SlideShare a Scribd company logo

vip_day_2._1130_cloud

N
Nicholas Chia
1 of 24
Download to read offline
© Copyright 2013 EMC Corporation. All rights reserved. 1 UNLOCKING THE FUTURE ENTERPRISE 2013 The session is about to commence. Please switch your phone to silent!
© Copyright 2013 EMC Corporation. All rights reserved. 2 UNLOCKING THE FUTURE ENTERPRISE 2013 Defend with Confidence Against Advanced Threats Nicholas Chia SE Manager, SEA RSA
© Copyright 2013 EMC Corporation. All rights reserved. 3 UNLOCKING THE FUTURE ENTERPRISE 2013 TRUST? Years to earn, seconds to break
© Copyright 2013 EMC Corporation. All rights reserved. 4 UNLOCKING THE FUTURE ENTERPRISE 2013 Market Disruptors Infrastructure Transformation Mobile Cloud Less control over access device and back-end infrastructure Threat Landscape Transformation APTs Sophisticated Fraud Fundamentally different tactics, more formidable than ever Business Transformation More hyper-extended, more digital Extended Workforce Networked Value Chains Big Data
© Copyright 2013 EMC Corporation. All rights reserved. 5 UNLOCKING THE FUTURE ENTERPRISE 2013 Speed Response Time 2 Decrease Dwell Time 1 TIME Attack Identified Response System Intrusion Attack Begins Cover-Up Complete Advanced Threats Are Different Cover-Up Discovery Leap Frog Attacks 1 TARGETED SPECIFIC OBJECTIVE STEALTHY LOW AND SLOW 2 3 INTERACTIVE HUMAN INVOLVEMENT Dwell Time Response Time
© Copyright 2013 EMC Corporation. All rights reserved. 6 UNLOCKING THE FUTURE ENTERPRISE 2013 CRIMINALS Unsophisticated, but noisy Organized, sophisticated supply chains (PII, PCI, financial services, retail) Organized crime Petty criminals NON-STATE ACTORS Various reasons, including collaboration with the enemy Political targets of opportunity, mass disruption, mercenary Cyber-terrorists / Hacktivists Insiders NATION STATE ACTORS Government, defense industrial base, IP rich organizations, waterholes Nation states Who Are you Dealing with?
© Copyright 2013 EMC Corporation. All rights reserved. 7 UNLOCKING THE FUTURE ENTERPRISE 2013 Organisations view of their security Prevention FTW!!!!
© Copyright 2013 EMC Corporation. All rights reserved. 8 UNLOCKING THE FUTURE ENTERPRISE 2013 What It Looks Like to the Advance Adversaries loopholes loopholes
© Copyright 2013 EMC Corporation. All rights reserved. 9 UNLOCKING THE FUTURE ENTERPRISE 2013
© Copyright 2013 EMC Corporation. All rights reserved. 10 UNLOCKING THE FUTURE ENTERPRISE 2013 INCIDENT RESPONSE It starts with identifying the incident
© Copyright 2013 EMC Corporation. All rights reserved. 11 UNLOCKING THE FUTURE ENTERPRISE 2013 Resource Shift: Budgets and People Today’s Priorities Prevention 80% Monitoring 15% Response 5% Prevention 33% Intelligence-Driven Security Monitoring 33% Response 33%
© Copyright 2013 EMC Corporation. All rights reserved. 12 UNLOCKING THE FUTURE ENTERPRISE 2013
© Copyright 2013 EMC Corporation. All rights reserved. 13 UNLOCKING THE FUTURE ENTERPRISE 2013 ALERT!!... Multiple indicators to escalate a potential incident Days of Investigation Completed In Hours Session Recreated To Investigate Incident Management Initiated 4 ●●●●●●●● PASSWORD Additional Context Answers More Questions
© Copyright 2013 EMC Corporation. All rights reserved. 14 UNLOCKING THE FUTURE ENTERPRISE 2013 Shift Handoff SOC Manager Network Manager CISO Finance Legal Incident Process Threat Analysis Report KPIs Breach Process IT Handoff Centralize Alerts Measure Efficacy SOC Analyst Breach Coordinator HR IT Malware Analyst Threat Analyst SIEM DLP Network Visibility eFraud Host Visibility Security is Complex!
© Copyright 2013 EMC Corporation. All rights reserved. 15 UNLOCKING THE FUTURE ENTERPRISE 2013 People : Advanced Cyber Defense Training
© Copyright 2013 EMC Corporation. All rights reserved. 16 UNLOCKING THE FUTURE ENTERPRISE 2013 Incident Management Threat Intelligence Management Breach Management SOC Program Management IT Security Risk Management Process : RSA Security Operations User Personas Security Operations Management Persona Driven Design Business-driven Security Operations Management SOC Analysts L1 Analyst L2 Analyst Threat Intel Analyst SOC Management SOC Manager CISO/CSO Cross Functional Teams CIO Business Mgr. Privacy Officer Compliance Legal HR
© Copyright 2013 EMC Corporation. All rights reserved. 17 UNLOCKING THE FUTURE ENTERPRISE 2013 TECHNOLOGY : Advanced Security Ops Center RSA Live Intelligence Threat Intelligence – Rules – Parsers – Alerts – Feeds – Apps – Directory Services – Reports and Custom Actions RSA Security Analytics SharePoint File Servers Databases NAS/SAN Endpoints RSA Data Discovery Enabled by RSA DLP RSA ECAT RSA Security Operations Management Windows Clients/Servers Asset Context Incident Management Vulnerability Risk Management Security Operations Management Capture Time Data Enrichment Distributed Data Collection LIVE LIVE
© Copyright 2013 EMC Corporation. All rights reserved. 18 UNLOCKING THE FUTURE ENTERPRISE 2013 RSA Security Analytics Malware Analysis • Integrated workflow streams enables you to see the before, during and after an event • Allows customization of the analytical scoring logic
© Copyright 2013 EMC Corporation. All rights reserved. 19 UNLOCKING THE FUTURE ENTERPRISE 2013 SHOW ME THE BIG DATA
© Copyright 2013 EMC Corporation. All rights reserved. 20 UNLOCKING THE FUTURE ENTERPRISE 2013 Big Data Security Challenges 1. Big Data Infrastructure 2. Common Meta-Framework 3. Analytic Applications Packet collection & processing Log collection & processing Hadoop Ip.source src_ip Source_IP Ip-source COMMON META FRAME WORK HIVE PIG R MAHOUT HAWQ Analytic Application Machine Learning Predictive Analytics Neural Networks Database ETL ETL FAIL
© Copyright 2013 EMC Corporation. All rights reserved. 21 UNLOCKING THE FUTURE ENTERPRISE 2013 BIG DATA Use Cases • Blacklist IP Generator – Identify new traffic that behaviorally consistent in traffic patterns to a known command-and-control IP • Social Network Analyzer – Discover closely clustered communication events that is known to be associated with infected unmanaged devices and dynamic command-and-control structure • Machine Generated Domain Detector – Measure readability of domain names to detect malware that uses domain generation algorithm
© Copyright 2013 EMC Corporation. All rights reserved. 22 UNLOCKING THE FUTURE ENTERPRISE 2013 Comprehensive Visibility “See everything happening in my environment and normalize it” High Powered Analytics “Give me the speed and smarts to detect, investigate and prioritize potential threats” Big Data Infrastructure “Need a fast and scalable infrastructure to conduct real time and long term analysis” Today’s Security Requirements Integrated Intelligence “Help me understand what to look for and what others have discovered”
© Copyright 2013 EMC Corporation. All rights reserved. 23 UNLOCKING THE FUTURE ENTERPRISE 2013 Nicholas.Chia@RSA.com
vip_day_2._1130_cloud

Recommended

Lessons Learned: Protecting Critical Infrastructure from Cyber Attacks
Lessons Learned: Protecting Critical Infrastructure from Cyber AttacksLessons Learned: Protecting Critical Infrastructure from Cyber Attacks
Lessons Learned: Protecting Critical Infrastructure from Cyber AttacksMighty Guides, Inc.
 
How Aligned Are IT, Employees and Security Practices in Today's Mobile World?
How Aligned Are IT, Employees and Security Practices in Today's Mobile World?How Aligned Are IT, Employees and Security Practices in Today's Mobile World?
How Aligned Are IT, Employees and Security Practices in Today's Mobile World?Ping Identity
 
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and Ideas
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and IdeasBlack Hat USA 2015: A Visual Snapshot of Security Threats, Trends and Ideas
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and IdeasTripwire
 
State of Cyber: Views from an Industry Insider
State of Cyber: Views from an Industry InsiderState of Cyber: Views from an Industry Insider
State of Cyber: Views from an Industry InsiderBen Johnson
 
Close the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote WorkforceClose the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote Workforcejlieberman07
 
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...Symantec
 
Clear and Present Danger
Clear and Present DangerClear and Present Danger
Clear and Present DangerPing Identity
 
Managing Mobile Business Insecurities
Managing Mobile Business InsecuritiesManaging Mobile Business Insecurities
Managing Mobile Business InsecuritiesPing Identity
 

Recommended

Lessons Learned: Protecting Critical Infrastructure from Cyber Attacks
Lessons Learned: Protecting Critical Infrastructure from Cyber AttacksLessons Learned: Protecting Critical Infrastructure from Cyber Attacks
Lessons Learned: Protecting Critical Infrastructure from Cyber AttacksMighty Guides, Inc.
 
How Aligned Are IT, Employees and Security Practices in Today's Mobile World?
How Aligned Are IT, Employees and Security Practices in Today's Mobile World?How Aligned Are IT, Employees and Security Practices in Today's Mobile World?
How Aligned Are IT, Employees and Security Practices in Today's Mobile World?Ping Identity
 
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and Ideas
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and IdeasBlack Hat USA 2015: A Visual Snapshot of Security Threats, Trends and Ideas
Black Hat USA 2015: A Visual Snapshot of Security Threats, Trends and IdeasTripwire
 
State of Cyber: Views from an Industry Insider
State of Cyber: Views from an Industry InsiderState of Cyber: Views from an Industry Insider
State of Cyber: Views from an Industry InsiderBen Johnson
 
Close the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote WorkforceClose the Security Gaps of a Remote Workforce
Close the Security Gaps of a Remote Workforcejlieberman07
 
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...Symantec
 
Clear and Present Danger
Clear and Present DangerClear and Present Danger
Clear and Present DangerPing Identity
 
Managing Mobile Business Insecurities
Managing Mobile Business InsecuritiesManaging Mobile Business Insecurities
Managing Mobile Business InsecuritiesPing Identity
 
Enterprise Cyber Security 2016
Enterprise Cyber Security 2016Enterprise Cyber Security 2016
Enterprise Cyber Security 2016Supply Chain Coalition
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...centralohioissa
 
State of the OpenCloud Report 2020
State of the OpenCloud Report 2020State of the OpenCloud Report 2020
State of the OpenCloud Report 2020Dharmesh Thakker
 
The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016Shannon G., MBA
 
Next-level mobile app security: A programmatic approach
Next-level mobile app security: A programmatic approachNext-level mobile app security: A programmatic approach
Next-level mobile app security: A programmatic approachNowSecure
 
Global Cybersecurity Market (2017 - 2022)
Global Cybersecurity Market (2017 - 2022) Global Cybersecurity Market (2017 - 2022)
Global Cybersecurity Market (2017 - 2022) Research On Global Markets
 
The 1st Step to Zero Trust: Asset Management for Cybersecurity
The 1st Step to Zero Trust: Asset Management for CybersecurityThe 1st Step to Zero Trust: Asset Management for Cybersecurity
The 1st Step to Zero Trust: Asset Management for Cybersecuritynathan-axonius
 
The Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny HeaberlinThe Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny HeaberlinCloud Expo
 
Future of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistFuture of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistMatthew Rosenquist
 
2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEW2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEWSylvain Martinez
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec
 
Cloud Security Strategy by McAfee
Cloud Security Strategy by McAfeeCloud Security Strategy by McAfee
Cloud Security Strategy by McAfeeCristian Garcia G.
 
Outlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber SecurityOutlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber SecurityMastel Indonesia
 
What you need to know about cyber security
What you need to know about cyber securityWhat you need to know about cyber security
What you need to know about cyber securityCarol Meng-Shih Wang
 
Network cloaking sansv2_
Network cloaking sansv2_Network cloaking sansv2_
Network cloaking sansv2_CMR WORLD TECH
 
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...Tripwire
 
Top 5 Cybersecurity Trends in 2021 and Beyond
Top 5 Cybersecurity Trends in 2021 and BeyondTop 5 Cybersecurity Trends in 2021 and Beyond
Top 5 Cybersecurity Trends in 2021 and BeyondNandita Nityanandam
 
Navigating Zero Trust Presentation Slides
Navigating Zero Trust Presentation SlidesNavigating Zero Trust Presentation Slides
Navigating Zero Trust Presentation SlidesIvanti
 
Compliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadCompliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadIBM Security
 
Silicon Valley top 20
Silicon Valley top 20Silicon Valley top 20
Silicon Valley top 20802 Secure, Inc
 
Accounting Overview
Accounting OverviewAccounting Overview
Accounting OverviewABernard01
 
Valuing Individuals – Transforming Participation in Chronic Kidney Disease
Valuing Individuals – Transforming Participation in Chronic Kidney DiseaseValuing Individuals – Transforming Participation in Chronic Kidney Disease
Valuing Individuals – Transforming Participation in Chronic Kidney DiseaseRenal Association
 

More Related Content

What's hot

Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...centralohioissa
 
State of the OpenCloud Report 2020
State of the OpenCloud Report 2020State of the OpenCloud Report 2020
State of the OpenCloud Report 2020Dharmesh Thakker
 
The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016Shannon G., MBA
 
Next-level mobile app security: A programmatic approach
Next-level mobile app security: A programmatic approachNext-level mobile app security: A programmatic approach
Next-level mobile app security: A programmatic approachNowSecure
 
The 1st Step to Zero Trust: Asset Management for Cybersecurity
The 1st Step to Zero Trust: Asset Management for CybersecurityThe 1st Step to Zero Trust: Asset Management for Cybersecurity
The 1st Step to Zero Trust: Asset Management for Cybersecuritynathan-axonius
 
The Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny HeaberlinThe Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny HeaberlinCloud Expo
 
Future of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistFuture of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistMatthew Rosenquist
 
2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEW2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEWSylvain Martinez
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec
 
Cloud Security Strategy by McAfee
Cloud Security Strategy by McAfeeCloud Security Strategy by McAfee
Cloud Security Strategy by McAfeeCristian Garcia G.
 
Outlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber SecurityOutlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber SecurityMastel Indonesia
 
What you need to know about cyber security
What you need to know about cyber securityWhat you need to know about cyber security
What you need to know about cyber securityCarol Meng-Shih Wang
 
Network cloaking sansv2_
Network cloaking sansv2_Network cloaking sansv2_
Network cloaking sansv2_CMR WORLD TECH
 
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...Tripwire
 
Top 5 Cybersecurity Trends in 2021 and Beyond
Top 5 Cybersecurity Trends in 2021 and BeyondTop 5 Cybersecurity Trends in 2021 and Beyond
Top 5 Cybersecurity Trends in 2021 and BeyondNandita Nityanandam
 
Navigating Zero Trust Presentation Slides
Navigating Zero Trust Presentation SlidesNavigating Zero Trust Presentation Slides
Navigating Zero Trust Presentation SlidesIvanti
 
Compliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadCompliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadIBM Security
 

What's hot (20)

Enterprise Cyber Security 2016
Enterprise Cyber Security 2016Enterprise Cyber Security 2016
Enterprise Cyber Security 2016
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
 
State of the OpenCloud Report 2020
State of the OpenCloud Report 2020State of the OpenCloud Report 2020
State of the OpenCloud Report 2020
 
The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016The State Of Information and Cyber Security in 2016
The State Of Information and Cyber Security in 2016
 
Next-level mobile app security: A programmatic approach
Next-level mobile app security: A programmatic approachNext-level mobile app security: A programmatic approach
Next-level mobile app security: A programmatic approach
 
Global Cybersecurity Market (2017 - 2022)
Global Cybersecurity Market (2017 - 2022) Global Cybersecurity Market (2017 - 2022)
Global Cybersecurity Market (2017 - 2022)
 
The 1st Step to Zero Trust: Asset Management for Cybersecurity
The 1st Step to Zero Trust: Asset Management for CybersecurityThe 1st Step to Zero Trust: Asset Management for Cybersecurity
The 1st Step to Zero Trust: Asset Management for Cybersecurity
 
The Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny HeaberlinThe Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny Heaberlin
 
Future of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistFuture of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.Rosenquist
 
2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEW2019 CYBER SECURITY TRENDS REPORT REVIEW
2019 CYBER SECURITY TRENDS REPORT REVIEW
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
 
Cloud Security Strategy by McAfee
Cloud Security Strategy by McAfeeCloud Security Strategy by McAfee
Cloud Security Strategy by McAfee
 
Outlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber SecurityOutlook Briefing 2016: Cyber Security
Outlook Briefing 2016: Cyber Security
 
What you need to know about cyber security
What you need to know about cyber securityWhat you need to know about cyber security
What you need to know about cyber security
 
Network cloaking sansv2_
Network cloaking sansv2_Network cloaking sansv2_
Network cloaking sansv2_
 
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
Talking To The Board: How To Improve Your Board's Cyber Security Literacy – U...
 
Top 5 Cybersecurity Trends in 2021 and Beyond
Top 5 Cybersecurity Trends in 2021 and BeyondTop 5 Cybersecurity Trends in 2021 and Beyond
Top 5 Cybersecurity Trends in 2021 and Beyond
 
Navigating Zero Trust Presentation Slides
Navigating Zero Trust Presentation SlidesNavigating Zero Trust Presentation Slides
Navigating Zero Trust Presentation Slides
 
Compliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadCompliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies ahead
 
Silicon Valley top 20
Silicon Valley top 20Silicon Valley top 20
Silicon Valley top 20
 

Viewers also liked

Accounting Overview
Accounting OverviewAccounting Overview
Accounting OverviewABernard01
 
Valuing Individuals – Transforming Participation in Chronic Kidney Disease
Valuing Individuals – Transforming Participation in Chronic Kidney DiseaseValuing Individuals – Transforming Participation in Chronic Kidney Disease
Valuing Individuals – Transforming Participation in Chronic Kidney DiseaseRenal Association
 
Yamaguchi Kitchen Renovation
Yamaguchi Kitchen RenovationYamaguchi Kitchen Renovation
Yamaguchi Kitchen RenovationAmy Hill
 
SHRIMP PRODUCT
SHRIMP PRODUCTSHRIMP PRODUCT
SHRIMP PRODUCTMarie JS
 
Worlddiabetesday 121115105422-phpapp02(1)(1)
Worlddiabetesday 121115105422-phpapp02(1)(1)Worlddiabetesday 121115105422-phpapp02(1)(1)
Worlddiabetesday 121115105422-phpapp02(1)(1)thaman555
 
Think kidneys social media guide
Think kidneys social media guide Think kidneys social media guide
Think kidneys social media guide Renal Association
 
YOGURT CONSUMPTION IS ASSOCIATED WITH LESS WEIGHT GAIN OVER TIME - Professor ...
YOGURT CONSUMPTION IS ASSOCIATED WITH LESS WEIGHT GAIN OVER TIME - Professor ...YOGURT CONSUMPTION IS ASSOCIATED WITH LESS WEIGHT GAIN OVER TIME - Professor ...
YOGURT CONSUMPTION IS ASSOCIATED WITH LESS WEIGHT GAIN OVER TIME - Professor ...Yogurt in Nutrition #YINI
 
World kidney day arabic final2015
World kidney day arabic final2015World kidney day arabic final2015
World kidney day arabic final2015Ayman Seddik
 
World Kidney Day Think Kidneys presentation
World Kidney Day Think Kidneys presentationWorld Kidney Day Think Kidneys presentation
World Kidney Day Think Kidneys presentationRenal Association
 
Hotel Background Music and Speaker Systems
Hotel Background Music and Speaker Systems Hotel Background Music and Speaker Systems
Hotel Background Music and Speaker Systems Stephanie Johnston
 
Falar bem em público melhora o seu negócio?
Falar bem em público melhora o seu negócio?Falar bem em público melhora o seu negócio?
Falar bem em público melhora o seu negócio?Waldomiro Filho
 

Viewers also liked (15)

Accounting Overview
Accounting OverviewAccounting Overview
Accounting Overview
 
Valuing Individuals – Transforming Participation in Chronic Kidney Disease
Valuing Individuals – Transforming Participation in Chronic Kidney DiseaseValuing Individuals – Transforming Participation in Chronic Kidney Disease
Valuing Individuals – Transforming Participation in Chronic Kidney Disease
 
PASCAL CASOLARI STUDIO.High
PASCAL CASOLARI STUDIO.HighPASCAL CASOLARI STUDIO.High
PASCAL CASOLARI STUDIO.High
 
Yamaguchi Kitchen Renovation
Yamaguchi Kitchen RenovationYamaguchi Kitchen Renovation
Yamaguchi Kitchen Renovation
 
SHRIMP PRODUCT
SHRIMP PRODUCTSHRIMP PRODUCT
SHRIMP PRODUCT
 
Worlddiabetesday 121115105422-phpapp02(1)(1)
Worlddiabetesday 121115105422-phpapp02(1)(1)Worlddiabetesday 121115105422-phpapp02(1)(1)
Worlddiabetesday 121115105422-phpapp02(1)(1)
 
Student 1
Student 1Student 1
Student 1
 
Think kidneys social media guide
Think kidneys social media guide Think kidneys social media guide
Think kidneys social media guide
 
Cihazlar 3
Cihazlar 3Cihazlar 3
Cihazlar 3
 
0837-Petty-WV
0837-Petty-WV0837-Petty-WV
0837-Petty-WV
 
YOGURT CONSUMPTION IS ASSOCIATED WITH LESS WEIGHT GAIN OVER TIME - Professor ...
YOGURT CONSUMPTION IS ASSOCIATED WITH LESS WEIGHT GAIN OVER TIME - Professor ...YOGURT CONSUMPTION IS ASSOCIATED WITH LESS WEIGHT GAIN OVER TIME - Professor ...
YOGURT CONSUMPTION IS ASSOCIATED WITH LESS WEIGHT GAIN OVER TIME - Professor ...
 
World kidney day arabic final2015
World kidney day arabic final2015World kidney day arabic final2015
World kidney day arabic final2015
 
World Kidney Day Think Kidneys presentation
World Kidney Day Think Kidneys presentationWorld Kidney Day Think Kidneys presentation
World Kidney Day Think Kidneys presentation
 
Hotel Background Music and Speaker Systems
Hotel Background Music and Speaker Systems Hotel Background Music and Speaker Systems
Hotel Background Music and Speaker Systems
 
Falar bem em público melhora o seu negócio?
Falar bem em público melhora o seu negócio?Falar bem em público melhora o seu negócio?
Falar bem em público melhora o seu negócio?
 

Similar to vip_day_2._1130_cloud

[CLASS 2014] Palestra Técnica - Fabio Rosa
[CLASS 2014] Palestra Técnica - Fabio Rosa[CLASS 2014] Palestra Técnica - Fabio Rosa
[CLASS 2014] Palestra Técnica - Fabio RosaTI Safe
 
Big Data & Security Have Collided - What Are You Going to do About It?
Big Data & Security Have Collided - What Are You Going to do About It?Big Data & Security Have Collided - What Are You Going to do About It?
Big Data & Security Have Collided - What Are You Going to do About It?EMC
 
Top 10 Database Threats
Top 10 Database ThreatsTop 10 Database Threats
Top 10 Database ThreatsImperva
 
Cisco IoT World Forum 2014: Airwatch Breakout Session
Cisco IoT World Forum 2014: Airwatch Breakout SessionCisco IoT World Forum 2014: Airwatch Breakout Session
Cisco IoT World Forum 2014: Airwatch Breakout SessionBasil Hashem
 
SCADA Security Webinar
SCADA Security WebinarSCADA Security Webinar
SCADA Security WebinarAVEVA
 
Rochester Security Event
Rochester Security EventRochester Security Event
Rochester Security Eventcalebbarlow
 
Segurity Empower Business
Segurity Empower BusinessSegurity Empower Business
Segurity Empower BusinessNextel S.A.
 
From SIEM to SA: The Path Forward
From SIEM to SA: The Path ForwardFrom SIEM to SA: The Path Forward
From SIEM to SA: The Path ForwardEMC
 
Best Practices for Log & Event Management
Best Practices for Log & Event ManagementBest Practices for Log & Event Management
Best Practices for Log & Event ManagementSolarWinds
 
Defending a decentralized grid: Talking an energy revolution from OMNETRIC
Defending a decentralized grid: Talking an energy revolution from OMNETRICDefending a decentralized grid: Talking an energy revolution from OMNETRIC
Defending a decentralized grid: Talking an energy revolution from OMNETRICOMNETRIC
 
APAC Partner Update: SolarWinds Security
APAC Partner Update: SolarWinds SecurityAPAC Partner Update: SolarWinds Security
APAC Partner Update: SolarWinds SecuritySolarWinds
 
APT Monitoring and Compliance
APT Monitoring and ComplianceAPT Monitoring and Compliance
APT Monitoring and ComplianceMarcus Clarke
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2SHOLOVE INTERNATIONAL LLC
 
How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...Community Protection Forum
 

Similar to vip_day_2._1130_cloud (20)

SC Magazine eSymposium: SIEM
SC Magazine eSymposium: SIEMSC Magazine eSymposium: SIEM
SC Magazine eSymposium: SIEM
 
[CLASS 2014] Palestra Técnica - Fabio Rosa
[CLASS 2014] Palestra Técnica - Fabio Rosa[CLASS 2014] Palestra Técnica - Fabio Rosa
[CLASS 2014] Palestra Técnica - Fabio Rosa
 
Big Data & Security Have Collided - What Are You Going to do About It?
Big Data & Security Have Collided - What Are You Going to do About It?Big Data & Security Have Collided - What Are You Going to do About It?
Big Data & Security Have Collided - What Are You Going to do About It?
 
Top 10 Database Threats
Top 10 Database ThreatsTop 10 Database Threats
Top 10 Database Threats
 
Cisco IoT World Forum 2014: Airwatch Breakout Session
Cisco IoT World Forum 2014: Airwatch Breakout SessionCisco IoT World Forum 2014: Airwatch Breakout Session
Cisco IoT World Forum 2014: Airwatch Breakout Session
 
SCADA Security Webinar
SCADA Security WebinarSCADA Security Webinar
SCADA Security Webinar
 
Rochester Security Event
Rochester Security EventRochester Security Event
Rochester Security Event
 
Segurity Empower Business
Segurity Empower BusinessSegurity Empower Business
Segurity Empower Business
 
From SIEM to SA: The Path Forward
From SIEM to SA: The Path ForwardFrom SIEM to SA: The Path Forward
From SIEM to SA: The Path Forward
 
Best Practices for Log & Event Management
Best Practices for Log & Event ManagementBest Practices for Log & Event Management
Best Practices for Log & Event Management
 
Defending a decentralized grid: Talking an energy revolution from OMNETRIC
Defending a decentralized grid: Talking an energy revolution from OMNETRICDefending a decentralized grid: Talking an energy revolution from OMNETRIC
Defending a decentralized grid: Talking an energy revolution from OMNETRIC
 
APAC Partner Update: SolarWinds Security
APAC Partner Update: SolarWinds SecurityAPAC Partner Update: SolarWinds Security
APAC Partner Update: SolarWinds Security
 
Internet
InternetInternet
Internet
 
expert tips
expert tipsexpert tips
expert tips
 
Ten Expert Tips on Internet of Things Security
Ten Expert Tips on Internet of Things SecurityTen Expert Tips on Internet of Things Security
Ten Expert Tips on Internet of Things Security
 
APT Monitoring and Compliance
APT Monitoring and ComplianceAPT Monitoring and Compliance
APT Monitoring and Compliance
 
Challenges2013
Challenges2013Challenges2013
Challenges2013
 
Portfolio security, analytics and forensic blue coat
Portfolio security, analytics and forensic blue coatPortfolio security, analytics and forensic blue coat
Portfolio security, analytics and forensic blue coat
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2
 
How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...
 

vip_day_2._1130_cloud

  • 1. © Copyright 2013 EMC Corporation. All rights reserved. 1 UNLOCKING THE FUTURE ENTERPRISE 2013 The session is about to commence. Please switch your phone to silent!
  • 2. © Copyright 2013 EMC Corporation. All rights reserved. 2 UNLOCKING THE FUTURE ENTERPRISE 2013 Defend with Confidence Against Advanced Threats Nicholas Chia SE Manager, SEA RSA
  • 3. © Copyright 2013 EMC Corporation. All rights reserved. 3 UNLOCKING THE FUTURE ENTERPRISE 2013 TRUST? Years to earn, seconds to break
  • 4. © Copyright 2013 EMC Corporation. All rights reserved. 4 UNLOCKING THE FUTURE ENTERPRISE 2013 Market Disruptors Infrastructure Transformation Mobile Cloud Less control over access device and back-end infrastructure Threat Landscape Transformation APTs Sophisticated Fraud Fundamentally different tactics, more formidable than ever Business Transformation More hyper-extended, more digital Extended Workforce Networked Value Chains Big Data
  • 5. © Copyright 2013 EMC Corporation. All rights reserved. 5 UNLOCKING THE FUTURE ENTERPRISE 2013 Speed Response Time 2 Decrease Dwell Time 1 TIME Attack Identified Response System Intrusion Attack Begins Cover-Up Complete Advanced Threats Are Different Cover-Up Discovery Leap Frog Attacks 1 TARGETED SPECIFIC OBJECTIVE STEALTHY LOW AND SLOW 2 3 INTERACTIVE HUMAN INVOLVEMENT Dwell Time Response Time
  • 6. © Copyright 2013 EMC Corporation. All rights reserved. 6 UNLOCKING THE FUTURE ENTERPRISE 2013 CRIMINALS Unsophisticated, but noisy Organized, sophisticated supply chains (PII, PCI, financial services, retail) Organized crime Petty criminals NON-STATE ACTORS Various reasons, including collaboration with the enemy Political targets of opportunity, mass disruption, mercenary Cyber-terrorists / Hacktivists Insiders NATION STATE ACTORS Government, defense industrial base, IP rich organizations, waterholes Nation states Who Are you Dealing with?
  • 7. © Copyright 2013 EMC Corporation. All rights reserved. 7 UNLOCKING THE FUTURE ENTERPRISE 2013 Organisations view of their security Prevention FTW!!!!
  • 8. © Copyright 2013 EMC Corporation. All rights reserved. 8 UNLOCKING THE FUTURE ENTERPRISE 2013 What It Looks Like to the Advance Adversaries loopholes loopholes
  • 9. © Copyright 2013 EMC Corporation. All rights reserved. 9 UNLOCKING THE FUTURE ENTERPRISE 2013
  • 10. © Copyright 2013 EMC Corporation. All rights reserved. 10 UNLOCKING THE FUTURE ENTERPRISE 2013 INCIDENT RESPONSE It starts with identifying the incident
  • 11. © Copyright 2013 EMC Corporation. All rights reserved. 11 UNLOCKING THE FUTURE ENTERPRISE 2013 Resource Shift: Budgets and People Today’s Priorities Prevention 80% Monitoring 15% Response 5% Prevention 33% Intelligence-Driven Security Monitoring 33% Response 33%
  • 12. © Copyright 2013 EMC Corporation. All rights reserved. 12 UNLOCKING THE FUTURE ENTERPRISE 2013
  • 13. © Copyright 2013 EMC Corporation. All rights reserved. 13 UNLOCKING THE FUTURE ENTERPRISE 2013 ALERT!!... Multiple indicators to escalate a potential incident Days of Investigation Completed In Hours Session Recreated To Investigate Incident Management Initiated 4 ●●●●●●●● PASSWORD Additional Context Answers More Questions
  • 14. © Copyright 2013 EMC Corporation. All rights reserved. 14 UNLOCKING THE FUTURE ENTERPRISE 2013 Shift Handoff SOC Manager Network Manager CISO Finance Legal Incident Process Threat Analysis Report KPIs Breach Process IT Handoff Centralize Alerts Measure Efficacy SOC Analyst Breach Coordinator HR IT Malware Analyst Threat Analyst SIEM DLP Network Visibility eFraud Host Visibility Security is Complex!
  • 15. © Copyright 2013 EMC Corporation. All rights reserved. 15 UNLOCKING THE FUTURE ENTERPRISE 2013 People : Advanced Cyber Defense Training
  • 16. © Copyright 2013 EMC Corporation. All rights reserved. 16 UNLOCKING THE FUTURE ENTERPRISE 2013 Incident Management Threat Intelligence Management Breach Management SOC Program Management IT Security Risk Management Process : RSA Security Operations User Personas Security Operations Management Persona Driven Design Business-driven Security Operations Management SOC Analysts L1 Analyst L2 Analyst Threat Intel Analyst SOC Management SOC Manager CISO/CSO Cross Functional Teams CIO Business Mgr. Privacy Officer Compliance Legal HR
  • 17. © Copyright 2013 EMC Corporation. All rights reserved. 17 UNLOCKING THE FUTURE ENTERPRISE 2013 TECHNOLOGY : Advanced Security Ops Center RSA Live Intelligence Threat Intelligence – Rules – Parsers – Alerts – Feeds – Apps – Directory Services – Reports and Custom Actions RSA Security Analytics SharePoint File Servers Databases NAS/SAN Endpoints RSA Data Discovery Enabled by RSA DLP RSA ECAT RSA Security Operations Management Windows Clients/Servers Asset Context Incident Management Vulnerability Risk Management Security Operations Management Capture Time Data Enrichment Distributed Data Collection LIVE LIVE
  • 18. © Copyright 2013 EMC Corporation. All rights reserved. 18 UNLOCKING THE FUTURE ENTERPRISE 2013 RSA Security Analytics Malware Analysis • Integrated workflow streams enables you to see the before, during and after an event • Allows customization of the analytical scoring logic
  • 19. © Copyright 2013 EMC Corporation. All rights reserved. 19 UNLOCKING THE FUTURE ENTERPRISE 2013 SHOW ME THE BIG DATA
  • 20. © Copyright 2013 EMC Corporation. All rights reserved. 20 UNLOCKING THE FUTURE ENTERPRISE 2013 Big Data Security Challenges 1. Big Data Infrastructure 2. Common Meta-Framework 3. Analytic Applications Packet collection & processing Log collection & processing Hadoop Ip.source src_ip Source_IP Ip-source COMMON META FRAME WORK HIVE PIG R MAHOUT HAWQ Analytic Application Machine Learning Predictive Analytics Neural Networks Database ETL ETL FAIL
  • 21. © Copyright 2013 EMC Corporation. All rights reserved. 21 UNLOCKING THE FUTURE ENTERPRISE 2013 BIG DATA Use Cases • Blacklist IP Generator – Identify new traffic that behaviorally consistent in traffic patterns to a known command-and-control IP • Social Network Analyzer – Discover closely clustered communication events that is known to be associated with infected unmanaged devices and dynamic command-and-control structure • Machine Generated Domain Detector – Measure readability of domain names to detect malware that uses domain generation algorithm
  • 22. © Copyright 2013 EMC Corporation. All rights reserved. 22 UNLOCKING THE FUTURE ENTERPRISE 2013 Comprehensive Visibility “See everything happening in my environment and normalize it” High Powered Analytics “Give me the speed and smarts to detect, investigate and prioritize potential threats” Big Data Infrastructure “Need a fast and scalable infrastructure to conduct real time and long term analysis” Today’s Security Requirements Integrated Intelligence “Help me understand what to look for and what others have discovered”
  • 23. © Copyright 2013 EMC Corporation. All rights reserved. 23 UNLOCKING THE FUTURE ENTERPRISE 2013 Nicholas.Chia@RSA.com