Conversant Group

I was asked today by security executive in the industry I have known for years on what the top security control was I would recommend to the security industry and my response surprised him. Backups! We have worked hundreds of ransomware events where Fenix24 is called in to help clients restore, and on 95% of those events the backups are wiped or encrypted completely. For the other 5% that survive, less than 1% actually had full copies of all critical data. This makes recovery quite challenging without a decryption key, and it is exactly why the threat actors are targeting the backups every time they get into a victim's environment. If they compromise the backups, their chances of getting a pay day SKYROCKET! I have held several CISO or CSO roles in my career, and I never thought once that my backups would not be available, and fast forward to my role now, and I realize how wrong I was. I was also blind to what it takes to recover from backups. Our Tabletop scenarios make "assumptions" that you can just move data back into production environment quickly. However, with a ransomware event, you have your entire infrastructure encrypted, eating up valuable storage space, how quickly can you transfer Terabytes of data? What is the pipeline to move it? You can't just wipe out the encrypted data as you need forensics evidence, but also you might need that data later on when you realize your missing certain data from backups, and then have to get a decryption key. I could go on, and on about the challenges with recovering from a ransomware event, but the point I want you all to focus on is this. If you think your backups will survive, I can almost 100% guarantee you that they will not. Fenix24 has taken all our lessons on the devastation of ransomware events and helped our sister company Grypho5 build an incredible managed backup capability and sister battalion Athena7 has built the most comprehensive and technical assessments around hardening and backups that I have seen in my entire career. I would encourage anyone who worries about a ransomware attack to heavily focus on their backups, and if you need help reach out to me and I can talk you through it. I truly mean it when I say I would make truly immutable backups, several copies, and truly tested (not just paper) my number 1 security control each and every time!

Who's excited? #ILTACON2024 is just around the corner! Join us in Nashville from 11-15 August for 4.5 days of educational sessions, networking, and amazing keynote speakers. Don't forget to register now for the legal tech event of the year, spots are filling up quickly: https://zurl.co/wiJn See y'all in Music City!

Are you a technology or cybersecurity leader looking to enhance your business continuity and disaster recovery (BCP/DR) plans? Are you confident in your current approach, or could expert insights challenge your assumptions and lead to more resilient strategies? Join TechCompass for an exclusive live webinar featuring a panel of three distinguished security leaders from diverse backgrounds. Gain valuable perspectives from professionals who handle real incidents daily and understand what makes BCP/DR strategies truly effective. Panelists: Peter Starland - Managing Director, Digital Forensics, and Incident Response. With over 20 years of experience in incident response, Peter began his career as an engineer and has since led numerous managed incident response and forensics engagements. Heath Renfrow - Co-Founder of Fenix24, awarded Best Overall Cybersecurity and Ransomware Recovery Company in the Cybersecurity Excellence Awards. Heath's expertise in ransomware recovery offers invaluable insights into crafting BCP/DR plans that withstand real-world attacks. Brandt King - Director of Incident Response Engagements at Stroz Friedberg, an Aon company in Toronto, Canada. With over 10 years of experience in forensics and cybersecurity incident response, Brandt brings a wealth of knowledge from client-facing roles similar to Peter's. What You'll Learn: -How to evaluate and enhance your current BCP/DR strategies. -Insights from professionals who investigate breaches and assess the effectiveness of BCP/DR plans. -Real-world examples and lessons from data recovery and incident response experts. -New perspectives that challenge your current assumptions about cyber resilience. -Come prepared to rethink your approach and discover actionable strategies for achieving true cyber resilience. Don't miss this opportunity to learn from the best in the industry! Ramin Lamei Jesse Meadors #BCP #DR #BusinessContinuity #DisasterRecovery #Cybersecurity #TechLeaders #CyberResilience #Webinar #IncidentResponse #Forensics #RansomwareRecovery #DataRecovery #ExpertInsights #CybersecurityLeaders #CybersecurityWebinar #SecurityStrategies #DigitalForensics #CybersecurityExperts #TechInsights #CybersecurityPanel #BCPDRStrategies #CybersecurityIncidents #CyberResilienceStrategies #DataProtection #CybersecurityAwareness