Easy Defender Playbooks to Make Ransomware Criminals Cry

Presented at Blue Team Con 2022, Aug. 28, 2022, 1 p.m. (30 minutes).

The last few years of continuous assault by ransomware gangs against businesses and organizations have left a large mess in their wake. The onslaught makes it seem like the adage “the attackers only have to be right once” holds some truth, even if it is wildly inaccurate.

Let’s talk about what we can do as defenders to flip the script and give the bad guys a hard time. These are architecture patterns and tactics you should bake into your policies, procedures, and runbooks that would have stopped literally hundreds of ransomware attacks. And best of all, most are free and/or easy to implement.


Presenters:

  • Drew Hjelm
    Drew is a seasoned incident responder who uses his previous experience as a system administrator, web developer, and consultant to help organizations navigate the most difficult times they could imagine. He has a MS degree from SANS and holds the GSE and CISSP, among other certifications. Outside of infosec, Drew enjoys exercise, biking, barbecuing, and gardening.

Similar Presentations: