Top 5 Lessons Learned in EDU: Modern Threat Detection & Security Operations

Over the last year, the most common reason behind Microsoft incident response engagements has been advanced ransomware attacks. In some instances, cybercriminals went from initial entry to ransoming the entire network in less than 45 minutes. Unfortunately, this trend of human-operated ransomware attacks is picking up steam and the education sector appears to be a top target due resource constraints, hybrid learning, and technical debt. During this session, you will learn about the state of advanced attacks, e.g., supply chain/advanced ransomware in education, and the impact on higher ed institutions. Join this session to increase your situational awareness about advanced attacks, best practices, and methods to detect suspicious activity and anomalous behavior in your environment.