Vice President, Cybersecurity and Advocacy Utilities Technology Council Arlington, Virginia, United States
In recent months numerous critical infrastructure operators have had their IT systems compromised by the foreign-sponsored ransomware group, Volt Typhoon. Volt Typhoon poses a significant risk to critical infrastructure, particularly targeting Active Directory (AD) systems. Volt Typhoon exploits known, or zero-day vulnerabilities found in public-facing network appliances such as VPNs, firewalls, and routers to initially breach the IT network.
The usage of Living-off-the-land Techniques allows threat actors to blend into an environment as a trusted user, meaning that traditional network security controls often fail to identify their presence. The need for an adopted security mindset is more prevalent than ever before. Utilities need to do more to protect their data and update their security strategies to battle against sophisticated threats effectively.
In this session, Certes CTO Simon Pamplin will be evaluating increasing prevalent TTPs utilized by threat actors, how AI can further arm adversaries to create havoc, and most importantly, mitigation steps that can be taken to mitigate the risk of a data breach even when a bad actor is inside your network using legitimate user credentials.
A Use Case will also be discussed that demonstrates how sensitive applications such as Active Directory can be secured to prevent TTPs such as Privilege Escalation, Lateral Movement and Credential Theft.
.jpeg "Simon Pamplin photo")
.jpg "Cordell Briggs, II (he/him/his) photo")