Every day we see headlines about ransomware attacks. If you manage an enterprise system, you may wonder what the best approach is to prevent a malicious actor from taking advantage of your system.

Today’s discussion has a “perfect mix” of professionals to give guidelines to help you prevent an attack, and then help you mitigate that event if it ever occurs.

We start with observations from a grizzled veteran from the Secret Service, then hear advice from an expert in controls from the Center for Internet Security. Next, we move from theory to reality with two leaders from ServiceNow sharing tactics and strategies that have been proven in a wide range of commercial and government institutions.

It may surprise you to learn President Lincoln created the Secret Service. We know they protect presidents; the other part of their mission is to protect the financial and critical infrastructure of the United States. Because of their wide geographic perspective, the Secret Service can see similarities of attacks in New York and Hawaii at the same time. This wider view helps them see trends and weaknesses across the country.

Ben de Bont, from ServiceNow, gives us four keys to prepare for the inevitable incident. He talks about doing a “dry run” with a table-top exercise of who does what when. He likes to include access to legal support to assist in decision-making during a crisis. Relationships with vendors are helpful and developing a relationship with law enforcement can provide decision-makers with better risk analysis. Finally, leaders must rehearse whether to pay the ransom in response to an attack.

Part of the tabletop exercise should be a review of security systems, audit settings, and account management. Testing is part of the preparation, but what to evaluate? Ben de Bont suggests that a regular penetration test be done with faux ransomware. Additionally, controls should be examined by a competent team.

We learn ransomware is evolving. Even if you refuse to pay, attackers can leak sensitive information. Paying attention to what these savvy experts have to say can save time and money down the road.

Featured Speakers:

Valecia Stocchetti, Senior Cybersecurity Engineer, Center for Internet Security, Inc.
Valecia Stocchetti
Senior Cybersecurity Engineer,
Center for Internet Security, Inc.
Mike Moran, Special Agent, Criminal Investigative Division, U.S. Secret Service
Mike Moran
Special Agent, Criminal Investigative Division, U.S. Secret Service
Ben de Bont, Chief Information Security Officer, ServiceNow
Ben de Bont
Chief Information Security Officer, ServiceNow
Nick Murray, Discussion Moderator Client Director, Dept. of Homeland Security, ServiceNow
Nick Murray
Discussion Moderator & Client Director, Dept. of Homeland Security, ServiceNow

FIDT-Logo-2020-Color[1]

servicenow-logo-color