CC10 - Dissecting the Ransomware Kill Chain: Why Companies Need It

CactusCon 10 (2022) Talk
Dissecting the Ransomware Kill Chain: Why Companies Need It
Kurtis Minder & Bryce Webster-Jacobsen

Ten years ago, Lockheed Martin introduced the Intrusion Kill Chain. Since then, it has morphed into the Cyber Kill Chain and remains as a widely used framework for cybersecurity and incident response strategy. However, ransomware does not fit into the traditional Cyber Kill Chain attack lifecycle, and many organizations make the mistake of simply folding ransomware attacks into existing incident response programs. What’s really needed is a new “Ransomware Kill Chain,” which can form the framework for ransomware response plans.

In this session, Nicole Hoffman, a Threat Intelligence Analyst and Kurtis Minder, CEO/Expert Ransomware Negotiator, both at GroupSense, will explain the best way to defend against ransomware is “The Ransomware Kill Chain.” They will explain the 15-step framework of the chain – from first access through encryption – by using client case studies and examples of custom-made ransomware playbooks. Discover the power and effectiveness of “The Ransomware Kill Chain” and keep your organization one step ahead during an attack.

Kurtis Minder is the co-founder and CEO of GroupSense, an enterprise digital risk protection services company. He is one of the pioneers of the ransomware negotiation industry and has helped multiple high-profile companies resolve ransomware attacks. He is also a frequent contributor to the start-up community and serves as an advisor and mentor to growing companies.

Bryce Webster-Jacobsen is the Director of Intelligence Operations at GroupSense, a digital risk protection services company. He leads a team delivering fully managed cyber intelligence and reconnaissance services to help organizations manage risk.