In this conversation, Art Ocain discusses the current landscape of cybersecurity threats with the No Trust crew, particularly focusing on ransomware attacks. They explore how attackers gain access to systems, the importance of multi-factor authentication, and the vulnerabilities of small and medium-sized businesses. The conversation delves into immediate actions organizations should take during a ransomware attack, the balance between recovery and forensic investigation, and the critical role of communication during incidents. They also address the ethical dilemma of paying ransoms and share lessons learned from past incidents, emphasizing the need for ongoing security improvements and preparedness for future threats. Takeaways • VPN is currently the main vector for attacks • Small and medium businesses are often less prepared for attacks • Many companies still lack MFA on their VPNs • Organizations often believe they are immune to attacks until it's too late • Hypervisors are a primary target for ransomware attacks • Minimizing the attack surface is crucial for security • Isolating from the internet is a key first step during an attack • The decision to pay ransom is complex and often driven by immediate business needs • A full forensic investigation is essential after an attack • Ransomware trends continue to evolve and are not declining Follow & Subscribe on all Podcast platforms. link.chtbl.com/XIW5zsAn What is the Zero Trust Forum about? It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way! Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/. Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/ Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/ Takeaways • Identity is the heart of zero trust. • Most breaches occur due to weak passwords. • Identity is the key to the perimeter. • Assuming trust can lead to vulnerabilities. • Zero trust is a continuous journey. • Organizations need visibility into their identity landscape. • AI can assist in analyzing identity-related data. • Non-human identities are a growing concern. • MFA is essential but not the only solution. • The future of identity management will involve AI. Follow & Subscribe on all Podcast platforms. link.chtbl.com/XIW5zsAn What is the Zero Trust Forum about? It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way! Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/. Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/ Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/
Show more
Show less