Attention:
Card image cap

Ransomware Remediation (and How to Keep Ransomware Attackers from Reading Emails and Joining Zoom Calls)


Level: Intermediate
Runtime: 45 minutes
Recorded Date: January 18, 2024
Click here to share this program
Printer-Friendly Version
Closed Caption

Agenda

  • The "Costs" of a Data Breach
  • Preventing Ransom Attacks
  • NIST Cybersecurity Framework
  • Contingency Planning
  • Planning for Better Restoration, Recovery, and Resiliency
  • Remediation Priorities
  • Practical Tips and Insights

For NY - Difficulty Level: Both newly admitted and experienced attorneys

Description

In this panel from the annual "Incident Response Forum Ransomware" event, cybersecurity law experts discuss ransomware remediation strategies, emphasizing fast recovery, prevention, and resilience. The panel introduces a detailed playbook on restoration, recovery, and resiliency, highlighting the importance of understanding network vulnerabilities and planning within the NIST cybersecurity framework.
Detailed business recovery plans and a designated response team are crucial for effective recovery. Legal, regulatory, and insurance processes must be considered to minimize disruption and costs. The panel explains preventive measures including implementing multi-factor authentication and involving the business in security measures to protect against social engineering. The panel focuses on proactive planning and collaboration to prevent and recover from ransomware attacks efficiently and effectively.

Provided By

Card image cap Securities Docket
Card image cap

Panelists

Card image cap

Ronald Smalley

Senior Vice President, Cybersecurity Operations
Fiserv

Ronald Smalley is the Senior Vice President in charge of Fiserv's Cybersecurity Operations.

Prior to joining Fiserv, he led the Global Cybersecurity Operations and Investigations team for First Data, a Fortune 300 financial services company that provides secure and innovative payment technology and services to more than six million merchants and 4,000 financial institutions globally. 

Smalley joined First Data from the United States Secret Service where he began his career as a Special Agent in the New York Field Office. Following this assignment, he transferred to the Cyber Intelligence Section at Secret Service Headquarters, a unit focusing on identifying individuals involved with large-scale data breaches and other significant cyber related financial crimes. In this capacity, Smalley conducted criminal investigations and supported worldwide Secret Service criminal investigations, intelligence sharing, and undercover operations.

Prior to his Secret Service career, Smalley was a State Investigator with the New Jersey Division of Criminal Justice, assigned to the Computer Analysis and Technology Unit. He holds both a Bachelor’s in Computer Science and in Law and Justice.

Card image cap

Robert Hudock

Partner
King and Spalding

As a partner in the Data, Privacy and Security practice group at King & Spalding LLP, Robert Hudock counsels clients on preparing for, responding to, and recovering from cyber-based attacks on their networks and information. He assesses clients’ security controls and practices for the protection of data, developing and implementing information security programs, and complying with federal and state regulatory requirements.

Robert has represented companies on a range of cybersecurity and data-security incidents, including dozens of security breach matters involving tens of millions of affected consumers. He has represented clients before federal and state government agencies, national security-related investigations, cybersecurity matters, and Attorney General investigations into security incidents. He routinely advises clients on data, privacy and security matters arising from federal and state laws. He regularly conducts risk assessments and IT audits for healthcare and financial services companies and designs and implements cost-effective strategies for managing electronic documents.

Robert is a Certified Information Systems Security Professional (CISSP) and was awarded this information technology security audit certification by the International Information Systems Security Certification Consortium. He is certified by the National Security Agency to perform INFOSEC Assessment Methodology audits under FISMA and by the Health Information Trust Alliance (HITRUST) as a Certified CSF Practitioner. HITRUST is an organization that provides training to develop and maintain effective security programs for health care and life sciences companies. He is a Certified Ethical Hacker (CEH). The CEH credential is a professional certification provided by the International Council of Electronic Commerce Consultants.

Robert is a two-time winner of DefCon's Capture the Flag Competition. DefCon CTF provides a venue for the true pro hackers to ply their craft and show off their skill. As such, it acts as a weather vane for the hacking community, pointing out the top hackers and the most effective techniques (tools, automation, etc.).
Previously, Robert served as a member of a nationally recognized law firm where he was a member of their Healthcare and Life Sciences practice group. He also served as the Chief Privacy and Data Security Officer and Senior Vice President of a major intelligence, military, aerospace, engineering, and systems contractor, where he managed all aspects of privacy and cybersecurity compliance across the company.

Card image cap

Heather Egan

Partner
Orrick

Heather Egan is the Business Unit Leader for Orrick’s Strategic Advisory & Government Enforcement (SAGE) Business Unit. Heather focuses on cybersecurity, privacy and information management. A strategic advisor to clients, she is ranked by Chambers USA, Chambers Global and The Legal 500 United States as a leader in her field. Chambers explains companies turn to Heather because she “understands all the business issues and the dynamics of how to implement privacy programs [and is] extraordinarily thoughtful, very pragmatic and responsive.”

Heather partners with clients to reduce the risk of privacy and security incidents. In the event of an incident, she helps companies respond, successfully guiding them through investigation, remediation, notification and any ensuing government inquiries. She provides comprehensive crisis management support and companies rely on her to manage their response to catastrophes, investigations and government probes involving conduct by employees, contractors and third parties.

To help clients navigate complicated global regulatory compliance challenges, she leads comprehensive cybersecurity and privacy assessments worldwide, vets risks in corporate transactions, conducts internal investigations stemming from data incidents, and drafts and negotiates contracts concerning data-related vendors and arrangements. She regularly counsels businesses on how to mitigate risks associated with the collection, use, retention, disclosure, transfer and disposal of personal data. Outside of the U.S., she manages teams of talented counsel around the world to deliver seamless advice for clients that operate across many jurisdictional lines, developing comprehensive privacy and cybersecurity programs that address competing regulatory regimes.

Card image cap

Luke Tenery

Partner
StoneTurn

Luke Tenery, a Partner with StoneTurn, brings nearly 20 years of experience helping leading organizations mitigate complex cybersecurity, data privacy and data protection risks. He applies extensive expertise in cyber investigations, threat intelligence, incident response, and information risk management to assist clients across the threat and risk continuum—from prevention to detection, mitigation through to remediation and transformation. Luke specializes in situational corporate cyber risks. He helps organizations across a range of industries align robust information security risk management with high- impact initiatives including remediation, M&A due diligence and integration, cyber cost analyses, digital transformation, and Secure Operations Center (SOC) and threat intelligence program development. Luke also assists public companies and their Boards in remediating the long-standing control issues that lead to cyber incidents.

Prior to joining StoneTurn, Luke founded the global cyber practice and led the cyber response, investigations, and intelligence practice of an international consulting firm, handling a range of active and emergent cybersecurity threats. Earlier in his career, Luke rose to Deputy Cyber Practice Leader over a 15-year tenure with a global risk management and investigations firm.

Luke is a certified chief information security officer (C/CISO). He has performed interim technology and information security leadership functions for his clients. Luke has also advised on cyber issues at the intersection of risk and compliance, as well as those related to financial fraud and data integrity He is a thought leader and frequent author and speaker on topics including incident response, security data analytics, incident remediation, and cybersecurity compliance in the context of payment card industry (PCI) and CFIUS compliance, among other regulatory enforcement issues.


Card image cap

Similar Courses

Card image cap
64 minutes
"I Am Not a Cat" Proceedings in a Virtual World
Besides becoming a pop-culture catchphrase, how has the shift to a virtual environment impacted proceedings over the last year, and what changes do you believe are here to stay? Our panel of experts will examine some of the greatest challenges, faux pas, and successes in virtual proceedings over the course of this transformative time.

Women, Influence & Power in Law Conference

$65

Add to Cart
Card image cap
63 minutes
2021: The Year of the ELM
Panelists will clarify what constitutes an ELM platform, examine its unique and compelling capabilities, and discuss its strategic and tactical advantages, particularly those stemming from data-driven insights and machine-driven decision making. Attendees will gain a clear understanding of the significance of the emergence of ELM solutions, what firms and law departments can achieve with ELM platform, and practical and ethical considerations related to adopting an ELM solution.

Legalweek

$65

Add to Cart
Card image cap
58 minutes
5 Ways Agreement AI Can Enhance Performance and Reduce Risk for Your Legal Team
In high growth companies, contracting pain points can make your organization less competitive. Fortunately, your legal team has access to world-class, robust AI solutions that can help enhance performance of the legal team and avoid common business pitfalls. If deployed correctly, contract AI can be a legal team’s best friend - shrinking the knowledge gap across years and silos, acting as a digital assistant to automate repetitive tasks, and arming lawyers with tools that help them be proactive rather than responsive.

Legalweek

$65

Add to Cart
Card image cap
118 minutes
A Comprehensive Guide on Non-Fungible Tokens (NFTs): Managing Potentials and Perils
In this program, a panel of thought leaders and practitioners assembled by The Knowledge Group will discuss the recent trends and significant challenges surrounding NFTs and the associated legal landscape, including helpful insights to avoid potential risks.">In this program, a panel of thought leaders and practitioners assembled by The Knowledge Group will discuss the recent trends and significant challenges surrounding NFTs and the associated legal landscape, including helpful insights to avoid potential risks.

The Knowledge Group

$165

Add to Cart
Previous Next