0      0

(ISC)2 Security Congress 2022

SC2206 - Incident Response Ready - Key Steps of a Ransomware Incident Response Plan

Oct 10, 2022 10:00am ‐ Oct 10, 2022 10:55am


Businesses are often ill-prepared to deal with ransomware incidents. If an attacker has masqueraded as a privileged user, you may not know they’re doing any damage until it’s too late. Every organization needs a well-defined, battle-tested incident response plan to combat ransomware.

Learn how a ransomware attack progresses, and ways to prevent, detect and respond quickly and effectively. In this session, we walk through tools and techniques helpful at every stage of a ransomware attack, from initial credential compromise to escalated privileges, exfiltrated data, and ultimately ransomware deployment and ransom demand.

Learning Objectives:
  • Reduce "dwell time" by spotting a ransomware attack early.
  • Gather evidence to craft a contextual response that remediates the attack.
  • Better secure your environment against future attacks.


You must be logged in and own this session in order to post comments.