• Online, Self-Paced
Course Description

Ransomware is an epidemic; this ransomware response training class teaches IT professionals to be prepared before disaster strikes! In the blink of an eye, everything from your financial records to emails to file shares have been encrypted, possibly never to be seen again. This is the nightmare that organizations around the world have faced as they grapple with the most destructive and terrifying of all cyberattacks.

Today, ransomware is often the last stage of a data breach, launched by criminals after they have already stolen massive volumes of data. Exposure threats are on the rise, as criminals threaten to publish data if they don’t receive their payment. What makes this ransomware class different? It’s taught by industry expert Matt Durrin who has extensive hands-on ransomware response, research, and remediation experience. It’s also MORE than an on-demand ransomware training class—you can schedule live question-and-answer times with an instructor!

This popular ransomware response training class teaches you how to respond to ransomware quickly and effectively to minimize damage. Available on-demand and on your schedule, this ransomware class will show you modern ransomware strains in action, including videos and screenshots, and point out key indicators that can facilitate early detection. Then we’ll delve into the core elements of ransomware response: triage, evidence preservation, scoping, negotiation, decryption, and more. Finally, we’ll discuss whether ransomware is also a data breach, and how to handle potentially long-term consequences. This ransomware class includes simple steps you can take to reduce your risk of a ransomware attack and respond effectively, now and in the future.

Learning Objectives

What you will learn:

- To identify the early indicators of compromise for ransomware cases
- How to stop ransomware before it takes over your network
- Steps to effectively contain ransomware
- How and why to preserve evidence in ransomware cases
- Trends in ransom payments, how to decide whether to pay, and how to develop an effective ransom negotiation strategy
- Strategies to decrypt data safely and efficiently
- How you can support ongoing legal, public relations, and other business activities related to the ransomware recovery

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Feedback

If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@hq.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.