Williams; Chris Covell, Absolute, Jake Olcott, BitSight, Kabir Barday, OneTrust, and Rashmi Knowles, RSA
    Attendees can earn 1 CPE credit on this session.

    The new EU General Data Protection Regulation (GDPR) rule looms and will take affect in May 2018, but only a third of companies are on track to be compliant by the due date. GDPR is the most significant change in data privacy regulation in more than 20 years. It represents an extraordinary shift in the way businesses will be expected to operate when they gather, process, maintain, and protect customer data. Any organization that retains information of EU citizens must be in compliance or face huge fines of up to 4% of worldwide turnover.

    In this webinar series you will hear from industry experts facing the same challenges you face and find out how they're meeting and surpassing critical implementation check points, and you will learn what actions other organisations are taking preparation for data protection – not only for GDPR, but for long-term data protection.
  • Best Cyber Breach Protection: Certified NIST RMF Professionals Dec 8 2017 12:00 am UTC 60 mins
    Dr. Ron Ross, Mr. Richard Spires, and Dr. Victor Berlin
    Dr. Ron Ross (NIST), Richard Spires (Learning Tree Int’l), and Dr. Victor Berlin (Mission Critical Institute) will discuss how hiring Certified NIST RMF Professionals can be your key to cybersecurity breach protection.

    Dr. Ron Ross, Fellow, National Institute of Standards and Technology
    Ron Ross is a Fellow at the National Institute of Standards and Technology. Dr. Ross leads the Federal Information Security Modernization Act (FISMA) Implementation Project, which includes the NIST Risk Management Framework.

    Mr. Richard Spires, CEO, Learning Tree International (CIO, DHS, IRA ret.)
    Richard Spires is CEO of Learning Tree International. Previously he has served as the U.S. Department of Homeland Security’s (DHS) Chief Information Officer (CIO) and IRS’s CIO. Spires also served as the Vice-Chairman of the Federal Government CIO Council and the Co-Chairman of the Committee for National Security Systems (CNSS).

    Dr. V. N. Berlin, CEO, Mission Critical Institute
    Victor Berlin is the CEO of Mission Critical Institute (MCI). MCI enables universities to graduate career-ready cybersecurity risk management professionals by utilizing MCI’s cutting-edge cybersecurity education system. Dr. Berlin has over 15 years of cybersecurity graduate level education experience which includes serving as the founding president of the first accredited cybersecurity graduate university, University of Fairfax.
  • Uber, Equifax and the Year of Data Breaches Dec 7 2017 7:00 pm UTC 60 mins
    Panelists TBA
    Massive data breaches are a dime a dozen these days, affecting more people that before and exposing the highly personal information of millions of consumers. Uber is the latest company to disclose a major breach, joining Equifax from a few months ago, in which the names, addresses and other personal data got stolen by hackers.

    Join this webinar to learn more about:
    - What should enterprises do to better protect their customer data?
    - How can we address the growing threat of cyber attacks?

    Some of the industry's top minds will provide their insights on the impact of the recent breaches on consumers, organizations and policy.
  • Stop losing game revenue and players to cyber attacks Dec 6 2017 6:00 pm UTC 60 mins
    Sudhir Vallamkondu, CTO, JumpRamp Games
    Cyberattacks cost companies over $1 million per day and the video game industry is being targeted more than ever. The global audience is huge and growing across demographics. The number of platforms, from personal computers, consoles and hand-helds to smartphones and tablets, makes a smorgasbord of vulnerable users.

    And then the bad guys get to work. Accounts are hacked to rip off virtual items your users have invested time and money on, and real-world identification and financial information is harvested for sale. All told, DoS attacks piss off users and drop game income, and more.

    Game publishers and developers are the ones who end up shouldering the blame, taking massive financial and reputational hits. But there are increasingly sophisticated ways to lock out the hackers, keep your users safe, and your intellectual property secure.

    Join this VB Live event to learn from digital security experts about the four key perimeters of defense, how to proactively secure your environment, and protect against the increasing number of hacks, DDoS attacks, and more.

    Register here for free.

    You’ll learn about:
    * How to prevent data breaches, SQL injections, cross-site scripting, remote file inclusion, and other cyberattacks.
    * Integrating cloud and on-premises solutions
    * How to handle larger, Internet-scale attacks
    * Preventing the reputation hit that hacked accounts or downed sites bring

    Speakers:
    * Sudhir Vallamkondu, CTO, JumpRamp Games
    * Arash S.Haghighi, Manager of Infrastructure, Smilegate West
    * Stewart Rogers, Analyst-at-Large, VentureBeat
    * Rachael Brownell, Moderator, VentureBeat



    Sponsored by Akamai
  • Uber Data Breach: Impact and Lessons for CISO's Nov 30 2017 7:00 pm UTC 60 mins
    Alex Holden, CISO of Hold Security; Others TBA
    Uber recently disclosed a massive data breach in which the personal information of 57 million Uber customers and drivers were stolen by hackers in October 2016. What are some of the lessons we can draw from this latest breach?

    Join this interactive panel of experts as they review:
    - What is the impact of this breach?
    - What should Uber users do in response to this breach?
    - What are the most common reasons for breaches?
    - What should organizations be doing to better tighten their security?
  • Navigating the Chasm of SIAM-Managing Infrastructure in 2018 Recorded: Nov 21 2017 52 mins
    Jeffrey Ritter
    Governments continue to try to regulate cyberspace, often with little effective impact. Security professionals struggle to design and operate infrastructure that will comply with rules written with Semantically Intentional Ambiguous Meaning (SIAM). Learn from the classrooms of one of the world's great universities the new methods for navigating those challenges and putting in place rules that are effective for managing infrastructure.
  • Digital GRC: Innovations for Early Identification and Management of Risk Recorded: Nov 16 2017 62 mins
    Moderated by Colin Whittaker; Yo Delmar, MetricStream; Jason Ford, Contegix; and Cameron Jackson, Riskonnect
    Attendees can earn 1 CPE credit on this session.

    Digitization has become deeply embedded in enterprise strategy, as nearly all businesses and activities have been slated for digital transformations. The significant advantages of digitization, with respect to customer experience, revenue, and cost, have become increasingly compelling, and we are starting to see digital transformations in risk create real business value by improving efficiency and the quality of risk decisions.

    The state of risk management at most global, multiregional, and regional banks is abundant with opportunity. Current processes are resource intensive and insufficiently effective, as indicated by average annual fines above $400 million for compliance risk activities alone. By improving the efficiency and effectiveness of current risk-management approaches, digital risk initiatives can reduce operating costs for risk activities by up to 30 percent, and a digitized risk function can provide better monitoring and control and more effective regulatory compliance. On this webinar our panel of experts will discuss digital innovations for risk management success.
  • Security Heretic: What got us here, won't get us there Recorded: Nov 16 2017 57 mins
    Gary Marsden, Senior Director of Data Protection Solutions at Gemalto
    Cybersecurity is at a crossroads and requires a dramatic shift to adequately support the needs of business owners and security administrators as digital transformation challenges their needs and investments. Managing multiple cloud providers and dramatic increases in the number of endpoints generating data and the subsequent volume of data means enterprise security teams no longer have the requisite skills and bandwidth to deal with complicated security products. Building in security from the beginning quickly and cost-effectively is an industry game changer, especially with new growth markets like Big Data, Blockchain, Cloud Computing, Internet of Things and Digital Payments.

    Multi-cloud environments and government regulations and industry compliance add to the complexity of maintaining a manageable and effective data protection strategy. Transforming encryption and key management (data protection in general) into a click and deploy model reduces internal business barriers between security teams, DevOps and product teams and alleviates disparate security policies, so you know where your data is and that it is secure. The way people consume security is changing by taking an on-demand approach similar to the Netflix philosophy. In this webinar, we will discuss how cloud-based security is simplifying workflow processes, changing cost/benefit models to drive us towards a pervasiveness of encryption and key management that will de-risk data and connectivity in similar ways to anti-virus and firewalls.

    Join this interactive presentation to learn about:
    • The role of security in today's connected world
    • The drivers for and impact of simplifying security on business and workflow
    • How security is providing valuable business intelligence through connected systems and meeting compliance mandates
    • Gemalto’s solution to solving on-demand data protection
    • Upcoming cybersecurity trends and how to prepare
  • Stopping the Hack: Using Advanced Analytics to Detect and Respond to Attacks Recorded: Nov 16 2017 59 mins
    Christopher Camejo, Director of Product Management for Threat Intelligence at NTT Security
    Getting hacked is now a matter of “when”, not “if. As a result, the ability to detect and respond to attacks before significant damage is done has become one of the most important issues in information security.

    A wide variety of tools and services are available with new technologies and capabilities being introduced regularly.

    We will take a look at the important considerations for organizations seeking to monitor their network security via in-house resources, commercial tools, and/or managed security services. This will include important factors that will dictate the cost and effectiveness of security monitoring efforts.

    About the Presenter:
    Christopher Camejo has more than 18 years of security experience, and has been with NTT Security for over 15 years with experience in the Security Operation Center, developing and supporting a managed email security service, and implementing security solutions before moving on to start the US ethical hacking team and GRC practices. He has coordinated and conducted numerous large-scale, multi-discipline penetration tests and PCI assessments for NTT Security’s global clients.

    As part of NTT Security’s threat intelligence capabilities, Chris follows the latest tactics and techniques of attackers, coordinates NTT Security’s vulnerability identification and disclosure activities, and helps educate NTT Security’s clients, clients from various other NTT operating companies, and the public on how to address strategic information security risks. He has presented at RSA Conference, Infosec World, the ISSA Conference, Computerworld Expo, and at United States Secret Service Electronic Crimes Task Force meetings.
  • Top cyber threats in the financial sector Recorded: Nov 16 2017 49 mins
    Candid Wueest, Principal Threat Researcher, Symantec
    Financial institutions are increasingly facing attacks on multiple fronts.

    Cyber criminals continue to target online banking using malware to hijack customer transactions and banking sessions. While there has been an overall drop in infections related to these consumer threats, financial institutions are now facing new types of attacks in the form of large-scale financial heists.

    Attack groups such as Fin7 and Lazarus are deliberately targeting financial institutions in audacious attacks that are reaping large rewards. They are using living off the land and fileless attack tactics similar to APT groups. But also extortion with DDoS attacks or business email compromise (BEC) scams are increasingly bothering financial corporations.

    In this webcast on the current financial threat landscape, Symantec takes a look at the most prevalent and significant financial threats.

    In this webcast we will review:
    - The top threats facing financial institutions with statistics and examples
    - Explore the most common techniques employed in financial attacks
    - Provide case studies of the most high-profile financial attacks of the past 12 months
  • Emerging Cyber Threats for 2018 Recorded: Nov 16 2017 47 mins
    Steve Durbin, Managing Director, ISF Ltd
    While cyberspace continues to provide opportunities for organisations they risk becoming disorientated and losing their way in a maze of uncertainty, as they grapple with complex technology, proliferation of data and increased regulation.

    In this webinar Steve Durbin, Managing Director, ISF, discusses the threats organisations will be facing in 2018 and offers insights into how to address them.
  • 2018 - The New Targets and New Technologies Recorded: Nov 15 2017 64 mins
    Ulf Mattsson, David Morris, Rich Morrell, Juanita Koilpillai
    2018 is bringing new Threats & Technologies.
    Viewers will learn:
    • Case studies and Current trends in Cyber attacks
    • How to measure cybersecurity preparedness
    • Automated approaches to integrate Security into DevOps

    Juanita Koilpillai is President at Digital Risk Management Institute. She
    Coauthored the Software Defined Perimeter Specification sponsored by the Cloud Security Alliance, Developed a Security Risk Index System adopted by NIST to calculate risk of moving applications to the cloud, She is a Key member of FEMA’s Enterprise Security Management Team: drafting U.S. Government’s initial Critical Infrastructure Protection Plan Led the team that developed the 1st security event & incident response system: sold to Symantec and Led the team that deployed the 1st modern Air Traffic Control System for the FAA.

    Rich Morrell is CTO and Managing Director of Falanx Group - Cyber Defence, CISO and Director of Cloud Security Alliance. Former Senior Security Strategist at Red Hat. Former CTO at Gartner Global Security Risk Practice. Founder and co-author of SmoothWall protecting over 200m networks globally since 2000.
  • Tackling the f-word: The smarter approach to ad fraud Recorded: Nov 15 2017 61 mins
    Emily Storino, Network Strategy Lead, Electronic Arts (EA)
    Ad fraud isn’t becoming more prevalent -- the fraudsters are just getting slicker. From bot nets to device ID spoofing, the tricks are getting more sophisticated, and raking in more and more cash for the swindlers.

    Staying ahead of the fraudster’s learning curve is the key — and collaboration is the crucial element. While vendors and advertisers are directly impacted by fraud, tracking partners provide the technology to help fight fraud – all three players have to work together to circle the wagons.

    Making a game plan can be complex, when there are no clear benchmarks for defining or measuring fraud, as each player defines it differently and different benchmarks are needed for each app type, geo, traffic source, and so on.

    Join this VB Live event to learn how to tackle that complexity, how to define benchmarks, detect and manage fraud, and work with your partners to circle the wagons against the fraudsters.

    Register for free!

    You’ll learn:
    * Who the stakeholders are, plus why and how is each is affected
    * The MMPs’ role in this ecosystem
    * What fraud is and what benchmarks should be used for defining it
    * How to collaborate to detect and manage fraud on an ongoing basis
    * What tools are out there to fight fraud

    Speakers:
    * Emily Storino, Network Strategy Lead, Electronic Arts (EA)
    * Grant Simmons, Head of Client Analytics, Kochava
    * Tal Nissenson VP Client Success US, Taptica
    * Stewart Rogers, Analyst-at-Large, VentureBeat
    * Rachael Brownell, Moderator, VentureBeat

    Sponsored by: Taptica
  • How to Fix Cybersecurity - From Patching Leaks to Building Better Dams Recorded: Nov 15 2017 60 mins
    Tatu Ylonen, Founder & SSH Fellow, SSH Communications Security, Inc.
    This talk will address how we need to develop and configure systems and software to eliminate common forms of malware and exploits. It is an engineering challenge that requires substantial change in tools and how we write applications and operating systems and how we design hardware. None of it is rocket science, but the pieces must be put together.

    Viewers will learn about:
    - Attack vectors and hidden risks
    - How to build better dams, rather than trying to patch every leak and crack

    Do we want our dams to be strong and safe, or is it more important to ensure that we can easily blow up the dams of any opponents, even if ours will break too? As a society increasingly living downstream of the dams, building better dams is a matter of survival.

    Presented by a 20+ year security pioneer and inventor of SSH (Secure Shell, the de facto standard for system administration) and the principal author of NIST IR 7966 (guidelines for managing SSH access).
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: NotPetya: Ransomware or Wiper? Nation State or Criminal Gang?
  • Live at: Jul 6 2017 6:00 pm
  • Presented by: Dr. Mounir Hahad, Sr. Director at Cyphort
  • From:
Your email has been sent.
or close