May ISSA Monthly Meeting: Anatomy of a Ransomware Response

Speaker: Bar Lockwood, Security Manager for Quorum Review IRB

Thursday, May 17th, 2018, 6:30 PM

Event Summary

Ransomware has become the preferred attack method. Why extract and sell sensitive confidential data or intellectual property when you can simply make it unavailable until the owner pays? For a hacker automating an attack, shielded by TOR, and demanding online payment, how could an attack be easier or less costly?

The technological response is pretty straightforward: figure out how you got infected, plug the gap, and restore from a trusted backup. But when you are in the middle of the attack, many other factors are in play. And because this is squarely a security breach, you–Mr. or Ms. Security Professional–are in the hot seat! Unless rehearsed and fully prepared, your C-Suite will likely be in a panic. And they will be looking to Security to guide them through it. If we don’t have a clear understanding of the whole process, and the part Security *should* play in it, we could end up underperforming, over-reacting, or taking on responsibility that should be owned by somebody else. Bottom line, no matter how well we perform under this pressure, Security can easily be positioned to fail.

Bar Lockwood, Security Manager for Quorum Review IRB, will walk us through a progressive, end to end Ransomware scenario. We’ll explore our Security roles at each stage of the attack–what we should be doing…and what we should expect of every other role. In the end you should walk away with a better understanding of how confusion drives chaos, misperception challenges trust, and control yields success.

In addition, ISSA Chapter President Justin White will lead an analysis of the most recent news and discuss how cyber attackers continue to evolve during his monthly Garden Fresh presentation. In this presentation, we will explore the trends that define today’s threat landscape such as recent cyber attacks, intelligence-led insights, and advanced defensive strategies.

Join us for the after meeting soirée with food and drinks at the Islander Restaurant. Plan on bringing a friend!!! This is a great opportunity to network with your peers, introduce your friend and to meet new people: Address 2441 76th Ave SE, Mercer Island, WA 98040

Speaker

Bar Lockwood is CISM and CISA certified and has worked as a Security Analyst and Auditor, Data Governance Professional, Threat Modeler, and Technical Program Manager at Microsoft, AT&T Wireless, and Premera. She has deep expertise in security risk assessment, intelligence management, and security engineering, and broad background in governance, risk management, and compliance. In 2005, she injected the first security activities into a software development lifecycle standard*, compelling adoption in all subsequent SDLC standards. This work is recognized by the Department of Homeland Security.

*(IEEE-P1074 (2005) Standard for Developing Software Project Lifecycle Processes

Chapter Meeting Time:
Thursday, May 17, 2018
6:30 pm – 8:30 pm

Location:
Community Center at Mercer Island
8236 SE 24th Street Mercer Island, WA 98040

Thanks to our Chapter Sponsors:

Diamond Level Sponsor:

Bugcrowd

Continuous Crowdsourced Security for Enterprises

Rapid7

Accelerate Security, Vulnerability Management, and Compliance

Gold Level Sponsor:

Versive

Focus On The Threats That Matter

0
Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© 2019 Information Systems Security Association - Puget Sound