This year, I had the privilege of attending the OpenText Enfuse conference in Las Vegas. While there, I had the opportunity to develop my forensic abilities and build relationships with industry professionals, co-workers, friends, and many other wonderful new people. The breakout sessions provided me with deep level overviews of interesting topics like threat hunting, ransomware, cryptocurrency investigation, and the growth of digital forensics in the insurance industry. The last is of particular interest to me because I’ve worked in that industry for the past two summers. The lectures provided me with a contextual understanding and wide variety of perspectives on the larger ideas that drive digital forensics and cybersecurity. James Comey’s keynote session added a legal context to the benefits and drawbacks of encryption. He presented this in a way that allowed for new discussions to take place about data privacy and digital forensic investigations.
Held Hostage: A Ransomware Primer
Best practices for defending against ransomware lie in educating employees about the different ways ransomware can get into a network, patching out of date software, network segmentation to prevent spread, frequent backups, and email extension filters to prevent the delivery of unwanted file types. When employees are aware of these attack vectors, then they may begin to recognize the signs of obvious danger. Hyatt noted that the most important part of security awareness training is to explicitly explain what signs of suspicious activities look like. Show them! Hyatt stressed, “Security is about learning, not shaming.”
OpenText Enfuse 2018 allowed me to explore a wide variety of security topics in a very short amount of time, but if you ask me, too short. I could’ve spent another week attending sessions like these to get my finger on the pulse of conversations happening now in the security and digital forensics fields. The experience was invaluable from every perspective imaginable.