Assess to Protect: Ransomware Readiness Evaluation for Businesses

In this session, drawing from four years of hands-on experience with ransomware incidents, covering forensics, negotiations, recovery, data mining, and claims, I'll guide you through the significance of personalized ransomware readiness assessments. With experience in security operations management for Fortune 1000 businesses and five years managing infrastructure for a global engineering company, my insights offer a comprehensive understanding of businesses from multiple angles. We'll explore diverse impact scenarios stemming from ransomware attacks, emphasizing the critical importance of adaptable response plans. I'll also highlight often-overlooked aspects of ransomware readiness, such as containment, asset management, cyber insurance, resource allocation, and critical controls. What sets this session apart is our focus on personalized and dynamic approaches to ransomware readiness, grounded in real-world experience. We'll discuss the need for adaptability in addressing a spectrum of impact scenarios, and I'll share lessons learned and examples from my experience in various industries. I will incorporate real-world examples and case studies from diverse industries, referencing lessons learned and experiences from sectors ranging from manufacturing to healthcare, offering valuable insights based on real-world cases. I'll provide in-depth perspectives on how different businesses have faced ransomware threats, the impact of their readiness (or lack thereof), and how they've recovered or failed to do so. Expect actionable takeaways, including understanding the need for personalized ransomware readiness assessments, recognition of the importance of adaptability in response plans, insights into prioritizing critical areas, and practical measures for effective preparation against ransomware scenarios. These takeaways are based on my experience. I'll also discuss some of the worst impacts observed in ransomware incidents and how these assessments ensure that gaps are closed through the critical process of validation. We've seen clients who have had four ransomware incidents back to back, and cases with up to three threat actors simultaneously in their environment. I predict that every company will face some form of ransomware incident or data loss scenario in the next couple of years, and the only way to mitigate that is by changing everyone's mindset and perspective on what 'good' looks like.

Michael Rogers is a Sr. Director of Technical Advisory Services at MOXFIVE where he provides strategic advisory services and solutions to large enterprises during and after impactful incidents. He holds a Master's Degree in Cyber Security and is accredited through SANS for the GCFA, GCIA, GDAT, and GOSI certifications. He has had a wide range of experience from building and managing global Security Operation Centers, Threat Hunting Teams, DevOps Teams, and Infrastructure Teams.