Home / Resources

Arete Resources


Managed Cybersecurity Services Datasheet

Managed Cybersecurity Services

Legal Datasheet

Legal Services

Incident Response Datasheet

Incident Response

Cyber Risk Management for Insurance Professionals Datasheet

Strategies for Cyber Risk Management
for Insurance Professionals

Penetration Testing Datasheet

Penetration Testing

Social Engineering/Phishing Datasheet

Social Engineering/Phishing

Virtual CISO Datasheet

Virtual CISO


Cybersecurity Capabilities Brochure

Cybersecurity Capabilities Brochure

Insurance Capabilities Brochure

Insurance Capabilities Brochure

Case Studies

Global Merchant Case Study

Global Merchant

International Retailer Case Study

International Retailer


WEBINAR: Cybersecurity Legal Task Force – Ransomware Webinar

Jim Jaeger (Arete Advisors), Karen Painter Randall (Cyber Security & Data Privacy Group/Connell Foley LLP), Abigail Oliver (Asst VP/AXIS Capital), Douglas Hemminghaus (Asst SAC/FBI)

February 20, 2019 |    12:00 PM – 1:30 PM ET

Law firms, In-House counsel and small to medium size businesses are guardians of confidential and valuable information making them an ever-growing target of the ransomware cyber-attack. It is no longer whether an organization will be attacked but when and to what extent. With 4000 ransomware attacks occurring daily and 400,000 new ransomware strains developing at the same pace, ransomware is the biggest cybersecurity threat that must be met head on by law firms and businesses in 2019. Ransomware locks up critical information and files that an organization needs to operate. The clock is ticking. Should the organization pay or not pay? There is a tremendous amount of strategy involved in making the right decision-it is not simply a binary choice for the organization.

Legal, security, law enforcement and insurance experts will address best practices for preventing and responding to a ransomware attack including:

  • Ethical obligations that apply in safeguarding client data and breach notification
  • How to avoid a ransomware attack
  • Options available to respond to a ransomware attack
  • When should you and how do you pay ransom
  • Pitfalls even when ransom paid
  • Insurance coverage and loss concerns

WEBINAR: Improving the Incident Response Function: SANS 2018 Incident Response Survey Results Part II

Speakers: Matt Bromiley, Andy Schmid, Mike Stewart, Ryan Trost

November 1, 2018 |    1:00 pm ET

Incident responders are catching and remediating threats faster than ever, according to past SANS surveys. Much of their success can be attributed to improving technologies, such as threat intelligence–73 percent of respondents to last year’s survey said they were using threat intelligence to enable more accurate investigations.

This webcast will release results from the SANS 2018 Incident Response Survey, developed by Matt Bromiley, SANS Digital Forensics and Incident Response (IR) instructor and GIAC board member. Matt will explore how integration and automation can help IR teams find efficiencies and protect their environments, including:

  • Processes and technologies that work best in responding to threats
  • Where and how intelligence, analytics, threat hunting and other new technologies fit into investigation workflow
  • Improving remediation workflow to thoroughly identify and clean impacted systems
  • Completing the loop to patch and repair vulnerabilities discovered in the investigation
  • Best ways to inform prevention systems to be on the lookout for similar threats
  • Benchmarking against past performance for continuous program improvement

Attend this webcast and gain access to the full survey report written by Matt Bromiley.

WEBINAR: How Are You Responding to Threats? SANS 2018 Incident Response Survey Results Part I

Speakers: Jim Jaeger (Arete Advisors), Matt Bromiley, Shelly Muse, Brennen Reynolds

October 31, 2018 |    1:00 pm ET

What new and continuing threats are responders uncovering in investigations, and how are they dealing with those threats? This webcast will release results from the SANS 2018 Incident Response Survey, developed by Matt Bromiley, SANS Digital Forensics and Incident Response (IR) instructor and GIAC board member. Matt will examine how incident response teams are coping with organizational structures, resources and IR implementation in an ever-changing threat environment.

In this webcast, you will learn how organizations have structured their incident response functions, what systems they are conducting investigations on, the threats they are uncovering and how they’re uncovering them. For example:

  • What staffing, services and resources are they using, and how are they using them?
  • Are they still struggling with a silo mentality between operations and response?
  • During an investigation, are they able to get the data they need to fully discover the attack’s spread and remediate all traces?
  • How automated are these processes of data collection and discovery?

Attend this webcast and gain access to the full survey report written by Matt Bromiley.

CISOs: Why Driving Your Cyber Liability Insurance Purchasing is Essential

September 12, 2018
Speakers: Jim Jaeger (Arete Advisors), Jared Phipps (SentinelOne)

The critical role of CISOs is emerging in the purchasing decisions in their organization’s Cyber Liability insurance in a way not seen before and the benefits include access to cybersecurity experts, reduced rates, increased communication across the organization, and preparedness for business interruption. In this webinar, Arete and SentinelOne’s cybersecurity experts will discuss the key information CISOs need to be able to build an effective and comprehensive Cyber Insurance Program, Incident Response and Incident Response Retainers, Assessments and how they are an important part of a comprehensive Cyber Insurance Program, and the most effective ways CISOs can help to reduce costs associated with cyber-attacks with next generation deep visibility and automated response.

Cybersecurity Incident Response: Four Lessons to Learn from High Profile Cases

April 11, 2018
Speakers: Jim Jaeger (Arete Advisors), Doug Hudson (Coalfire), Chris Lietz (Coalfire)

Most enterprises know that they are constantly under attack and are continuously at risk of losing control of sensitive or confidential information. That’s why it is a commonly-accepted best practice to have an incident response plan in place and to practice it regularly. However, after examining the plans and practice exercises of hundreds of clients, we have observed that many organizations still haven’t fully embraced the hard lessons we all can learn from real-world, high-profile security incidents. Join experts from Coalfire and Arete Advisors to deconstruct the response efforts from several high-profile incidents and provide practical lessons you can learn and apply to your organization’s incident response plans and the proactive steps you can take to avoid damaging losses and impacts to your organization.

You Cannot Protect What You Don’t Know or Can’t See: Next Generation Network Must Haves for Data Protection and Endpoint Forensics

April 5, 2018
Speakers: Jim Jaeger (Arete Advisors), Jared Phipps (SentinelOne), Chris Bates (SentinelOne)

A data breach happens in seconds, but identifying that a breach has even occurred takes an average of 191* days. 50% of web traffic today is encrypted, (and Gartner predict this will increase to 80% by 2019**), providing a simple trick for attackers to hide their threats and communications channels. Securing your endpoints is the most effective way to manage cyber risk. However, the endpoint is the most vulnerable and exposed attack surface in the network today.


ISSA International Series: Privacy vs. Security Webinar

February 27, 2018
Speakers: Jim Jaeger (Arete Advisors)

We are all concerned about Privacy. Every day there we hear about multiple PII breach announcements. Our current solution – let’s create laws to require announcements and levy fines to encourage proper activities and protections. With GDPR looming on the horizon, as the most recent and perhaps the most comprehensive regulation yet, we find ourselves wondering if others will adopt similar regulations. If so, do we as security professionals need to be concerned about our ability to perform forensic analysis, and gather information outside of our realm of direct influence to identifier a hacker? Do elements of GDPR create a situation in which hunting for a hacker might violate their privacy rights? In the end will companies still be able to monitor and protect their assets as they do today, or will it require a change? This webinar will provide insight into the Privacy vs Security Debate.


2019 Advisen Cyber Guide: The Ultimate Guide to Cyber Service Providers

2019 Advisen Cyber Guide
The Ultimate Guide to Cyber Service Providers

2018 Advisen Cyber Guide: The Ultimate Guide to Cyber Service Providers

2018 Advisen Cyber Guide
The Ultimate Guide to Cyber Service Providers

SANS IR 2018 Final Report

SANS IR 2018 Final Report