Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

SANS Webcast | 2017 Cybersecurity Trends: Aiming Ahead of the Target to Increase Security


Published on

Attackers are always changing their methods, but some cybersecurity trends are clear and identifying these trends will help security professionals plan for addressing these issues in the coming year.

Attacks will continue, and many will be successful. While security professionals should try to prevent a breach, it's far more critical to uncover breaches quickly and mitigate damage.

Another significant trend for 2017: expanding current security measures to better protect data in the cloud and to address the security shortcomings of the Internet of Things.

Even while fighting daily security fires, security managers can expect boards of directors to show more interest in their efforts. Board members are keenly aware that breaches can be high-profile catastrophes for companies, and they are also concerned that the organizations they oversee are in compliance with new and more stringent regulations.

This webcast covers the latest and best security hygiene and common success patterns that will best keep your organization off the Worst Breaches of 2017 lists.

Download the report:

Read the blog post:

Free trial:

Contact Qualys for more information: 800.745.4355

Published in: Technology
  • Don't forget another good way of simplifying your writing is using external resources (such as ⇒ ⇐ ). This will definitely make your life more easier
    Are you sure you want to  Yes  No
    Your message goes here

SANS Webcast | 2017 Cybersecurity Trends: Aiming Ahead of the Target to Increase Security

  1. 1. © 2017 The SANS™ Institute – 2017 Cybersecurity Trends: Making Progress by Aiming Ahead of the Target John Pescatore, SANS Director, Emerging Security Trends Chris Carlson, Vice President, Product Management, Qualys
  2. 2. © 2017 The SANS™ Institute – May You Be Cursed/Blessed to Live In Interesting Times
  3. 3. © 2017 The SANS™ Institute – Obligatory Agenda Slide Housekeeping info Here’s what we will do – 1:05 – 1:25 Overview – John Pescatore – 1:25 – 1:45 Qualys – – 1:45 – 2:00 – Q&A Thanks to our sponsor:
  4. 4. © 2017 The SANS™ Institute – Q & A Please use GoToWebinar’s Questions tool to submit questions to our panel. Send to “Organizers” and tell us if it’s for a specific speaker.
  5. 5. © 2017 The SANS™ Institute – 5 What Should We Learn From the Past Year?
  6. 6. © 2017 The SANS™ Institute – 6 Vulnerabilities Did Slow Down Source: Microsoft Security Intelligence Report
  7. 7. © 2017 The SANS™ Institute – 7 Damage from Attacks Did Not Yahoo — Impacted value of sale to Verizon IRS — Get Transcript breach Premier Healthcare — Laptop still not encrypted Wendy's — Ever-expanding point-of-sale breach SF Muni — Ransomware DynDNS — Mirai IoT DDoS
  8. 8. © 2017 The SANS™ Institute – 8 Evolution in Targeting and Evasion Source: Fireeye iSight
  9. 9. © 2017 The SANS™ Institute – 9 Not Just Breaches - Ransomware Source: Kaspersky
  10. 10. © 2017 The SANS™ Institute – 10 “New” Threat Mechanisms — DNS Tunneling Source: Infoblox
  11. 11. © 2017 The SANS™ Institute – 11 Critical Infrastructure Attacks The Seven Most Dangerous New Attack Techniques, and What’s Coming Next 2015 Ukraine Attack Summary
  12. 12. © 2017 The SANS™ Institute – 12 New Forms of Infrastructure Vulnerabilities
  13. 13. © 2017 The SANS™ Institute – 13 Protecting Your Company From the Company It Keeps  Business is increasingly interconnected and interdependent  The bad guys have figured that out  So have the regulators  The cloud exacerbates that trend, additional levels of parties
  14. 14. © 2017 The SANS™ Institute – Third Parties in the Breach Chain Source: The Aerospace Corp.
  15. 15. © 2017 The SANS™ Institute – Mobility and the Cloud  A mobile, distributed workforce is the norm  The cloud exacerbates that trend  The bad guys have figured this out  Visibility and mitigation need to be extended Source: Citrix
  16. 16. © 2017 The SANS™ Institute – SaaS Is a Given, PaaS Is Happening, IaaS Is Growing Nontraditional Application Ecosystems Good Old Data Center Wired/Wireless Internet
  17. 17. © 2017 The SANS™ Institute – The Internet of Vulnerable Things
  18. 18. © 2017 The SANS™ Institute – “Obviously, some people here do not appreciate the gravity of our situation.” Increasing Boards of Directors’ Focus
  19. 19. © 2017 The SANS™ Institute – The Messages Back from Directors “Security people don’t speak our language. In fact, at each briefing they seem to speak a different language.” “The CISO is great at talking about ‘blood in the streets’ but very weak on strategy to avoid disasters.” “We know bad things will happen — the CEO and CFO and VPs inform us of business problems frequently. We want to have confidence that basic competence and strategies are in place to reduce bottom line impact.” “The board is not an ATM — we are not here to give you resources.” “A big part of being believable and building our trust is showing us how we compare to competitors, other industries, some kind of standards or benchmarks.”
  20. 20. © 2017 The SANS™ Institute – 20 Delivering Security Efficiency and Effectiveness Decrease the cost of dealing with known threats Decrease the impact of residual risks Decrease the cost of demonstrating compliance Reduce business damage due to security failures Maintain level of protection with less EBITDA impact Increase the speed of dealing with a new threat or technology Decrease the time required to secure a new business application, partner or supplier Reduce incident cost Reduce downtime Decrease customer defections Position security as a competitive business factor Efficiency Effectiveness
  21. 21. © 2017 The SANS™ Institute – 21 Good News: Many Organizations Avoided or Reduced Damage 980 breaches in 2016 – What did the other 9,020 of the F10000 do differently? – (781 in 2015) On average, 36K records exposed per breach – What did those that limited breach size do differently? – (Average = 215K in 2015) Almost invariably, the organizations with the least cyber incident impact have the strongest CISOs and security teams. Source: Identity Theft Resource Center
  22. 22. © 2017 The SANS™ Institute – 22 Some Things Don’t Change Sample Red/Yellow/Green Metric 1 2 3 4 5 6 7 8 9 101112 13 14 15 16 17 18 19 20 Center for Internet Security Critical Security Controls Prevention Detection & Response Identity, Access, Governance & Architecture
  23. 23. © 2017 The SANS™ Institute – 23 CISO Hot Topic: Application Security Problem: Healthcare company needs to reduce threat exposure and bug fix costs across all corporate applications. Solution: Focus on Secure (and Agile!) Software Development Lifecycle Results: – Defect density decreased by 92% for high/moderate vulnerabilities – Apps using secure library increased each month – Threat modeling approach reduced resource time from 40 hours to 2 – Overall CDLC productivity increase of 15% estimated
  24. 24. © 2017 The SANS™ Institute – 24 When You Get Back to Work Threats evolve but still need vulnerabilities to exploit – Reduce people-attack aperture – Decrease time to detect and mitigate software vulnerabilities Make sure you are collecting the right security metrics so you can demonstrate value, improvement, danger—and connection to business goals. Take advantage of any transitions coming: – Moving to Windows 10, cloud services, mobile apps, agile dev, etc. – M&A, re-org, new C-level management – Audit results Identify high-leverage, short-term basic-security-hygiene win to gain trust Grab a few third rails!
  25. 25. DevSecOps Building Continuous Security into IT and Application Infrastructures Chris Carlson VP, Product Management Qualys
  26. 26. Terminology
  27. 27. Waterfall vs. Agile Dev Methodologies
  28. 28. Waterfall vs. Agile Dev Methodologies
  29. 29. Agile (Dev) + Deploy (Ops)  Automation
  30. 30. Where do Security Assessments Fit?
  31. 31. Terminology: Shift Left
  32. 32. Apply Shift Left to Security?
  33. 33. Transparent Security or Process Blockers
  34. 34. DevOps + Security: Friend or Foe?
  35. 35. “Shift Left” Security
  36. 36. Integrate Security into the CI/CD Process
  37. 37. Shift Left Security – Continuous Security
  38. 38. DevSecOps – How to Accelerate Usage
  39. 39. DevSecOps: Docker Containers
  40. 40. Next Steps and What Works
  41. 41. Next Steps and What Works
  42. 42. Next Steps and What Works
  43. 43. Thank You Chris Carlson VP, Product Management, Qualys
  44. 44. © 2017 The SANS™ Institute –
  45. 45. © 2017 The SANS™ Institute – Resources SANS : What Works: controls SANS SOC – operations-center-summit-2017 Qualys: Questions: @John_Pescatore
  46. 46. © 2017 The SANS™ Institute – Acknowledgments Thanks to our sponsor: And also to our speaker and to our attendees: Thank you for joining us today