SlideShare a Scribd company logo

Balance Risk With Better Threat Detection

Download as PPTX, PDF
SecureData Europe
SecureData Europe
Technology
1 of 18
BALANCE RISK WITH BETTER THREAT DETECTION Paul Risk Chief Technology Officer www.secdata.com 1
We’re on TV! Monitoringsternthe Facebookvisited it again!” Readinginwirelessfree “don’t Viewing room all account Giving them aDon’t trust you’vemen! doSSIDs Seeing where these foodand Hiding your youractivity door Everyonesome their phone using emails Have talking tonext 2
WE KNOW THAT THREATS ARE REAL 3
‘WHEN’ COULD BE HAPPENING TO YOU 66% of breaches take months or even years to be discovered, up from 56% in 2012 69% of breaches are spotted by an external party, like customers 29% of attacks used emails, phone calls and social networks to gain information 76% of network intrusions exploited weak or stolen credentials *Data from Verizon’s 2013 Data Breach Investigations Report 4
APT There are more threats and attack vectors than you can effectively protect against WEB CONTENT? WEB APPS? WIRELESS ACCESS? TCP/IP HIJACKING BLENDED ATTACKS (SPEAR) PHISHING SOCIAL ENGINEERING SQL INJECTION DNS POISONING DDoS ATTACKS MALWARE WE KNOW THREATS ARE INFINITE Threat acceleration 5
WE KNOW TECHNOLOGY IS COMPLEX SPDY & HTTP 2 INSPECTION NEXT-GEN FIREWALLS IDS/IPS SOLUTION DATA LOSS PREVENTION DDoS MITIGATION SOLUTION WEB CONTENT FILTERING SECURE INTERNET GATEWAY NAC/802.1X SOLUTION WIRELESS SECURITY Over 40 tools Already there are more tools than you can deploy – what is the solution? TWO FACTOR AUTHENTICATION 6
WE HAVE TO THINK DIFFERENTLY
INTELLIGENT SECURITY Security is a moving target Threats keep on coming Visibility is the key to security intelligence We know we have to accept some risk How do we compensate for this? Not more mousetraps - just using them better 8
INTELLIGENT SECURITY Security is a moving target Threats keep on coming Visibility is the key to security intelligence We know we have to accept some risk How do we compensate for this? Not more mousetraps - just using them better 9
DID YOU SEE IT?
WHY BETTER DETECTION IS CRITICAL Budget limitations Change in risk profile Security investment cannot cover all eventualities You will be working with known risk and vulnerabilities Be proactive Get the drop on attackers Don’t wait for threats to appear – proactively mitigate Early threat detection will reduce known risks 11
DETECTION FOCUSED SECURITY MODEL • • • • Categorise risk – know what you must lock up, identify what you can manage and decide what risks you can accept Protect your most valuable assets with next-gen technologies Ensure you deploy threat detection for known risks and vulnerabilities Undertake proactive threat detection to mitigate unknown risks Feedback into risk profile REMEDIATE MANAGE UNKOWN RISK KNOWN RISK • ACCEPT 12
WHAT’S REQUIRED FOR PROPER DETECTION Macro-level intelligence Proactive security Elastic expertise Cyber intelligence correlated from multiple internal and external sources Detect and divert threats before they happen Depth and breadth in security and cloud skills and capacity Complete metrics Regular, compre hensive security metrics and analysis Agility Quick strategic response to evolving threats 24x7 real-time monitoring Continuous, 24x7, expert monitoring and interpretation of security data 13
HOW SECUREDATA DOES DETECTION AffinitySECURE (Pro-active Security Monitoring) • Early Warning System for changes in device behaviour and health • Advance Threat Warnings • Trend Based Analysis of system parameters • Real-Time Granular Monitoring • Automatic Incident logging based upon severity and threshold level • Device Port Monitoring (ensures unknown or unauthorised services aren’t started on a device) Cloud SIEM Service • Outsourced 24x7x365 Service providing centralised real-time event analysis for log and event information • Single pane of glass for all network and security incidents • Advanced threat and security incident detection on a 24x7x365 basis 14
USE YOUR MOUSETRAPS BETTER • DDos • Network Visibility/ Performance Monitoring • Application Security • Load Balancing • SIEM • IDS/IDP • Security Gateway • Security Virtualisation • • • • Authentication IDS / IDP Remote Access Wireless Security • Network Visibility/ Performance Monitoring • • • • • Acceleration Application Security Load Balancing Network Visibility/ Performance Monitoring • Acceleration • Content Security • DLP • Network Visibility/ Performance Monitoring • • • • • Acceleration Application Security Load Balancing Remote Access Security Gateway • Authentication • • • • • • • • Compliance Content Security DDoS • DLP Endpoint Security IDS / IDP Remote Access Security Gateway Security Virtualisation • Application Security • DDoS • Authentication • • • • Remote Access Routing Security Gateway Switching • • • • • • • • Application Security DDoS IDS/IDP Remote Access Routing Security Gateway Security Virtualisation Switching • Compliance • Content Security • DLP 15
USE SPECIALIST DETECTION SERVICES Ensure your systems are configured correctly and managed correctly, while freeing-up internal resources AffinitySECURE Managed Services • • • • • • • • • • Cloud SIEM Cloud Services Managed Managed Managed Managed Managed Managed Managed Managed Managed Managed Firewalls Next Gen Firewalls Web Content Security Remote Access Two-Factor Authentication Wireless IDS/IDP SIEM Load Balancing Switches/Routers • • • • Cloud Internet Gateway Cloud SIEM Cloud Global Load Balancing Phishing-as-a-Service 16
WHAT STEPS TO TAKE Understand where your assets are and what needs protection Proactively detect emerging threats Apply real time monitoring for known threats Deploy the right tools to protect critical assets 17
THANK YOU Paul Risk CTO paul.risk@secdata.com +44 1622 723400 18

Recommended

CSS Trivia
CSS TriviaCSS Trivia
CSS TriviaAlert Logic
 
IT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatIT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatETech 7
 
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionReducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionAlert Logic
 
Reducing Your Attack Surface and Yuor Role in Cloud Workload Protection
Reducing Your Attack Surface and Yuor Role in Cloud Workload ProtectionReducing Your Attack Surface and Yuor Role in Cloud Workload Protection
Reducing Your Attack Surface and Yuor Role in Cloud Workload ProtectionAlert Logic
 
Safeguard your enterprise against ransomware
Safeguard your enterprise against ransomwareSafeguard your enterprise against ransomware
Safeguard your enterprise against ransomwareQuick Heal Technologies Ltd.
 
The Critical Security Controls and the StealthWatch System
The Critical Security Controls and the StealthWatch SystemThe Critical Security Controls and the StealthWatch System
The Critical Security Controls and the StealthWatch SystemLancope, Inc.
 
Detect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksDetect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksImperva
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityUmairFirdous
 

Recommended

CSS Trivia
CSS TriviaCSS Trivia
CSS TriviaAlert Logic
 
IT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatIT security in 2021: Why Ransomware Is Still The Biggest Threat
IT security in 2021: Why Ransomware Is Still The Biggest ThreatETech 7
 
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionReducing Your Attack Surface & Your Role in Cloud Workload Protection
Reducing Your Attack Surface & Your Role in Cloud Workload ProtectionAlert Logic
 
Reducing Your Attack Surface and Yuor Role in Cloud Workload Protection
Reducing Your Attack Surface and Yuor Role in Cloud Workload ProtectionReducing Your Attack Surface and Yuor Role in Cloud Workload Protection
Reducing Your Attack Surface and Yuor Role in Cloud Workload ProtectionAlert Logic
 
Safeguard your enterprise against ransomware
Safeguard your enterprise against ransomwareSafeguard your enterprise against ransomware
Safeguard your enterprise against ransomwareQuick Heal Technologies Ltd.
 
The Critical Security Controls and the StealthWatch System
The Critical Security Controls and the StealthWatch SystemThe Critical Security Controls and the StealthWatch System
The Critical Security Controls and the StealthWatch SystemLancope, Inc.
 
Detect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksDetect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksImperva
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityUmairFirdous
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...James Anderson
 
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskThe Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskBeyondTrust
 
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension Inc.
 
Tripwire Adaptive Threat Protection
Tripwire Adaptive Threat ProtectionTripwire Adaptive Threat Protection
Tripwire Adaptive Threat ProtectionTripwire
 
Security in Computing and IT
Security in Computing and ITSecurity in Computing and IT
Security in Computing and ITKomalah Nair
 
2017 Cyber Risk Grades by Industry: Normshield Executive Presentation
2017 Cyber Risk Grades by Industry: Normshield Executive Presentation2017 Cyber Risk Grades by Industry: Normshield Executive Presentation
2017 Cyber Risk Grades by Industry: Normshield Executive PresentationNormShield, Inc.
 
NormShieldBrochure
NormShieldBrochureNormShieldBrochure
NormShieldBrochureCandan BOLUKBAS
 
Network Situational Awareness using Tripwire IP360
Network Situational Awareness using Tripwire IP360Network Situational Awareness using Tripwire IP360
Network Situational Awareness using Tripwire IP360Tripwire
 
NormShield Cyber Threat & Vulnerability Orchestration Overview
NormShield Cyber Threat & Vulnerability Orchestration OverviewNormShield Cyber Threat & Vulnerability Orchestration Overview
NormShield Cyber Threat & Vulnerability Orchestration OverviewNormShield, Inc.
 
Cerdant Security State of the Union
Cerdant Security State of the UnionCerdant Security State of the Union
Cerdant Security State of the UnionDavid Perkins
 
Detection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEyeDetection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEyeSplunk
 
Think Like a Hacker
Think Like a HackerThink Like a Hacker
Think Like a HackerNormShield, Inc.
 
Uncover threats and protect your organization
Uncover threats and protect your organizationUncover threats and protect your organization
Uncover threats and protect your organizationRapidSSLOnline.com
 
Sammanfattning av 2014 Trustwave Global Security Report
Sammanfattning av 2014 Trustwave Global Security Report Sammanfattning av 2014 Trustwave Global Security Report
Sammanfattning av 2014 Trustwave Global Security Report Inuit AB
 
FireEye
FireEyeFireEye
FireEyegigamon
 
Cyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSCyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSKenny Huang Ph.D.
 
FireEye Engineering
FireEye Engineering FireEye Engineering
FireEye Engineering Lauren Traurig
 
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionRevolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionBlue Coat
 
Advanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle InfographicAdvanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle InfographicBlue Coat
 
Présentation outils collaboratifs en entreprises
Présentation outils collaboratifs en entreprisesPrésentation outils collaboratifs en entreprises
Présentation outils collaboratifs en entreprisesAFEIT
 
Engage roadshow - Partie 4 - Facteurs clé de succès
Engage roadshow - Partie 4 - Facteurs clé de succèsEngage roadshow - Partie 4 - Facteurs clé de succès
Engage roadshow - Partie 4 - Facteurs clé de succèsNa-Young Kwon
 
Engage roadshow - Partie 3 - Vision et stratégie
Engage roadshow - Partie 3 - Vision et stratégieEngage roadshow - Partie 3 - Vision et stratégie
Engage roadshow - Partie 3 - Vision et stratégieNa-Young Kwon
 

More Related Content

What's hot

GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...James Anderson
 
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskThe Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskBeyondTrust
 
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension Inc.
 
Tripwire Adaptive Threat Protection
Tripwire Adaptive Threat ProtectionTripwire Adaptive Threat Protection
Tripwire Adaptive Threat ProtectionTripwire
 
Security in Computing and IT
Security in Computing and ITSecurity in Computing and IT
Security in Computing and ITKomalah Nair
 
2017 Cyber Risk Grades by Industry: Normshield Executive Presentation
2017 Cyber Risk Grades by Industry: Normshield Executive Presentation2017 Cyber Risk Grades by Industry: Normshield Executive Presentation
2017 Cyber Risk Grades by Industry: Normshield Executive PresentationNormShield, Inc.
 
Network Situational Awareness using Tripwire IP360
Network Situational Awareness using Tripwire IP360Network Situational Awareness using Tripwire IP360
Network Situational Awareness using Tripwire IP360Tripwire
 
NormShield Cyber Threat & Vulnerability Orchestration Overview
NormShield Cyber Threat & Vulnerability Orchestration OverviewNormShield Cyber Threat & Vulnerability Orchestration Overview
NormShield Cyber Threat & Vulnerability Orchestration OverviewNormShield, Inc.
 
Cerdant Security State of the Union
Cerdant Security State of the UnionCerdant Security State of the Union
Cerdant Security State of the UnionDavid Perkins
 
Detection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEyeDetection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEyeSplunk
 
Uncover threats and protect your organization
Uncover threats and protect your organizationUncover threats and protect your organization
Uncover threats and protect your organizationRapidSSLOnline.com
 
Sammanfattning av 2014 Trustwave Global Security Report
Sammanfattning av 2014 Trustwave Global Security Report Sammanfattning av 2014 Trustwave Global Security Report
Sammanfattning av 2014 Trustwave Global Security Report Inuit AB
 
Cyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSCyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSKenny Huang Ph.D.
 
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionRevolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionBlue Coat
 
Advanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle InfographicAdvanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle InfographicBlue Coat
 

What's hot (19)

GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
 
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskThe Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
 
Next Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA ComplianceNext Dimension and Veeam | Solutions for PIPEDA Compliance
Next Dimension and Veeam | Solutions for PIPEDA Compliance
 
Tripwire Adaptive Threat Protection
Tripwire Adaptive Threat ProtectionTripwire Adaptive Threat Protection
Tripwire Adaptive Threat Protection
 
Security in Computing and IT
Security in Computing and ITSecurity in Computing and IT
Security in Computing and IT
 
2017 Cyber Risk Grades by Industry: Normshield Executive Presentation
2017 Cyber Risk Grades by Industry: Normshield Executive Presentation2017 Cyber Risk Grades by Industry: Normshield Executive Presentation
2017 Cyber Risk Grades by Industry: Normshield Executive Presentation
 
NormShieldBrochure
NormShieldBrochureNormShieldBrochure
NormShieldBrochure
 
Network Situational Awareness using Tripwire IP360
Network Situational Awareness using Tripwire IP360Network Situational Awareness using Tripwire IP360
Network Situational Awareness using Tripwire IP360
 
NormShield Cyber Threat & Vulnerability Orchestration Overview
NormShield Cyber Threat & Vulnerability Orchestration OverviewNormShield Cyber Threat & Vulnerability Orchestration Overview
NormShield Cyber Threat & Vulnerability Orchestration Overview
 
Cerdant Security State of the Union
Cerdant Security State of the UnionCerdant Security State of the Union
Cerdant Security State of the Union
 
Detection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEyeDetection and Response with Splunk+FireEye
Detection and Response with Splunk+FireEye
 
Think Like a Hacker
Think Like a HackerThink Like a Hacker
Think Like a Hacker
 
Uncover threats and protect your organization
Uncover threats and protect your organizationUncover threats and protect your organization
Uncover threats and protect your organization
 
Sammanfattning av 2014 Trustwave Global Security Report
Sammanfattning av 2014 Trustwave Global Security Report Sammanfattning av 2014 Trustwave Global Security Report
Sammanfattning av 2014 Trustwave Global Security Report
 
FireEye
FireEyeFireEye
FireEye
 
Cyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoSCyber Attack Analysis : Part I DDoS
Cyber Attack Analysis : Part I DDoS
 
FireEye Engineering
FireEye Engineering FireEye Engineering
FireEye Engineering
 
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionRevolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat Protection
 
Advanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle InfographicAdvanced Threat Protection Lifecycle Infographic
Advanced Threat Protection Lifecycle Infographic
 

Viewers also liked

Présentation outils collaboratifs en entreprises
Présentation outils collaboratifs en entreprisesPrésentation outils collaboratifs en entreprises
Présentation outils collaboratifs en entreprisesAFEIT
 
Engage roadshow - Partie 4 - Facteurs clé de succès
Engage roadshow - Partie 4 - Facteurs clé de succèsEngage roadshow - Partie 4 - Facteurs clé de succès
Engage roadshow - Partie 4 - Facteurs clé de succèsNa-Young Kwon
 
Engage roadshow - Partie 3 - Vision et stratégie
Engage roadshow - Partie 3 - Vision et stratégieEngage roadshow - Partie 3 - Vision et stratégie
Engage roadshow - Partie 3 - Vision et stratégieNa-Young Kwon
 
Outils collaboratifs en mode SaaS
Outils collaboratifs en mode SaaSOutils collaboratifs en mode SaaS
Outils collaboratifs en mode SaaSFlow Line Groupe
 
Engage roadshow - Partie 2 - Cas d'usage
Engage roadshow - Partie 2 - Cas d'usageEngage roadshow - Partie 2 - Cas d'usage
Engage roadshow - Partie 2 - Cas d'usageNa-Young Kwon
 
Outils collaboratifs en ligne
Outils collaboratifs en ligneOutils collaboratifs en ligne
Outils collaboratifs en lignetechnologiae
 
Engage roadshow - Partie 1 - le social
Engage roadshow - Partie 1 - le socialEngage roadshow - Partie 1 - le social
Engage roadshow - Partie 1 - le socialNa-Young Kwon
 

Viewers also liked (7)

Présentation outils collaboratifs en entreprises
Présentation outils collaboratifs en entreprisesPrésentation outils collaboratifs en entreprises
Présentation outils collaboratifs en entreprises
 
Engage roadshow - Partie 4 - Facteurs clé de succès
Engage roadshow - Partie 4 - Facteurs clé de succèsEngage roadshow - Partie 4 - Facteurs clé de succès
Engage roadshow - Partie 4 - Facteurs clé de succès
 
Engage roadshow - Partie 3 - Vision et stratégie
Engage roadshow - Partie 3 - Vision et stratégieEngage roadshow - Partie 3 - Vision et stratégie
Engage roadshow - Partie 3 - Vision et stratégie
 
Outils collaboratifs en mode SaaS
Outils collaboratifs en mode SaaSOutils collaboratifs en mode SaaS
Outils collaboratifs en mode SaaS
 
Engage roadshow - Partie 2 - Cas d'usage
Engage roadshow - Partie 2 - Cas d'usageEngage roadshow - Partie 2 - Cas d'usage
Engage roadshow - Partie 2 - Cas d'usage
 
Outils collaboratifs en ligne
Outils collaboratifs en ligneOutils collaboratifs en ligne
Outils collaboratifs en ligne
 
Engage roadshow - Partie 1 - le social
Engage roadshow - Partie 1 - le socialEngage roadshow - Partie 1 - le social
Engage roadshow - Partie 1 - le social
 

Similar to Balance Risk With Better Threat Detection

New Developments in Cybersecurity and Technology for RDOs: Howland
New Developments in Cybersecurity and Technology for RDOs: HowlandNew Developments in Cybersecurity and Technology for RDOs: Howland
New Developments in Cybersecurity and Technology for RDOs: Howlandnado-web
 
Cyber Security for Digital-Era
Cyber Security for Digital-EraCyber Security for Digital-Era
Cyber Security for Digital-EraJK Tech
 
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0James Perry, Jr.
 
Security Whack-a-Mole: SANS 2017 Threat Landscape Survey
Security Whack-a-Mole: SANS 2017 Threat Landscape SurveySecurity Whack-a-Mole: SANS 2017 Threat Landscape Survey
Security Whack-a-Mole: SANS 2017 Threat Landscape SurveyQualys
 
The Evolution of Cybercrime
The Evolution of CybercrimeThe Evolution of Cybercrime
The Evolution of CybercrimeStephen Cobb
 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise21CT Inc.
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security BasicsMohan Jadhav
 
Data security for healthcare industry
Data security for healthcare industryData security for healthcare industry
Data security for healthcare industrySeqrite
 
5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management ProgramTripwire
 
Securing the Cloud
Securing the CloudSecuring the Cloud
Securing the CloudGGV Capital
 
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...Netpluz Asia Pte Ltd
 
Security O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionSecurity O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionBitglass
 
Easy Solutions Product Brochure
Easy Solutions Product BrochureEasy Solutions Product Brochure
Easy Solutions Product BrochureBen Massey
 
Cyber Security: A Hands on review
Cyber Security: A Hands on reviewCyber Security: A Hands on review
Cyber Security: A Hands on reviewMiltonBiswas8
 
Whitepaper - CISO Guide_6pp
Whitepaper - CISO Guide_6ppWhitepaper - CISO Guide_6pp
Whitepaper - CISO Guide_6ppEric Zhuo
 
Transforming any apps into self-defending apps
Transforming any apps into self-defending apps Transforming any apps into self-defending apps
Transforming any apps into self-defending apps Blueboxer2014
 

Similar to Balance Risk With Better Threat Detection (20)

New Developments in Cybersecurity and Technology for RDOs: Howland
New Developments in Cybersecurity and Technology for RDOs: HowlandNew Developments in Cybersecurity and Technology for RDOs: Howland
New Developments in Cybersecurity and Technology for RDOs: Howland
 
Cyber Security for Digital-Era
Cyber Security for Digital-EraCyber Security for Digital-Era
Cyber Security for Digital-Era
 
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
 
NetWitness
NetWitnessNetWitness
NetWitness
 
Security Whack-a-Mole: SANS 2017 Threat Landscape Survey
Security Whack-a-Mole: SANS 2017 Threat Landscape SurveySecurity Whack-a-Mole: SANS 2017 Threat Landscape Survey
Security Whack-a-Mole: SANS 2017 Threat Landscape Survey
 
The Evolution of Cybercrime
The Evolution of CybercrimeThe Evolution of Cybercrime
The Evolution of Cybercrime
 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security Basics
 
Data security for healthcare industry
Data security for healthcare industryData security for healthcare industry
Data security for healthcare industry
 
5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program
 
Data Security in Healthcare
Data Security in HealthcareData Security in Healthcare
Data Security in Healthcare
 
Securing the Cloud
Securing the CloudSecuring the Cloud
Securing the Cloud
 
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
 
Security O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionSecurity O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat Protection
 
Cybersecurity - Sam Maccherola
Cybersecurity - Sam MaccherolaCybersecurity - Sam Maccherola
Cybersecurity - Sam Maccherola
 
Easy Solutions Product Brochure
Easy Solutions Product BrochureEasy Solutions Product Brochure
Easy Solutions Product Brochure
 
Cyber Security: A Hands on review
Cyber Security: A Hands on reviewCyber Security: A Hands on review
Cyber Security: A Hands on review
 
Whitepaper - CISO Guide_6pp
Whitepaper - CISO Guide_6ppWhitepaper - CISO Guide_6pp
Whitepaper - CISO Guide_6pp
 
MID_SIEM_Boubker_EN
MID_SIEM_Boubker_ENMID_SIEM_Boubker_EN
MID_SIEM_Boubker_EN
 
Transforming any apps into self-defending apps
Transforming any apps into self-defending apps Transforming any apps into self-defending apps
Transforming any apps into self-defending apps
 

More from SecureData Europe

FINE-TUNE IPS TO DIAL UP SECURITY
FINE-TUNE IPS TO DIAL UP SECURITYFINE-TUNE IPS TO DIAL UP SECURITY
FINE-TUNE IPS TO DIAL UP SECURITYSecureData Europe
 
Educate Your Users Not To Take The Bait: Introduction To Phishing As A Service
Educate Your Users Not To Take The Bait: Introduction To Phishing As A ServiceEducate Your Users Not To Take The Bait: Introduction To Phishing As A Service
Educate Your Users Not To Take The Bait: Introduction To Phishing As A ServiceSecureData Europe
 
Managed Security Services On The Rise
Managed Security Services On The RiseManaged Security Services On The Rise
Managed Security Services On The RiseSecureData Europe
 
Managed Next Generation Firewall Service
Managed Next Generation Firewall ServiceManaged Next Generation Firewall Service
Managed Next Generation Firewall ServiceSecureData Europe
 
Incident Response: Tools & Techniques
Incident Response: Tools & TechniquesIncident Response: Tools & Techniques
Incident Response: Tools & TechniquesSecureData Europe
 
New Battle Lines for Security
New Battle Lines for SecurityNew Battle Lines for Security
New Battle Lines for SecuritySecureData Europe
 

More from SecureData Europe (8)

SecureData GI
SecureData GISecureData GI
SecureData GI
 
FINE-TUNE IPS TO DIAL UP SECURITY
FINE-TUNE IPS TO DIAL UP SECURITYFINE-TUNE IPS TO DIAL UP SECURITY
FINE-TUNE IPS TO DIAL UP SECURITY
 
Educate Your Users Not To Take The Bait: Introduction To Phishing As A Service
Educate Your Users Not To Take The Bait: Introduction To Phishing As A ServiceEducate Your Users Not To Take The Bait: Introduction To Phishing As A Service
Educate Your Users Not To Take The Bait: Introduction To Phishing As A Service
 
Managed Security Services On The Rise
Managed Security Services On The RiseManaged Security Services On The Rise
Managed Security Services On The Rise
 
Managed Next Generation Firewall Service
Managed Next Generation Firewall ServiceManaged Next Generation Firewall Service
Managed Next Generation Firewall Service
 
Incident Response: Tools & Techniques
Incident Response: Tools & TechniquesIncident Response: Tools & Techniques
Incident Response: Tools & Techniques
 
New Battle Lines for Security
New Battle Lines for SecurityNew Battle Lines for Security
New Battle Lines for Security
 
SORT OUT YOUR SIEM
SORT OUT YOUR SIEMSORT OUT YOUR SIEM
SORT OUT YOUR SIEM
 

Recently uploaded

TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 

Recently uploaded (20)

TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 

Balance Risk With Better Threat Detection

  • 1. BALANCE RISK WITH BETTER THREAT DETECTION Paul Risk Chief Technology Officer www.secdata.com 1
  • 2. We’re on TV! Monitoringsternthe Facebookvisited it again!” Readinginwirelessfree “don’t Viewing room all account Giving them aDon’t trust you’vemen! doSSIDs Seeing where these foodand Hiding your youractivity door Everyonesome their phone using emails Have talking tonext 2
  • 3. WE KNOW THAT THREATS ARE REAL 3
  • 4. ‘WHEN’ COULD BE HAPPENING TO YOU 66% of breaches take months or even years to be discovered, up from 56% in 2012 69% of breaches are spotted by an external party, like customers 29% of attacks used emails, phone calls and social networks to gain information 76% of network intrusions exploited weak or stolen credentials *Data from Verizon’s 2013 Data Breach Investigations Report 4
  • 5. APT There are more threats and attack vectors than you can effectively protect against WEB CONTENT? WEB APPS? WIRELESS ACCESS? TCP/IP HIJACKING BLENDED ATTACKS (SPEAR) PHISHING SOCIAL ENGINEERING SQL INJECTION DNS POISONING DDoS ATTACKS MALWARE WE KNOW THREATS ARE INFINITE Threat acceleration 5
  • 6. WE KNOW TECHNOLOGY IS COMPLEX SPDY & HTTP 2 INSPECTION NEXT-GEN FIREWALLS IDS/IPS SOLUTION DATA LOSS PREVENTION DDoS MITIGATION SOLUTION WEB CONTENT FILTERING SECURE INTERNET GATEWAY NAC/802.1X SOLUTION WIRELESS SECURITY Over 40 tools Already there are more tools than you can deploy – what is the solution? TWO FACTOR AUTHENTICATION 6
  • 8. INTELLIGENT SECURITY Security is a moving target Threats keep on coming Visibility is the key to security intelligence We know we have to accept some risk How do we compensate for this? Not more mousetraps - just using them better 8
  • 9. INTELLIGENT SECURITY Security is a moving target Threats keep on coming Visibility is the key to security intelligence We know we have to accept some risk How do we compensate for this? Not more mousetraps - just using them better 9
  • 11. WHY BETTER DETECTION IS CRITICAL Budget limitations Change in risk profile Security investment cannot cover all eventualities You will be working with known risk and vulnerabilities Be proactive Get the drop on attackers Don’t wait for threats to appear – proactively mitigate Early threat detection will reduce known risks 11
  • 12. DETECTION FOCUSED SECURITY MODEL • • • • Categorise risk – know what you must lock up, identify what you can manage and decide what risks you can accept Protect your most valuable assets with next-gen technologies Ensure you deploy threat detection for known risks and vulnerabilities Undertake proactive threat detection to mitigate unknown risks Feedback into risk profile REMEDIATE MANAGE UNKOWN RISK KNOWN RISK • ACCEPT 12
  • 13. WHAT’S REQUIRED FOR PROPER DETECTION Macro-level intelligence Proactive security Elastic expertise Cyber intelligence correlated from multiple internal and external sources Detect and divert threats before they happen Depth and breadth in security and cloud skills and capacity Complete metrics Regular, compre hensive security metrics and analysis Agility Quick strategic response to evolving threats 24x7 real-time monitoring Continuous, 24x7, expert monitoring and interpretation of security data 13
  • 14. HOW SECUREDATA DOES DETECTION AffinitySECURE (Pro-active Security Monitoring) • Early Warning System for changes in device behaviour and health • Advance Threat Warnings • Trend Based Analysis of system parameters • Real-Time Granular Monitoring • Automatic Incident logging based upon severity and threshold level • Device Port Monitoring (ensures unknown or unauthorised services aren’t started on a device) Cloud SIEM Service • Outsourced 24x7x365 Service providing centralised real-time event analysis for log and event information • Single pane of glass for all network and security incidents • Advanced threat and security incident detection on a 24x7x365 basis 14
  • 15. USE YOUR MOUSETRAPS BETTER • DDos • Network Visibility/ Performance Monitoring • Application Security • Load Balancing • SIEM • IDS/IDP • Security Gateway • Security Virtualisation • • • • Authentication IDS / IDP Remote Access Wireless Security • Network Visibility/ Performance Monitoring • • • • • Acceleration Application Security Load Balancing Network Visibility/ Performance Monitoring • Acceleration • Content Security • DLP • Network Visibility/ Performance Monitoring • • • • • Acceleration Application Security Load Balancing Remote Access Security Gateway • Authentication • • • • • • • • Compliance Content Security DDoS • DLP Endpoint Security IDS / IDP Remote Access Security Gateway Security Virtualisation • Application Security • DDoS • Authentication • • • • Remote Access Routing Security Gateway Switching • • • • • • • • Application Security DDoS IDS/IDP Remote Access Routing Security Gateway Security Virtualisation Switching • Compliance • Content Security • DLP 15
  • 16. USE SPECIALIST DETECTION SERVICES Ensure your systems are configured correctly and managed correctly, while freeing-up internal resources AffinitySECURE Managed Services • • • • • • • • • • Cloud SIEM Cloud Services Managed Managed Managed Managed Managed Managed Managed Managed Managed Managed Firewalls Next Gen Firewalls Web Content Security Remote Access Two-Factor Authentication Wireless IDS/IDP SIEM Load Balancing Switches/Routers • • • • Cloud Internet Gateway Cloud SIEM Cloud Global Load Balancing Phishing-as-a-Service 16
  • 17. WHAT STEPS TO TAKE Understand where your assets are and what needs protection Proactively detect emerging threats Apply real time monitoring for known threats Deploy the right tools to protect critical assets 17

Editor's Notes

  1. Walk through each stage/picture abovehttp://www.channel4.com/news/privacy-phone-wifi-gchq-mobile-data
  2. This slide will animate to walk through the numerous threats.Key points:Threats are happening to brands you would expect to be secureExpect to be breached – it’s a question of when and not ifhttp://www.ft.com/cms/s/0/83e0aa90-417b-11e3-9073-00144feabdc0.html#axzz2l7p5jgUnhttp://uk.reuters.com/article/2013/06/21/uk-facebook-security-idUKBRE95K19120130621http://www.crn.com/news/cloud/240149905/evernote-breach-means-50-million-password-resets.htm
  3. So if, security has moved from preventing the if to identifying the whenHow do you know when?These figures show at the moment, it suggests we are not focusing on the right areas
  4. When is an issue for us, but *where* is also importantNew threats and attack vectors are emerging all the time, so where can we predict and detect new threats?
  5. We know it will happen, but we’re not sure when or where from – the landscape is getting harder to controlAt the same time, we have all these point technology solutions that are layering on top of each other – there will be infinite tools to handle every emerging threat, so can we continue on this path?
  6. Visibility – make this largeWe haven’t got ervtyhintg covered, we haven’t got it all monitored
  7. This slide will build from pink and then around the circleKey points: security keeps on changing, threats keep emerging.As we’ve just said, complexity and scale are increasing – we know we have to accept risk So what do we do about this new risk we have introduced?Two things:We make better use of technology. We don’t need more mousetraps, just the mousetraps you’ve got focused in a better wayWe need VISIBILITY- this is the key to security now and in the futureVisibility – make this largeWe haven’t got everything covered, we haven’t got it all monitored
  8. This slide will build from pink and then around the circleKey points: security keeps on changing, threats keep emerging.As we’ve just said, complexity and scale are increasing – we know we have to accept risk So what do we do about this new risk we have introduced?Two things:We make better use of technology. We don’t need more mousetraps, just the mousetraps you’ve got focused in a better wayWe need VISIBILITY- this is the key to security now and in the futureVisibility – make this largeWe haven’t got everything covered, we haven’t got it all monitored
  9. The image here will change – take this as a placeholder slide!
  10. Within this new world of threat detection, we are asking you to approach security in a different wayYou will no doubt have plenty of point security solutions, all with monitoring and dashboardsWhat’s different here is that it’s gone up on the priority agenda – that means you can’t plug in the technology and review it at the end of the weekIt needs ‘eyes on’ so you have to decide if you have the resource, if you have the expertise, if you have a plan BSome of these items you will want to keep in-house, others you can work with a partner or a combination of what works for you
  11. What does this new model of threat detection look like?We’ve simplified it down, but essentially, You need to categorise risk – what will you accept, what can you manage and what is critical to keep locked upKnowing your assets and using the scorecards and reference models Carl mentioned will enable you to do thisThe swiss cheese approach to layering on technology to cover as many holes as possible doesn’t need to apply any longerYou can have some holes – as long as you know what they are and as long as you are detecting threats for these known vulnerabilitiesUnknown threats of course are still out there – so in addition to managing known risks, you need to be proactively undertaking threat detection
  12. Within this new world of threat detection, we are asking you to approach security in a different wayYou will no doubt have plenty of point security solutions, all with monitoring and dashboardsWhat’s different here is that it’s gone up on the priority agenda – that means you can’t plug in the technology and review it at the end of the weekIt needs ‘eyes on’ so you have to decide if you have the resource, if you have the expertise, if you have a plan BSome of these items you will want to keep in-house, others you can work with a partner or a combination of what works for you
  13. Paul to include dashboard screenshot