layout | title | type | track | technology | related-to | status | when-day | when-time | location | organizers | participants | outcomes |
---|---|---|---|---|---|---|---|---|---|---|---|---|
blocks/working-session |
Ransomware Playbook |
workshop |
Security Playbooks |
need-working materials |
Fri |
PM-2 |
Room-5 |
Anders Reeves |
not-found |
Given the scale of the Ransomware market ($209 million paid in 2016), the scale of its operations (50% of organisations have responded to a Ransomware campaign), and increased use of technology in the form of exploits used to propagate attacks, it is a matter of time before a security team must deal with a Ransomware incident.
When that happens, it is imperative that clean workflows (aka playbooks) exist, so that the team can respond in a consistent, focused, and repeatable way. This Working Session will create a Ransomware Playbook for use by security teams.
- Create Ransomware Playbook
- Ransomware Playbook
The target audience for this Working Session is:
- Security teams
- OWASP Anti-Ransomware Guide Project
- NHS cyber-attack: GPs and hospitals hit by ransomware (BBC news)
- Ransomware is Here: Fundamentals Everyone Needs to Know (presentation)
- What the Kidnapping & Ransom Economy Teaches Us About Ransomware (presentation)
- Existing Ransomwere playbooks
- Draft Ransomware Playbook
(please add as much information as possible before the sessions)