O'Reilly Archive: Anatomy of an Attack
Level: Intermediate. Theme: Ransomware, social engineering, supply chain, AI, and quantum threats.
A series of hour long sessions on the most common cyberattacks (ransomware, supply chain, and social engineering) and the future role of artificial intelligence and quantum computing in cybersecurity.
What you’ll learn
- Examine ransomware attacks and the operations of prominent ransomware groups
- Explore supply chain attacks and commonly used attack strategies
- Look at social engineering attack techniques and tactics
- Understand potential offensive and defensive uses of AI and quantum computing
- Prepare for and defend against ransomware attacks
- Recognize and counter common social engineering attacks
- Improve defenses against supply chain attacks
- Improve cybersecurity posture by employing AI and quantum computing in cyberattack defense
This course is for you if
- You’re a cybersecurity leader who wants to drill down on specific threats to your operations
- You’re an IT professional who wants to know more about cyberattacks and how to defend against them
Schedule
Day 1: Ransomware
Ransomware attack history, players, and kill chain (60 minutes). History and evolution of ransomware. How ransomware attacks work. Understanding the ransomware kill chain. Key ransomware players and common monetization techniques. Preparing for and preventing ransomware attacks. What to do after the attack. The role of cyber insurance. Security practices and frameworks to defend against ransomware. Resources and next steps. Q&A.
Day 2: Social Engineering
Social engineering attack techniques, examples, and prevention (60 minutes). History and evolution of social engineering attacks. The concept of social engineering. Types of attack vectors (pretexting, phishing, spear phishing, baiting, scareware, etc). Real world examples. Preventing and mitigating attacks. Reports and statistics on the importance of social engineering in cyber warfare. Resources and next steps. Q&A.
Day 3: Supply Chain
Supply chain attack techniques, examples, and prevention (60 minutes). History and evolution of supply chain attacks. Understanding supply chain attacks and their phases. Real world examples. Review of security guidance and frameworks published by NIST, DOD, and the UK National Cyber Security Centre. Resources and next steps. Q&A.
Day 4: Artificial Intelligence and Quantum Computing
AI and quantum computing cyberthreats (60 minutes). Origins and evolution of AI and quantum computing. Cybersecurity threats posed by AI. Role of AI in countering cyberattacks. Impact of quantum computing on cybersecurity. The move toward “quantum resistant” or “post quantum” cryptography. NIST and other standards bodies’ work on post quantum standardization. AI and quantum computing in the cloud. How to plan and prepare for these technologies. Resources and next steps. Q&A.
Read next
-
Zero Trust for AI Agents at ATARC ZT4
Recap of my session at ATARC's Zero Trust Virtual Learning Exchange on extending Zero Trust principles to autonomous AI agents.
- Digital Identity
Entra Agent ID Across Clouds: Part 5, Anti-Patterns
Final article in the five-part series on running Microsoft Entra Agent ID against third-party clouds. Closes the loop with the variants and failure modes that consume the same operational budget as the federated pattern without delivering its security properties, and ends with the takeaways worth pinning to the team wiki.
- Digital Identity
Entra Agent ID Across Clouds: Part 4, FIC, Cross-Tenant, and OBO
Fourth article in the five-part series on running Microsoft Entra Agent ID against third-party clouds. Opens up the Federated Identity Credential as a first-class object: single-tenant, cross-tenant SaaS shape, and the orthogonal world of on-behalf-of (OBO) where the agent acts for a signed-in user.
Worth reading again?
Get the next one in your inbox.