SlideShare a Scribd company logo

Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead

OpenDNS
OpenDNS

Practice makes perfect. And unfortunately for security professionals, attackers have realized that persistence is a powerful approach to breaching an organization's defenses. Focusing on prevention alone is no longer a sufficient strategy for securing your organization against the business risks of a breach. Our current security environment demands an approach less centered on ideal prevention and more focused on reality. During this webcast, we discussed key strategies that limit your risk and exposure to unrelenting threats. Some highlighted topics include: - How the shift in attacker motivations has impacted today's threat landscape - Why preventative techniques alone can no longer ensure a secure environment - Which strategies need to be considered for a holistic approach to security - What next steps you can take towards identifying your best strategy against attacks

Technology
1 of 33
Download to read offline
Key Strategies for the Challenges that Lie Ahead 1
Agenda 1 how the shift in motivations has impacted today’s threat landscape 3 2 why preventative techniques alone can no longer ensure a secure environment which strategies need to be considered for a holistic approach to security 4 next steps can you take towards identifying your best strategies against cyber-attacks 2
They Just Need to Be Effective Once. Any Time. 3
You Must Be Right and Fast All The Time. 4
Motivations Have Shifted & Converged 5
Motivations Have Shifted & Converged CYBERCRIME CYBERESPIONAGE CYBER- MANIPULATION CYBERMERCERNARY CYBERWARFARE CYBERTERRORISM HACKTIVISM 6
Targeted Attacks are More Pervasive, But Not Always Persistent Exponential Threats Every second… 9 1 new pieces of malware discovered new threats targeting SMBs Emboldened Attackers NIST’s Definition of APT: ü  “It pursues its objectives repeatedly over an extended period of time” ü  “It adapts to defenders’ efforts to resist it” ü  “It is determined to maintain the level of interaction needed to execute its objectives” 7 Sources: National Institute of Standards and Technology | Trend Micro, June 2013 | Peter Singer and Allan Friedman of the Brookings Institution
Customers Are Not Staying Ahead of The Attacks 39% are effective in preventing APTs 44% are effective in containing APTs 49% are effective in detecting APTs 8 APT survey by ICASA, Feb 2013 | State of Advanced Persistent Threats survey by Ponemon Institute, Dec 2013
Security Pros, Execs & The Board Know There’s a Problem, Just Not How To Solve It 96% security practitioners are at least somewhat familiar with APTs 53% security practitioners do not believe APTs differ from traditional threats AV & FW / IDS 13% non-IT execs are fully aware of APTs and their impact are the most used solutions to address APTs according to recent surveys by ICASA and Ponemon 9 APT survey by ICASA, Feb 2013 | State of Advanced Persistent Threats survey by Ponemon Institute, Dec 2013
Exploits and Malware Evolve and Evade Current Solutions 76% evade prevention by AV 72% evade detection by IDS 56% evade detection or containment by endpoint -based sandboxes “While these controls are proficient for defending against traditional attacks, they are probably not as suited for preventing APTs” -- ICASA 10 State of Advanced Persistent Threats survey by Ponemon Institute, Dec 2013
Let’s Stop The Insanity Stop Reacting So-called “best-of-breed” solutions are failing to stop sophisticated cyberattackers, and the latest "magic box” is not going to outsmart them Start Thinking Deeply & Acting Broadly ü  Analyze our risks: who will attack us, why & where? ü  Assess our investments: are we measuring their success? ü  Craft a multi-tiered strategy 11
Predictive Defense & Prevention Reduce the risk of security breaches by: ü  Reducing the attack surface ü  Layering threat protection 12
Implement The “Least Privilege” Principle But ultimately, what enables the breach is by exploiting trust Systems may be exploited via phishing user credentials or software vulnerabilities 13
SMBs Become The New Trojan Horse In A Supply Chain Attack Why storm the castle walls, when you can be invited in. 36% of targeted attacks impact SMBs as of 1H2012; 2x more than in 2011 14 Source: Symantec
Best Practices Aren’t Always Practical and They’re Never Enough 75% 65% hadn’t deployed viable patches due to the cost of downtime used apps with a known vulnerability but without a viable patch 64% 31% 52% used apps with a known vulnerability and hadn’t deployed a viable patch believed patching effectively stopped most opportunistic attacks believed patching effectively stopped most targeted attacks 15 APT survey by ICASA, Feb 2013 | State of Advanced Persistent Threats survey by Ponemon Institute, Dec 2013
Implement Security Enforcement On and Off Network 52% say you can’t solely protect networks against adv. malware, must also protect endpoints 16 Sources: APT survey by ICASA, Feb 2013 | State of Advanced Persistent Threats survey by Ponemon Institute, Dec 2013
Implement Security Enforcement On and Off Network 52% 51% use endpointbased sandboxing technologies report that its difficult to manage 43% report that it negatively affects UX 17 Sources: APT survey by ICASA, Feb 2013 | State of Advanced Persistent Threats survey by Ponemon Institute, Dec 2013
Implement Security Enforcement On and Off Network 18 Sources: APT survey by ICASA, Feb 2013 | State of Advanced Persistent Threats survey by Ponemon Institute, Dec 2013
Quick Detection & Containment 65% believe you can’t prevent adv. malware from infecting networks & devices; focus more on detection vs. prevention Reduce the impact of security breaches by: ü  Obtaining coverage and visibility ü  Monitoring network activity ü  Sharing security intelligence Sources: APT survey by ICASA, Feb 2013 | State of Advanced Persistent Threats survey by Ponemon Institute, Dec 2013 19
Obtain Coverage & Visibility Get an eye in the sky to see everything that accesses your data and infrastructure 20
Monitor Network Activity Establish a baseline to detect anomalous patterns 21
Share Security Intelligence Forewarned is Forearmed 22
Proactive Education & Complication Increase the effort required to breach security by: ü  Raising security awareness ü  Employing mitigation methods
Raise Security Awareness 24
Employ Mitigation Methods Confusing attackers, may keep less determined attackers at bay 25
Realign Your Security Investments 1.  Given the nature of your organization, why would you be attacked? 7.  Have you taken measures to reduce your overall attack surface? 2.  Which of your assets align to attacker motives? 8.  Have you applied consistently high security standards throughout your organization? 3.  Where are the vulnerabilities among your assets, supply chain vendors, partners, services providers and customers? 9.  Do you have visibility into cloud and DNS activity that could affect your network, your system, your data? 4.  How secure are your assets in the cloud or on the devices your employees use? 10.  Have you made sufficient investments in education and training among your employees and partners? 5.  How might these vulnerabilities be exploited? 11.  Based on your assessments of the above, which tactics/techniques would be most likely to minimize and/or mitigate the impact of an attack? 6.  What preventive tactics are currently in place and how effective are they? “Before we know about any new virus, somebody has to be a sacrificial lamb and die and tell us about it. It's an awful way of doing things.” -- CTO of McAfee’s Endpoint Solution Division 26
Enterprise Threat Protection. Unlike Any Other. 27
The World’s Leader for Cloud-Delivered Network Security Threat Protection Beyond DNS July 2013 Data Analytics Predict Threats February 2013 Customers 10,000+ Businesses Fully-Staffed Security Research Team December 2012 Network Security Beyond the Perimeter November 2012 Secures Over 50M Daily-Active Users May 2012 Partners with Threat Feed Providers September 2009 First Anti-Phishing Clearinghouse October 2006 we're World’s Largest Internet Security Network July 2006 Employees Investors 160+ Across San Francisco & Vancouver Greylock Sequoia Sutter Hill 28
Acquires data from 2% of the Internet AMERICAS 1M+ events per second 50M+ daily-active users 160+ countries 22 data centers EUROPE, MIDDLE EAST & AFRICA ASIA-PACIFIC (and more coming) 29
Connect with confidence. Anywhere. Anytime. On any device. Every day, we block 80M+ security events over •  any port •  any protocol •  any app 30
Predictive security. Panoramic visibility. Enforcement everywhere. Service Security Graph Umbrella Platform intelligence enforcement Purpose predict threats before they happen using big data analytics prevents infections or contains breaches on or beyond the network Manageability 0: net new latency 100%: global network uptime <30min: to complete provisioning <1min: to update actionable intelligence 0: maintenance required to keep up to date 31
Them: Catch up. Us: Evolve. Them Us network-centric cloud-centric ponderous nimble reactive proactive need evidence see patterns fragmented holistic 32
•  Leverage the World’s largest Internet security network to block threats no other vendor covers. •  Set up our free, instant trial in under 30 minutes. OpenDNS Connect with confidence. 33

Recommended

Hexis Cybersecurity Mission Possible: Taming Rogue Ghost Alerts
Hexis Cybersecurity Mission Possible: Taming Rogue Ghost AlertsHexis Cybersecurity Mission Possible: Taming Rogue Ghost Alerts
Hexis Cybersecurity Mission Possible: Taming Rogue Ghost AlertsHexis Cyber Solutions
 
CounterTack: 10 Experts on Active Threat Management
CounterTack: 10 Experts on Active Threat ManagementCounterTack: 10 Experts on Active Threat Management
CounterTack: 10 Experts on Active Threat ManagementMighty Guides, Inc.
 
Best Practice Next-Generation Vulnerability Management to Identify Threats, ...
Best Practice Next-Generation Vulnerability Management to Identify Threats, ... Best Practice Next-Generation Vulnerability Management to Identify Threats, ...
Best Practice Next-Generation Vulnerability Management to Identify Threats, ...Skybox Security
 
Complete network security protection for sme's within limited resources
Complete network security protection for sme's within limited resourcesComplete network security protection for sme's within limited resources
Complete network security protection for sme's within limited resourcesIJNSA Journal
 
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingProactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingCrowdStrike
 
Evolving Cybersecurity Threats
Evolving Cybersecurity Threats Evolving Cybersecurity Threats
Evolving Cybersecurity Threats Nevada County Tech Connection
 
Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...
Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...
Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...Mighty Guides, Inc.
 
Introduction to MicroSolved, Inc.
Introduction to MicroSolved, Inc.Introduction to MicroSolved, Inc.
Introduction to MicroSolved, Inc.MRMaguire
 

Recommended

Hexis Cybersecurity Mission Possible: Taming Rogue Ghost Alerts
Hexis Cybersecurity Mission Possible: Taming Rogue Ghost AlertsHexis Cybersecurity Mission Possible: Taming Rogue Ghost Alerts
Hexis Cybersecurity Mission Possible: Taming Rogue Ghost AlertsHexis Cyber Solutions
 
CounterTack: 10 Experts on Active Threat Management
CounterTack: 10 Experts on Active Threat ManagementCounterTack: 10 Experts on Active Threat Management
CounterTack: 10 Experts on Active Threat ManagementMighty Guides, Inc.
 
Best Practice Next-Generation Vulnerability Management to Identify Threats, ...
Best Practice Next-Generation Vulnerability Management to Identify Threats, ... Best Practice Next-Generation Vulnerability Management to Identify Threats, ...
Best Practice Next-Generation Vulnerability Management to Identify Threats, ...Skybox Security
 
Complete network security protection for sme's within limited resources
Complete network security protection for sme's within limited resourcesComplete network security protection for sme's within limited resources
Complete network security protection for sme's within limited resourcesIJNSA Journal
 
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingProactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingCrowdStrike
 
Evolving Cybersecurity Threats
Evolving Cybersecurity Threats Evolving Cybersecurity Threats
Evolving Cybersecurity Threats Nevada County Tech Connection
 
Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...
Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...
Using Security Metrics to Drive Action in Asia Pacific - 22 Experts Share How...Mighty Guides, Inc.
 
Introduction to MicroSolved, Inc.
Introduction to MicroSolved, Inc.Introduction to MicroSolved, Inc.
Introduction to MicroSolved, Inc.MRMaguire
 
Collaborated cyber defense in pandemic times
Collaborated cyber defense in pandemic times Collaborated cyber defense in pandemic times
Collaborated cyber defense in pandemic times Denise Bailey
 
Endpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesEndpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesLiberteks
 
Pitfalls of Cyber Data
Pitfalls of Cyber DataPitfalls of Cyber Data
Pitfalls of Cyber DataPhil Huggins FBCS CITP
 
Security Analytics Beyond Cyber
Security Analytics Beyond CyberSecurity Analytics Beyond Cyber
Security Analytics Beyond CyberPhil Huggins FBCS CITP
 
Threat Hunting
Threat HuntingThreat Hunting
Threat HuntingSplunk
 
A_New_Perspective_Whitepaper_05122015
A_New_Perspective_Whitepaper_05122015A_New_Perspective_Whitepaper_05122015
A_New_Perspective_Whitepaper_05122015Scott Van Valkenburgh
 
The 2018 Threatscape
The 2018 ThreatscapeThe 2018 Threatscape
The 2018 ThreatscapePeter Wood
 
Symantec cyber-resilience
Symantec cyber-resilienceSymantec cyber-resilience
Symantec cyber-resilienceSymantec
 
Priming your digital immune system: Cybersecurity in the cognitive era
Priming your digital immune system: Cybersecurity in the cognitive eraPriming your digital immune system: Cybersecurity in the cognitive era
Priming your digital immune system: Cybersecurity in the cognitive eraLuke Farrell
 
ISF Congress 2016 - Session 7.2_Kukreja
ISF Congress 2016 - Session 7.2_KukrejaISF Congress 2016 - Session 7.2_Kukreja
ISF Congress 2016 - Session 7.2_KukrejaPuneet Kukreja
 
A recommendation for software development responses for future
A recommendation for software development responses for futureA recommendation for software development responses for future
A recommendation for software development responses for futureMax Justice
 
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...Lancope, Inc.
 
OSB340R: Disrupting an Advanced Attack
OSB340R: Disrupting an Advanced AttackOSB340R: Disrupting an Advanced Attack
OSB340R: Disrupting an Advanced AttackIvanti
 
OSB340: Disrupting an Advanced Attack
OSB340: Disrupting an Advanced AttackOSB340: Disrupting an Advanced Attack
OSB340: Disrupting an Advanced AttackIvanti
 
Security Metrics Rehab: Breaking Free from Top ‘X’ Lists, Cultivating Organic...
Security Metrics Rehab: Breaking Free from Top ‘X’ Lists, Cultivating Organic...Security Metrics Rehab: Breaking Free from Top ‘X’ Lists, Cultivating Organic...
Security Metrics Rehab: Breaking Free from Top ‘X’ Lists, Cultivating Organic...EC-Council
 
Sample Incident Response Plan
Sample Incident Response PlanSample Incident Response Plan
Sample Incident Response PlanMatthew J McMahon
 
Ivan dragas get ahead of cybercrime
Ivan dragas get ahead of cybercrimeIvan dragas get ahead of cybercrime
Ivan dragas get ahead of cybercrimeDejan Jeremic
 
React Faster and Better: New Approaches for Advanced Incident Response
React Faster and Better: New Approaches for Advanced Incident ResponseReact Faster and Better: New Approaches for Advanced Incident Response
React Faster and Better: New Approaches for Advanced Incident ResponseSilvioPappalardo
 
OFFENSIVE IDS
OFFENSIVE IDSOFFENSIVE IDS
OFFENSIVE IDSSylvain Martinez
 
The Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOSThe Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOSPriyanka Aash
 
Strategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksStrategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksMatthew Rosenquist
 
McAfee Labs 2017 Threats Predictions
McAfee Labs 2017 Threats PredictionsMcAfee Labs 2017 Threats Predictions
McAfee Labs 2017 Threats PredictionsMatthew Rosenquist
 

More Related Content

What's hot

Collaborated cyber defense in pandemic times
Collaborated cyber defense in pandemic times Collaborated cyber defense in pandemic times
Collaborated cyber defense in pandemic times Denise Bailey
 
Endpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesEndpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesLiberteks
 
Threat Hunting
Threat HuntingThreat Hunting
Threat HuntingSplunk
 
A_New_Perspective_Whitepaper_05122015
A_New_Perspective_Whitepaper_05122015A_New_Perspective_Whitepaper_05122015
A_New_Perspective_Whitepaper_05122015Scott Van Valkenburgh
 
The 2018 Threatscape
The 2018 ThreatscapeThe 2018 Threatscape
The 2018 ThreatscapePeter Wood
 
Symantec cyber-resilience
Symantec cyber-resilienceSymantec cyber-resilience
Symantec cyber-resilienceSymantec
 
Priming your digital immune system: Cybersecurity in the cognitive era
Priming your digital immune system: Cybersecurity in the cognitive eraPriming your digital immune system: Cybersecurity in the cognitive era
Priming your digital immune system: Cybersecurity in the cognitive eraLuke Farrell
 
ISF Congress 2016 - Session 7.2_Kukreja
ISF Congress 2016 - Session 7.2_KukrejaISF Congress 2016 - Session 7.2_Kukreja
ISF Congress 2016 - Session 7.2_KukrejaPuneet Kukreja
 
A recommendation for software development responses for future
A recommendation for software development responses for futureA recommendation for software development responses for future
A recommendation for software development responses for futureMax Justice
 
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...Lancope, Inc.
 
OSB340R: Disrupting an Advanced Attack
OSB340R: Disrupting an Advanced AttackOSB340R: Disrupting an Advanced Attack
OSB340R: Disrupting an Advanced AttackIvanti
 
OSB340: Disrupting an Advanced Attack
OSB340: Disrupting an Advanced AttackOSB340: Disrupting an Advanced Attack
OSB340: Disrupting an Advanced AttackIvanti
 
Security Metrics Rehab: Breaking Free from Top ‘X’ Lists, Cultivating Organic...
Security Metrics Rehab: Breaking Free from Top ‘X’ Lists, Cultivating Organic...Security Metrics Rehab: Breaking Free from Top ‘X’ Lists, Cultivating Organic...
Security Metrics Rehab: Breaking Free from Top ‘X’ Lists, Cultivating Organic...EC-Council
 
Sample Incident Response Plan
Sample Incident Response PlanSample Incident Response Plan
Sample Incident Response PlanMatthew J McMahon
 
Ivan dragas get ahead of cybercrime
Ivan dragas get ahead of cybercrimeIvan dragas get ahead of cybercrime
Ivan dragas get ahead of cybercrimeDejan Jeremic
 
React Faster and Better: New Approaches for Advanced Incident Response
React Faster and Better: New Approaches for Advanced Incident ResponseReact Faster and Better: New Approaches for Advanced Incident Response
React Faster and Better: New Approaches for Advanced Incident ResponseSilvioPappalardo
 
The Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOSThe Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOSPriyanka Aash
 

What's hot (20)

Collaborated cyber defense in pandemic times
Collaborated cyber defense in pandemic times Collaborated cyber defense in pandemic times
Collaborated cyber defense in pandemic times
 
Endpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesEndpoint Detection and Response for Dummies
Endpoint Detection and Response for Dummies
 
Pitfalls of Cyber Data
Pitfalls of Cyber DataPitfalls of Cyber Data
Pitfalls of Cyber Data
 
Security Analytics Beyond Cyber
Security Analytics Beyond CyberSecurity Analytics Beyond Cyber
Security Analytics Beyond Cyber
 
Threat Hunting
Threat HuntingThreat Hunting
Threat Hunting
 
A_New_Perspective_Whitepaper_05122015
A_New_Perspective_Whitepaper_05122015A_New_Perspective_Whitepaper_05122015
A_New_Perspective_Whitepaper_05122015
 
The 2018 Threatscape
The 2018 ThreatscapeThe 2018 Threatscape
The 2018 Threatscape
 
Symantec cyber-resilience
Symantec cyber-resilienceSymantec cyber-resilience
Symantec cyber-resilience
 
Priming your digital immune system: Cybersecurity in the cognitive era
Priming your digital immune system: Cybersecurity in the cognitive eraPriming your digital immune system: Cybersecurity in the cognitive era
Priming your digital immune system: Cybersecurity in the cognitive era
 
ISF Congress 2016 - Session 7.2_Kukreja
ISF Congress 2016 - Session 7.2_KukrejaISF Congress 2016 - Session 7.2_Kukreja
ISF Congress 2016 - Session 7.2_Kukreja
 
A recommendation for software development responses for future
A recommendation for software development responses for futureA recommendation for software development responses for future
A recommendation for software development responses for future
 
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
 
OSB340R: Disrupting an Advanced Attack
OSB340R: Disrupting an Advanced AttackOSB340R: Disrupting an Advanced Attack
OSB340R: Disrupting an Advanced Attack
 
OSB340: Disrupting an Advanced Attack
OSB340: Disrupting an Advanced AttackOSB340: Disrupting an Advanced Attack
OSB340: Disrupting an Advanced Attack
 
Security Metrics Rehab: Breaking Free from Top ‘X’ Lists, Cultivating Organic...
Security Metrics Rehab: Breaking Free from Top ‘X’ Lists, Cultivating Organic...Security Metrics Rehab: Breaking Free from Top ‘X’ Lists, Cultivating Organic...
Security Metrics Rehab: Breaking Free from Top ‘X’ Lists, Cultivating Organic...
 
Sample Incident Response Plan
Sample Incident Response PlanSample Incident Response Plan
Sample Incident Response Plan
 
Ivan dragas get ahead of cybercrime
Ivan dragas get ahead of cybercrimeIvan dragas get ahead of cybercrime
Ivan dragas get ahead of cybercrime
 
React Faster and Better: New Approaches for Advanced Incident Response
React Faster and Better: New Approaches for Advanced Incident ResponseReact Faster and Better: New Approaches for Advanced Incident Response
React Faster and Better: New Approaches for Advanced Incident Response
 
OFFENSIVE IDS
OFFENSIVE IDSOFFENSIVE IDS
OFFENSIVE IDS
 
The Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOSThe Incident Response Playbook for Android and iOS
The Incident Response Playbook for Android and iOS
 

Similar to Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead

Strategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksStrategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksMatthew Rosenquist
 
McAfee Labs 2017 Threats Predictions
McAfee Labs 2017 Threats PredictionsMcAfee Labs 2017 Threats Predictions
McAfee Labs 2017 Threats PredictionsMatthew Rosenquist
 
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018Panda Security
 
Defending Against Advanced Threats-Addressing the Cyber Kill Chain_FINAL
Defending Against Advanced Threats-Addressing the Cyber Kill Chain_FINALDefending Against Advanced Threats-Addressing the Cyber Kill Chain_FINAL
Defending Against Advanced Threats-Addressing the Cyber Kill Chain_FINALMichael Bunn
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Security
 
Threat_intelligence_Handbook
Threat_intelligence_HandbookThreat_intelligence_Handbook
Threat_intelligence_HandbookBruno Rafael
 
LogRhythm_-_Modern_Cyber_Threat_Pandemic.pptx
LogRhythm_-_Modern_Cyber_Threat_Pandemic.pptxLogRhythm_-_Modern_Cyber_Threat_Pandemic.pptx
LogRhythm_-_Modern_Cyber_Threat_Pandemic.pptxCNSHacking
 
OSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the UnionOSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the UnionIvanti
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperCMR WORLD TECH
 
Cyber Security Audit.pdf
Cyber Security Audit.pdfCyber Security Audit.pdf
Cyber Security Audit.pdfVograce
 
Darktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_finalDarktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_finalJerome Chapolard
 
Proactive Security - Principled Aspiration or Marketing Buzzword?
Proactive Security - Principled Aspiration or Marketing Buzzword?Proactive Security - Principled Aspiration or Marketing Buzzword?
Proactive Security - Principled Aspiration or Marketing Buzzword?nathan816428
 
Cisco Yıllık Güvenlik Raporu 2015
Cisco Yıllık Güvenlik Raporu 2015Cisco Yıllık Güvenlik Raporu 2015
Cisco Yıllık Güvenlik Raporu 2015Marketing Türkiye
 
Assess risks to IT security.pptx
Assess risks to IT security.pptxAssess risks to IT security.pptx
Assess risks to IT security.pptxlochanrajdahal
 
CROs must be part of the cybersecurity solution by david x martin
CROs must be part of the cybersecurity solution by david x martinCROs must be part of the cybersecurity solution by david x martin
CROs must be part of the cybersecurity solution by david x martinDavid X Martin
 
What i learned at issa international summit 2019
What i learned at issa international summit 2019What i learned at issa international summit 2019
What i learned at issa international summit 2019Ulf Mattsson
 
201408 fire eye korea user event press roundtable
201408 fire eye korea user event press roundtable201408 fire eye korea user event press roundtable
201408 fire eye korea user event press roundtableJunSeok Seo
 
Guide to high volume data sources for SIEM
Guide to high volume data sources for SIEMGuide to high volume data sources for SIEM
Guide to high volume data sources for SIEMJoseph DeFever
 

Similar to Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead (20)

Strategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksStrategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity Risks
 
McAfee Labs 2017 Threats Predictions
McAfee Labs 2017 Threats PredictionsMcAfee Labs 2017 Threats Predictions
McAfee Labs 2017 Threats Predictions
 
Cisco - See Everything, Secure Everything
Cisco - See Everything, Secure EverythingCisco - See Everything, Secure Everything
Cisco - See Everything, Secure Everything
 
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
 
Defending Against Advanced Threats-Addressing the Cyber Kill Chain_FINAL
Defending Against Advanced Threats-Addressing the Cyber Kill Chain_FINALDefending Against Advanced Threats-Addressing the Cyber Kill Chain_FINAL
Defending Against Advanced Threats-Addressing the Cyber Kill Chain_FINAL
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack Continuum
 
Threat_intelligence_Handbook
Threat_intelligence_HandbookThreat_intelligence_Handbook
Threat_intelligence_Handbook
 
LogRhythm_-_Modern_Cyber_Threat_Pandemic.pptx
LogRhythm_-_Modern_Cyber_Threat_Pandemic.pptxLogRhythm_-_Modern_Cyber_Threat_Pandemic.pptx
LogRhythm_-_Modern_Cyber_Threat_Pandemic.pptx
 
OSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the UnionOSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the Union
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
 
Cyber Security Audit.pdf
Cyber Security Audit.pdfCyber Security Audit.pdf
Cyber Security Audit.pdf
 
Darktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_finalDarktrace_WhitePaper_Needle_final
Darktrace_WhitePaper_Needle_final
 
Proactive Security - Principled Aspiration or Marketing Buzzword?
Proactive Security - Principled Aspiration or Marketing Buzzword?Proactive Security - Principled Aspiration or Marketing Buzzword?
Proactive Security - Principled Aspiration or Marketing Buzzword?
 
Cisco Yıllık Güvenlik Raporu 2015
Cisco Yıllık Güvenlik Raporu 2015Cisco Yıllık Güvenlik Raporu 2015
Cisco Yıllık Güvenlik Raporu 2015
 
Assess risks to IT security.pptx
Assess risks to IT security.pptxAssess risks to IT security.pptx
Assess risks to IT security.pptx
 
CROs must be part of the cybersecurity solution by david x martin
CROs must be part of the cybersecurity solution by david x martinCROs must be part of the cybersecurity solution by david x martin
CROs must be part of the cybersecurity solution by david x martin
 
University-of-Miami_MEDINA
University-of-Miami_MEDINAUniversity-of-Miami_MEDINA
University-of-Miami_MEDINA
 
What i learned at issa international summit 2019
What i learned at issa international summit 2019What i learned at issa international summit 2019
What i learned at issa international summit 2019
 
201408 fire eye korea user event press roundtable
201408 fire eye korea user event press roundtable201408 fire eye korea user event press roundtable
201408 fire eye korea user event press roundtable
 
Guide to high volume data sources for SIEM
Guide to high volume data sources for SIEMGuide to high volume data sources for SIEM
Guide to high volume data sources for SIEM
 

More from OpenDNS

New DNS Traffic Analysis Techniques to Identify Global Internet Threats
New DNS Traffic Analysis Techniques to Identify Global Internet ThreatsNew DNS Traffic Analysis Techniques to Identify Global Internet Threats
New DNS Traffic Analysis Techniques to Identify Global Internet ThreatsOpenDNS
 
Blackhat USA 2015: BGP Stream Presentation
Blackhat USA 2015: BGP Stream PresentationBlackhat USA 2015: BGP Stream Presentation
Blackhat USA 2015: BGP Stream PresentationOpenDNS
 
What Happens Before the Kill Chain
What Happens Before the Kill Chain What Happens Before the Kill Chain
What Happens Before the Kill Chain OpenDNS
 
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...OpenDNS
 
Highly Available Docker Networking With BGP
Highly Available Docker Networking With BGPHighly Available Docker Networking With BGP
Highly Available Docker Networking With BGPOpenDNS
 
One Phish, Two Phish, Red Phish, Your Account Details Just Got Stolen
One Phish, Two Phish, Red Phish, Your Account Details Just Got StolenOne Phish, Two Phish, Red Phish, Your Account Details Just Got Stolen
One Phish, Two Phish, Red Phish, Your Account Details Just Got StolenOpenDNS
 
Security Ninjas: An Open Source Application Security Training Program
Security Ninjas: An Open Source Application Security Training ProgramSecurity Ninjas: An Open Source Application Security Training Program
Security Ninjas: An Open Source Application Security Training ProgramOpenDNS
 
Infrastructure Tracking with Passive Monitoring and Active Probing: ShmooCon ...
Infrastructure Tracking with Passive Monitoring and Active Probing: ShmooCon ...Infrastructure Tracking with Passive Monitoring and Active Probing: ShmooCon ...
Infrastructure Tracking with Passive Monitoring and Active Probing: ShmooCon ...OpenDNS
 
OpenDNS CTO Dan Hubbard VizSec 2014 Keynote Slides
OpenDNS CTO Dan Hubbard VizSec 2014 Keynote SlidesOpenDNS CTO Dan Hubbard VizSec 2014 Keynote Slides
OpenDNS CTO Dan Hubbard VizSec 2014 Keynote SlidesOpenDNS
 
Standardizing and Strengthening Security to Lower Costs
Standardizing and Strengthening Security to Lower CostsStandardizing and Strengthening Security to Lower Costs
Standardizing and Strengthening Security to Lower CostsOpenDNS
 
Docker at OpenDNS
Docker at OpenDNSDocker at OpenDNS
Docker at OpenDNSOpenDNS
 
IP Routing, AWS, and Docker
IP Routing, AWS, and DockerIP Routing, AWS, and Docker
IP Routing, AWS, and DockerOpenDNS
 
Marauder or Scanning Your DNSDB for Fun and Profit - SOURCE Boston
Marauder or Scanning Your DNSDB for Fun and Profit - SOURCE BostonMarauder or Scanning Your DNSDB for Fun and Profit - SOURCE Boston
Marauder or Scanning Your DNSDB for Fun and Profit - SOURCE BostonOpenDNS
 
Network Security: A Four Point Analysis of Appliances vs. the Cloud
Network Security: A Four Point Analysis of Appliances vs. the CloudNetwork Security: A Four Point Analysis of Appliances vs. the Cloud
Network Security: A Four Point Analysis of Appliances vs. the CloudOpenDNS
 
CanSecWest 2014 Presentation: "Intelligent Use of Intelligence: Design to Dis...
CanSecWest 2014 Presentation: "Intelligent Use of Intelligence: Design to Dis...CanSecWest 2014 Presentation: "Intelligent Use of Intelligence: Design to Dis...
CanSecWest 2014 Presentation: "Intelligent Use of Intelligence: Design to Dis...OpenDNS
 
Speak Security: Under the Hood of the OpenDNS Security Research Labs with Dhi...
Speak Security: Under the Hood of the OpenDNS Security Research Labs with Dhi...Speak Security: Under the Hood of the OpenDNS Security Research Labs with Dhi...
Speak Security: Under the Hood of the OpenDNS Security Research Labs with Dhi...OpenDNS
 
Baythreat Cryptolocker Presentation
Baythreat Cryptolocker PresentationBaythreat Cryptolocker Presentation
Baythreat Cryptolocker PresentationOpenDNS
 
Cryptolocker Webcast
Cryptolocker WebcastCryptolocker Webcast
Cryptolocker WebcastOpenDNS
 
MSP Webcast - Leveraging Cloud Security to Become a Virtual CIO
MSP Webcast - Leveraging Cloud Security to Become a Virtual CIOMSP Webcast - Leveraging Cloud Security to Become a Virtual CIO
MSP Webcast - Leveraging Cloud Security to Become a Virtual CIOOpenDNS
 

More from OpenDNS (20)

New DNS Traffic Analysis Techniques to Identify Global Internet Threats
New DNS Traffic Analysis Techniques to Identify Global Internet ThreatsNew DNS Traffic Analysis Techniques to Identify Global Internet Threats
New DNS Traffic Analysis Techniques to Identify Global Internet Threats
 
Blackhat USA 2015: BGP Stream Presentation
Blackhat USA 2015: BGP Stream PresentationBlackhat USA 2015: BGP Stream Presentation
Blackhat USA 2015: BGP Stream Presentation
 
What Happens Before the Kill Chain
What Happens Before the Kill Chain What Happens Before the Kill Chain
What Happens Before the Kill Chain
 
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...
Using Algorithms to Brute Force Algorithms...A Journey Through Time and Names...
 
Highly Available Docker Networking With BGP
Highly Available Docker Networking With BGPHighly Available Docker Networking With BGP
Highly Available Docker Networking With BGP
 
One Phish, Two Phish, Red Phish, Your Account Details Just Got Stolen
One Phish, Two Phish, Red Phish, Your Account Details Just Got StolenOne Phish, Two Phish, Red Phish, Your Account Details Just Got Stolen
One Phish, Two Phish, Red Phish, Your Account Details Just Got Stolen
 
Security Ninjas: An Open Source Application Security Training Program
Security Ninjas: An Open Source Application Security Training ProgramSecurity Ninjas: An Open Source Application Security Training Program
Security Ninjas: An Open Source Application Security Training Program
 
Infrastructure Tracking with Passive Monitoring and Active Probing: ShmooCon ...
Infrastructure Tracking with Passive Monitoring and Active Probing: ShmooCon ...Infrastructure Tracking with Passive Monitoring and Active Probing: ShmooCon ...
Infrastructure Tracking with Passive Monitoring and Active Probing: ShmooCon ...
 
OpenDNS CTO Dan Hubbard VizSec 2014 Keynote Slides
OpenDNS CTO Dan Hubbard VizSec 2014 Keynote SlidesOpenDNS CTO Dan Hubbard VizSec 2014 Keynote Slides
OpenDNS CTO Dan Hubbard VizSec 2014 Keynote Slides
 
Standardizing and Strengthening Security to Lower Costs
Standardizing and Strengthening Security to Lower CostsStandardizing and Strengthening Security to Lower Costs
Standardizing and Strengthening Security to Lower Costs
 
Docker at OpenDNS
Docker at OpenDNSDocker at OpenDNS
Docker at OpenDNS
 
IP Routing, AWS, and Docker
IP Routing, AWS, and DockerIP Routing, AWS, and Docker
IP Routing, AWS, and Docker
 
Defcon
DefconDefcon
Defcon
 
Marauder or Scanning Your DNSDB for Fun and Profit - SOURCE Boston
Marauder or Scanning Your DNSDB for Fun and Profit - SOURCE BostonMarauder or Scanning Your DNSDB for Fun and Profit - SOURCE Boston
Marauder or Scanning Your DNSDB for Fun and Profit - SOURCE Boston
 
Network Security: A Four Point Analysis of Appliances vs. the Cloud
Network Security: A Four Point Analysis of Appliances vs. the CloudNetwork Security: A Four Point Analysis of Appliances vs. the Cloud
Network Security: A Four Point Analysis of Appliances vs. the Cloud
 
CanSecWest 2014 Presentation: "Intelligent Use of Intelligence: Design to Dis...
CanSecWest 2014 Presentation: "Intelligent Use of Intelligence: Design to Dis...CanSecWest 2014 Presentation: "Intelligent Use of Intelligence: Design to Dis...
CanSecWest 2014 Presentation: "Intelligent Use of Intelligence: Design to Dis...
 
Speak Security: Under the Hood of the OpenDNS Security Research Labs with Dhi...
Speak Security: Under the Hood of the OpenDNS Security Research Labs with Dhi...Speak Security: Under the Hood of the OpenDNS Security Research Labs with Dhi...
Speak Security: Under the Hood of the OpenDNS Security Research Labs with Dhi...
 
Baythreat Cryptolocker Presentation
Baythreat Cryptolocker PresentationBaythreat Cryptolocker Presentation
Baythreat Cryptolocker Presentation
 
Cryptolocker Webcast
Cryptolocker WebcastCryptolocker Webcast
Cryptolocker Webcast
 
MSP Webcast - Leveraging Cloud Security to Become a Virtual CIO
MSP Webcast - Leveraging Cloud Security to Become a Virtual CIOMSP Webcast - Leveraging Cloud Security to Become a Virtual CIO
MSP Webcast - Leveraging Cloud Security to Become a Virtual CIO
 

Recently uploaded

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 

Recently uploaded (20)

The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 

Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead

  • 1. Key Strategies for the Challenges that Lie Ahead 1
  • 2. Agenda 1 how the shift in motivations has impacted today’s threat landscape 3 2 why preventative techniques alone can no longer ensure a secure environment which strategies need to be considered for a holistic approach to security 4 next steps can you take towards identifying your best strategies against cyber-attacks 2
  • 3. They Just Need to Be Effective Once. Any Time. 3
  • 4. You Must Be Right and Fast All The Time. 4
  • 5. Motivations Have Shifted & Converged 5
  • 6. Motivations Have Shifted & Converged CYBERCRIME CYBERESPIONAGE CYBER- MANIPULATION CYBERMERCERNARY CYBERWARFARE CYBERTERRORISM HACKTIVISM 6
  • 7. Targeted Attacks are More Pervasive, But Not Always Persistent Exponential Threats Every second… 9 1 new pieces of malware discovered new threats targeting SMBs Emboldened Attackers NIST’s Definition of APT: ü  “It pursues its objectives repeatedly over an extended period of time” ü  “It adapts to defenders’ efforts to resist it” ü  “It is determined to maintain the level of interaction needed to execute its objectives” 7 Sources: National Institute of Standards and Technology | Trend Micro, June 2013 | Peter Singer and Allan Friedman of the Brookings Institution
  • 8. Customers Are Not Staying Ahead of The Attacks 39% are effective in preventing APTs 44% are effective in containing APTs 49% are effective in detecting APTs 8 APT survey by ICASA, Feb 2013 | State of Advanced Persistent Threats survey by Ponemon Institute, Dec 2013
  • 9. Security Pros, Execs & The Board Know There’s a Problem, Just Not How To Solve It 96% security practitioners are at least somewhat familiar with APTs 53% security practitioners do not believe APTs differ from traditional threats AV & FW / IDS 13% non-IT execs are fully aware of APTs and their impact are the most used solutions to address APTs according to recent surveys by ICASA and Ponemon 9 APT survey by ICASA, Feb 2013 | State of Advanced Persistent Threats survey by Ponemon Institute, Dec 2013
  • 10. Exploits and Malware Evolve and Evade Current Solutions 76% evade prevention by AV 72% evade detection by IDS 56% evade detection or containment by endpoint -based sandboxes “While these controls are proficient for defending against traditional attacks, they are probably not as suited for preventing APTs” -- ICASA 10 State of Advanced Persistent Threats survey by Ponemon Institute, Dec 2013
  • 11. Let’s Stop The Insanity Stop Reacting So-called “best-of-breed” solutions are failing to stop sophisticated cyberattackers, and the latest "magic box” is not going to outsmart them Start Thinking Deeply & Acting Broadly ü  Analyze our risks: who will attack us, why & where? ü  Assess our investments: are we measuring their success? ü  Craft a multi-tiered strategy 11
  • 12. Predictive Defense & Prevention Reduce the risk of security breaches by: ü  Reducing the attack surface ü  Layering threat protection 12
  • 13. Implement The “Least Privilege” Principle But ultimately, what enables the breach is by exploiting trust Systems may be exploited via phishing user credentials or software vulnerabilities 13
  • 14. SMBs Become The New Trojan Horse In A Supply Chain Attack Why storm the castle walls, when you can be invited in. 36% of targeted attacks impact SMBs as of 1H2012; 2x more than in 2011 14 Source: Symantec
  • 15. Best Practices Aren’t Always Practical and They’re Never Enough 75% 65% hadn’t deployed viable patches due to the cost of downtime used apps with a known vulnerability but without a viable patch 64% 31% 52% used apps with a known vulnerability and hadn’t deployed a viable patch believed patching effectively stopped most opportunistic attacks believed patching effectively stopped most targeted attacks 15 APT survey by ICASA, Feb 2013 | State of Advanced Persistent Threats survey by Ponemon Institute, Dec 2013
  • 16. Implement Security Enforcement On and Off Network 52% say you can’t solely protect networks against adv. malware, must also protect endpoints 16 Sources: APT survey by ICASA, Feb 2013 | State of Advanced Persistent Threats survey by Ponemon Institute, Dec 2013
  • 17. Implement Security Enforcement On and Off Network 52% 51% use endpointbased sandboxing technologies report that its difficult to manage 43% report that it negatively affects UX 17 Sources: APT survey by ICASA, Feb 2013 | State of Advanced Persistent Threats survey by Ponemon Institute, Dec 2013
  • 18. Implement Security Enforcement On and Off Network 18 Sources: APT survey by ICASA, Feb 2013 | State of Advanced Persistent Threats survey by Ponemon Institute, Dec 2013
  • 19. Quick Detection & Containment 65% believe you can’t prevent adv. malware from infecting networks & devices; focus more on detection vs. prevention Reduce the impact of security breaches by: ü  Obtaining coverage and visibility ü  Monitoring network activity ü  Sharing security intelligence Sources: APT survey by ICASA, Feb 2013 | State of Advanced Persistent Threats survey by Ponemon Institute, Dec 2013 19
  • 20. Obtain Coverage & Visibility Get an eye in the sky to see everything that accesses your data and infrastructure 20
  • 21. Monitor Network Activity Establish a baseline to detect anomalous patterns 21
  • 23. Proactive Education & Complication Increase the effort required to breach security by: ü  Raising security awareness ü  Employing mitigation methods
  • 25. Employ Mitigation Methods Confusing attackers, may keep less determined attackers at bay 25
  • 26. Realign Your Security Investments 1.  Given the nature of your organization, why would you be attacked? 7.  Have you taken measures to reduce your overall attack surface? 2.  Which of your assets align to attacker motives? 8.  Have you applied consistently high security standards throughout your organization? 3.  Where are the vulnerabilities among your assets, supply chain vendors, partners, services providers and customers? 9.  Do you have visibility into cloud and DNS activity that could affect your network, your system, your data? 4.  How secure are your assets in the cloud or on the devices your employees use? 10.  Have you made sufficient investments in education and training among your employees and partners? 5.  How might these vulnerabilities be exploited? 11.  Based on your assessments of the above, which tactics/techniques would be most likely to minimize and/or mitigate the impact of an attack? 6.  What preventive tactics are currently in place and how effective are they? “Before we know about any new virus, somebody has to be a sacrificial lamb and die and tell us about it. It's an awful way of doing things.” -- CTO of McAfee’s Endpoint Solution Division 26
  • 28. The World’s Leader for Cloud-Delivered Network Security Threat Protection Beyond DNS July 2013 Data Analytics Predict Threats February 2013 Customers 10,000+ Businesses Fully-Staffed Security Research Team December 2012 Network Security Beyond the Perimeter November 2012 Secures Over 50M Daily-Active Users May 2012 Partners with Threat Feed Providers September 2009 First Anti-Phishing Clearinghouse October 2006 we're World’s Largest Internet Security Network July 2006 Employees Investors 160+ Across San Francisco & Vancouver Greylock Sequoia Sutter Hill 28
  • 29. Acquires data from 2% of the Internet AMERICAS 1M+ events per second 50M+ daily-active users 160+ countries 22 data centers EUROPE, MIDDLE EAST & AFRICA ASIA-PACIFIC (and more coming) 29
  • 30. Connect with confidence. Anywhere. Anytime. On any device. Every day, we block 80M+ security events over •  any port •  any protocol •  any app 30
  • 31. Predictive security. Panoramic visibility. Enforcement everywhere. Service Security Graph Umbrella Platform intelligence enforcement Purpose predict threats before they happen using big data analytics prevents infections or contains breaches on or beyond the network Manageability 0: net new latency 100%: global network uptime <30min: to complete provisioning <1min: to update actionable intelligence 0: maintenance required to keep up to date 31
  • 32. Them: Catch up. Us: Evolve. Them Us network-centric cloud-centric ponderous nimble reactive proactive need evidence see patterns fragmented holistic 32
  • 33. •  Leverage the World’s largest Internet security network to block threats no other vendor covers. •  Set up our free, instant trial in under 30 minutes. OpenDNS Connect with confidence. 33