Week 7

Ransomware is one of those topics that keeps coming back in our community conversations, not because it’s new, but because the way it’s executed keeps evolving.

What we’re hearing consistently from CISOs and IT leaders is that traditional controls on their own aren’t enough as attackers are getting better at disabling security tools, moving laterally, and finding the weak points in backup and recovery processes.

That’s why more teams are looking closely at how they protect the entire attack chain, not just the point of detection. So we wanted to share a quick, practical look at how one of the newer approaches in this space is being used in real environments.

Detect and disrupt ransomware activity early

In this short overview, Phil Howe, CTO at Core to Cloud, gives a straightforward walk-through of how Halcyon works to detect and disrupt ransomware activity early, protect existing EDR from being tampered with, and stop common attacker techniques such as deleting backups or moving data out of the environment.

It also touches on how the platform supports response and recovery if something does get through, including key capture and decryption support. It’s a useful two-minute introduction for anyone thinking about how to strengthen ransomware resilience without adding unnecessary complexity.