Beyond Network Security: Addressing Vulnerabilities that Hide in Plain Sight

314 views

Published on

The largest gaps in security practices often exist in places we don’t think to search in. Many companies believe that their infrastructure and their data are secure because they invest so much money protecting their perimeters. In reality, many organizations invest far too minimal time protecting their networks from internal weaknesses.

ADNET’s Eric Monda, Senior Systems Engineer and Certified Ethical Hacker and Michelle Syc, Senior Analyst, Advisory and Assurance Services will lead the discussion around:

An organization’s number one weakness – Employees
Common products and applications that create security nightmares for Systems Administrators
Protection for your company’s network with security software

Speakers: Certified Ethical Hackers Eric Monda, Senior Systems Engineer and Michelle Syc, Senior Analyst, Advisory and Assurance Services, ADNET Technologies

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
314
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Beyond Network Security: Addressing Vulnerabilities that Hide in Plain Sight

  1. 1. Security Beyond Network Security: Addressing Vulnerabilities that Hide in Plain Sight Eric Monda Senior Systems Engineer Michelle Syc Senior Security Analyst
  2. 2. Security SECURITY COST WHAT? Worldwide spending on security infrastructure including: - Software - Services - Network security appliances Were used to secure enterprise and consumer IT equipment & will reach $86 billion in 2016. - Gartner Research
  3. 3. Security THE REASON? Employees/End User • "64% of data breaches in 2012 were the result of human mistakes and system problems.” - Symantec and the Ponemon Institute Study, 2013 • "In general, the user is easy to fool – and that’s why so many people get infected. Even if you know about security, and you know you have to be careful on the internet, no-one is safe when something is really targeted at you" - Luis Corrons, PandaLabs • It is much easier to trick someone into giving a password for a system than to spend the effort to crack into the system. - Kevin Mitnick (convicted hacker turned security professional)
  4. 4. Security WHY ARE USERS SUCH A RISK? Easy to Trust Human nature is the social engineer's greatest exploit. As part of human nature, people generally trust easily and get satisfaction out of helping those in need – SANS Institute Example –Audio from a social engineering experiment
  5. 5. Security WHY ARE USERS SUCH A RISK? Easy to Cause Fear – As part of human nature, people generally trust easily & get satisfaction out of helping those in need – SANS Institute – Human nature is the social engineer's greatest exploit Example
  6. 6. Security WHY ARE USERS SUCH A RISK? Easy to Trick – Phishing • The activity of defrauding an online account holder of financial information by posing as a legitimate company Example
  7. 7. Security WHAT CAN BE DONE? Train, Train, Train – Train users on common security practices annually – Regularly send out updates on new security threats – Create a Social Engineering Incident Response Plan Software Patching – Regularly update heavily target software – Adobe, Java, Internet Explorer – Create an update plan/schedule – Perform annual vulnerability assessments to detect “at risk” software Utilize 3rd Party Tools and Software – Windows Updates - Services like WSUS to ensure workstations are properly up-to-date. – Anti-Virus – Ensure all workstations have AV and that it is properly updating with new definitions. – Network Monitoring – IDS, EventLog Monitoring, Automation
  8. 8. @ADNETTech @ADNETTechnologiesLLC @ADNETTechnologiesLLC Eric Monda emonda@thinkadnet.com Michelle Syc msyc@thinadnet.com

×