In large companies, the sheer volume of information resources makes their attack surface significantly larger, compared to smaller businesses. Numerous factors contribute to this exposure, including networks spread across various locations that are consolidated into a single infrastructure, mergers and acquisitions with companies possessing lower security levels, outdated hardware and software, and more.

The level of preparedness for a potential incident directly impacts the effectiveness of the response and allows you to mitigate the attack’s impact. In this webinar, you will learn how to enhance incident responses for large-scale networks. Konstantin Sapronov, Head of Global Emergency Response Team at Kaspersky, will provide you with the following practical insights on:

• Optimizing incident response processes beyond mere scaling up by increasing personnel and systems involved
• Understanding incident response from a management perspective and why it should be an ongoing, cyclical process
• Exploring key principles for a successful response, emphasizing the significance of not only technical skills but also quality processes and soft skills
• Unveiling the limitations of backups in mitigating the consequences of an incident and discovering effective strategies to address them

Today pentest challenges don’t boil down to discovering some hype vulnerabilities like XSS, CSRF, SQLl, and RCE in clients’ cybersecurity systems. While pentesters search for them and put effort into finding and demonstrating possible attack vectors, there is one more project member whose role remains unclear to a customer – the cybersecurity analyst.

These specialists take a helicopter view of the target system to properly assess existing “holes”. They offer customers a comprehensive picture of penetration testing results combined with an action plan on how to mitigate risks. Moreover, analysts help prove the need for a cybersecurity solution to c-suite and management teams, who are directly involved in cybersecurity processes and budgeting.

In this webinar, we showcase the role of analysts in penetration testing and security assessment projects. You will learn:

• What is the most mature manner of running such projects
• How an analyst’s view of a project can be useful to both technical specialists and management representatives
• What are the differences between pentesters and analysts, and why it’s important to have both on your project
• Is it possible to manage pentesting and security assessment without an analyst?

The webinar will be conducted by Olga Zinenko, Senior Security Services Expert at Kaspersky. Olga has 10 years’ experience in the information security analytics field, conducting dozens of audits, pentests and security assessments. She is a regular media contributor to publications on a variety of cybersecurity topics.

Going digital today includes both opportunities for economic growth but also opens up many risks from cyberthreats to all organizations. But how could organizations – with less or no cyber capacities and skills – be able to confidently deal with incidents? What can be done to enhance their cybersecurity awareness for their greater cyber-resilience and of the national economy in India?

Kaspersky, a leading cybersecurity company, invites organizations to join the expert webinar with Ahmad Zaidi Said, Incident Response Specialist at the Global Emergency Response Team (GERT) to discuss the fundamentals in strengthening cybersecurity and incident response for under-resourced organizations.

This webinar was held as part of National Cyber Security Awareness Month 2022 in India.

Dr. Sanjay Bahl, Director-General, CERT-In: Effective Incident Response is needed by all organizations for proactive as well as reactive cyber defense. Especially, organizations with limited man power and infrastructure resources are facing many challenges in cyber security incident response and remediation. As a part of the National Cyber Security Awareness Month (NCSAM) October 2022 activities, CERT-In and Kaspersky jointly organized a webinar on “Dealing with incident response: Cyber capacity Building for Organizations with limited resources”. Kaspersky experts provided informative and useful technical insights during the session. The learnings of this program will help organizations with limited resources to build their Cyber resilience and skill set in cyber security incident response and remediation.

Join this webinar to get actionable information that will help you plan and develop your own security operations strategy and will guide you towards practically proven solutions. During the webinar, Roman Nazarov, Head of SOC Consulting at Kaspersky, will provide a comprehensive review of our consulting services – SOC Maturity assessment and SOC Framework development – and share informative insights based on successfully completed projects, including:

• The most common SOC services and their dependence on customers’ business areas
• Typical internal SOC processes and organizational structure and what influences them
• Common issues in security operations and how they’re mitigated
• Where to learn security operations and threat hunting in theory and practice

Kaspersky Security Operations Center provides consulting services for customers who aren’t ready to outsource their operations to a Managed Detection and Response team but want to develop internal security operations practices.

A new Kaspersky online cybersecurity course ‘Security Operations and Threat Hunting’ helps SOC analysts and other staff dealing with security operations understand the SOC structure, plan and organize security monitoring, and master threat hunting.

Tracking, analyzing, interpreting and mitigating constantly evolving IT security threats is a massive undertaking. Threat intelligence has true value beyond the current hype of an emerging pocket in the information security industry. With that, threat attribution is the most prominent point of interest and contention.

Attributing targeted attacks is a powerful and essential tool that:

• Evaluates if you are a target or an unintended victim.
• Provide insights into the actors behind the attack and their motivation.
• Enables effective detection, investigation, containment and response based on the knowledge of the tactics, techniques and procedures specific to the threat actor.

Join us in this webinar to learn how threat attribution can improve security operations and incident response, methodology and pitfalls of attributing threats. Let Kaspersky Threat Attribution Engine provide you with timely insights into the malware’s origin and its possible authors.

Our experts, Vitaly Kamluk and Kirill Vorozhtsov will walk you through threat attribution examples with real-life APT malware samples and how it can be combined with other Threat Intelligence products to secure your business.

According to Kaspersky Incident Response Analyst report, an incident can exist undetected in the system for hours and days to months and even years – compromising your data all this time. This is why incident response skills are crucial for identifying the breach and stopping further damage.
In this webinar you will get onboard with experts Ayman Shaaban and Kai Schuricht from Kaspersky’s Global Emergency Response Team (GERT). They will go through the stages of the IR process and carry out live analysis of the traces of a real-life malware sample from an infected machine. If you want to kick off your career as an incident responder or level-up your IR skills, book your seat now.

Join the webinar for:

• IR process stages in a nutshell
• Live analysis with PowerShell (including practical session)
• Questions and Answers

Ayman and Kai will also introduce you to their new Kaspersky training, Windows Incident Response – a comprehensive course designed to help you become a better IR expert or increase the skills of your in-house IR team.
This practice-focused course offers a detailed step-by-step investigation into the real REvil ransomware case. You will follow the course leaders to perfect incident detection, evidence acquisition, log file analysis, network analysis and creation of IoCs, and also get introduced to memory forensics. You will be working in a simulated virtual environment with all the necessary tools to practice IR.

The sensitive data stolen from companies during a cyberattack often ends up on darknet markets. With the rise of the cybercrime as a service business model, we observe that not only data obtained from attacks is for sale but also for the information necessary to organize that attack.

Once an attacker gains access to the infrastructure of an organization, they can then sell that access to other advanced cybercriminals, such as ransomware operators. The price for accessing potential victims’ systems is relatively inexpensive when compared to the possible damage to the targeted business. In fact, the average cost for access to a company’s systems lies between the range from $2000 to $4000. Meanwhile, such attacks result in significant financial and reputational losses to the attacked organization and may even cause suspension of work and disruption of business processes. SMBs and enterprises are both key targets of such attacks.

Yuliya Novikova and Sergey Shcherbel, security experts at Kaspersky, shed light on how a company’s data and the information on their systems is sold on darknet markets.

In this webinar you will learn:

• Which types of company data are most widespread on dark markets
• Which criteria cybercriminals use to evaluate the price for organization’s data
• How to keep your data protected

As attackers become more skilled, it’s vital not only to have an accurate picture of your organization’s attack surface, but also to track its changes and react to up-to-date information about exposed digital assets. Organizations may use a wide range of security tools in their security operations but there are still digital threats that loom: capabilities to detect and mitigate insider activities, plans and attack schemes of cybercriminals located on the Darknet forums, etc.

The Kaspersky Tailored Threat Intelligence Reporting service is aimed at identifying the current state of a company’s – and even a country’s – security level, its attack surface, and the potential attack vectors that different categories of adversaries may use. Join our webinar and learn how to use our unique expertise and knowledge to understand your weaknesses against even the latest attacks and highly motivated attackers.

Kaspersky’s Incident Response Team faces daily challenges as it handles information security incidents as a third-party service provider, constantly using its experience and expertise to offer complete analysis and quick recovery successfully. To completely eliminate threats, the team covers the entire incident investigation cycle, getting involved in containment, digital forensics investigation and malware analysis, as well as helping to improve security processes after incidents.

In this talk, Digital Forensics and Incident Response Manager of Kaspersky Global Emergency Response Team (GERT), Ayman Shaaban, will share his knowledge of the latest incident trends based on his day-to-day experiences. He will also present statistical analysis of recent incidents aimed at financial organizations, government agencies, industrial bodies and more.
This webinar session will discuss:

• The GERT team and IR services
• The most frequent reasons our incident response service was requested
• Attack vectors
• How different types of attack effect different types of businesses
• Attack scenarios and the details of some of the most noteworthy cases
• What can help in reducing the risk of getting compromised

Daily interaction with organizations that seek assistance with full-scale incident response helps Kaspersky’s Incident Response Team understand the latest cyberthreat trends. After analyzing data containment, digital forensics investigations and malware analysis, as well as helping to improve security processes following incidents, the team now has a great knowledge base with statistical data of recent incidents.

After this panel discussion with experts from different organizations, attendees will understand the latest trends in attack scenarios and the details of some of the most noteworthy cases they faced. This session will be of special interest to representatives of financial organizations, government agencies, and industrial bodies, as well as others.

Today’s speakers:

• Chris Kubecka, CEO and Founder of HypaSEC, previously established security after Shamoon attack against Saudi Aramco in 2012 – will discuss how global corporates manage cyber risk and what should be changed in their approach to the incident response
• Ayman Shaaban, Digital Forensics and Incident Response Manager of Kaspersky Global Emergency Response Team (GERT) – will share his knowledge, based on his day-to-day experiences. He will present statistical analysis of recent incidents, the most frequent reasons why the Kaspersky incident response service was requested, and tools used in the attacks
• Dr. Serge Droz, Chair of the Board of directors of the Forum of Incident Response and Security Teams (FIRST) and seasoned incident responder working at Proton Technologies, will share his vision of global incident response as well as some interesting cases from his practice.