Cyber-attack on ISS seen from the IT emergency room
Sølyst, Den Kongelige Skydebane
Emiliekildevej 2, 2930 Klampenborg
Nov 29th, 2021 from:
08:00 - 11:00
Information & IT Security Manager at ISS Facility Services
CISO EMEA at Proofpoint
Ransomware! It’s the primary concern of many CISOs and Security Leaders. Business email compromise may be more financially impactful at a global scale, but only ransomware can publicly derail your enterprise, shock your investors, and leave you running the operation with pen and paper.
The hazard, however, is not the same as it was, and we’ve seen ransomware tools and techniques evolve over the past 4 years, refining the attack vector until it reached this pinnacle of threat.
In this session, we’ll look at the recent trends in the ransomware world, and consider paths to both prevent and recover from attacks. We’ll also evaluate where ransomware could go next, and why losing the confidentiality of all your data may be preferable to the alternatives.
08:00 – 08.45: Welcome by twoHundred and Andrew Rose, Resident CISO EMEA Proofpoint – Introduction and breakfast.
08.45– 09.45: Case Speaker – Steen Wilken, Information & IT Security Manager from ISS Facility Services
In February 2020, ISS was attacked by a ransomware attack. Steen will share some insides on how he and his team handled this ransomware attack on ISS, as well as talk about what has been done in ISS after the attack with associated experience and what he has learned from this attack as well as how to handle an emergency while the country was closed. In addition, Steen will show the organization of their emergency response today.
- How did we priority recovering the IT system
- How to continue recovering when Denmark closed down
- What did we do after the attack and after the emergency
- Emergency organization
09.50 – 10.50: Group Discussion: Facilitated by Proofpoint and based on the following considerations:
- How can we control changes to make improve our resilience against ransomware?
- What does your ransomware response playbook look like?
10.50 – 11.00: Follow-up on the group discussion and wrap up by Andrew Rose, Resident CISO EMEA Proofpoint
11.00: Thanks for today.