Name
Recovering Trust: Crisis Management Lessons from Hundreds of Ransomware and Wiper Attacks
Date & Time
Thursday, September 10, 2026, 11:00 AM - 11:45 AM
Elina Jensen
Description

Traditional business continuity and disaster recovery (BC/DR) strategies were not built for destructive cyberattacks. Ransomware and wiper attacks are adversary-led crises in which identity may be compromised, administrative trust may be broken, backups may be targeted, and recovery decisions must be made under uncertainty. And evolving frontier AI models and geopolitical instability are only increasing the likelihood that ransomware, wiper malware, destructive intrusion, and nation-state tradecraft will collide in real-world incidents.

Drawing on lessons learned from response and recovery across hundreds of ransomware and wiper attacks, this session explores several common crisis management success and failure patterns. The session challenges conventional BC/DR assumptions and explains why cyber recovery requires a different operating model: one designed for hostile conditions, degraded trust, AI-accelerated attack cadence, geopolitical uncertainty, and business-critical decisions made before the full facts are known.

Learn why organizations must recover trust, not just data, and why identity, governance, communications, technical validation, and recovery sequencing must operate as one integrated crisis capability. You'll leave with a practical model for cyber crisis management that connects executive governance, identity recovery, containment, clean-room recovery, technical validation, and business service prioritization.