SlideShare a Scribd company logo

Business Productivity and Automated Security Controls

Download as PPTX, PDF
Heather Axworthy
Heather Axworthy
Education
1 of 20
Optimizing Business Productivity Through Automated Security Controls Heather Axworthy Network Security Engineer haxworthy@gmail.com 1 © 2010 Heather L. Axworthy
Bio Ten Years Experience In Networks And Security Secured Many Sensitive And Strategic Networks For Fortune 50 Companies Sr. Security Engineer Worked On Multiple IDS/IPS And Security Platforms Really Good Cook, Tried Flying A Helicopter, And Love To Hike Blog Http://Chickbits.Blogspot.Com Linkedin: Http://Www.Linkedin.Com/In/Heatheraxworthy Twitter: Haxworthy 2 © 2010 Heather L. Axworthy
Agenda 3 © 2010 Heather L. Axworthy
© 2010 Heather L. Axworthy 4 Response Detection Prevention Security Continuum IDS & Desktop People IPS
Security Continuum © 2010 Heather L. Axworthy 5
Security Assets © 2010 Heather L. Axworthy 6
© 2010 Heather L. Axworthy 7 Internet Traffic Composition of Threat Response
Composition of Threat Response:Computers, IT, and Users Security Involves Variable HumanInteraction Perimeter Security Block Malicious Traffic From Entering The Network. IPS Provides Active Blocking & Minimizes User Involvement, Reducing Response Urgency I.T. Employees Involved With Deployment And Maintenance Intrusion Detection (IDS) Alerts I.T. To Malicious Traffic But Does Not Prevent It From Penetrating The Network. IDS Requires Higher IT Employee Interaction To React To Alerts. Desktop Security Controls Involve The Highest Participation From Users. © 2010 Heather L. Axworthy 8
Single Security-Strategy Risks © 2010 Heather L. Axworthy 9
Single Security Strategy ,[object Object]
Different Security Methods Are Not Equal
Each Provides Different Levels Of Protection
If You Deploy One Technology, It’s Best To Have A Proactive Technology Like IPS At The Perimeter.
IPS Reduces The Amount Of Malicious Traffic That Gets To The End User
Employees See Less Alerts
More Time To Focus On The Business
Previous Chart Illustrates Risk Levels For Deploying Only One Security Technology.
For Example, Deploying Only Desktop Security Technologies Results In The Highest Risk Because The Threat Has Already Entered Your Network
User-centric Measures Are Inconsistent Because Users Do Not The Same Thing Every Time.© 2010 Heather L. Axworthy 10
Protection & Equipment Costs © 2010 Heather L. Axworthy 11

Recommended

02 學校網絡安全漏洞的評估分享, 管理挑戰及趨勢。
02 學校網絡安全漏洞的評估分享, 管理挑戰及趨勢。02 學校網絡安全漏洞的評估分享, 管理挑戰及趨勢。
02 學校網絡安全漏洞的評估分享, 管理挑戰及趨勢。eLearning Consortium 電子學習聯盟
 
Network cloaking sansv2_
Network cloaking sansv2_Network cloaking sansv2_
Network cloaking sansv2_CMR WORLD TECH
 
08 Transform Endpoint Security with the World’s Most Secure PCs and Printers
08 Transform Endpoint Security with the World’s Most Secure PCs and Printers08 Transform Endpoint Security with the World’s Most Secure PCs and Printers
08 Transform Endpoint Security with the World’s Most Secure PCs and PrinterseLearning Consortium 電子學習聯盟
 
Webinar Ivanti Neurons For Patch Intelligence
Webinar Ivanti Neurons For Patch IntelligenceWebinar Ivanti Neurons For Patch Intelligence
Webinar Ivanti Neurons For Patch IntelligenceIvanti
 
2021 English Part One Anti-phishing Webinar Presentation Slides
2021 English Part One Anti-phishing Webinar Presentation Slides2021 English Part One Anti-phishing Webinar Presentation Slides
2021 English Part One Anti-phishing Webinar Presentation SlidesIvanti
 
Source 44 sc congress canada 2011-06
Source 44 sc congress canada 2011-06Source 44 sc congress canada 2011-06
Source 44 sc congress canada 2011-06Source 44 Consulting
 
The Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny HeaberlinThe Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny HeaberlinCloud Expo
 
Ivanti neurons - lunch and learn
Ivanti neurons - lunch and learnIvanti neurons - lunch and learn
Ivanti neurons - lunch and learnIvanti
 

Recommended

02 學校網絡安全漏洞的評估分享, 管理挑戰及趨勢。
02 學校網絡安全漏洞的評估分享, 管理挑戰及趨勢。02 學校網絡安全漏洞的評估分享, 管理挑戰及趨勢。
02 學校網絡安全漏洞的評估分享, 管理挑戰及趨勢。eLearning Consortium 電子學習聯盟
 
Network cloaking sansv2_
Network cloaking sansv2_Network cloaking sansv2_
Network cloaking sansv2_CMR WORLD TECH
 
08 Transform Endpoint Security with the World’s Most Secure PCs and Printers
08 Transform Endpoint Security with the World’s Most Secure PCs and Printers08 Transform Endpoint Security with the World’s Most Secure PCs and Printers
08 Transform Endpoint Security with the World’s Most Secure PCs and PrinterseLearning Consortium 電子學習聯盟
 
Webinar Ivanti Neurons For Patch Intelligence
Webinar Ivanti Neurons For Patch IntelligenceWebinar Ivanti Neurons For Patch Intelligence
Webinar Ivanti Neurons For Patch IntelligenceIvanti
 
2021 English Part One Anti-phishing Webinar Presentation Slides
2021 English Part One Anti-phishing Webinar Presentation Slides2021 English Part One Anti-phishing Webinar Presentation Slides
2021 English Part One Anti-phishing Webinar Presentation SlidesIvanti
 
Source 44 sc congress canada 2011-06
Source 44 sc congress canada 2011-06Source 44 sc congress canada 2011-06
Source 44 sc congress canada 2011-06Source 44 Consulting
 
The Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny HeaberlinThe Secure Path to Value in the Cloud by Denny Heaberlin
The Secure Path to Value in the Cloud by Denny HeaberlinCloud Expo
 
Ivanti neurons - lunch and learn
Ivanti neurons - lunch and learnIvanti neurons - lunch and learn
Ivanti neurons - lunch and learnIvanti
 
Infographic: Mobile is growing and so are security threats
Infographic: Mobile is growing and so are security threatsInfographic: Mobile is growing and so are security threats
Infographic: Mobile is growing and so are security threatsIBM Security
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...centralohioissa
 
Virtual Lunch & Learn - Netherlands
Virtual Lunch & Learn - NetherlandsVirtual Lunch & Learn - Netherlands
Virtual Lunch & Learn - NetherlandsIvanti
 
Infographic network protection security
Infographic network protection securityInfographic network protection security
Infographic network protection securityIBM Security
 
A Non-Salesy Intro to the Ivanti Porfolio
A Non-Salesy Intro to the Ivanti PorfolioA Non-Salesy Intro to the Ivanti Porfolio
A Non-Salesy Intro to the Ivanti PorfolioIvanti
 
GBS - 8 ways to knockout network headaches
GBS - 8 ways to knockout network headachesGBS - 8 ways to knockout network headaches
GBS - 8 ways to knockout network headachesKristin Helgeson
 
Ivanti Insights Podcast - FireEye Breach
Ivanti Insights Podcast - FireEye BreachIvanti Insights Podcast - FireEye Breach
Ivanti Insights Podcast - FireEye BreachIvanti
 
Partner Zymbian & Fortinet webinar on Web2.0 security
Partner Zymbian & Fortinet webinar on Web2.0 securityPartner Zymbian & Fortinet webinar on Web2.0 security
Partner Zymbian & Fortinet webinar on Web2.0 securityZymbian
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec
 
Insights into your IT Service Management - Middle East
Insights into your IT Service Management - Middle EastInsights into your IT Service Management - Middle East
Insights into your IT Service Management - Middle EastIvanti
 
How to Reduce the Attack Surface Created by Your Cyber-Tools
How to Reduce the Attack Surface Created by Your Cyber-ToolsHow to Reduce the Attack Surface Created by Your Cyber-Tools
How to Reduce the Attack Surface Created by Your Cyber-ToolsEnterprise Management Associates
 
Gettozero stealth industrial
Gettozero stealth industrialGettozero stealth industrial
Gettozero stealth industrialSherid444
 
Cyber Security Isaca Bglr Presentation 24th July
Cyber Security Isaca Bglr Presentation 24th JulyCyber Security Isaca Bglr Presentation 24th July
Cyber Security Isaca Bglr Presentation 24th JulyFiroze Hussain
 
Best Practices For Information Security Management 2011
Best Practices For Information Security Management 2011Best Practices For Information Security Management 2011
Best Practices For Information Security Management 2011Tony Richardson CISSP
 
Secure Your Business 2009
Secure Your Business 2009Secure Your Business 2009
Secure Your Business 2009RCioffi
 
5 Steps to Successful BYOD Implementation
5 Steps to Successful BYOD Implementation5 Steps to Successful BYOD Implementation
5 Steps to Successful BYOD ImplementationJumpCloud
 
To Cloud or Not To Cloud
To Cloud or Not To CloudTo Cloud or Not To Cloud
To Cloud or Not To CloudMichael Yung
 
Protect Against 85% of Cyberattacks
Protect Against 85% of CyberattacksProtect Against 85% of Cyberattacks
Protect Against 85% of CyberattacksIvanti
 
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...International Federation of Accountants
 
INTRODUCTION TO IVANTI NEURONS
INTRODUCTION TO IVANTI NEURONSINTRODUCTION TO IVANTI NEURONS
INTRODUCTION TO IVANTI NEURONSIvanti
 
Customized premiums-and-promotions
Customized premiums-and-promotionsCustomized premiums-and-promotions
Customized premiums-and-promotionsCustomized Premiums And Promotions
 
Cennik pefra
Cennik pefraCennik pefra
Cennik pefracoolweb
 

More Related Content

What's hot

Infographic: Mobile is growing and so are security threats
Infographic: Mobile is growing and so are security threatsInfographic: Mobile is growing and so are security threats
Infographic: Mobile is growing and so are security threatsIBM Security
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...centralohioissa
 
Virtual Lunch & Learn - Netherlands
Virtual Lunch & Learn - NetherlandsVirtual Lunch & Learn - Netherlands
Virtual Lunch & Learn - NetherlandsIvanti
 
Infographic network protection security
Infographic network protection securityInfographic network protection security
Infographic network protection securityIBM Security
 
A Non-Salesy Intro to the Ivanti Porfolio
A Non-Salesy Intro to the Ivanti PorfolioA Non-Salesy Intro to the Ivanti Porfolio
A Non-Salesy Intro to the Ivanti PorfolioIvanti
 
GBS - 8 ways to knockout network headaches
GBS - 8 ways to knockout network headachesGBS - 8 ways to knockout network headaches
GBS - 8 ways to knockout network headachesKristin Helgeson
 
Ivanti Insights Podcast - FireEye Breach
Ivanti Insights Podcast - FireEye BreachIvanti Insights Podcast - FireEye Breach
Ivanti Insights Podcast - FireEye BreachIvanti
 
Partner Zymbian & Fortinet webinar on Web2.0 security
Partner Zymbian & Fortinet webinar on Web2.0 securityPartner Zymbian & Fortinet webinar on Web2.0 security
Partner Zymbian & Fortinet webinar on Web2.0 securityZymbian
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec
 
Insights into your IT Service Management - Middle East
Insights into your IT Service Management - Middle EastInsights into your IT Service Management - Middle East
Insights into your IT Service Management - Middle EastIvanti
 
How to Reduce the Attack Surface Created by Your Cyber-Tools
How to Reduce the Attack Surface Created by Your Cyber-ToolsHow to Reduce the Attack Surface Created by Your Cyber-Tools
How to Reduce the Attack Surface Created by Your Cyber-ToolsEnterprise Management Associates
 
Gettozero stealth industrial
Gettozero stealth industrialGettozero stealth industrial
Gettozero stealth industrialSherid444
 
Cyber Security Isaca Bglr Presentation 24th July
Cyber Security Isaca Bglr Presentation 24th JulyCyber Security Isaca Bglr Presentation 24th July
Cyber Security Isaca Bglr Presentation 24th JulyFiroze Hussain
 
Best Practices For Information Security Management 2011
Best Practices For Information Security Management 2011Best Practices For Information Security Management 2011
Best Practices For Information Security Management 2011Tony Richardson CISSP
 
Secure Your Business 2009
Secure Your Business 2009Secure Your Business 2009
Secure Your Business 2009RCioffi
 
5 Steps to Successful BYOD Implementation
5 Steps to Successful BYOD Implementation5 Steps to Successful BYOD Implementation
5 Steps to Successful BYOD ImplementationJumpCloud
 
To Cloud or Not To Cloud
To Cloud or Not To CloudTo Cloud or Not To Cloud
To Cloud or Not To CloudMichael Yung
 
Protect Against 85% of Cyberattacks
Protect Against 85% of CyberattacksProtect Against 85% of Cyberattacks
Protect Against 85% of CyberattacksIvanti
 
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...International Federation of Accountants
 
INTRODUCTION TO IVANTI NEURONS
INTRODUCTION TO IVANTI NEURONSINTRODUCTION TO IVANTI NEURONS
INTRODUCTION TO IVANTI NEURONSIvanti
 

What's hot (20)

Infographic: Mobile is growing and so are security threats
Infographic: Mobile is growing and so are security threatsInfographic: Mobile is growing and so are security threats
Infographic: Mobile is growing and so are security threats
 
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
Steven Keil - BYODAWSCYW (Bring Your Own Device And Whatever Security Control...
 
Virtual Lunch & Learn - Netherlands
Virtual Lunch & Learn - NetherlandsVirtual Lunch & Learn - Netherlands
Virtual Lunch & Learn - Netherlands
 
Infographic network protection security
Infographic network protection securityInfographic network protection security
Infographic network protection security
 
A Non-Salesy Intro to the Ivanti Porfolio
A Non-Salesy Intro to the Ivanti PorfolioA Non-Salesy Intro to the Ivanti Porfolio
A Non-Salesy Intro to the Ivanti Porfolio
 
GBS - 8 ways to knockout network headaches
GBS - 8 ways to knockout network headachesGBS - 8 ways to knockout network headaches
GBS - 8 ways to knockout network headaches
 
Ivanti Insights Podcast - FireEye Breach
Ivanti Insights Podcast - FireEye BreachIvanti Insights Podcast - FireEye Breach
Ivanti Insights Podcast - FireEye Breach
 
Partner Zymbian & Fortinet webinar on Web2.0 security
Partner Zymbian & Fortinet webinar on Web2.0 securityPartner Zymbian & Fortinet webinar on Web2.0 security
Partner Zymbian & Fortinet webinar on Web2.0 security
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
 
Insights into your IT Service Management - Middle East
Insights into your IT Service Management - Middle EastInsights into your IT Service Management - Middle East
Insights into your IT Service Management - Middle East
 
How to Reduce the Attack Surface Created by Your Cyber-Tools
How to Reduce the Attack Surface Created by Your Cyber-ToolsHow to Reduce the Attack Surface Created by Your Cyber-Tools
How to Reduce the Attack Surface Created by Your Cyber-Tools
 
Gettozero stealth industrial
Gettozero stealth industrialGettozero stealth industrial
Gettozero stealth industrial
 
Cyber Security Isaca Bglr Presentation 24th July
Cyber Security Isaca Bglr Presentation 24th JulyCyber Security Isaca Bglr Presentation 24th July
Cyber Security Isaca Bglr Presentation 24th July
 
Best Practices For Information Security Management 2011
Best Practices For Information Security Management 2011Best Practices For Information Security Management 2011
Best Practices For Information Security Management 2011
 
Secure Your Business 2009
Secure Your Business 2009Secure Your Business 2009
Secure Your Business 2009
 
5 Steps to Successful BYOD Implementation
5 Steps to Successful BYOD Implementation5 Steps to Successful BYOD Implementation
5 Steps to Successful BYOD Implementation
 
To Cloud or Not To Cloud
To Cloud or Not To CloudTo Cloud or Not To Cloud
To Cloud or Not To Cloud
 
Protect Against 85% of Cyberattacks
Protect Against 85% of CyberattacksProtect Against 85% of Cyberattacks
Protect Against 85% of Cyberattacks
 
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
 
INTRODUCTION TO IVANTI NEURONS
INTRODUCTION TO IVANTI NEURONSINTRODUCTION TO IVANTI NEURONS
INTRODUCTION TO IVANTI NEURONS
 

Viewers also liked

Cennik pefra
Cennik pefraCennik pefra
Cennik pefracoolweb
 
Patrick Timony's Access for All talk at Socical Justice Camp DC
Patrick Timony's Access for All talk at Socical Justice Camp DCPatrick Timony's Access for All talk at Socical Justice Camp DC
Patrick Timony's Access for All talk at Socical Justice Camp DCSocJustCampDC
 
Cennik pefra
Cennik pefraCennik pefra
Cennik pefracoolweb
 
Delta i 2012_calosc_web-small
Delta i 2012_calosc_web-smallDelta i 2012_calosc_web-small
Delta i 2012_calosc_web-smallcoolweb
 
Butterfly valve & Pneumatic Actuator (english)
Butterfly valve & Pneumatic Actuator (english)Butterfly valve & Pneumatic Actuator (english)
Butterfly valve & Pneumatic Actuator (english)Ahsan Hussain Siddque
 

Viewers also liked (8)

Customized premiums-and-promotions
Customized premiums-and-promotionsCustomized premiums-and-promotions
Customized premiums-and-promotions
 
Cennik pefra
Cennik pefraCennik pefra
Cennik pefra
 
Cloud Security Overview
Cloud Security OverviewCloud Security Overview
Cloud Security Overview
 
Patrick Timony's Access for All talk at Socical Justice Camp DC
Patrick Timony's Access for All talk at Socical Justice Camp DCPatrick Timony's Access for All talk at Socical Justice Camp DC
Patrick Timony's Access for All talk at Socical Justice Camp DC
 
Cennik pefra
Cennik pefraCennik pefra
Cennik pefra
 
03 Erik Sheptock
03 Erik Sheptock03 Erik Sheptock
03 Erik Sheptock
 
Delta i 2012_calosc_web-small
Delta i 2012_calosc_web-smallDelta i 2012_calosc_web-small
Delta i 2012_calosc_web-small
 
Butterfly valve & Pneumatic Actuator (english)
Butterfly valve & Pneumatic Actuator (english)Butterfly valve & Pneumatic Actuator (english)
Butterfly valve & Pneumatic Actuator (english)
 

Similar to Business Productivity and Automated Security Controls

Best practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSBest practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSAmazon Web Services
 
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondHow BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondSecPod Technologies
 
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationVenkateswar Reddy Melachervu
 
IRJET- A Review on Intrusion Detection System
IRJET- A Review on Intrusion Detection SystemIRJET- A Review on Intrusion Detection System
IRJET- A Review on Intrusion Detection SystemIRJET Journal
 
Precise, Predictive, and Connected: DDS and OPC UA – Real-Time Connectivity A...
Precise, Predictive, and Connected: DDS and OPC UA – Real-Time Connectivity A...Precise, Predictive, and Connected: DDS and OPC UA – Real-Time Connectivity A...
Precise, Predictive, and Connected: DDS and OPC UA – Real-Time Connectivity A...Real-Time Innovations (RTI)
 
IoT Design Principles
IoT Design PrinciplesIoT Design Principles
IoT Design Principlesardexateam
 
[RakutenTechConf2013] [A-0] Security Meets Analytics
[RakutenTechConf2013] [A-0] Security Meets Analytics[RakutenTechConf2013] [A-0] Security Meets Analytics
[RakutenTechConf2013] [A-0] Security Meets AnalyticsRakuten Group, Inc.
 
Security solutions for a smarter planet
Security solutions for a smarter planetSecurity solutions for a smarter planet
Security solutions for a smarter planetVincent Kwon
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Lancope, Inc.
 
Automating Your Tools: How to Free Up Your Security Professionals for Actual ...
Automating Your Tools: How to Free Up Your Security Professionals for Actual ...Automating Your Tools: How to Free Up Your Security Professionals for Actual ...
Automating Your Tools: How to Free Up Your Security Professionals for Actual ...Kevin Fealey
 
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFETECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFEJames Wier
 
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docxCompensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docxbartholomeocoombs
 
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docxCompensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docxannette228280
 
Security and Privacy Big Challenges in Internet of things
Security and Privacy Big Challenges in Internet of thingsSecurity and Privacy Big Challenges in Internet of things
Security and Privacy Big Challenges in Internet of thingsIRJET Journal
 
Integrated Intrusion Detection Services for z/OS Communications Server
Integrated Intrusion Detection Services for z/OS Communications Server Integrated Intrusion Detection Services for z/OS Communications Server
Integrated Intrusion Detection Services for z/OS Communications Server zOSCommserver
 
InstaSafe Zero Trust Access - Key Features and Benefits
InstaSafe Zero Trust Access - Key Features and BenefitsInstaSafe Zero Trust Access - Key Features and Benefits
InstaSafe Zero Trust Access - Key Features and BenefitsInstaSafe Technologies
 
Securing the digital economy
Securing the digital economySecuring the digital economy
Securing the digital economyaccenture
 

Similar to Business Productivity and Automated Security Controls (20)

IPS Best Practices
IPS Best PracticesIPS Best Practices
IPS Best Practices
 
Best practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSBest practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWS
 
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondHow BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
 
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
 
IRJET- A Review on Intrusion Detection System
IRJET- A Review on Intrusion Detection SystemIRJET- A Review on Intrusion Detection System
IRJET- A Review on Intrusion Detection System
 
Precise, Predictive, and Connected: DDS and OPC UA – Real-Time Connectivity A...
Precise, Predictive, and Connected: DDS and OPC UA – Real-Time Connectivity A...Precise, Predictive, and Connected: DDS and OPC UA – Real-Time Connectivity A...
Precise, Predictive, and Connected: DDS and OPC UA – Real-Time Connectivity A...
 
IoT Design Principles
IoT Design PrinciplesIoT Design Principles
IoT Design Principles
 
[RakutenTechConf2013] [A-0] Security Meets Analytics
[RakutenTechConf2013] [A-0] Security Meets Analytics[RakutenTechConf2013] [A-0] Security Meets Analytics
[RakutenTechConf2013] [A-0] Security Meets Analytics
 
Security solutions for a smarter planet
Security solutions for a smarter planetSecurity solutions for a smarter planet
Security solutions for a smarter planet
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security
 
Automating Your Tools: How to Free Up Your Security Professionals for Actual ...
Automating Your Tools: How to Free Up Your Security Professionals for Actual ...Automating Your Tools: How to Free Up Your Security Professionals for Actual ...
Automating Your Tools: How to Free Up Your Security Professionals for Actual ...
 
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFETECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
 
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docxCompensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
 
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docxCompensation Strategy for Knowledge WorkersTo prepare for this a.docx
Compensation Strategy for Knowledge WorkersTo prepare for this a.docx
 
Security and Privacy Big Challenges in Internet of things
Security and Privacy Big Challenges in Internet of thingsSecurity and Privacy Big Challenges in Internet of things
Security and Privacy Big Challenges in Internet of things
 
Integrated Intrusion Detection Services for z/OS Communications Server
Integrated Intrusion Detection Services for z/OS Communications Server Integrated Intrusion Detection Services for z/OS Communications Server
Integrated Intrusion Detection Services for z/OS Communications Server
 
The Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeThe Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and Lancope
 
InstaSafe Zero Trust Access - Key Features and Benefits
InstaSafe Zero Trust Access - Key Features and BenefitsInstaSafe Zero Trust Access - Key Features and Benefits
InstaSafe Zero Trust Access - Key Features and Benefits
 
Cyber Security.pptx
Cyber Security.pptxCyber Security.pptx
Cyber Security.pptx
 
Securing the digital economy
Securing the digital economySecuring the digital economy
Securing the digital economy
 

Recently uploaded

microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
PSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPoojaSen20
 
Micromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of PowdersMicromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of PowdersChitralekhaTherkar
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 

Recently uploaded (20)

microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
PSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptx
 
Staff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSDStaff of Color (SOC) Retention Efforts DDSD
Staff of Color (SOC) Retention Efforts DDSD
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Micromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of PowdersMicromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of Powders
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 

Business Productivity and Automated Security Controls

  • 1. Optimizing Business Productivity Through Automated Security Controls Heather Axworthy Network Security Engineer haxworthy@gmail.com 1 © 2010 Heather L. Axworthy
  • 2. Bio Ten Years Experience In Networks And Security Secured Many Sensitive And Strategic Networks For Fortune 50 Companies Sr. Security Engineer Worked On Multiple IDS/IPS And Security Platforms Really Good Cook, Tried Flying A Helicopter, And Love To Hike Blog Http://Chickbits.Blogspot.Com Linkedin: Http://Www.Linkedin.Com/In/Heatheraxworthy Twitter: Haxworthy 2 © 2010 Heather L. Axworthy
  • 3. Agenda 3 © 2010 Heather L. Axworthy
  • 4. © 2010 Heather L. Axworthy 4 Response Detection Prevention Security Continuum IDS & Desktop People IPS
  • 5. Security Continuum © 2010 Heather L. Axworthy 5
  • 6. Security Assets © 2010 Heather L. Axworthy 6
  • 7. © 2010 Heather L. Axworthy 7 Internet Traffic Composition of Threat Response
  • 8. Composition of Threat Response:Computers, IT, and Users Security Involves Variable HumanInteraction Perimeter Security Block Malicious Traffic From Entering The Network. IPS Provides Active Blocking & Minimizes User Involvement, Reducing Response Urgency I.T. Employees Involved With Deployment And Maintenance Intrusion Detection (IDS) Alerts I.T. To Malicious Traffic But Does Not Prevent It From Penetrating The Network. IDS Requires Higher IT Employee Interaction To React To Alerts. Desktop Security Controls Involve The Highest Participation From Users. © 2010 Heather L. Axworthy 8
  • 9. Single Security-Strategy Risks © 2010 Heather L. Axworthy 9
  • 10.
  • 12. Each Provides Different Levels Of Protection
  • 13. If You Deploy One Technology, It’s Best To Have A Proactive Technology Like IPS At The Perimeter.
  • 14. IPS Reduces The Amount Of Malicious Traffic That Gets To The End User
  • 16. More Time To Focus On The Business
  • 17. Previous Chart Illustrates Risk Levels For Deploying Only One Security Technology.
  • 18. For Example, Deploying Only Desktop Security Technologies Results In The Highest Risk Because The Threat Has Already Entered Your Network
  • 19. User-centric Measures Are Inconsistent Because Users Do Not The Same Thing Every Time.© 2010 Heather L. Axworthy 10
  • 20. Protection & Equipment Costs © 2010 Heather L. Axworthy 11
  • 21. Protection & Equipment Costs IPS Technologies Are Proactive Higher Initial Cost Higher Level Of Protection IDS Technologies Are Reactive Lower Initial Cost Many Tools Are Open Source Majority Of The Cost Is Hardware. Protection Level Is Lower: IDS Only Alerts I.T. To Malicious Traffic And I.T. Must Spend Large Amounts Of Time Investigating, Which Can Incur Extra Costs For Additional Response Training. Desktop Security Is Reactive Quantity Of Desktops Drive Costs. Relatively Inexpensive SW User-training Costs Must Be Considered © 2010 Heather L. Axworthy 12
  • 22. Deployment Considerations © 2010 Heather L. Axworthy 13 criteria partial
  • 23. Recommendation To Your Clients IPS….IDS….Desktop SW….Security Awareness Training….Log Management & Monitoring ???? © 2010 Heather L. Axworthy 14 Keep The Threats Out!
  • 24. What is IPS? IPS = Intrusion Prevention System/Service. Designed To Be Deployed Inline. Proactive Approach To Traffic Monitoring. Preventing The Attack Packet From Penetrating Your Network. 15 © 2010 Heather L. Axworthy
  • 25. Architecture Capacity Planning – Biggest Mistake Purchasing Hardware That Is Too “Small” For Your Network. Look At The Traffic Load Of The Segments You Want To Monitor. If The Segments (vlans) You Want To Monitor Register Bandwidth In Excess Of 100MB Each, A Small 400MB Device Is Not Large Enough. Most Devices Have A Maximum Throughput Which Is Often An Aggregate Of All Interfaces On The Device. 16 © 2010 Heather L. Axworthy
  • 26. Deployment 17 © 2010 Heather L. Axworthy
  • 27. Event Monitoring/Tuning My Device Is In Place, What Do I Do Next? Tuning – The Time Period When You Look At Your Events And Weed Out Any False Positives And Modify Signatures. Best Practice Is At Least 30 Days Of Looking At Traffic On A Daily Basis. This Will Enable You To Filter Out Signatures That Are “Noisy” And See Events That Show Valid Attacks. Once Tuning Period Is Over, Put The Device Into Block “IPS” Mode. 18 © 2010 Heather L. Axworthy
  • 28. Ensuring Success Company Buy-in, From Top Executive Management To End User. IPS Will Make “Us” More Secure. Staffing Levels – Proper Staffing Must Be In Place To Support The IPS Device(s) And The Monitoring Of Events On A Daily Basis. If The IPS Device Stops One Botnet Outbreak, Or A SQL Injection Attack, It Has Paid For Itself! 19 © 2010 Heather L. Axworthy
  • 29. Q & A Heather Axworthy Network Security Engineer haxworthy@gmail.com 20 © 2010 Heather L. Axworthy

Editor's Notes

  1. IPS is short for Intrusion Prevention, when the specific traffic matches a signature, the device “drops” the traffic immediately and creates an event with details on the traffic. Designed to be deployed inline. IPS takes a proactive approach to traffic monitoring.
  2. capacity planning – buy the right device – Do your homework: Look at the traffic load of the segments you want to monitor. Every model has a threshold level. If the vlan you want to monitor registers bandwidth in excess of 100MB, and you may want to monitor additional vlan’s, a 400MB limit box will not work for you. Don’t expect to buy just one box. If you have remote sites or several internal vlan’s, you will need additional units. Buy a large enough unit that can be deployed at the perimeter in between the firewall and DMZ/Internal networks. Buy smaller units for remote sites and smaller segments.There are several out there on the market today. ISS, TippingPoint, Cisco, Sourcefire Choose the vendor that has the best reputation for good, sound security intelligence.
  3. You will probably need more than one device, at least one at the perimeter, and possibly a few smaller throughput devices. All IPS devices have two modes, block aka “IPS” mode, and non-block aka “IDS” mode. When you first deploy your device, it is in non-block mode, you then spend a period of time tuning out any false positives. After that period is complete, then put your device into blocking mode. “IPS” mode should always be your primary end goal!
  4. Now that my device is in place in non-block mode, what do I do?take a period of at least 30 days and look at the events being generated by the device on a daily basis. This time period is known as the “tuning phase”, this time is when you make adjustments to the signatures on the device. You are filtering out the false positives, so you can look at the events that are showing valid attacks.