Session Abstract: Imagine this: Attackers just breached your company’s identity system. Working undetected, the attackers exploited a security gap in the company’s Active Directory (AD) environment, escalating privileges to introduce malware that has now locked up important files, spammed the entire staff with ads, and slowed down their computers. Without immediate action, your company faces an imminent shutdown of its business operations.
Unfortunately, this playbook is becoming far too common. Microsoft AD and Azure AD provide critical identity infrastructure for 90% of enterprises today and are now under sustained attack for the network access they provide to user credentials, company systems, and other sensitive data. In fact, Gartner named identity threat detection and response as a top cybersecurity trend last year, noting that credential misuse is a primary method attackers use to access systems.
The presenter has a first-hand view of how these identity system attacks unfold. During this session, he will discuss his experiences working as part of the team that helped a large European insurance company recover from this type of cyberattack in real-time. Walking through each phase of the attack, he will share step-by-step guidance on how to effectively respond to in-progress attacks on an organization’s identity systems.