In recent days Ransomware attacks have become one of the worst cyber security threats.  Ransomware is a class of malware, which denies access to user data by various means. Many businesses believe that paying the ransom is the most effective way of getting their data back. This in turn is fueling the rapid development of new strains of ransomware. Ransomware attacks started out by targeting individual users through phishing attacks.   In recent years, as illustrated by the attack on the MedStar group of hospitals, new strains of Ransomware malware such as Loki and SamSam are targeting vulnerabilities in entire networks. This ransomware instead of targeting individual users, targets entire networks, by encrypting all the data they can access for a larger lump sum payout. Ramsomware such as SamSam exploits un-patched deployments of various popular application platforms such as JBoss.  These new strains are also attacking backups.

One of the most effective ways to combat ransomware is to have a robust backup strategy  While there is a tremendous focus on developing functionality fast, tasks such as Backup are not something developers focus on, even in organizations where Agile and DevOps is reasonably mature. Many times there is an assumption that Backup is occurring and it is someone else’s problem.

Given that the Ransomware attacks are not only targeting the primary systems, but also backups, it is critical to ensure there are effective backup strategies to ensure that there is no path from the primary systems to backup systems.

As part of the Agile development and DevOps lifecycle Enterprises need to focus on ensuring all data is being backed up in a safe and secure location that allows them to quickly recover from attacks. If backups are tightly integrated into the CI/CD pipeline, it enables enterprises to quickly recover from Ransomware or other attacks and ensures Operational Resiliency for the enterprise.

In this talk we will describe the dangers posed by various strains of Ransomeware to enterprises and show how Agile and DevOps can be used to effectively combat ransomware attacks.

1 favorite thumb_down thumb_up 0 comments visibility_off  Remove from Watchlist visibility  Add to Watchlist

Outline/structure of the Session

1. Introduction to Ransomware

2. Dangers of not having an effective backup strategy

3. Integrating effective backups into Agile and DevOps lifecycle

4. Questions

Learning Outcome

This talk will highlight the need to have effective backup strategies within enterprises to combat threats such as Ransomware.  We will also highlight, that it is extremely important for DevOps practitioners have to be cognizant of tasks such as Backup and Disaster Recovery. Backups have to be integral to an effective Agile and DevOps strategy.

Target Audience

Developers, DevOps engineers, Project Managers, Security

schedule Submitted 2 years ago

Comments Subscribe to Comments

comment Comment on this Submission

  • Liked Andrea Goulet

    Andrea Goulet - Vulnerability: The Key To Successful Agile Adoption

    Andrea Goulet
    Andrea Goulet
    Corgibytes, LLC
    schedule 2 years ago
    Sold Out!
    45 Mins

    Software development culture has been dominated by the hero. Rock stars, ninjas, and 10Xers have been the center of attention, giving the skewed perception that great software is the result of a single amazing developer. But this couldn't be further from the truth.

    In this talk, Andrea Goulet, the CEO of Corgibytes, will share her experiences using vulnerability and empathy as drivers for Agile adoption and culture building. 

  • Liked Manjit Singh

    Manjit Singh - Project Managers, Transform Thyself! From Command-n-Control to Facilitation & Collaboration Enabler

    45 Mins

    No one has more trouble making the switch to Agile than traditional PMs. Learn how to Inspect and adapt your way to a more Agile version of you and design a journey towards facilitation and collaboration mastery.

  • Liked Tanusree McCabe

    Tanusree McCabe - 'Security First' Agile Delivery

    45 Mins

    Cloud First and Mobile First are currently common drivers of IT strategy. Security, however, by necessity, is also paramount when it comes to delivering applications, systems and services in these realms. How can we ensure security at every layer of the application stack, from cloud infrastructure, through platform and application?  How can we use Agile to drive security as a high priority yet at the same time balance risk and the developer or end user experience? How do we attain the vision pioneered by industry leaders such as Netflix towards Adaptive and Reactive security in the government?

    This is a talk about practical means to inject security into Agile delivery, starting with people, through process, and last but not least, with tools.