Your SlideShare is downloading. ×
Survival In An Evolving Threat Landscape
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Survival In An Evolving Threat Landscape

6,116
views

Published on

In today’s threat landscape, nothing static remains secure. …

In today’s threat landscape, nothing static remains secure.

Cyber attackers continuously seek new vulnerabilities to exploit in order to keep ahead of the latest security advances, and they are succeeding. High-profile data breaches are dominating headlines, and attacks have become so pervasive that on average, a malware event occurs at a single organization once every three minutes.

In this environment, no single security system can protect your organization from threats. You've got to adapt to survive.

Learn:

--The increased attack vectors inherent in the current security landscape.
--How to rethink your approach and adapt your strategy to achieve a more nimble security stance with multiple layers of defense, analytics and incident response.
--How to safeguard distributed applications and mobile, cloud and social interactions across the enterprise.
--How to optimize your security operations without overspending.

Published in: Technology

0 Comments
101 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
6,116
On Slideshare
0
From Embeds
0
Number of Embeds
6
Actions
Shares
0
Downloads
0
Comments
0
Likes
101
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • David Launches: This is not really a security problem – it’s an IT Ops problem…how can I tee this up?

    Applications and data may be in a traditional data center, hybrid data center, or somewhere in the cloud.
  • David launches

    In the past, when IT was setting up access to restricted systems, it only had one location to consider: within the enterprise. Users who wanted to access corporate data had to be on-premise, where security systems were tested and hardened. That was OK, because they were employees who typically did their work from an assigned space at a specific location. The IT department created the systems and distributed the devices that could be used to work within that closed environment.

    Today, that intimate corporate network is a globally connected web of users and devices that are accessing IT environments wherever, whenever, and however they choose. And the users have extended beyond employees to include partners and customers. Users could be working from the office, from home, in a car, a coffee shop, an airport or a hotel room. Even if they are internal employees in an office, they may be using a shared space—“hoteling”—rather than working from an assigned port. Each of these cases presents a different set of circumstances that pose the same question:

    Maggie: How do you know the person attempting to access corporate data is who they appear to be?

    As apps move, companies need to have a better handle on who is using them:
     
    Who are they?
    Where are they?
    What are they doing?

    They need a granular understanding of the following:
     
    Where is the data?
    Who owns it?
    Do I have it classified?
    Do I have data protection controls (encryption etc.)?
     
               
  • Transcript

    • 1. Processes are monitored and measured with trending Best practices are followed Continuous improvements identified and applied Formal global IT risk management process
    • 2. The annual cost of cyber attacks rose to an average of $11.6M in 2013, an increase of 26% over 2012. The time it took to resolve an attack averaged 32 days, with a cost of over $32K per day (over $1M total).
    • 3. 1. Prevention is futile: Advanced Persistent Security Programs 2. The Post-Signature Era: Pervasive Monitoring and Detection 3. Security Big Data Analytics 4. Context-Aware Security 5. Reputation Services and “Trustability” 6. The Growing Role of Collective Intelligence 7. The Shift to Information-centric Security Strategies 8. Virtualized and x86 Software-based Security Controls 9. The Shift to Cloud-based security controls 10. The Software Defined Data Center comes to Security Gartner analyst: Neil McDonald | “Protection from Advanced Targeted Attacks in a Consumerized, Cloudified World”
    • 4. HEADCOUNT AND SKILLS ESCALATING THREATS BUSINESS DEMANDS
    • 5. TRADITIONAL DC HYBRID DC CLOUD ENTERPRISE DATA APPLICATIONS
    • 6. HOTEL EMPLOYEES OFFICE CAR COFFEE SHOP CUSTOMERS HOME PARTNERS
    • 7. OPERATIONAL SECURITY HEADCOUNT AND SKILLS ESCALATING THREATS BUSINESS DEMANDS
    • 8. Reconnaissance Weaponization Delivery Exploitation Command and Control Exfiltration
    • 9. 1. Adversary performs reconnaissance on the target & starts to weaponize 2. Adversary delivers a spear phishing email with attachment to target 3. Target opens attachment, downloads malware & it is executed 4. Adversary exploits the system, allowing entry into the network 5. Command & control communication with adversary is established 6. Adversary moves laterally within the network & establishes multiple back doors to maintain persistence 7. Adversary accesses the directory & compromises legitimate system & user credentials 8. Adversary utilizes the legitimate system & user credentials to access sensitive file servers 9. Adversary starts sensitive data exfiltration, leveraging VPN with compromised credentials or evasive techniques From spear phishing to exfiltration in nine steps
    • 10. Work from the assumption that you are already compromised; move from a reactive, perimeter-based mentality to an active approach: • Enhanced defenses • Incident response • Intelligence and analytics REPUTATION SERVICES THREAT INTELLIGENCE ATTACKER INTELLIGENCE Collective security intelligence services:
    • 11. Cyber Attackers Diverse Users & Devices Distributed Applications & Data
    • 12. APPLICATIONSSERVICES USERSDEVICES
    • 13. Is your organization responding to the new perimeter and taking steps to counter targeted attacks?
    • 14. Reconnaissance Weaponization Delivery Exploitation Command and Control Exfiltration Observe Detect Identify Neutralize
    • 15. Core Risk Reduction Enhanced Risk Reduction Core Security State Enhanced Security State Optimized Security • Processes are ad hoc and disorganized • Security is not defined • No mgmt reporting metrics • Security is a reactive process • Processes follow a regular pattern • Security is defined but not aligned with business objectives • No mgmt reporting • Security involvement in projects and initiatives are ad hoc • Processes are documented and communicated • Formal integrated policy suite, with links to workforce awareness, education, and training programs • From a risk mgmt committee • Limited mgmt reporting • Processes are monitored and measured • Formal global IT risk mgmt process • Full mgmt reporting • Consistent and repeatable process • Processes are monitored and measured with trending • Best practices are followed • Continuous improvements identified and applied • Formal global IT risk mgmt process
    • 16.  Knowing what you need to protect  Continuous security posture assessment  Enhanced defenses, detection and intelligence capabilities  Staff and operational support  Security awareness and training  Proactive incident response  Roadmap to optimized security model
    • 17. Technology consulting, IT infrastructure technology and integration, and leasing solutions for your business. Visit us at www.forsythe.com. Brought to you by:
    • 18. http://focus.forsythe.com/