HomeCISO Series Video ChatBest moments from "Hacking Ransomware" - CISO Series Video Chat

Best moments from “Hacking Ransomware” – CISO Series Video Chat

Here is a quick 6-minute highlight reel of our best moments from CISO Series Video Chat: “Hacking Ransomware: An hour of critical thinking of how to combat a really hard to stop attack.”

Watch the full video

Our guest for this discussion were:

Got feedback? Join the conversation on LinkedIn.

HUGE thanks to our sponsor Keyavi

Best Bad Idea: What not to say during a ransomware negotiation.

Congrats yet again to Dutch Schwartz, principal security specialist, AWS for winning this week’s Best Bad Idea.

Other honorable mentions go to:

“Do you offer any discounts for healthcare or government workers?” – Jason Keirstead, distinguished engineer & CTO of threat management, IBM

“If you can fill out this vendor security assessment, I can get procurement to pay out.” – Kevin Hakanson, sr. solutions architect, AWS

“My cryptocurrency wallet private key is in that data. Can you decrypt it and send back to me?” – Kevin Hakanson, sr. solutions architect, AWS

“Most of our data is trash. You can just keep it.” – Dutch Schwartz, principal security specialist, AWS

“You want 2m? Okay, but my liability insurance goes up to 10m.” – Duane Gran, director, information systems and security, Blue Ridge ESOP Associates

“Are you guys hiring?” – Dutch Schwartz, principal security specialist, AWS

“Oh, that’s it? Phew, I thought this was going to be expensive.” – Chad Hudson, chief compliance and risk officer, SeniorVu

“Does this qualify as this year’s security audit?” – Craig Hurter, director security operations, Colorado Governor’s Office of Information Technology

“I thought that you would consider our data more valuable!” – Roland Mueller, self-employed

“I’m going to need you to fill out this vendor security questionnaire before I can send payment.” – Chad Hudson, chief compliance and risk officer, SeniorVu

10 percent better

“Improve email by using DMARC, DKIM, SPF to reduce email attacks.” – Roland Mueller, self-employed

“Delete all unused accounts.” – Roland Mueller, self-employed

“Limit direct access to data; proxy through remote desktops and segregated networks.” – Kevin Hakanson, sr. solutions architect, AWS

“Move Security Stack components to the Cloud (SASE) to reduce the cost of maintaining on-premise costs, network backhaul traffic, and shift security operations personnel to higher value work.” – Mike Jordan, founder/principal, 23Advisory

“Run https://github.com/elceef/dnstwist DNS Twist to find domain squatting and block.” – Chad Hudson, chief compliance and risk officer, SeniorVu

Quotes from the chat room

“Idea around cyber liability insurance: When I look at my driving insurance they make it clear what I can do to prove I’m a safe driver and lower my premiums. What if cyber liability insurance gave us a roadmap saying ‘implement these controls’ that would yield lower premiums? It would help security professionals to talk in terms of ROI about this stuff.” – Duane Gran, director, information systems and security, Blue Ridge ESOP Associates

“I was informed last week that 42% of higher education can’t get cyber insurance anymore — and many are dependent on non-technical faculty updating patches on their own devices.” – Jocelyn King, co-founder, chief growth & marketing officer, Keyavi Data

“Cyber insurance today is treated like health insurance – when it needs to be treated more like auto insurance. Very high initial premiums that can be lowered only as you prove your competence over time and/or change your risk mitigations.” – Jason Keirstead, distinguished engineer & CTO of threat management, IBM

“What if the insurers have been compromised and their customer lists are being leaked to identify possible lucrative targets” – Craig Hurter, director security operations, Colorado Governor’s Office of Information Technology

“During negotiation: We’ll pay your ransom. But for every dollar we pay, we’re putting out a 10x bounty on you. If you don’t deliver, a 100x bounty. If you release our data to us now and leave us alone, we’ll leave you alone. (incentives to keep ransoms low and to minimize harms and to abandon the business.)” – Phil Wolff, co-founder, Wider Team

“Resiliency: EXERCISE and VALIDATE your process on recovering from ransomware regularly. If it takes a week to restore from your backups, and your business can not afford go that long, then your backups are useless. Colonial had backups and could not recover from them.” – Jason Keirstead, distinguished engineer & CTO of threat management, IBM

RELATED ARTICLES

Most Popular