Cyber-extortion has reached new proportions, with a wide variety of methods, such as distributed-denial-of-service attacks and ransomware variants being used to extort individuals and organizations. Recently uncovered ransomware-DDoS hybrid attacks, like Cerber, showcased how attackers have added DDoS capabilities to ransomware. Cybersecurity experts predict these attacks will only increase. And as events, such as the takedown of Brian Krebs’ website, prove, DDoS attacks continue grow, posing big concerns for all businesses and organizations. The biggest question now is: Who’s next?

This session presents real cases of cyber-extortion waged against corporate and high net-worth individuals, including hacking techniques for full network compromise and deployment of ransomware kits. Attendees will walk away from this session with knowledge about the tools and strategies needed to elevate cyber-resilience.

The health care industry has a firm responsibility to defend the security of its clients’ data. With most health care data stored online, that means hospitals and other health care facilities need to have top-tier cyber security standards in place. Right now, that’s not happening – and that’s a real problem.

Privileged accounts have been at the center of each recent high-profile attack. Moreover, attackers are leveraging Privileged credentials as their entry point to high value systems within the network. This session will explain how hackers that successfully exploit these credentials are able to gain a privileged foothold, allowing them unfettered access to elevate privileges and move about the network freely without detection. With a solid understanding of this well-used method of attack, attendees will learn how to properly secure and manage these powerful credentials. During this session CyberArk will discuss growing trends in regards to attacks and what Security Leaders are doing to protect their organizations from these advanced attacks. CyberArk will also walk through a typical attack that utilizes privileged accounts and how passwords can be exploited to break down the front door. The session will touch on the growth and prevalence of privileged credentials. We will discuss how to securely store and manage credentials and how to reduces the attack surface, specifically attack surfaces favored by insiders and outsiders with insider credentials. We will also discuss detecting credential harvesting and blocking future attempts. All while maintaining governance and compliance standards.

It’s rare to read a headline concerning a data breach and not think about how it relates to the shortage of skilled cyber-incident and fraud responders. Without an adequate workforce, fraud and security teams are overwhelmed by the current volume of alerts they receive on a daily basis. What’s more, the shortage of skilled labor means existing teams are overworked and subject to what the industry calls “Alert Fatigue,” due, in part, to an estimated 52 percent false-positive rate. An automated alert response capability with integrated, trackable workflows designed around recognized standards and best practices is now a necessary part of a SOC/CSIRT/fraud department toolbox, and is an integral part of any cyber-response plan. The skilled-labor shortage cannot simply be solved through the use of traditional security-incident-response platforms (SIRP) or security orchestration and automated response (SOAR) solutions; the answer lies in a coalescence of these technologies to provide a synergetic solution that addresses automation, knowledge transfer and intelligent workflow.

One of the most valuable ways to learn is through interaction with your peers. Our “Speed Networking” session will provide an opportunity to meet practitioners who have similar challenges in the areas of fraud and breach prevention, and discuss solutions to potential obstacles. Mingle, share and learn in this unique, rapid-fire and interactive environment.

Ransomware attacks on healthcare organizations have dominated the headlines lately. But what can organizations do to proactively improve their ransomware defenses? Our speaker will offer proven strategies for building stronger phishing defenses.