In this Spotlight Podcast, Pondurance Manager of Incident Response Max Henderson joins me to talk about the ongoing ransomware epidemic and some of the emerging trends in ransomware attacks. We also talk about and what companies get right- and wrong in their response. Max gives us some tips about how best to respond to ransomware threats and attacks.

Max Henderson is the Manager of Incident Response at Pondurance

As always,  you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and Spotify. Or, check us out on Google Podcasts, Stitcher, Radio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted. 

Ransomware attacks have become a mainstay of the cyber threat landscape -and among the most dreaded forms of cyber crime. While exact numbers are hard to come by, large scale studies of companies found that more than a third had been hit by ransomware in the past year, with the retail, government and education sectors particularly hard hit.

With the attention given to the threats posed by ransomware, why do organizations still fall victim to these attacks? There are many contributing factors, but one of the most important is the shortage of cyber security talent in the trenches of modern organizations. Without properly trained personnel, organizations are missing the early signs of a compromise that might otherwise allow them to cut short a malicious campaign. And even when internal teams do get wind of a cyber attack in process, a lack of experience can hamper their response: tipping off attackers in ways that worsen the damage and disruption they cause or allow them to cover their tracks, denying victims a full understanding of the scope of the incident.

Getting Incident Response Right

So what should companies worried about ransomware do? In this episode of the podcast we’re joined by Max Henderson, the Manager of Incident Response at the endpoint detection and response firm Pondurance. Max is a seasoned cyber security and incident response professional who has led hundreds of investigations including complete network, cloud, and Active Directory compromises of entities with annual revenues in the multi-billion dollar range. Hiss investigations and presentations have been featured on CBS 60 Minutes, National Infragard, and International ISSA conferences.

In this conversation, Max and I talk about some of the root causes of the ransomware pandemic, and why it is that companies so often miss the telltale signs of growing compromises in their environments.