Strategies for Active Defense against Pre-Ransomware and Ransomware Attacks

Подробнее о видео

SANS Ransomware Summit 2024
Defending Against the Cyber Siege: Strategies for Active Defense against Pre-Ransomware and Ransomware Attacks
Syed Zaidi, Senior Incident Response Analyst, Sophos

As the threat landscape continues to evolve, organizations face an ever-growing risk of falling victim to ransomware attacks. These malicious attacks not only jeopardize sensitive data but also threaten business continuity and financial stability. In this talk, we delve into the proactive strategies essential for defending against both pre-ransomware and active ransomware attacks. This presentation has 2 sections. In the face of an imminent ransomware attack, organizations are thrust into a race against time to enact swift and decisive measures within the critical first 24 hours. This section of the presentation delves into the urgent actions and strategic decisions necessary upon discovery of an impending ransomware threat. From rapid threat assessment and isolation to mobilizing incident response teams and implementing emergency protocols, we explore the pivotal steps required to mitigate potential damage and safeguard essential systems and data. In the wake of a ransomware attack, organizations face a critical window of opportunity to respond effectively and mitigate damage within the first 24 hours. This section of the talk explores the essential steps and strategic decisions that must be made during the first 24 and 48 hours after being hit by the ransomware attack. From initial detection, incident scoping and containment to communication strategies and recovery planning, we examine the key actions required to minimize disruption and protect critical assets. Drawing upon real-world scenarios and expert insights, attendees will gain invaluable guidance on prioritizing response efforts, communicating with stakeholders, and orchestrating a coordinated defense against the Pre-Ransomware and Active Ransomware attack. By effectively leveraging the initial hours of detection, organizations can bolster their resilience and minimize the impact of ransomware attacks.

View upcoming Summits: