Louisiana's governor declares a state of emergency in response to a developing cyber attack affecting several school districts. Join Ivanti CISO Phil Richards as he shares: -A breakdown of the anatomy of the attack -Best practices for limiting your risk -How to develop an emergency response plan -Advice for both IT security and non-IT security professionals

1. WEBINAR: Update on Louisiana
Cybersecurity State of Emergency
Phil Richards – Ivanti CISO
Chris Goettl – Director, Security Product Management

2. What We Know: Louisiana Cybersecurity State of Emergency
 “Severe, intentional cybersecurity breaches” in three northern
Louisiana school districts
 In one case, virus knocked out district’s phone system
 Governor declared State of Emergency on July 24th
 Significant risk that the threats were ongoing

3. What We Know: Louisiana Cybersecurity
State of Emergency
• Fourth district noticed “unusual
activity”
• Shut down email and phone lines as a
precaution
• Support crew is assisting the district
• State has sent a self-assessment tool
to all school districts to determine risk
level
• Other districts are backing up records
as a precaution
• “Some security issues and some data
loss”
• Not all had a ransom request
• Similar incidents in AL and GA

4. But the threat extends beyond schools in Louisiana…
Cyberattackers strike fourth Louisiana
school district, Tangipahoa Parish,
others taking precautions
Baltimore Does not Pay Ransomware,
Hackers Leak Sensitive Data on Twitter
(Total cost already exceeds $18 Million)
Another Florida City Pays
Ransomware Attack ($500k and $600k
Ransoms Paid)
Government Networks Are Under Cyber
Attack: Here’s How Cities, Agencies
Can Fight Back

5. Advice for IT Security Professionals
 Patching
 Ensure OS and third-party apps are up to date
 All critical patches for Flash, Java, browsers and Microsoft apps
 User education on Phishing/Spam emails
 Try periodic drills that provide immediate feedback when users click on a
link
 Privilege Management
 Minimize privileges but maintain productivity
 Privileged user access rights are less than effective
 Effective access control

6. Prevention vs. Response
 Districts are focusing on response
 Taking a lead from the Governor’s office
 From Homeland Security Today
1. Investment in the right people
2. Adequate asset management
3. Orgs must get their core controls right
 CIS Framework

8. Capital One Data Theft

9.  Seattle woman charged with stealing data from more than 100 million
credit applications
 US: 140,000 Social Security Numbers; 80,000 bank account numbers
 Canada: 1 million Social Insurance Numbers
 Accused is a former AWS employee and allegedly bragged about the
hack on social media and Slack
 The accused had other files indicating other companies may have been
compromised

10. Q&A