Follow NCC Group Newsroom



Marriott Marquis Houston 1777 Walker Street Houston, TX 77010

 NCC Group's very own Michael Gough will be presenting Preparing for a Ransomware or Malware Incident as well as Incident Response is HARRRRRD… but it doesn’t have to be in Houston at HOU.SEC.CON which is the 2020 edition of THE Houston-area information security conference. To learn more about his presentations, read below.

Preparing for a Ransomware or Malware Incident 
May 5

Preparing and responding to an incident is an essential skill for today’s Information Security and IT professionals. This course focuses on Ransomware and Malware targeting organizations most, and the types of things that we can do about it to reduce this risk. By identifying the risks, you can identify gaps which helps to define potential budget needs.

The goal and objective is to respond to an incident quickly. What can we do to close the holes that are taken advantage of causing these attacks to succeed will help us to prepare for an eventual incident.

Also covered will be configurations that should be enabled to help incident responders in the event you have an incident and/or require help from an IR firm, which helps us help you. This preparation could help to reduce costs of an incident, and help to justify budget for any gaps.

Incident Response is HARRRRRD… but it doesn’t have to be
May 6-7

So your EDR, AV, or other fancy shiny blinky lights security tools alerted you that Bobs Windows box has some suspicious activity. Do you have the details you need to investigate or remediate the system? Can you quickly and easily investigate it? You can enable a lot of things you already have for FREE to help you with your investigations, no matter the tools used. Let’s take a look how we do Incident Response on Windows systems and what you can do to prepare for an inevitable event.

How is your logging? Is it enabled? Configured to some best practice? (hopefully better than an industry standard that is seriously lacking). Have you enabled some critical logs that by default Microsoft does NOT enable? Do you have a way to run a command, script, or a favorite tool across one or all your systems and retrieve the results? Do you block some well-known exploitable file types so users do not initiate the scripting engine when they double click, rather just open good ol’ Notepad?

Everything mentioned here is FREE and you already have it!

Sign Up

Sign up for the event