learnings from the frontlines


The evolution of Ransomware has led to the World Economic Forum recently citing it as one of the top 5 economic risks facing organizations today. Over the last decade, APT actors and organized criminals deploying Ransomware-as-a-Service models have been responsible for delivering some of the most aggressive, destructive attacks, threatening organizations worldwide.

With Ransomware deployments dominating headlines, senior IT and business leaders are increasingly aware that some of their existing defense strategies are no longer working.

To counteract these fast-evolving attacks, FireEye Mandiant are introducing a 4-step education path dedicated to improving your Ransomware defenses. Delivered by experts on the frontlines of today’s cyber attacks, each session will offer insight into the global threat actors deploying ransomware – their tactics, techniques and procedures – and the steps needed to identify and mitigate the impact of an attack.

The series will conclude with a live Cyber Attack Simulation during which we will guide you through the stages of a real-life ransomware attack.

With over 400,000 hours responding to cyber-attacks around the world, FireEye Mandiant experts know more about ransomware threat actors than anyone else. Watch our FREE online education path and get the latest strategies and guidance to improve your environment’s defenses.

Threat Intelligence

The Series

Step 1

Ransomware: Attacker’s Top Choice for Cyber Extortion

4 March @ 10am GMT | 11am CET | 2pm GST

Ransomware is one of the most active and profound threats facing organizations today across all industries and sizes. Years after WannaCry attacks impacted businesses across the globe, stealthy ransomware infections continue to dominate headlines and board discussions. The impact of a successful ransomware deployment includes both technical and non-technical challenges and can be crippling to an organization’s operations.

Join our live Panel session where Stuart McKenzie, Senior Vice President of Mandiant Consulting, EMEA and David Grout, EMEA CTO, will be discussing business imperatives including:

  • Board awareness of the impact of ransomware
  • Direct and indirect financial implications for organizations
  • How best to alert, inform and brief the board?
  • The role of senior IT leaders and how traditional Ransomware approaches are no longer effective

Stuart McKenzie – Senior Vice President of Mandiant Consulting, EMEA
David Grout – EMEA CTO, FireEye

Step 2

Ransomware, the Ongoing Scourge: Developments in the Threat Landscape and the Benefits of an Intelligence-led Approach

11 March @ 10am GMT | 11am CET | 2pm GST

Ransomware is disruptive and costly. Threat actor innovations have increased the potential damage of ransomware infections in recent years, and this trend shows no sign of slowing down. Financially motivated actors will continue to evolve their tactics to maximize the profit generated from successful ransomware attacks.

Keeping abreast of the ransomware threat landscape is essential to ensure your organization’s defenses are effective. As a practitioner, you have plenty of opportunities to detect and block ransomware operations throughout the entire attack lifecycle if equipped with relevant insight.

Join this session to learn more about the key ransomware trends, the ways organizations can proactively start bolstering their defenses and the added value of an intelligence-led approach.

David Grout – EMEA CTO, FireEye
Jamie Collier – Cyber Threat Intelligence Consultant, FireEye Mandiant

Step 3

Learning from the Worst: What Emulating Ransomware Groups with Red Team Operations Can Show About the Real State of Defenses

18 March @ 10am GMT | 11am CET | 2pm GST

One of the hardest questions to answer for any organization is “Could we actually detect a ransomware attack before it’s too late?” With attacker sophistication increasing all the time, there is no guarantee that the policies and plans of yesteryear will still work, nor that the products and automated detections will get there in time.

The only way to know for sure is to learn from the worst and carry out a sophisticated cyber-attack wearing the mask of a ransomware group attacker. Using the unmatched Threat Intel, the FireEye Mandiant Red Team have been able to conduct such engagements using the tools and techniques of the world’s leading ransomware threat actors and find those spaces between the defensive dream and risk-filled reality that could cost you dearly.

In this session, our experts reveal some of the results from these engagements which can be adopted into your ongoing security program.

Jay Christiansen – Principal Consultant, Red Team Operations, Mandiant Consulting
David Grout – EMEA CTO, FireEye

Step 4

Enter the Arena, Live the Experience and Discover How You Will React

25 March @ 10am GMT | 11am CET | 2pm GST

Combining our experience in the field with our in-depth knowledge of attackers and their techniques, we have built a unique, immersive and interactive session which challenges you to make the necessary key decisions during a cyber attack.

During our Cyber Attack Simulation, attendees will be guided through the stages of a ransomware attack, whilst also receiving guidance around the decisions you may need to make. Will you pay, delay or ignore? Are you ready to take the risks and look at the possible outcomes? If yes, you cannot miss this session!

Gareth Grindal – Principal Security Consultant, Mandiant Consulting
David Grout – EMEA CTO, FireEye