Data Science for Ransomware Defense and Negotiation

Channel:
United States SANS Institute
Subscribers:
64,000
Published on ● Video Link: https://www.youtube.com/watch?v=ICA8XUWAV8c


Duration: 34:24
105 views
2

SANS Ransomware Summit 2023

Data Science for Ransomware Defense and Negotiation

Speaker: John Sturgis, Data Scientist, Cyentia Institute

In 2022, Cyentia published a two-volume series analyzing data behind nearly 1,300 ransomware incidents since 2019 in partnership with Arete Advisors—a global cyber risk management company specializing in ransomware negotiation. In volume 1 (Mitigating Ransomware’s Impact), we explored questions about typical ransom demands and payments, payment rates, percent demand paid, payment reasons, and more. We further analyzed potential influencing factors, such as the victim industry and the presence—or absence—of various defensive measures. Readers also benefit from firsthand accounts of investigators and negotiators in the trenches. Of particular interest to this crowd, volume 2 (Reining In Ransomware) investigated trends among prominent ransomware families, including their associated ATT&CK techniques, related mitigations, and how these may affect demand and payment amounts. I believe the audience would benefit from many of these data points, in essence by learning from others’ experiences. They can expect to be equipped with the data needed to effectively prioritize organizational protections, and—in the worst case—inform their own high-stakes negotiation strategies.

View upcoming Summits: http://www.sans.org/u/DuS



Other Videos By SANS Institute


2023-09-05CryptOSINT | Host: Sadie Gauthier | September 5, 2023
2023-08-31SANS Threat Analysis Rundown (STAR) with Katie Nickels | August 2023
2023-08-31FEATURE SEGMENT: Inside SANS Holiday Hack Challenge 2023 | Host: Ed Skoudis
2023-08-29Inside SANS Holiday Hack Challenge 2023 | Host: Ed Skoudis | August 29, 2023
2023-08-22In Hot Pursuit: Tracking Ransomware Actors | Ryan Chapman | Aug 22, 2023
2023-08-17Analysis on legit tools abused in human-operated ransomware
2023-08-17Lessons from the Frontlines: Ransomware Attacks, New Techniques, and Old Tricks
2023-08-17Panel | Going Dark: DOS’ing Yourself for the Better
2023-08-17Cracking Ransomware: Bypassing Anti-Analysis Techniques and Decrypting LockBit Black Ransomware
2023-08-17Jackpot! Three Years Of ESXi Ransomware Incidents
2023-08-17Data Science for Ransomware Defense and Negotiation
2023-08-17A RaaS-ipe for Disaster: The Evolving RaaS Space, as Told Through Tools, Techniques, and Procedures
2023-08-17Beyond Encryption: Exploring the Tactics Ransomware Operators Use During Negotiation & their Impact
2023-08-17You Got a TOAD: A Novel Technique for Dropping Ransomware
2023-08-17Keynote | A Post-Apocalyptic Hellscape: What Ransomware Looks Like After RaaS
2023-08-15Your Cloud Security Journey: Key Trends, Capabilities, & Skills
2023-08-15FEATURE SEGMENT: Your Cloud Security Journey: Key Trends, Capabilities, & Skills
2023-08-15NICE Workforce for Cyber Security: Recruiting, Developing, and Planning Your Cybersecurity Workforce
2023-08-08Rule-Breakers Unite: Reimagining SANS HackFest
2023-08-03No Experience Required – Gaining Clarity for a Career in Cybersecurity
2023-08-02Unpacking the New SEC Regulations with John Pescatore


Tags:
sans institute
information security
cyber security
cybersecurity
information security training
cybersecurity training
cyber security training