According to the recent Kaspersky survey conducted among senior non-IT management and business owners, 73% of firms can’t handle a ransomware attack alone or with the help of regular IT service providers. To offer in-house cybersecurity teams and InfoSec professionals an opportunity to expand their analytical skills in the incident response domain, Kaspersky has designed a new Windows Incident Response training course.
Over recent years the lack of skilled technical staff who can detect and respond to complex incidents, along with a lack of visibility across infrastructure and consistent management, have been the biggest challenges for businesses in dealing with complicated cyberthreats. The recent global study by Kaspersky titled “How do business executives perceive ransomware threat?” confirms that most firms (73%) will have to seek the help of external incident response providers’ in the event of a ransomware attack. This is despite the fact that 73% of respondents from APAC consider there to be a high possibility of these attacks on their organization.
It is also likely that companies who have never experienced a ransomware attack overestimate the skills of their regular security providers and in-house IT teams. The statistics show that organizations that have previously been exposed to such threats rely less on their existing resources.
For companies looking to improve the expertise of their in-house digital forensics and incident response teams, as well as for IT security practitioners looking to upgrade relevant skills, Kaspersky has expanded its online expert training portfolio. The Windows Incident Response training was developed by experts from the company’s Global Emergency Response Team (GERT) with more than 12 years’ experience in the field.
During the course, which isheavily focused on practical skills, Ayman Shaaban, Digital Forensics and Incident Response Manager and Kai Schuricht, Senior Incident Response Specialist, will take students through incident detectionusing the example of a real-lifeREvil ransomware case.
By the end of the course IT security practitioners will know how to identify and respond to a cyberincident andwill be able to differentiate APTs from other threats,as well as studying various attack techniques and a targeted attack anatomy through the Cyber Kill Chain. Participants will master evidence acquisition, all phases of incident detection, log file analysis, network analysis and the creation of IoCs, and also get introduced to memory forensics.
Students will be granted access to a simulated virtual working environment with all the necessary tools, including ELK stack, PowerShell, Suricata, YARA,and more,to practice IR techniques.
Mr. Sandra Lee, Managing Director of Asia Pacific, Kaspersky, said “Cyberattacks are one of the most pressing concerns, and Kaspersky understands the need of providing frequent training to its stakeholders and constituent organizations in order to better prepare them to identify and respond to cyberattacks, including ransomware. An interactive real-life REvil ransomware scenario that replicates a cyber-assault will assist participants in better understanding the intricacies of incident identification while developing knowledge and expertise in cyber security against cyberattacks and collaborating efficiently.”
If you have an interesting Article / Report/case study to share, please get in touch with us at email@example.com/ firstname.lastname@example.org, 9811346846/9625243429.