In the past few years, ransomware campaigns have evolved from relatively simple, opportunistic crimes to advanced, extortionate threats—including threats of physical violence. This evolution is, unfortunately, a story of innovation. Crime groups have realized that bigger payments can be extracted if they operate strategically. In turn, security teams must also become more innovate. 

In this session we will: 

• Examine the evolution of ransomware over the past several years, and show why common approaches based only on defensive strategies, or that rely on backups, are no longer sufficient on their own. 
• Define network visibility tools, show how they work, and explain what makes them different from perimeter defenses, including the unique advantages they provide.
• Break down the chain of attack for real threat events, minute-by-minute, and discuss how NDR can reveal otherwise undetectable defensive opportunities.