The need for an effective Ransomware Prep and Recovery Plan is critical in dealing with today’s plethora of emerging internet attacks, causing billions in damage to businesses and organizations worldwide. This timely session provides an overview of the crucial steps every business must have in place for the attack(s) that are the most probable and likely to come in 2022. This seasoned IT security professional with over 30 years of cyber security experience will share his personal recommendations for defending your data and serve as a guide to handling ransomware.
Morning session (3 hours):
- The malware story
- Why it happens
- Where it happens
- Who are the attackers
- How does it happen: stealth mode
- Why it happens
- Malware components
- Malware Prevention
- Multiple layers of defense
- People, processes, technology
- Distribution mechanisms and defenses
- Web attacks and exploit kits
- How victims react
- Cryptography and how their files get locked
- How to pay ransom or not
- Case studies of famous ransomware
- Detection and Prevention
- Incident Management
- Law enforcement involvement
- Detection per layer
- ISP, Firewall, DMZ, Routers and Switches
- Intranet, Secure VLAN Segments, WiFi
- Servers by class: mail, web, database, services
- Mobile devices
- Traps and Tricks
- Data protection
- Future of Ransomware
- Future capabilities
- Future victims
- Future defenses
- Incident Response Detection and Containment
- Indicators of Compromise
- Detecting an Attack
- Containing the Attack
Afternoon session (3 hours):
- Incident Response Eradication and Recovery
- Incident Response Lifecycle
- Recovery Local and Network Files
- Recovery Cloud Storage Files, Dropbox, and OneDrive
- Tools and Resources
- No More Ransom.org
- Paying the Ransom
- Countermeasures and Preparing Your Incident Response
- Defending a Ransomware Attack
- Protecting a Windows Network
- Next Generation Anti-virus + Anti-malware
- Lessons Learned and Your Incident Response Plan
As a special bonus, attendees will receive guidelines for what to do in the event your company is held by Ransomware.
Adrian Mikeliunas CISA, CISSP is a seasoned professional with over 30 years of hands-on experience in Information Security, Information Technology, Security Audit Services for numerous financial entities, including the Swift Bank, the World Bank, the International Monetary Fund (IMF), and for the U.S. Securities and Exchange Commission (SEC), most notably.
For the past 2 years, Adrian has worked for the Department Health Agency (DHA) within the Department of Defense as a Sr. Security Engineering Consultant. Prior to working for the DoD, Adrian was the Principal of Technology Security at AT&T (formerly VeriSign). Adrian has focused on international security consulting [ISO 27001 and PCI QSA audits] as well as US Federal Agencies where he obtained his DoD Secret Clearance
He is a Certified Information Systems Auditor (CISA), Certified Information Systems Security Professional (CISSP)a Security Standards Council Quality Security Assessor (PCI QSA), an AWS Certified Practitioner, and a Certified Linux Professional and Instructor (CLP).
Early registration is recommended as this course fills up quickly. To ensure admission, fees must be paid in advance.
This class is one full day: 7:00AM – 2:00PM (PT) except where noted.
Choose either half-day or full-day training (see course outline for details).