Name: Anatomy Of A Targeted Industrial Ransomware Attack
Start: 2021-05-21T20:22:00Z
End: 2021-05-21T20:23:05.000Z
Location: BrightTALK
Rating: 4.7

(ISC)² Security Congress channel contains digital content of activities at (ISC)2's Flagship conference event. You'll find keynotes, sessions and related items.

(ISC)² CEO Clar Rosso will provide strategic updates for our association, including recent accomplishments and milestones, as well as what members can expect in 2023 and beyond.
Bring your questions — a panel of representatives from the (ISC)² Board of Directors and management will answer inquiries about our association, membership, certifications and workforce trends, as well as the current issues and challenges facing cybersecurity.

(ISC)² Security Congress 2022 Town Hall

After two years of virtual events, (ISC)² is excited to be back in person for our upcoming Security Congress conference. Join us for this webinar to learn everything you need to know about the upcoming event, taking place at Caesars Palace in Las Vegas, Nevada October 10-12. Hear from (ISC)² staff on what you can expect from the year’s best opportunity to earn CPE credits, network with colleagues, learn from experts and hear from dynamic keynote speakers.
 
(ISC)² Security Congress will also be available for virtual registration as well, so if you’re not able to join us in Las Vegas, you can still learn and connect from home! Be sure to join us live to ask your questions about the conference and engage with (ISC)² leadership.

Face to Face Again! Preview for (ISC)² Security Congress - October in Las Vegas

Join us for (ISC)2 Security Congress Town Hall to learn what’s next for (ISC)2 and hear directly from members of the Board of Directors.  

CEO Clar Rosso will provide a strategic update for our association, including recent accomplishments and milestones, as well as what members can expect in 2022 and beyond. 

Then, a panel consisting of (ISC)² Board members and management will answer members’ questions about the association, membership, certifications, workforce trends and other cybersecurity issues and challenges facing the profession. 

Town Hall is open to (ISC)2 members and associates, as well as all Security Congress attendees.

Featuring:
Clar Rosso, CEO, (ISC)2
Zachary Tudor, CISSP, Board of Directors Chairperson
Lori Ross O'Neil, CISSP Board of Directors Vice Chairperson
Dr. Casey Marks, Chief Qualifications Officer, (ISC)2

(ISC)2 Town Hall 2021

Organizations deploy multiple security monitoring tools to detect threats, but they often overlook the most important part of the threat detection process: Content. This session describes what is the role of detection content in security monitoring and exposes the need for structured processes to identify, develop and maintain this content. Attendees will learn the characteristics of the Detection Development Life Cycle and understand how to use it to optimize their threat detection practices.

Improving Threat Detection With a Detection Development Life Cycle

What if your team works remotely, your applications are all third-party cloud services, and you have no firewalls, servers or office networks? This talk will explore the unique challenges of securing a cloud-native company when most standard approaches require something “on premise.” We will discuss how any company can use these practices to reduce compliance efforts and improve security by flipping your perspective on internal versus external, office versus coffee shop, and managed versus third-party cloud applications. The talk will cover topics including the shared security model, IAM, CASBs, device management, segmentation, DLP and vendor management.
 
Learning objectives:
1. Improve security and easy compliance by viewing employees as remote workers and services as third-party cloud application, even when they are not.
2. Securely scale remote work without the complexity and capacity issues required when relying on VPN services.
3. See how zero-trust networking and perimeter-less security can improve your security and enable your workforce.

Securing a Cloud-Native Company

Amid the coronavirus uncertainty, companies worldwide have been forced to move more of their professional routines online. As employees adapt to working from home using their private devices, sophisticated cyber attackers have ample opportunities to avoid employers' detection tools and exploit the "new normal." Also, among the pandemic-related legal issues is the mitigation of the Force Majeure contract clauses within the global supply chains, as the restrictions on the mobility of people and products continue to mount. Despite privacy restrictions set forth by the EU's General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA), the effects of the current pandemic cause corporate boards to reconsider their views on data privacy and senior management to conduct workforce health checks to prevent the

further spread of COVID-19. This presentation will outline the dangers and legal risks that have arisen since the coronavirus first forced everyone to pivot to a more virtual workforce. –

Learning objectives:

1. Understand why confusion from the COVID-19 pandemic created long-term security, legal and privacy risks for businesses.

2. Learn top tips for ensuring data protection compliance in the age of the COVID-19 pandemic.

3. Learn what personal information employers may need to collect from employees in order to enforce coronavirus protocols and to best limit their risk of exposure during a health crisis.

Dangerous Security and Legal Risks Created by the Imperative to Work-From-Home

The (ISC)² Cybersecurity Workforce Study is one of the most highly-anticipated annual research reports each year. Not only has it come to be considered the industry standard for measurement of the global “skills gap” in cybersecurity, but it offers nuanced insights into subjects like job satisfaction rates, salaries, role alignment, the profile of the cybersecurity professional, diversity and how to strengthen teams and improve hiring practices. The 2020 edition of the study was released in early November and also includes data on the cybersecurity community’s response to COVID-19 and the transition to remote work environments. This panel discussion brings together several of the (ISC)² architects behind the research to provide a deeper look beyond the numbers and explore some of the key themes of this year’s findings.

Learning Objectives:

- Learn about the cybersecurity community’s response to the COVID-19 pandemic and the shift to remote work

- Understand the landscape of the current cybersecurity workforce and the shortage that exists today

- Gain insights on how organizations can find, recruit and train new talent to better protect organizations from security threats

Digging Into the 2020 (ISC)² Cybersecurity Workforce Study

While a secure development lifecycle (SDLC) is centered around education, it goes much beyond the simple ‘how to program securely’ to include:
 
 -Training, including an overview of the process
 -Threat modeling, including both deployment and functionality
 -Secure coding standards and reviews
 -Testing / analysis such as static, dynamic, fuzz and penetration testing
 -Supply chain security / monitoring that incorporates component tracking and build/development environment security
 -Incident response to improve reaction times 
 
 This session will conclude with a discussion on how to measure your SDLC capability and maturity. As we delve into each of these areas, the attendee will gain insights into what is now required to be successful with an SDLC. 

Learning objectives: 
1. Discover the elements and definitions of the currently evolved secure development lifecycle (SDLC) you need to succeed.
2. Understand how to track the evolving SDLC, since a static one often spells doom.
3. Be introduced to usage and deployment models to determine threats and mitigate them appropriately during the development process.

Implementing SDL and Surviving

Recently, observed cyber-attacks have been often triggered by “malwares” and have been maliciously evolving and sometimes hidden from our monitoring countermeasures (FW, IDS/IPS). For achieving advanced security solution, utilizing passive monitoring technologies should be considered. In this presentation, passive monitoring technologies such as darknet and honeypot/sandbox are explained with practical use-cases to accurately observe and monitor ongoing threats (cyber-attacks). The use-cases may include detection of malware-infected IoT devices by means of darknet and honeypot monitoring. Furthermore, detection of cyber-attacks by passive monitoring can be utilized for cyber security proactive response as practical solutions.

IoT Use Cases - Security Solution Based on Passive Monitoring Technologies

Anyone working in information security understands that communication is a crucial part to an incident response plan. But this conversation is missing collaboration from a key player: the media. 

The mainstream media's role to inform audiences and sway public opinion has yet to be leveraged by the information security community to produce consistent and informed articles on topics of security. Infosec remains in a bubble, with the public stuck in an information loop of data breaches and outdated security patches. As the industry grows, how should these channels of communication develop?

This talk will explore the relationship between press and information security, presenting case studies of how technical topics are represented in the media. An analysis of "security" representations in both print and online media will be also included.

Learning objectives: 
1. Understand the channels in which consumers learn about security.
2. Understand how security gets misconstrued in the media.
3. Get your research picked up, or covered, by a journalist.

The Hack and the Hacker

We've migrated from Waterfall to Agile to DevOps and now, DevSecOps. Now that security is equality represented with development and operations, is everything good? Not at all! Broadly speaking, the Sec element has not (yet!) been fully embraced and is not on par with Dev and Ops. In fact, in many cases the Sec element amounts to a check in the security box. 
 
 Testing went through a similar struggle but emerged victorious with test-driven design and embedded testers. The inclusion of the Sec element in DevSecOps gives all cybersecurity practitioners an opportunity to elevate the impact and relevance to equal the Dev and Ops elements. We, as leaders in the cybersecurity industry, must understand how Sec engagement in DevSecOps works and what indicators predict failures.

Learning objectives: 
1. Describe the critical role that security plays during DevSecOps and understand the critical nature of security to successful DevSecOps environments.
2. Conduct assessments of past/current/future DevSecOps environments to ensure that the 'Sec' element is of equal influence and impact.
3. Quantify and prioritize the attributes of the 'Sec' element of DevSecOps that are applicable to their organization, and recognize the Sec-specific signals related to successful and unsuccessful DevSecOps environments.

The DevSecOps Sandwich: How to Ensure the 'Sec' Element Has Real Bite!

Do your developers understand enough about security to secure your applications properly? How do they fare against the OWASP Top 10? A large number of security problems bury developers. Do you know best how to help them?
 
 Developers must gain security knowledge about how to secure everything they work on. Explore the ten things every developer must know about security and learn how to properly expose them to your developers, including the realms of security culture, hacking, OWASP, third-party software, GitHub, DevSecOps and Docker/Kubernetes.
 
 Gain a perspective on security from the eyes of your developers. Realize a greater awareness of your application security risk, knowledge of the ten things, and perspective on how to asses and build application security culture in a programmatic fashion.

Learning objectives: 
1. Gain a perspective on security from the eyes of your developers.
2. Realize a greater awareness of the application security risk you face.
3. Assess and build application security culture.

Ten Things I Wish Every Developer Knew About Security

Imagine a nationwide blackout. The reality hit Ukrainian residents when their energy sector was hit by a massive cyber attack that caused a power outage for more than 86,000 homes. This session dives into the real-world hack of a power station that explains the planning, perimeter security, engines and SCADA controls behind the attack.

Learning objectives: 
1. Gain a full understanding of the anatomy of a privileged account hack.
2. Learn the challenges of reporting to the board and lessons learned.
3. Develop a strategy to reduce your risk and prevent abuse of your critical information assets.

Lights Out: Inside the Mind of a Utility Hacker

Stories of CrowdStrike incident response engagements and how we have changed the model for how companies respond to a breach. Learn the methods CrowdStrike uses to disrupt and ultimately remove bad actors from networks.

From the Front Lines – Incident Response at Scale

A company can find it hard survive if they lose the faith of their loyal guests or business partners that drive new customers. This Billion-dollar hospitality company could see that the new Data Privacy regulations were beginning to create obstacles to business-as-usual and they needed to prepare accordingly. Their strategic mindset compelled them to assume that CCPA and GDPR were only just the beginning, with more regulations to follow. They wanted to implement a strategy of excellence that would focus on proactive data privacy and prevent the high cost of chasing each successive regulation. 

Their CISO joins us to talk about their journey and discuss: 
• The building blocks for successful automation 
• Integrations for enterprise support and successful business integration 
• GDPR and CCPA drivers for rapid response and resolution 
• What success looks like going forward Learning Objectives: 
• Gain an understanding how success is highly influenced by the time spent planning. 
• Learn alternative approaches to meet compliance and gain business buy in. 
• Define success and strategies to ensure a sustainable program.

Agile Data Protection in a GDPR Mandated World

It is well known that malware outbreaks, security breaches and other security-related incidents can cause times of extreme anxiety and pressure. Anecdotal evidence indicates that stress and mental health issues within information security profession are not limited to incident responders. Join panelists from a wide variety of security career areas of focus as they discuss burnout in general and how it has affected them as individuals. These professionals will offer insights and perspective on how they perceived burnout in their career and among coworkers. They'll also talk about how to recognize the signs and maintain mental health in a challenging career field. Learning objectives: 1. Recognize potential stressors and mental health triggers in the course of Information security work. 2. Gain insights into managing stressful situations, work environments and careers. 3. Reflect on the need for changes in schedule, balance, hobbies or other activities to manage stress throughout the course of an information security career.

Burning the Candle with a Blowtorch - Helping Keep Burnout at Bay

What qualifies as a breach vs. an incident? When does an investigation need attorney-client privilege? Do I need to make a bitstream copy, or is an image enough? If these questions have ever come up in your department, you likely had to call someone in Legal, or even outside counsel. Over the past five years, the need for legal insight in information security has gone from a nice-to-have to a must-have. Just some of the areas where attorneys can assist you include incident response/breach notification, contract negotiations, policy writing and review, and working with insurance carriers. In this presentation, information security legal veterans will explain what attorneys can do for your team and how they can advance your department’s mission.

Learning objectives: 
1. Discern which information security and privacy problems require legal involvement.
2. Learn the latest trends in information security that have legal implications. 
3. Understand how to work with counsel to achieve the best results.

What Attorneys Can Do For Your InfoSec Team

The business world is full of data privacy regulations and obligations. The legal community is full of lawyers with lots of advice about compliance. The information security world is full of techies who must operationalize data privacy regulations. What lies at the intersection of these three things? Is it chaos? Or could it be that success in the ever-changing world of data privacy regulations is best achieved by combining the viewpoints of the legal and technical experts? This presentation will explore the contrasting, but not necessarily conflicting, viewpoints of two experienced data privacy and governance professionals from very different backgrounds. An attorney and a technology professional, each with decades of experience, will present attendees the differing viewpoints necessary for a successful data privacy and governance program. Learning objectives: 1. Describe the perspectives of the various stakeholders in the data privacy and governance process. 2. Compare and contrast the focus and emphasis of legal and IT when addressing data privacy concerns. 3. Discuss the necessary cooperation between legal and IT, and the benefits that such a team confers on compliance efforts.

You Say 'Eether' and I Say 'Eyether': Privacy Regulations from 2 Points of View

In this presentation, we review malicious activity that involved SCADAfence's incident response team, which assists companies during industrial cybersecurity emergencies. Attendees will learn how ransomware infected the victim organization's network and how the incident response team gathered evidence, including where to look first.  Then, we'll  explain how the evidence was analyzed; what the initial findings were; and how the attackers were caught. Finally, we'll discuss additional attack methods used by the cyber criminals so everyone can take appropriate steps to prevent such attacks within their organizations.

Learning objectives: 
1. Learn how industrial networks get infected with targeted ransomware.
2. Discover where to look for evidence; how to analyze it; and how to find attackers hiding in the network.
3. Understand additional types of attack methods used by cyber criminals in industrial networks, as well as best practices to protect those and all other networks.

Anatomy Of A Targeted Industrial Ransomware Attack

CISSP

Cyber Security

ICS/Critical Infrastructure

Information Security

ISC(2)

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

Welcome to the big data and data management community on BrightTALK. Join thousands of data quality engineers, data scientists, database administrators and other professionals to find more information about the hottest topics affecting your data. Subscribe now to learn about efficiently storing, optimizing a complex infrastructure, developing governing policies, ensuring data quality and analyzing data to make better informed decisions. Join the conversation by watching live and on-demand webinars and take the opportunity to interact with top experts and thought leaders in the field.

Big Data and Data Management

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Thousands of healthcare IT professionals compose the health IT community on BrightTALK. Learn alongside them with relevant webinars on healthcare IT compliance, big data in healthcare and IT solutions for healthcare organizations. Join the conversation by asking questions and engaging with other participants during live webinars and organized discussions.

Anatomy Of A Targeted Industrial Ransomware Attack

Presented by

About this talk

More from this channel