SlideShare a Scribd company logo

Survival In An Evolving Threat Landscape

Sirius
Sirius

In today’s threat landscape, nothing static remains secure. Cyber attackers continuously seek new vulnerabilities to exploit in order to keep ahead of the latest security advances, and they are succeeding. High-profile data breaches are dominating headlines, and attacks have become so pervasive that on average, a malware event occurs at a single organization once every three minutes. In this environment, no single security system can protect your organization from threats. You've got to adapt to survive. Learn: --The increased attack vectors inherent in the current security landscape. --How to rethink your approach and adapt your strategy to achieve a more nimble security stance with multiple layers of defense, analytics and incident response. --How to safeguard distributed applications and mobile, cloud and social interactions across the enterprise. --How to optimize your security operations without overspending.

Technology
1 of 27
Processes are monitored and measured with trending Best practices are followed Continuous improvements identified and applied Formal global IT risk management process
The annual cost of cyber attacks rose to an average of $11.6M in 2013, an increase of 26% over 2012. The time it took to resolve an attack averaged 32 days, with a cost of over $32K per day (over $1M total).
1. Prevention is futile: Advanced Persistent Security Programs 2. The Post-Signature Era: Pervasive Monitoring and Detection 3. Security Big Data Analytics 4. Context-Aware Security 5. Reputation Services and “Trustability” 6. The Growing Role of Collective Intelligence 7. The Shift to Information-centric Security Strategies 8. Virtualized and x86 Software-based Security Controls 9. The Shift to Cloud-based security controls 10. The Software Defined Data Center comes to Security Gartner analyst: Neil McDonald | “Protection from Advanced Targeted Attacks in a Consumerized, Cloudified World”
HEADCOUNT AND SKILLS ESCALATING THREATS BUSINESS DEMANDS
TRADITIONAL DC HYBRID DC CLOUD ENTERPRISE DATA APPLICATIONS
HOTEL EMPLOYEES OFFICE CAR COFFEE SHOP CUSTOMERS HOME PARTNERS
OPERATIONAL SECURITY HEADCOUNT AND SKILLS ESCALATING THREATS BUSINESS DEMANDS
Reconnaissance Weaponization Delivery Exploitation Command and Control Exfiltration
1. Adversary performs reconnaissance on the target & starts to weaponize 2. Adversary delivers a spear phishing email with attachment to target 3. Target opens attachment, downloads malware & it is executed 4. Adversary exploits the system, allowing entry into the network 5. Command & control communication with adversary is established 6. Adversary moves laterally within the network & establishes multiple back doors to maintain persistence 7. Adversary accesses the directory & compromises legitimate system & user credentials 8. Adversary utilizes the legitimate system & user credentials to access sensitive file servers 9. Adversary starts sensitive data exfiltration, leveraging VPN with compromised credentials or evasive techniques From spear phishing to exfiltration in nine steps
Work from the assumption that you are already compromised; move from a reactive, perimeter-based mentality to an active approach: • Enhanced defenses • Incident response • Intelligence and analytics REPUTATION SERVICES THREAT INTELLIGENCE ATTACKER INTELLIGENCE Collective security intelligence services:
Cyber Attackers Diverse Users & Devices Distributed Applications & Data
APPLICATIONSSERVICES USERSDEVICES
Is your organization responding to the new perimeter and taking steps to counter targeted attacks?
Reconnaissance Weaponization Delivery Exploitation Command and Control Exfiltration Observe Detect Identify Neutralize
Core Risk Reduction Enhanced Risk Reduction Core Security State Enhanced Security State Optimized Security • Processes are ad hoc and disorganized • Security is not defined • No mgmt reporting metrics • Security is a reactive process • Processes follow a regular pattern • Security is defined but not aligned with business objectives • No mgmt reporting • Security involvement in projects and initiatives are ad hoc • Processes are documented and communicated • Formal integrated policy suite, with links to workforce awareness, education, and training programs • From a risk mgmt committee • Limited mgmt reporting • Processes are monitored and measured • Formal global IT risk mgmt process • Full mgmt reporting • Consistent and repeatable process • Processes are monitored and measured with trending • Best practices are followed • Continuous improvements identified and applied • Formal global IT risk mgmt process
 Knowing what you need to protect  Continuous security posture assessment  Enhanced defenses, detection and intelligence capabilities  Staff and operational support  Security awareness and training  Proactive incident response  Roadmap to optimized security model
Technology consulting, IT infrastructure technology and integration, and leasing solutions for your business. Visit us at www.forsythe.com. Brought to you by:
http://focus.forsythe.com/
Survival In An Evolving Threat Landscape

Recommended

HaleResume17June2015
HaleResume17June2015HaleResume17June2015
HaleResume17June2015
David Hale
 
ISR Systems Development
ISR Systems DevelopmentISR Systems Development
ISR Systems Development
Booz Allen Hamilton
 
Modern C4ISR Integrates, Innovates and Secures Military Networks
Modern C4ISR Integrates, Innovates and Secures Military NetworksModern C4ISR Integrates, Innovates and Secures Military Networks
Modern C4ISR Integrates, Innovates and Secures Military Networks
Booz Allen Hamilton
 
071-332-5000 Prepare an Operation Overlay
071-332-5000 Prepare an Operation Overlay071-332-5000 Prepare an Operation Overlay
071-332-5000 Prepare an Operation Overlay
Mintcho Mintchev
 
Small Wars Journal_Identity and Biometrics Enabled Intelligence (BEI)_MAR_16
Small Wars Journal_Identity and Biometrics Enabled Intelligence (BEI)_MAR_16Small Wars Journal_Identity and Biometrics Enabled Intelligence (BEI)_MAR_16
Small Wars Journal_Identity and Biometrics Enabled Intelligence (BEI)_MAR_16
Victor R. Morris
 
PMESII-DIME framework
PMESII-DIME frameworkPMESII-DIME framework
PMESII-DIME framework
Jeff Abbott
 
The Enterprise Integrator - C4ISR
The Enterprise Integrator - C4ISRThe Enterprise Integrator - C4ISR
The Enterprise Integrator - C4ISR
Booz Allen Hamilton
 
Military symbols
Military symbolsMilitary symbols
Military symbols
Rudy Flores
 

Recommended

HaleResume17June2015
HaleResume17June2015HaleResume17June2015
HaleResume17June2015
David Hale
 
ISR Systems Development
ISR Systems DevelopmentISR Systems Development
ISR Systems Development
Booz Allen Hamilton
 
Modern C4ISR Integrates, Innovates and Secures Military Networks
Modern C4ISR Integrates, Innovates and Secures Military NetworksModern C4ISR Integrates, Innovates and Secures Military Networks
Modern C4ISR Integrates, Innovates and Secures Military Networks
Booz Allen Hamilton
 
071-332-5000 Prepare an Operation Overlay
071-332-5000 Prepare an Operation Overlay071-332-5000 Prepare an Operation Overlay
071-332-5000 Prepare an Operation Overlay
Mintcho Mintchev
 
Small Wars Journal_Identity and Biometrics Enabled Intelligence (BEI)_MAR_16
Small Wars Journal_Identity and Biometrics Enabled Intelligence (BEI)_MAR_16Small Wars Journal_Identity and Biometrics Enabled Intelligence (BEI)_MAR_16
Small Wars Journal_Identity and Biometrics Enabled Intelligence (BEI)_MAR_16
Victor R. Morris
 
PMESII-DIME framework
PMESII-DIME frameworkPMESII-DIME framework
PMESII-DIME framework
Jeff Abbott
 
The Enterprise Integrator - C4ISR
The Enterprise Integrator - C4ISRThe Enterprise Integrator - C4ISR
The Enterprise Integrator - C4ISR
Booz Allen Hamilton
 
Military symbols
Military symbolsMilitary symbols
Military symbols
Rudy Flores
 
Counter Guerrilla Warfare
Counter Guerrilla WarfareCounter Guerrilla Warfare
Counter Guerrilla Warfare
Manjula Pradeep Gunathilake
 
KOKODA: So it was at Kokoda? [Humanities]
KOKODA: So it was at Kokoda? [Humanities]KOKODA: So it was at Kokoda? [Humanities]
KOKODA: So it was at Kokoda? [Humanities]
Yaryalitsa
 
Mdmp How To Guide
Mdmp How To GuideMdmp How To Guide
Mdmp How To Guide
Thomas cleary
 
Intelligence Specialist Resume
Intelligence Specialist ResumeIntelligence Specialist Resume
Intelligence Specialist Resume
Jennifer Ng
 
Military_Review_JAN_2017
Military_Review_JAN_2017Military_Review_JAN_2017
Military_Review_JAN_2017
Victor R. Morris
 
Military_Intelligence_Professional_Bulletin_OCT_DEC_2015
Military_Intelligence_Professional_Bulletin_OCT_DEC_2015Military_Intelligence_Professional_Bulletin_OCT_DEC_2015
Military_Intelligence_Professional_Bulletin_OCT_DEC_2015
Victor R. Morris
 
Military Decision Making Process (Mar 08) 3
Military Decision Making Process (Mar 08) 3Military Decision Making Process (Mar 08) 3
Military Decision Making Process (Mar 08) 3
Thomas cleary
 
Military_Intelligence_Professional_Bulletin_APR_JUN_2015
Military_Intelligence_Professional_Bulletin_APR_JUN_2015Military_Intelligence_Professional_Bulletin_APR_JUN_2015
Military_Intelligence_Professional_Bulletin_APR_JUN_2015
Victor R. Morris
 
TRADOC OE Operational Environment 2010-2025
TRADOC OE Operational Environment 2010-2025TRADOC OE Operational Environment 2010-2025
TRADOC OE Operational Environment 2010-2025
US Army TRADOC G2
 
Teaching intelligence
Teaching intelligenceTeaching intelligence
Teaching intelligence
Clifford Stone
 
Basic intelligence
Basic intelligenceBasic intelligence
Basic intelligence
Joann Villareal
 
ASCOPE
ASCOPEASCOPE
ASCOPE
Andrew Major
 
Jason Mdmp Chart
Jason Mdmp ChartJason Mdmp Chart
Jason Mdmp Chart
Thomas cleary
 
Mdmp Bctp
Mdmp BctpMdmp Bctp
Mdmp Bctp
Thomas cleary
 
Counterintelligence
CounterintelligenceCounterintelligence
Counterintelligence
kelsports
 
Intelligence Cycle
Intelligence CycleIntelligence Cycle
Intelligence Cycle
Princess Lyka De Guzman
 
7 Essential Services Every Data Center Solutions Provider Should Have
7 Essential Services Every Data Center Solutions Provider Should Have7 Essential Services Every Data Center Solutions Provider Should Have
7 Essential Services Every Data Center Solutions Provider Should Have
Sirius
 
Homeland Threats: Today and Tomorrow
Homeland Threats: Today and TomorrowHomeland Threats: Today and Tomorrow
Homeland Threats: Today and Tomorrow
Booz Allen Hamilton
 
Espionage
EspionageEspionage
Espionage
Tom Clowers
 
Healthcare Cybersecurity Survey 2018 - Sirius
Healthcare Cybersecurity Survey 2018 - SiriusHealthcare Cybersecurity Survey 2018 - Sirius
Healthcare Cybersecurity Survey 2018 - Sirius
Sirius
 
6 Guidelines on Crafting a Charter for your Business Transformation
6 Guidelines on Crafting a Charter for your Business Transformation6 Guidelines on Crafting a Charter for your Business Transformation
6 Guidelines on Crafting a Charter for your Business Transformation
Sirius
 
Exhaust into Fuel: Turning Data into a Strategic Business Asset
Exhaust into Fuel: Turning Data into a Strategic Business AssetExhaust into Fuel: Turning Data into a Strategic Business Asset
Exhaust into Fuel: Turning Data into a Strategic Business Asset
Sirius
 

More Related Content

Viewers also liked

Intelligence Specialist Resume
Intelligence Specialist ResumeIntelligence Specialist Resume
Intelligence Specialist Resume
Jennifer Ng
 
Military_Intelligence_Professional_Bulletin_OCT_DEC_2015
Military_Intelligence_Professional_Bulletin_OCT_DEC_2015Military_Intelligence_Professional_Bulletin_OCT_DEC_2015
Military_Intelligence_Professional_Bulletin_OCT_DEC_2015
Victor R. Morris
 
Military Decision Making Process (Mar 08) 3
Military Decision Making Process (Mar 08) 3Military Decision Making Process (Mar 08) 3
Military Decision Making Process (Mar 08) 3
Thomas cleary
 
Military_Intelligence_Professional_Bulletin_APR_JUN_2015
Military_Intelligence_Professional_Bulletin_APR_JUN_2015Military_Intelligence_Professional_Bulletin_APR_JUN_2015
Military_Intelligence_Professional_Bulletin_APR_JUN_2015
Victor R. Morris
 
TRADOC OE Operational Environment 2010-2025
TRADOC OE Operational Environment 2010-2025TRADOC OE Operational Environment 2010-2025
TRADOC OE Operational Environment 2010-2025
US Army TRADOC G2
 
Counterintelligence
CounterintelligenceCounterintelligence
Counterintelligence
kelsports
 
7 Essential Services Every Data Center Solutions Provider Should Have
7 Essential Services Every Data Center Solutions Provider Should Have7 Essential Services Every Data Center Solutions Provider Should Have
7 Essential Services Every Data Center Solutions Provider Should Have
Sirius
 

Viewers also liked (19)

Counter Guerrilla Warfare
Counter Guerrilla WarfareCounter Guerrilla Warfare
Counter Guerrilla Warfare
 
KOKODA: So it was at Kokoda? [Humanities]
KOKODA: So it was at Kokoda? [Humanities]KOKODA: So it was at Kokoda? [Humanities]
KOKODA: So it was at Kokoda? [Humanities]
 
Mdmp How To Guide
Mdmp How To GuideMdmp How To Guide
Mdmp How To Guide
 
Intelligence Specialist Resume
Intelligence Specialist ResumeIntelligence Specialist Resume
Intelligence Specialist Resume
 
Military_Review_JAN_2017
Military_Review_JAN_2017Military_Review_JAN_2017
Military_Review_JAN_2017
 
Military_Intelligence_Professional_Bulletin_OCT_DEC_2015
Military_Intelligence_Professional_Bulletin_OCT_DEC_2015Military_Intelligence_Professional_Bulletin_OCT_DEC_2015
Military_Intelligence_Professional_Bulletin_OCT_DEC_2015
 
Military Decision Making Process (Mar 08) 3
Military Decision Making Process (Mar 08) 3Military Decision Making Process (Mar 08) 3
Military Decision Making Process (Mar 08) 3
 
Military_Intelligence_Professional_Bulletin_APR_JUN_2015
Military_Intelligence_Professional_Bulletin_APR_JUN_2015Military_Intelligence_Professional_Bulletin_APR_JUN_2015
Military_Intelligence_Professional_Bulletin_APR_JUN_2015
 
TRADOC OE Operational Environment 2010-2025
TRADOC OE Operational Environment 2010-2025TRADOC OE Operational Environment 2010-2025
TRADOC OE Operational Environment 2010-2025
 
Teaching intelligence
Teaching intelligenceTeaching intelligence
Teaching intelligence
 
Basic intelligence
Basic intelligenceBasic intelligence
Basic intelligence
 
ASCOPE
ASCOPEASCOPE
ASCOPE
 
Jason Mdmp Chart
Jason Mdmp ChartJason Mdmp Chart
Jason Mdmp Chart
 
Mdmp Bctp
Mdmp BctpMdmp Bctp
Mdmp Bctp
 
Counterintelligence
CounterintelligenceCounterintelligence
Counterintelligence
 
Intelligence Cycle
Intelligence CycleIntelligence Cycle
Intelligence Cycle
 
7 Essential Services Every Data Center Solutions Provider Should Have
7 Essential Services Every Data Center Solutions Provider Should Have7 Essential Services Every Data Center Solutions Provider Should Have
7 Essential Services Every Data Center Solutions Provider Should Have
 
Homeland Threats: Today and Tomorrow
Homeland Threats: Today and TomorrowHomeland Threats: Today and Tomorrow
Homeland Threats: Today and Tomorrow
 
Espionage
EspionageEspionage
Espionage
 

More from Sirius

Exhaust into Fuel: Turning Data into a Strategic Business Asset
Exhaust into Fuel: Turning Data into a Strategic Business AssetExhaust into Fuel: Turning Data into a Strategic Business Asset
Exhaust into Fuel: Turning Data into a Strategic Business Asset
Sirius
 
3 Keys to Web Application Security
3 Keys to Web Application Security3 Keys to Web Application Security
3 Keys to Web Application Security
Sirius
 
Best Practices for Multi-Factor Authentication: Delivering Stronger Security ...
Best Practices for Multi-Factor Authentication: Delivering Stronger Security ...Best Practices for Multi-Factor Authentication: Delivering Stronger Security ...
Best Practices for Multi-Factor Authentication: Delivering Stronger Security ...
Sirius
 
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid IT
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid ITOptimizing Your IT Strategy: 5 Steps to Successfull Hybrid IT
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid IT
Sirius
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to Success
Sirius
 
Keep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessKeep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR Success
Sirius
 
Beyond backup to intelligent data management
Beyond backup to intelligent data managementBeyond backup to intelligent data management
Beyond backup to intelligent data management
Sirius
 
Making the Jump to Hyperconvergence: Don't Get Left Behind
Making the Jump to Hyperconvergence: Don't Get Left BehindMaking the Jump to Hyperconvergence: Don't Get Left Behind
Making the Jump to Hyperconvergence: Don't Get Left Behind
Sirius
 
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to SuccessAddressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Sirius
 
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Sirius
 
Your Cloud Strategy: Evolution or Revolution
Your Cloud Strategy: Evolution or RevolutionYour Cloud Strategy: Evolution or Revolution
Your Cloud Strategy: Evolution or Revolution
Sirius
 
Maturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key ConsiderationsMaturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key Considerations
Sirius
 
Open Source, Open Mindset: 4 Keys to Continuous Cloud Transformation
Open Source, Open Mindset: 4 Keys to Continuous Cloud TransformationOpen Source, Open Mindset: 4 Keys to Continuous Cloud Transformation
Open Source, Open Mindset: 4 Keys to Continuous Cloud Transformation
Sirius
 
10 Keys to Data-Centric Security
10 Keys to Data-Centric Security10 Keys to Data-Centric Security
10 Keys to Data-Centric Security
Sirius
 
6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence
Sirius
 

More from Sirius (20)

Healthcare Cybersecurity Survey 2018 - Sirius
Healthcare Cybersecurity Survey 2018 - SiriusHealthcare Cybersecurity Survey 2018 - Sirius
Healthcare Cybersecurity Survey 2018 - Sirius
 
6 Guidelines on Crafting a Charter for your Business Transformation
6 Guidelines on Crafting a Charter for your Business Transformation6 Guidelines on Crafting a Charter for your Business Transformation
6 Guidelines on Crafting a Charter for your Business Transformation
 
Exhaust into Fuel: Turning Data into a Strategic Business Asset
Exhaust into Fuel: Turning Data into a Strategic Business AssetExhaust into Fuel: Turning Data into a Strategic Business Asset
Exhaust into Fuel: Turning Data into a Strategic Business Asset
 
3 Keys to Web Application Security
3 Keys to Web Application Security3 Keys to Web Application Security
3 Keys to Web Application Security
 
Best Practices for Multi-Factor Authentication: Delivering Stronger Security ...
Best Practices for Multi-Factor Authentication: Delivering Stronger Security ...Best Practices for Multi-Factor Authentication: Delivering Stronger Security ...
Best Practices for Multi-Factor Authentication: Delivering Stronger Security ...
 
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid IT
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid ITOptimizing Your IT Strategy: 5 Steps to Successfull Hybrid IT
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid IT
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to Success
 
Keep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessKeep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR Success
 
Beyond backup to intelligent data management
Beyond backup to intelligent data managementBeyond backup to intelligent data management
Beyond backup to intelligent data management
 
Making the Jump to Hyperconvergence: Don't Get Left Behind
Making the Jump to Hyperconvergence: Don't Get Left BehindMaking the Jump to Hyperconvergence: Don't Get Left Behind
Making the Jump to Hyperconvergence: Don't Get Left Behind
 
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to SuccessAddressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
 
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
 
6 Ways to Deceive Cyber Attackers
6 Ways to Deceive Cyber Attackers6 Ways to Deceive Cyber Attackers
6 Ways to Deceive Cyber Attackers
 
Your Cloud Strategy: Evolution or Revolution
Your Cloud Strategy: Evolution or RevolutionYour Cloud Strategy: Evolution or Revolution
Your Cloud Strategy: Evolution or Revolution
 
Maturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key ConsiderationsMaturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key Considerations
 
Open Source, Open Mindset: 4 Keys to Continuous Cloud Transformation
Open Source, Open Mindset: 4 Keys to Continuous Cloud TransformationOpen Source, Open Mindset: 4 Keys to Continuous Cloud Transformation
Open Source, Open Mindset: 4 Keys to Continuous Cloud Transformation
 
10 Keys to Data-Centric Security
10 Keys to Data-Centric Security10 Keys to Data-Centric Security
10 Keys to Data-Centric Security
 
5 Keys to Addressing Insider Threats
5 Keys to Addressing Insider Threats5 Keys to Addressing Insider Threats
5 Keys to Addressing Insider Threats
 
6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence
 
5 Ways to Close Your Information Technology Skills Gap
5 Ways to Close Your Information Technology Skills Gap5 Ways to Close Your Information Technology Skills Gap
5 Ways to Close Your Information Technology Skills Gap
 

Recently uploaded

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 

Recently uploaded (20)

Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 

Survival In An Evolving Threat Landscape

  • 1.
  • 2.
  • 3. Processes are monitored and measured with trending Best practices are followed Continuous improvements identified and applied Formal global IT risk management process
  • 4. The annual cost of cyber attacks rose to an average of $11.6M in 2013, an increase of 26% over 2012. The time it took to resolve an attack averaged 32 days, with a cost of over $32K per day (over $1M total).
  • 5.
  • 6. 1. Prevention is futile: Advanced Persistent Security Programs 2. The Post-Signature Era: Pervasive Monitoring and Detection 3. Security Big Data Analytics 4. Context-Aware Security 5. Reputation Services and “Trustability” 6. The Growing Role of Collective Intelligence 7. The Shift to Information-centric Security Strategies 8. Virtualized and x86 Software-based Security Controls 9. The Shift to Cloud-based security controls 10. The Software Defined Data Center comes to Security Gartner analyst: Neil McDonald | “Protection from Advanced Targeted Attacks in a Consumerized, Cloudified World”
  • 8. TRADITIONAL DC HYBRID DC CLOUD ENTERPRISE DATA APPLICATIONS
  • 9. HOTEL EMPLOYEES OFFICE CAR COFFEE SHOP CUSTOMERS HOME PARTNERS
  • 11. Reconnaissance Weaponization Delivery Exploitation Command and Control Exfiltration
  • 12. 1. Adversary performs reconnaissance on the target & starts to weaponize 2. Adversary delivers a spear phishing email with attachment to target 3. Target opens attachment, downloads malware & it is executed 4. Adversary exploits the system, allowing entry into the network 5. Command & control communication with adversary is established 6. Adversary moves laterally within the network & establishes multiple back doors to maintain persistence 7. Adversary accesses the directory & compromises legitimate system & user credentials 8. Adversary utilizes the legitimate system & user credentials to access sensitive file servers 9. Adversary starts sensitive data exfiltration, leveraging VPN with compromised credentials or evasive techniques From spear phishing to exfiltration in nine steps
  • 13. Work from the assumption that you are already compromised; move from a reactive, perimeter-based mentality to an active approach: • Enhanced defenses • Incident response • Intelligence and analytics REPUTATION SERVICES THREAT INTELLIGENCE ATTACKER INTELLIGENCE Collective security intelligence services:
  • 14. Cyber Attackers Diverse Users & Devices Distributed Applications & Data
  • 16. Is your organization responding to the new perimeter and taking steps to counter targeted attacks?
  • 17.
  • 18. Reconnaissance Weaponization Delivery Exploitation Command and Control Exfiltration Observe Detect Identify Neutralize
  • 19.
  • 20. Core Risk Reduction Enhanced Risk Reduction Core Security State Enhanced Security State Optimized Security • Processes are ad hoc and disorganized • Security is not defined • No mgmt reporting metrics • Security is a reactive process • Processes follow a regular pattern • Security is defined but not aligned with business objectives • No mgmt reporting • Security involvement in projects and initiatives are ad hoc • Processes are documented and communicated • Formal integrated policy suite, with links to workforce awareness, education, and training programs • From a risk mgmt committee • Limited mgmt reporting • Processes are monitored and measured • Formal global IT risk mgmt process • Full mgmt reporting • Consistent and repeatable process • Processes are monitored and measured with trending • Best practices are followed • Continuous improvements identified and applied • Formal global IT risk mgmt process
  • 21.
  • 22.
  • 23.
  • 24.  Knowing what you need to protect  Continuous security posture assessment  Enhanced defenses, detection and intelligence capabilities  Staff and operational support  Security awareness and training  Proactive incident response  Roadmap to optimized security model
  • 25. Technology consulting, IT infrastructure technology and integration, and leasing solutions for your business. Visit us at www.forsythe.com. Brought to you by:

Editor's Notes

  1. David Launches: This is not really a security problem – it’s an IT Ops problem…how can I tee this up? Applications and data may be in a traditional data center, hybrid data center, or somewhere in the cloud.
  2. David launches In the past, when IT was setting up access to restricted systems, it only had one location to consider: within the enterprise. Users who wanted to access corporate data had to be on-premise, where security systems were tested and hardened. That was OK, because they were employees who typically did their work from an assigned space at a specific location. The IT department created the systems and distributed the devices that could be used to work within that closed environment. Today, that intimate corporate network is a globally connected web of users and devices that are accessing IT environments wherever, whenever, and however they choose. And the users have extended beyond employees to include partners and customers. Users could be working from the office, from home, in a car, a coffee shop, an airport or a hotel room. Even if they are internal employees in an office, they may be using a shared space—“hoteling”—rather than working from an assigned port. Each of these cases presents a different set of circumstances that pose the same question: Maggie: How do you know the person attempting to access corporate data is who they appear to be? As apps move, companies need to have a better handle on who is using them:   Who are they? Where are they? What are they doing? They need a granular understanding of the following:   Where is the data? Who owns it? Do I have it classified? Do I have data protection controls (encryption etc.)?