Overview
Explore the aftermath and lessons learned from Maersk's major NotPetya cyber-attack in June 2017 through this 51-minute Black Hat conference talk. Delve into the critical "Golden Hour" of response, the impact on Active Directory, and the recovery process. Examine the changing threat landscape and how Maersk applied these lessons to enhance cybersecurity. Learn about implementing resilient Active Directory structures, target operating models, OT frameworks, and security operating principles. Gain insights into the two-way process of improvement, cloud migration decisions, and adopting a risk-based approach to cybersecurity. Understand the importance of adapting to new threats rather than fighting the last war in this informative session presented by Andy Powell.
Syllabus
Introduction
Overview
Maersk
The Golden Hour
NotPetya
Active Directory
Recovery
Logistics
Changing threat landscape
Applying the lessons
Resilient Active Directory
Target Operating Models
OT Frameworks
Security Operating Principles
The TwoWay Process
How did the person who brought the malware come forward
Why did you choose the cloud
The danger of fighting the last war
Riskbased approach
Taught by
Black Hat