Ransomware - Do You Pay It Or Not? - Experts debate the costs ethics around paying ransomware - SANS
To pay ransomware attackers or not to pay? The global cybersecurity community continues to debate this complicated issue recently brought to the forefront by the Colonial Pipeline attack. Governments around the globe are now weighing in on what they believe to be the right response to a ransomware attack. Some are even considering making ransomware payments illegal. Putting potential legal requirements aside, on the business side the decision to pay or not to pay isn't an easy one to make: On one hand, paying ransom encourages additional brazen attacks; on the other, organizations that choose not to pay the ransom may have to shutter operations or find themselves in the position of being unable to pay employees.
SANS is proud to host what is sure to be a dynamic debate of this issue. We're bringing together some of the top minds in cyber and ransomware incident responders to represent both sides of the debate. Our expert panelists will share stories from the field and their own experiences in responding to what amounts to hundreds of ransomware incidents between the lot of them.
There's no great solution here -- it's a real-life 'no-win situation' for cybersecurity. This debate will focus on providing practical and thoughtful advice that's based on real-world experiences dealing with ransomware. If you have a strong opinion on the issue, join us to see if you can be swayed. As these unique perspectives will highlight, the decision to pay the ransom or not is much more challenging than you might suspect.
Speaker Bios:
Jake Williams
Jake Williams is a SANS analyst, senior SANS instructor, course author and designer of several NetWars challenges for use in SANS' popular, "gamified" information security training suite. Jake spent more than a decade in information security roles at several government agencies, developing specialties in offensive forensics, malware development and digital counterespionage. Jake is the founder of Rendition InfoSec, which provides penetration testing, digital forensics and incident response, expertise in cloud data exfiltration, and the tools and guidance to secure client data against sophisticated, persistent attacks on-premises and in the cloud.
Matthew Toussain
A graduate of the U.S. Air Force Academy with a B.S. in computer science and the SANS Technology Institute with an M.S. in information security engineering, Matthew has served as the senior cyber tactics development lead for the U.S. Air Force (USAF) and worked as a security analyst for Black Hills Information Security. In 2014, he started Open Security, which performs full-spectrum vulnerability risk assessments. He is co-author of SEC460: Enterprise and Cloud | Threat and Vulnerability Assessment and has created numerous popular penetration testing tools. Matthew is also a Grand Champion of NetWars Tournament of Champions and holds 10+ security certifications.
Ryan Chapman
Ryan Chapman, Principal Incident Response Consultant for the BlackBerry Security Services Team, is an IR consultant with roots in SOC and CIRT work. He handles incidents requiring network activity analysis; researching host and network IOCs; hunting through log aggregation utilities; sifting through packet captures; analyzing malware; and performing host and network forensics. Ryan is also the lead organizer for CactusCon, teaches FOR610 for SANS, and is writing a new ransomware-based course for SANS. He also spends time with his family and plays plenty of Street Fighter. Hadouken!
James Shank
James focuses on bringing about lasting and substantive changes to Information Security on a global scale, participating in many trust-based groups and ad hoc task force efforts. A few recent highlights include DNS Transparency, where with some friends, he seeks to provide a lasting solution to make DNS changes to TLD zones auditable and verifiable; DDoS Traceback where James helps to facilitate a group of network operators and security researchers aimed at tracing back and cutting off sources of spoofed packets; and James assisted with target verification and orchestration of the Emotet takedown in early 2021. James is also a member of the Ransomware Task Force (RTF). Organized by the Institute for Security and Technology, the RTF worked to assemble recommendations for the Biden administration and international government bodies. The RTF\\\'s hope is that coordinated action by both public and private sector entities will enable substantial changes that favor defenders in the battle against ransomware.
SANS is the most trusted and by far the largest source for information security training and security certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system - the Internet Storm Center.
Видео Ransomware - Do You Pay It Or Not? - Experts debate the costs ethics around paying ransomware - SANS канала SANS Institute
SANS is proud to host what is sure to be a dynamic debate of this issue. We're bringing together some of the top minds in cyber and ransomware incident responders to represent both sides of the debate. Our expert panelists will share stories from the field and their own experiences in responding to what amounts to hundreds of ransomware incidents between the lot of them.
There's no great solution here -- it's a real-life 'no-win situation' for cybersecurity. This debate will focus on providing practical and thoughtful advice that's based on real-world experiences dealing with ransomware. If you have a strong opinion on the issue, join us to see if you can be swayed. As these unique perspectives will highlight, the decision to pay the ransom or not is much more challenging than you might suspect.
Speaker Bios:
Jake Williams
Jake Williams is a SANS analyst, senior SANS instructor, course author and designer of several NetWars challenges for use in SANS' popular, "gamified" information security training suite. Jake spent more than a decade in information security roles at several government agencies, developing specialties in offensive forensics, malware development and digital counterespionage. Jake is the founder of Rendition InfoSec, which provides penetration testing, digital forensics and incident response, expertise in cloud data exfiltration, and the tools and guidance to secure client data against sophisticated, persistent attacks on-premises and in the cloud.
Matthew Toussain
A graduate of the U.S. Air Force Academy with a B.S. in computer science and the SANS Technology Institute with an M.S. in information security engineering, Matthew has served as the senior cyber tactics development lead for the U.S. Air Force (USAF) and worked as a security analyst for Black Hills Information Security. In 2014, he started Open Security, which performs full-spectrum vulnerability risk assessments. He is co-author of SEC460: Enterprise and Cloud | Threat and Vulnerability Assessment and has created numerous popular penetration testing tools. Matthew is also a Grand Champion of NetWars Tournament of Champions and holds 10+ security certifications.
Ryan Chapman
Ryan Chapman, Principal Incident Response Consultant for the BlackBerry Security Services Team, is an IR consultant with roots in SOC and CIRT work. He handles incidents requiring network activity analysis; researching host and network IOCs; hunting through log aggregation utilities; sifting through packet captures; analyzing malware; and performing host and network forensics. Ryan is also the lead organizer for CactusCon, teaches FOR610 for SANS, and is writing a new ransomware-based course for SANS. He also spends time with his family and plays plenty of Street Fighter. Hadouken!
James Shank
James focuses on bringing about lasting and substantive changes to Information Security on a global scale, participating in many trust-based groups and ad hoc task force efforts. A few recent highlights include DNS Transparency, where with some friends, he seeks to provide a lasting solution to make DNS changes to TLD zones auditable and verifiable; DDoS Traceback where James helps to facilitate a group of network operators and security researchers aimed at tracing back and cutting off sources of spoofed packets; and James assisted with target verification and orchestration of the Emotet takedown in early 2021. James is also a member of the Ransomware Task Force (RTF). Organized by the Institute for Security and Technology, the RTF worked to assemble recommendations for the Biden administration and international government bodies. The RTF\\\'s hope is that coordinated action by both public and private sector entities will enable substantial changes that favor defenders in the battle against ransomware.
SANS is the most trusted and by far the largest source for information security training and security certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet's early warning system - the Internet Storm Center.
Видео Ransomware - Do You Pay It Or Not? - Experts debate the costs ethics around paying ransomware - SANS канала SANS Institute
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
SANS Orlando 2024: Sharpen Cyber Skills, Amplify Impact
SANS OSINT SUMMIT DAY 2 TRACK 2
2024 Artificial Intelligene Security Trends and Predictions
Hands-on Cybersecurity Training in New Orleans 2024
Make a Career in Cyber a Reality in New Orleans 2024
SANS Security East in New Orleans 2024
SANS Cyber Defense Initiative® 2023 in Washington, DC
SANS Cyber Defense Initiative® 2023 in Washington, DC
SANS Network Security in Las Vegas 2024
Understand Vulnerability Management Maturity with a Self-Assessment Tool
This is NetWars!
SANS New NetWars Core Version 9
Top 5 Most Common Security Culture Myths and Mistakes | Host: Lance Spitzner | June 27, 2023
Protecting the Cloud from Ransomware | Host: Ryan Chapman | June 20, 2023
Panel | Mastercard Trust Center
Panel | To Insure or Not to Insure: Debating the Value of Cyber Insurance for Small Business Success
Moving Small Businesses to the Cloud: What You Need to Know
How SMBs can defend against Top Threats using the CIS Critical Security Controls (Controls)
Locking It Down: Best Practices for Strong Passwords and Authentication Tools.
Keynote | Creating a culture of cyber readiness for small businesses
The Dark Knight of OSINT, Matt Edmondson | Host: Rob Lee | June 13, 2023