Invisible Intruders: When Attackers Use Your Tools Against You

Audience

This session is open to members of the LMA CISO Forum or delegates, invited guests and cyber security professionals across all roles.

Full and associate LMA members only.

If the event is oversubscribed, the LMA reserves the right to prioritise attendance for members of the LMA CISO Forum.

Description

The LMA is pleased to invite members of the LMA CISO Forum, delegates and invited guests to an upcoming briefing, Invisible Intruders: When Attackers Use Your Tools Against You.

Today’s ransomware groups increasingly weaponise the legitimate tools already present within an organisation’s environment, including software installers, trusted system binaries and standard administrative utilities. For insurers handling sensitive policyholder data, claims information and financial records, this “living off the land” approach makes detection and mitigation significantly more challenging, increasing operational, regulatory and reputational risk.

This session will examine how modern ransomware operations have evolved beyond the opportunistic campaigns of previous years, drawing on frontline intelligence and public policy perspectives to explore the changing threat landscape.

Speakers will discuss why traditional endpoint controls alone may no longer provide sufficient protection, and what a more resilient defence strategy could look like, including ransomware-specific detection tooling, stronger intelligence-sharing across the insurance sector, and coordinated policy responses aimed at disrupting threat actor activity.

16.00 - 16.45: Networking drinks and canapés
16.45 - 17.00: Event start and introductions
17.00 - 18.00: Halycon presentation
18.00 - 18.30: Q&A
18.30 - 19.00: Networking drinks and canapés
19.00: Event close

• Meredith Burkart, Senior Director, Government Affairs and Public Policy, Halcyon
  Meredith Burkart is Senior Director, Government Affairs and Public Policy at Halcyon, and Deputy Director of the Halcyon Ransomware Research Center. She focuses on advancing public policy solutions to combat ransomware and support cybercrime victims.

Through the Ransomware Research Center, she contributes to the development of practical intelligence resources, policy recommendations and public education initiatives aimed at strengthening collective resilience against ransomware threats.

Ms. Burkart previously served as the FBI’s Chief of Cyber Policy, leading a team responsible for coordinating the Bureau’s cyber policy efforts across domestic and international stakeholders. She also served as the first Director of Operations and Incident Response at the Office of the National Cyber Director (ONCD), helping establish the office within the Executive Office of the President.

Earlier in her career, she worked as an intelligence analyst within FBI Cyber. She has received the FBI and ONCD Medal of Excellence, has taught cyber intelligence as an adjunct professor at Georgetown University, and volunteers as Deputy Chief Product Officer for the non-profit Cyber Canon.

• Erika Totaro, Ransomware Intelligence Analyst, Halcyon
  Erika Totaro is a cyber threat intelligence researcher with more than six years’ experience tracking sophisticated cybercriminal groups and malware activity.

Prior to joining Halcyon, she worked as a Security Intelligence Engineer at Amazon Web Services, where she investigated both financially motivated and nation-state threat actors.

Before AWS, Erika served as both a Dark Web Analyst and Malware Analyst at the National Cyber Forensics and Training Alliance (NCFTA), leading investigations into underground forums to support threat attribution efforts.

As a Ransomware Intelligence Analyst at Halcyon, she conducts operational and infrastructure analysis for the Halcyon Ransomware Research Center and supports collaborative industry research aimed at disrupting ransomware threat actors.

All delegates must be registered no later than 24 hours in advance to receive a QR code to access the building.

Due to restricted numbers, if you register and subsequently are unable to attend, please email matt.wood@lmalloyds.com.