SlideShare a Scribd company logo

Conférence CISCO ACSS 2018

A
African Cyber Security Summit

Tendances Chez les Attaquants et chez les Defendants Babacar Wagne Consultant Securité Afrique

Presentations & Public Speaking
1 of 42
Oran – 4 Avril 2018 Consultant Securite Afrique Cisco 2018 Annual Cybersecurity Report Tendances Chez les Attaquants et chez les Defendants Babacar Wagne
2018 Annual Cybersecurity Report • Unprecedented levels of sophistication and impact • Becoming more adept at evasion • Exploiting new technology security gaps
2018 Annual Cybersecurity Report • Visibilite – Traffic Encrypte
Malicious Binaries and Encryption Increase November 2016 Attackers embrace encryption to conceal their command-and-control activity 19% 12% Increase 268%70% 50% 38% Global Encrypted Web Traffic Malicious Sandbox Binaries with Encryption October 2017
2018 Annual Cybersecurity Report • What files are being used in mails?
Malicious Documents in Email January-May June-October Compared usage of malicious attachments from first portion of 2017 to second Office 55% Archive 415% PDF 255%
2018 Annual Cybersecurity Report • Techniques d’evasion dans les Sandboxes
Sandbox Evasion Patterns Attackers are constantly testing sandbox evasion techniques Document Close Doc Embedded in PDF Malicious Samples Total Samples Oct 2016 Volume Volume Oct 2017 Oct 2016 Oct 2017
2018 Annual Cybersecurity Report • Nouveaux Types de Malware
Network-based Ransomware Network-Based Ransomware Worm WannaCry and Nyetya: rapid-moving, self-propagating network-based attacks With active, unpatched machines, these automated worms will attack again. Have you secured your network?
2018 Annual Cybersecurity Report • Utilisation du Cloud
53% manage over half of their infrastructure in the cloud Ease of use (46%) Scalability (48%) Lack of internal workforce (41%) Better security (57%) Appeal: The Cloud Organizations increase reliance on the cloud
Malicious Use of Legitimate Resources Adaptability Subverts Domain and Certificate Intelligence Easy Setup Whitelisted IP Address Cybercriminals are adopting command-and-control channels that rely on legitimate Internet services, making malware traffic almost impossible to shut down Reduce Burning Infrastructure Leverage Encryption for C2 Source: Anomali
2018 Annual Cybersecurity Report • DDoS
IoT and DDos Application-layer attacks are rising, network-layer attacks are declining Burst attacks are increasing Amplification attacks • Complexity • Frequency • Duration 2/5of businesses experienced a reflection amplification attack in 2017 of those organizations mitigated the attacks2/3 Source: Radware
2018 Annual Cybersecurity Report • Utilisation des Domaines
How Malicious Actors Leverage Domains 60%Spam 20%Malvertising 20%Other Organizations need to minimize access to malicious domains Type of Attack RLD Registered Times New or Reused Domains 80% More than 1 week 20% Less than 1 week 42% New 58% Reused
2018 Annual Cybersecurity Report • Menace Interne
Insider Threat Machine learning algorithms can greatly help detect internal malicious actors 62% occur outside of normal work hours 5200 docs per user / 1.5 months PDFs were the most common file type “Data” was the most popular keyword in doc titles High* accuracy of malicious activity detection since June 2017
2018 Annual Cybersecurity Report • IOT
IT/OT Attack Sentiment 69% of organizations believe OT is a viable attack vector in 2018 • 20% believe it will be eventually • 10% believe it will remain in IT alone
ICS Vulnerabilities Being Connected to the Internet Known Vulnerabilities Rarely Patched Lack of Knowledge Too Specialized USB or DVD as Entry Point Threat actors are actively engaged in researching pivot points to facilitate future attacks Source: TrapX
2018 Annual Cybersecurity Report • Vulnerability Management
We need a better way to improve patch management processes High Severity Vulnerabilities and Patch Management High severity is driven by headlines MS17-010 Detections Patches double as organizations realize potential threat Exploited vulnerability makes headlines Microsoft warns of vulnerability NumberofDetections Month Source: Qualys
2018 Annual Cybersecurity Report • Gestion des alertes par les Defendants
Alerts 44%of Alerts are NOT Investigated 8% Experienced NO Security Alert 56% of Alerts are Investigated 34% of Investigated Alerts are Legitimate 51% of Legitimate Alerts are Remediated 93% Experienced Security Alert Uninvestigated alerts still create huge business risk 49%of Legitimate Alerts are NOT Remediated
2018 Annual Cybersecurity Report • Orchestration
Orchestration Challenges 8% 10% 21% 43% 55% 1-5 6-10 11-20 21-50 50+ Very Challenging 17% 24% 16% 42% 14% 25% 19% 14% 12% 27% Education Financial Services Government Healthcare Manufacturing Pharma Retail Telecom Transportation Utility/ Energy As the number of vendors increases, orchestration challenges grow
2018 Annual Cybersecurity Report • Defenders Still use Best of Breed Approach
Defenders Still Favor Best of Breed 72%use best-of- breed 28%use single vendor solution vs.
2018 Annual Cybersecurity Report • Defenders Approach
Strategic, Operational, and Tactical Issues 26% can be addressed by products alone 74% might also require people and/or processes to address People Products Policies An overemphasis on product solutions can leave openings for attackers
The Need for Outsourcing In order to keep up, organizations are looking for outside help 54% Consulting (up 3%) 49% Monitoring (up 5%) 47% Incident Response (up 2%) Most Frequently Outsourced Services
Market Expectations: Threat Landscape The threat landscape to remain complex and challenging • Few predict radically new threats on the horizon, but they see more capable and more diabolical bad actors • Believe they’ll need ever more sophisticated security arsenals to keep they at bay
Market Expectations: Modern Workplace The modern workplace will continue to create conditions that favor the attackers • The footprint security executives must secure continues to expand • Employees increasingly carry their work (and the company’s data) with them wherever they go—a well- documented source of exposure • Clients, partners and suppliers all need secure access to corporate resources • With the increasing deployment of IoT sensors, etc., companies’ interfaces to the internet will multiply dramatically
Market Expectations: Scrutiny Additional scrutiny of their ability to secure the organization • Many expect they’ll be under additional scrutiny—from regulators, executives, stakeholders, partners and clients • Top scrutiny from Executive Leadership, Clients, and Business Partners (76%, each) • Several CISOs mention that the need to meet others’ expectations for accessibility puts increasing strains on staff • Current and potential clients can be particularly demanding of information regarding security processes and protocols
Market Expectations: Breaches Drive Budget Budgets will remain stable, unless a security breach drives unexpected investment • 51%: Budgets based on previous year’s budget • 51%: Organization’s security outcome objective • 46%: Percent of revenue • 47%: Breach drove improvements to a great extent !
Market Expectations: AI and Machine Learning More spending on AI/ML capabilities • AI, ML and automation are all increasingly desired and expected • 83%: Reliant on automation to reduce the level of effort to secure the organization • 74%: Reliant on AI to reduce the level of effort to secure the organization • CISOs expect to take increasing advantage of AI and robotics
Market Expectations: Outsourcing More reliance on outsourcing services • 53%: More cost efficient • 52%: Desire for more unbiased insight • 51%: More timely response to incidents
Observed Threats and TTD Cloud-based security technology has been a key factor in helping Cisco maintain a low median despite an increase in threat samples Cisco Annual Median TTD (Hours) 37.1 14 4.6 2015 2016 2017 Number of Observed Threat Samples 10x Increase 2016 2017
Adversary tactics are continuously evolving, using encryption and legitimate Internet services to conceal their activity and undermine traditional security technologies Lead from the top: executives/board set the security tone, culture Top 7 Actions: . Educate by roles for maximum benefit . Adhere to corporate policies, practices for application, system, and appliance patching . Assume ownership of IoT device security and add scanning for these devices to security reviews . Review, practice security response procedures . Back up data often, test restoration procedures . Review third-party efficacy testing of security technologies to reduce risk of supply chain attacks . Conduct security scanning of micro-service, cloud service, and application administration systems Conclusion/Recommendations
Download the Cisco 2018 Annual Cybersecurity Report cisco.com/go/acr2018

Recommended

TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...SaraPia5
 
[Webinar] Supercharging Security with Behavioral Analytics
[Webinar] Supercharging Security with Behavioral Analytics[Webinar] Supercharging Security with Behavioral Analytics
[Webinar] Supercharging Security with Behavioral AnalyticsInterset
 
Cyber Security Maturity Assessment
Cyber Security Maturity Assessment Cyber Security Maturity Assessment
Cyber Security Maturity AssessmentDoreen Loeber
 
Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David...
Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David...Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David...
Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David...North Texas Chapter of the ISSA
 
2018 Trends in Cybersecurity: Building Effective Security Teams
2018 Trends in Cybersecurity: Building Effective Security Teams 2018 Trends in Cybersecurity: Building Effective Security Teams
2018 Trends in Cybersecurity: Building Effective Security Teams CompTIA
 
Cyber Attack Survival
Cyber Attack SurvivalCyber Attack Survival
Cyber Attack SurvivalSkoda Minotti
 
Rise of Ransomware
Rise of Ransomware Rise of Ransomware
Rise of Ransomware Imperva
 
FireHost Webinar: Protect Your Application With Intelligent Security
FireHost Webinar: Protect Your Application With Intelligent SecurityFireHost Webinar: Protect Your Application With Intelligent Security
FireHost Webinar: Protect Your Application With Intelligent SecurityArmor
 

Recommended

TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...
TIC-TOC: Disrupt the Threat Management Conversation with Dominique Singer and...SaraPia5
 
[Webinar] Supercharging Security with Behavioral Analytics
[Webinar] Supercharging Security with Behavioral Analytics[Webinar] Supercharging Security with Behavioral Analytics
[Webinar] Supercharging Security with Behavioral AnalyticsInterset
 
Cyber Security Maturity Assessment
Cyber Security Maturity Assessment Cyber Security Maturity Assessment
Cyber Security Maturity AssessmentDoreen Loeber
 
Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David...
Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David...Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David...
Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David...North Texas Chapter of the ISSA
 
2018 Trends in Cybersecurity: Building Effective Security Teams
2018 Trends in Cybersecurity: Building Effective Security Teams 2018 Trends in Cybersecurity: Building Effective Security Teams
2018 Trends in Cybersecurity: Building Effective Security Teams CompTIA
 
Cyber Attack Survival
Cyber Attack SurvivalCyber Attack Survival
Cyber Attack SurvivalSkoda Minotti
 
Rise of Ransomware
Rise of Ransomware Rise of Ransomware
Rise of Ransomware Imperva
 
FireHost Webinar: Protect Your Application With Intelligent Security
FireHost Webinar: Protect Your Application With Intelligent SecurityFireHost Webinar: Protect Your Application With Intelligent Security
FireHost Webinar: Protect Your Application With Intelligent SecurityArmor
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...IBM Security
 
Community IT Webinar: Working with an Outsourced IT Manager
Community IT Webinar: Working with an Outsourced IT ManagerCommunity IT Webinar: Working with an Outsourced IT Manager
Community IT Webinar: Working with an Outsourced IT ManagerCommunity IT Innovators
 
Insights from 2016 Cyberthreat Defense Report
Insights from 2016 Cyberthreat Defense ReportInsights from 2016 Cyberthreat Defense Report
Insights from 2016 Cyberthreat Defense ReportStephanie Brannan
 
5 Key Findings on Advanced Threats
5 Key Findings on Advanced Threats5 Key Findings on Advanced Threats
5 Key Findings on Advanced ThreatsHannah Jenney
 
Steel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. Hawkins
Steel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. HawkinsSteel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. Hawkins
Steel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. Hawkinslthawkins
 
Survey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecuritySurvey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecurityImperva
 
Cisco Connect 2018 Philippines - security keynote
Cisco Connect 2018 Philippines - security keynoteCisco Connect 2018 Philippines - security keynote
Cisco Connect 2018 Philippines - security keynoteNetworkCollaborators
 
Cybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyCybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyImperva
 
Imperva ppt
Imperva pptImperva ppt
Imperva pptImperva
 
Companies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPRCompanies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPRImperva
 
Cyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DayCyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DaySymantec
 
The State of Ransomware 2020
The State of Ransomware 2020The State of Ransomware 2020
The State of Ransomware 2020Netpluz Asia Pte Ltd
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planCameron Forbes Over
 
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...Outpost24
 
Edgescan 2021 Vulnerability Stats Report
Edgescan 2021 Vulnerability Stats ReportEdgescan 2021 Vulnerability Stats Report
Edgescan 2021 Vulnerability Stats ReportEoin Keary
 
Community IT - Crafting Nonprofit IT Security Policy
Community IT - Crafting Nonprofit IT Security PolicyCommunity IT - Crafting Nonprofit IT Security Policy
Community IT - Crafting Nonprofit IT Security PolicyCommunity IT Innovators
 
Security metrics 2
Security metrics 2Security metrics 2
Security metrics 2Manish Kumar
 
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015Phil Agcaoili
 
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...Nur Shiqim Chok
 
Cybersecurity Training for Nonprofits
Cybersecurity Training for NonprofitsCybersecurity Training for Nonprofits
Cybersecurity Training for NonprofitsCommunity IT Innovators
 
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...SolarWinds
 
Cybersecurity Quarterly Benchmarks Q1 2022
Cybersecurity Quarterly Benchmarks Q1 2022Cybersecurity Quarterly Benchmarks Q1 2022
Cybersecurity Quarterly Benchmarks Q1 2022Gartner Peer Insights
 

More Related Content

What's hot

Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...IBM Security
 
Community IT Webinar: Working with an Outsourced IT Manager
Community IT Webinar: Working with an Outsourced IT ManagerCommunity IT Webinar: Working with an Outsourced IT Manager
Community IT Webinar: Working with an Outsourced IT ManagerCommunity IT Innovators
 
Insights from 2016 Cyberthreat Defense Report
Insights from 2016 Cyberthreat Defense ReportInsights from 2016 Cyberthreat Defense Report
Insights from 2016 Cyberthreat Defense ReportStephanie Brannan
 
5 Key Findings on Advanced Threats
5 Key Findings on Advanced Threats5 Key Findings on Advanced Threats
5 Key Findings on Advanced ThreatsHannah Jenney
 
Steel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. Hawkins
Steel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. HawkinsSteel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. Hawkins
Steel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. Hawkinslthawkins
 
Survey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecuritySurvey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecurityImperva
 
Cisco Connect 2018 Philippines - security keynote
Cisco Connect 2018 Philippines - security keynoteCisco Connect 2018 Philippines - security keynote
Cisco Connect 2018 Philippines - security keynoteNetworkCollaborators
 
Cybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyCybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyImperva
 
Imperva ppt
Imperva pptImperva ppt
Imperva pptImperva
 
Companies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPRCompanies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPRImperva
 
Cyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DayCyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DaySymantec
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planCameron Forbes Over
 
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...Outpost24
 
Edgescan 2021 Vulnerability Stats Report
Edgescan 2021 Vulnerability Stats ReportEdgescan 2021 Vulnerability Stats Report
Edgescan 2021 Vulnerability Stats ReportEoin Keary
 
Community IT - Crafting Nonprofit IT Security Policy
Community IT - Crafting Nonprofit IT Security PolicyCommunity IT - Crafting Nonprofit IT Security Policy
Community IT - Crafting Nonprofit IT Security PolicyCommunity IT Innovators
 
Security metrics 2
Security metrics 2Security metrics 2
Security metrics 2Manish Kumar
 
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015Phil Agcaoili
 
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...Nur Shiqim Chok
 

What's hot (20)

Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
 
Community IT Webinar: Working with an Outsourced IT Manager
Community IT Webinar: Working with an Outsourced IT ManagerCommunity IT Webinar: Working with an Outsourced IT Manager
Community IT Webinar: Working with an Outsourced IT Manager
 
Insights from 2016 Cyberthreat Defense Report
Insights from 2016 Cyberthreat Defense ReportInsights from 2016 Cyberthreat Defense Report
Insights from 2016 Cyberthreat Defense Report
 
5 Key Findings on Advanced Threats
5 Key Findings on Advanced Threats5 Key Findings on Advanced Threats
5 Key Findings on Advanced Threats
 
Steel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. Hawkins
Steel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. HawkinsSteel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. Hawkins
Steel Point Solutions IAS Track 3 "Sustaining a Cyber Workforce" by L.T. Hawkins
 
Survey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecuritySurvey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber Security
 
Cisco Connect 2018 Philippines - security keynote
Cisco Connect 2018 Philippines - security keynoteCisco Connect 2018 Philippines - security keynote
Cisco Connect 2018 Philippines - security keynote
 
Cybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyCybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 Survey
 
Imperva ppt
Imperva pptImperva ppt
Imperva ppt
 
Companies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPRCompanies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPR
 
Cyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DayCyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO Day
 
The State of Ransomware 2020
The State of Ransomware 2020The State of Ransomware 2020
The State of Ransomware 2020
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit plan
 
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
Outpost24 webinar - The new CISO imperative: connecting technical vulnerabili...
 
Edgescan 2021 Vulnerability Stats Report
Edgescan 2021 Vulnerability Stats ReportEdgescan 2021 Vulnerability Stats Report
Edgescan 2021 Vulnerability Stats Report
 
Community IT - Crafting Nonprofit IT Security Policy
Community IT - Crafting Nonprofit IT Security PolicyCommunity IT - Crafting Nonprofit IT Security Policy
Community IT - Crafting Nonprofit IT Security Policy
 
Security metrics 2
Security metrics 2Security metrics 2
Security metrics 2
 
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
 
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...
[Cisco Connect 2018 - Vietnam] Pauline hampshire vietnam cisco connect with...
 
Cybersecurity Training for Nonprofits
Cybersecurity Training for NonprofitsCybersecurity Training for Nonprofits
Cybersecurity Training for Nonprofits
 

Similar to Conférence CISCO ACSS 2018

Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...SolarWinds
 
Cybersecurity Quarterly Benchmarks Q1 2022
Cybersecurity Quarterly Benchmarks Q1 2022Cybersecurity Quarterly Benchmarks Q1 2022
Cybersecurity Quarterly Benchmarks Q1 2022Gartner Peer Insights
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Cristian Garcia G.
 
Security Incident Response Readiness Survey
Security Incident Response Readiness Survey Security Incident Response Readiness Survey
Security Incident Response Readiness Survey Rahul Neel Mani
 
Reporte de Seguridad de Cisco 2016
Reporte de Seguridad de Cisco 2016Reporte de Seguridad de Cisco 2016
Reporte de Seguridad de Cisco 2016Oscar Romano
 
The top challenges to expect in network security in 2019 survey report
The top challenges to expect in network security in 2019 survey report The top challenges to expect in network security in 2019 survey report
The top challenges to expect in network security in 2019 survey report Bricata, Inc.
 
Eliminate the 49% of Documents that Contain Data Breaches Webinar
Eliminate the 49% of Documents that Contain Data Breaches WebinarEliminate the 49% of Documents that Contain Data Breaches Webinar
Eliminate the 49% of Documents that Contain Data Breaches WebinarConcept Searching, Inc
 
Security Whack-a-Mole: SANS 2017 Threat Landscape Survey
Security Whack-a-Mole: SANS 2017 Threat Landscape SurveySecurity Whack-a-Mole: SANS 2017 Threat Landscape Survey
Security Whack-a-Mole: SANS 2017 Threat Landscape SurveyQualys
 
Check point security stock pitch greer, scudieri (1) (1)
Check point security stock pitch greer, scudieri (1) (1)Check point security stock pitch greer, scudieri (1) (1)
Check point security stock pitch greer, scudieri (1) (1)Robert Greer
 
Check Point Software Stock Pitch Greer, Scudieri
Check Point Software Stock Pitch Greer, ScudieriCheck Point Software Stock Pitch Greer, Scudieri
Check Point Software Stock Pitch Greer, ScudieriAnthony Scudieri
 
Federal Webinar: Best Practices and Tools for Reducing Insider Threats
Federal Webinar: Best Practices and Tools for Reducing Insider ThreatsFederal Webinar: Best Practices and Tools for Reducing Insider Threats
Federal Webinar: Best Practices and Tools for Reducing Insider ThreatsSolarWinds
 
Cybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 Trends
Cybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 TrendsCybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 Trends
Cybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 TrendsIvanti
 
Fintech Belgium - MeetUp on The Right Tech for your FinTech - Philippe Cornet...
Fintech Belgium - MeetUp on The Right Tech for your FinTech - Philippe Cornet...Fintech Belgium - MeetUp on The Right Tech for your FinTech - Philippe Cornet...
Fintech Belgium - MeetUp on The Right Tech for your FinTech - Philippe Cornet...FinTech Belgium
 
CompTIA International Trends in Cybersecurity
CompTIA International Trends in CybersecurityCompTIA International Trends in Cybersecurity
CompTIA International Trends in CybersecurityCompTIA
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
 
Nonprofit Cybersecurity Risk Assessment Basics
Nonprofit Cybersecurity Risk Assessment BasicsNonprofit Cybersecurity Risk Assessment Basics
Nonprofit Cybersecurity Risk Assessment BasicsCommunity IT Innovators
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planCameron Forbes Over
 
EndpointSecurityConcerns2014
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014Peggy Lawless
 
Security metrics
Security metrics Security metrics
Security metrics PRAYAGRAJ11
 

Similar to Conférence CISCO ACSS 2018 (20)

Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
 
Cybersecurity Quarterly Benchmarks Q1 2022
Cybersecurity Quarterly Benchmarks Q1 2022Cybersecurity Quarterly Benchmarks Q1 2022
Cybersecurity Quarterly Benchmarks Q1 2022
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
 
Security Incident Response Readiness Survey
Security Incident Response Readiness Survey Security Incident Response Readiness Survey
Security Incident Response Readiness Survey
 
Reporte de Seguridad de Cisco 2016
Reporte de Seguridad de Cisco 2016Reporte de Seguridad de Cisco 2016
Reporte de Seguridad de Cisco 2016
 
The top challenges to expect in network security in 2019 survey report
The top challenges to expect in network security in 2019 survey report The top challenges to expect in network security in 2019 survey report
The top challenges to expect in network security in 2019 survey report
 
Eliminate the 49% of Documents that Contain Data Breaches Webinar
Eliminate the 49% of Documents that Contain Data Breaches WebinarEliminate the 49% of Documents that Contain Data Breaches Webinar
Eliminate the 49% of Documents that Contain Data Breaches Webinar
 
Security Whack-a-Mole: SANS 2017 Threat Landscape Survey
Security Whack-a-Mole: SANS 2017 Threat Landscape SurveySecurity Whack-a-Mole: SANS 2017 Threat Landscape Survey
Security Whack-a-Mole: SANS 2017 Threat Landscape Survey
 
Check point security stock pitch greer, scudieri (1) (1)
Check point security stock pitch greer, scudieri (1) (1)Check point security stock pitch greer, scudieri (1) (1)
Check point security stock pitch greer, scudieri (1) (1)
 
Check Point Software Stock Pitch Greer, Scudieri
Check Point Software Stock Pitch Greer, ScudieriCheck Point Software Stock Pitch Greer, Scudieri
Check Point Software Stock Pitch Greer, Scudieri
 
Emerging Trends in Application Security
Emerging Trends in Application Security Emerging Trends in Application Security
Emerging Trends in Application Security
 
Federal Webinar: Best Practices and Tools for Reducing Insider Threats
Federal Webinar: Best Practices and Tools for Reducing Insider ThreatsFederal Webinar: Best Practices and Tools for Reducing Insider Threats
Federal Webinar: Best Practices and Tools for Reducing Insider Threats
 
Cybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 Trends
Cybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 TrendsCybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 Trends
Cybersercurity Resource Allocation & Efficacy Index: 2020 - 2021 Trends
 
Fintech Belgium - MeetUp on The Right Tech for your FinTech - Philippe Cornet...
Fintech Belgium - MeetUp on The Right Tech for your FinTech - Philippe Cornet...Fintech Belgium - MeetUp on The Right Tech for your FinTech - Philippe Cornet...
Fintech Belgium - MeetUp on The Right Tech for your FinTech - Philippe Cornet...
 
CompTIA International Trends in Cybersecurity
CompTIA International Trends in CybersecurityCompTIA International Trends in Cybersecurity
CompTIA International Trends in Cybersecurity
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
 
Nonprofit Cybersecurity Risk Assessment Basics
Nonprofit Cybersecurity Risk Assessment BasicsNonprofit Cybersecurity Risk Assessment Basics
Nonprofit Cybersecurity Risk Assessment Basics
 
Final presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit planFinal presentation january iia cybersecurity securing your 2016 audit plan
Final presentation january iia cybersecurity securing your 2016 audit plan
 
EndpointSecurityConcerns2014
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014
 
Security metrics
Security metrics Security metrics
Security metrics
 

More from African Cyber Security Summit

Conférence - Les enjeux et la vision de Veritas sur la protection des donnée...
Conférence - Les enjeux et la vision de Veritas sur la protection des donnée...Conférence - Les enjeux et la vision de Veritas sur la protection des donnée...
Conférence - Les enjeux et la vision de Veritas sur la protection des donnée...African Cyber Security Summit
 
Conférence - Arbor Edge Defense, Première et dernière ligne de défense intell...
Conférence - Arbor Edge Defense, Première et dernière ligne de défense intell...Conférence - Arbor Edge Defense, Première et dernière ligne de défense intell...
Conférence - Arbor Edge Defense, Première et dernière ligne de défense intell...African Cyber Security Summit
 
Conférence - Loi 18-07 du 10 Juin 2018 : la protection des données à caractèr...
Conférence - Loi 18-07 du 10 Juin 2018 : la protection des données à caractèr...Conférence - Loi 18-07 du 10 Juin 2018 : la protection des données à caractèr...
Conférence - Loi 18-07 du 10 Juin 2018 : la protection des données à caractèr...African Cyber Security Summit
 
Conférence - Le métier du RSSI en pleine évolution - #ACSS2019
Conférence - Le métier du RSSI en pleine évolution - #ACSS2019Conférence - Le métier du RSSI en pleine évolution - #ACSS2019
Conférence - Le métier du RSSI en pleine évolution - #ACSS2019African Cyber Security Summit
 
Conférence - Vecteurs d'attaques basées sur les navigateurs et comment se pro...
Conférence - Vecteurs d'attaques basées sur les navigateurs et comment se pro...Conférence - Vecteurs d'attaques basées sur les navigateurs et comment se pro...
Conférence - Vecteurs d'attaques basées sur les navigateurs et comment se pro...African Cyber Security Summit
 
Conférence - Pourquoi le PAM (Privileged Access Management) doit-il être le s...
Conférence - Pourquoi le PAM (Privileged Access Management) doit-il être le s...Conférence - Pourquoi le PAM (Privileged Access Management) doit-il être le s...
Conférence - Pourquoi le PAM (Privileged Access Management) doit-il être le s...African Cyber Security Summit
 
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019African Cyber Security Summit
 
Conférence - Digital Identity and Blockchain - #ACSS2019
Conférence - Digital Identity and Blockchain - #ACSS2019Conférence - Digital Identity and Blockchain - #ACSS2019
Conférence - Digital Identity and Blockchain - #ACSS2019African Cyber Security Summit
 

More from African Cyber Security Summit (20)

Bilan & Perspectives #ACSS2019
Bilan & Perspectives #ACSS2019Bilan & Perspectives #ACSS2019
Bilan & Perspectives #ACSS2019
 
Rapport de Visibilité #ACSS2019
Rapport de Visibilité #ACSS2019Rapport de Visibilité #ACSS2019
Rapport de Visibilité #ACSS2019
 
Atelier Technique - F5 - #ACSS2019
Atelier Technique - F5 - #ACSS2019Atelier Technique - F5 - #ACSS2019
Atelier Technique - F5 - #ACSS2019
 
Atelier Technique - F5 - #ACSS2019
Atelier Technique - F5 - #ACSS2019Atelier Technique - F5 - #ACSS2019
Atelier Technique - F5 - #ACSS2019
 
Atelier Technique - Symantec - #ACSS2019
Atelier Technique - Symantec - #ACSS2019Atelier Technique - Symantec - #ACSS2019
Atelier Technique - Symantec - #ACSS2019
 
Conférence - Les enjeux et la vision de Veritas sur la protection des donnée...
Conférence - Les enjeux et la vision de Veritas sur la protection des donnée...Conférence - Les enjeux et la vision de Veritas sur la protection des donnée...
Conférence - Les enjeux et la vision de Veritas sur la protection des donnée...
 
Conférence - Arbor Edge Defense, Première et dernière ligne de défense intell...
Conférence - Arbor Edge Defense, Première et dernière ligne de défense intell...Conférence - Arbor Edge Defense, Première et dernière ligne de défense intell...
Conférence - Arbor Edge Defense, Première et dernière ligne de défense intell...
 
Conférence - Loi 18-07 du 10 Juin 2018 : la protection des données à caractèr...
Conférence - Loi 18-07 du 10 Juin 2018 : la protection des données à caractèr...Conférence - Loi 18-07 du 10 Juin 2018 : la protection des données à caractèr...
Conférence - Loi 18-07 du 10 Juin 2018 : la protection des données à caractèr...
 
Conférence - Le métier du RSSI en pleine évolution - #ACSS2019
Conférence - Le métier du RSSI en pleine évolution - #ACSS2019Conférence - Le métier du RSSI en pleine évolution - #ACSS2019
Conférence - Le métier du RSSI en pleine évolution - #ACSS2019
 
Conférence - Vecteurs d'attaques basées sur les navigateurs et comment se pro...
Conférence - Vecteurs d'attaques basées sur les navigateurs et comment se pro...Conférence - Vecteurs d'attaques basées sur les navigateurs et comment se pro...
Conférence - Vecteurs d'attaques basées sur les navigateurs et comment se pro...
 
Conférence - Pourquoi le PAM (Privileged Access Management) doit-il être le s...
Conférence - Pourquoi le PAM (Privileged Access Management) doit-il être le s...Conférence - Pourquoi le PAM (Privileged Access Management) doit-il être le s...
Conférence - Pourquoi le PAM (Privileged Access Management) doit-il être le s...
 
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019
 
Conférence - Digital Identity and Blockchain - #ACSS2019
Conférence - Digital Identity and Blockchain - #ACSS2019Conférence - Digital Identity and Blockchain - #ACSS2019
Conférence - Digital Identity and Blockchain - #ACSS2019
 
Bilan & Perspectives - ACSS 2018
Bilan & Perspectives - ACSS 2018Bilan & Perspectives - ACSS 2018
Bilan & Perspectives - ACSS 2018
 
Rapport de Visibilité ACCS 2018
Rapport de Visibilité ACCS 2018Rapport de Visibilité ACCS 2018
Rapport de Visibilité ACCS 2018
 
Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018
 
Atelier Technique SYMANTEC ACSS 2018
Atelier Technique SYMANTEC ACSS 2018Atelier Technique SYMANTEC ACSS 2018
Atelier Technique SYMANTEC ACSS 2018
 
Atelier Technique MANAGE ENGINE ACSS 2018
Atelier Technique MANAGE ENGINE ACSS 2018Atelier Technique MANAGE ENGINE ACSS 2018
Atelier Technique MANAGE ENGINE ACSS 2018
 
Atelier Technique EXTREME NETWORKS ACSS 2018
Atelier Technique EXTREME NETWORKS ACSS 2018Atelier Technique EXTREME NETWORKS ACSS 2018
Atelier Technique EXTREME NETWORKS ACSS 2018
 
Atelier Technique WALLIX ACSS 2018
Atelier Technique WALLIX ACSS 2018Atelier Technique WALLIX ACSS 2018
Atelier Technique WALLIX ACSS 2018
 

Recently uploaded

Chiulli_Aurora_Oman_Raffaele_Beowulf.pptx
Chiulli_Aurora_Oman_Raffaele_Beowulf.pptxChiulli_Aurora_Oman_Raffaele_Beowulf.pptx
Chiulli_Aurora_Oman_Raffaele_Beowulf.pptxraffaeleoman
 
Causes of poverty in France presentation.pptx
Causes of poverty in France presentation.pptxCauses of poverty in France presentation.pptx
Causes of poverty in France presentation.pptxCamilleBoulbin1
 
My Presentation "In Your Hands" by Halle Bailey
My Presentation "In Your Hands" by Halle BaileyMy Presentation "In Your Hands" by Halle Bailey
My Presentation "In Your Hands" by Halle Baileyhlharris
 
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara ServicesVVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara ServicesPooja Nehwal
 
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Hasting Chen
 
The workplace ecosystem of the future 24.4.2024 Fabritius_share ii.pdf
The workplace ecosystem of the future 24.4.2024 Fabritius_share ii.pdfThe workplace ecosystem of the future 24.4.2024 Fabritius_share ii.pdf
The workplace ecosystem of the future 24.4.2024 Fabritius_share ii.pdfSenaatti-kiinteistöt
 
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort ServiceDelhi Call girls
 
Dreaming Marissa Sánchez Music Video Treatment
Dreaming Marissa Sánchez Music Video TreatmentDreaming Marissa Sánchez Music Video Treatment
Dreaming Marissa Sánchez Music Video Treatmentnswingard
 
Introduction to Prompt Engineering (Focusing on ChatGPT)
Introduction to Prompt Engineering (Focusing on ChatGPT)Introduction to Prompt Engineering (Focusing on ChatGPT)
Introduction to Prompt Engineering (Focusing on ChatGPT)Chameera Dedduwage
 
Busty Desi⚡Call Girls in Sector 51 Noida Escorts >༒8448380779 Escort Service-...
Busty Desi⚡Call Girls in Sector 51 Noida Escorts >༒8448380779 Escort Service-...Busty Desi⚡Call Girls in Sector 51 Noida Escorts >༒8448380779 Escort Service-...
Busty Desi⚡Call Girls in Sector 51 Noida Escorts >༒8448380779 Escort Service-...Delhi Call girls
 
Thirunelveli call girls Tamil escorts 7877702510
Thirunelveli call girls Tamil escorts 7877702510Thirunelveli call girls Tamil escorts 7877702510
Thirunelveli call girls Tamil escorts 7877702510Vipesco
 
If this Giant Must Walk: A Manifesto for a New Nigeria
If this Giant Must Walk: A Manifesto for a New NigeriaIf this Giant Must Walk: A Manifesto for a New Nigeria
If this Giant Must Walk: A Manifesto for a New NigeriaKayode Fayemi
 
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...Sheetaleventcompany
 
Air breathing and respiratory adaptations in diver animals
Air breathing and respiratory adaptations in diver animalsAir breathing and respiratory adaptations in diver animals
Air breathing and respiratory adaptations in diver animalsaqsarehman5055
 
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docxANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docxNikitaBankoti2
 
AWS Data Engineer Associate (DEA-C01) Exam Dumps 2024.pdf
AWS Data Engineer Associate (DEA-C01) Exam Dumps 2024.pdfAWS Data Engineer Associate (DEA-C01) Exam Dumps 2024.pdf
AWS Data Engineer Associate (DEA-C01) Exam Dumps 2024.pdfSkillCertProExams
 
SaaStr Workshop Wednesday w/ Lucas Price, Yardstick
SaaStr Workshop Wednesday w/ Lucas Price, YardstickSaaStr Workshop Wednesday w/ Lucas Price, Yardstick
SaaStr Workshop Wednesday w/ Lucas Price, Yardsticksaastr
 
Dreaming Music Video Treatment _ Project & Portfolio III
Dreaming Music Video Treatment _ Project & Portfolio IIIDreaming Music Video Treatment _ Project & Portfolio III
Dreaming Music Video Treatment _ Project & Portfolio IIINhPhngng3
 
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night EnjoyCall Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night EnjoyPooja Nehwal
 

Recently uploaded (20)

Chiulli_Aurora_Oman_Raffaele_Beowulf.pptx
Chiulli_Aurora_Oman_Raffaele_Beowulf.pptxChiulli_Aurora_Oman_Raffaele_Beowulf.pptx
Chiulli_Aurora_Oman_Raffaele_Beowulf.pptx
 
Causes of poverty in France presentation.pptx
Causes of poverty in France presentation.pptxCauses of poverty in France presentation.pptx
Causes of poverty in France presentation.pptx
 
My Presentation "In Your Hands" by Halle Bailey
My Presentation "In Your Hands" by Halle BaileyMy Presentation "In Your Hands" by Halle Bailey
My Presentation "In Your Hands" by Halle Bailey
 
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara ServicesVVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
 
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
 
The workplace ecosystem of the future 24.4.2024 Fabritius_share ii.pdf
The workplace ecosystem of the future 24.4.2024 Fabritius_share ii.pdfThe workplace ecosystem of the future 24.4.2024 Fabritius_share ii.pdf
The workplace ecosystem of the future 24.4.2024 Fabritius_share ii.pdf
 
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
 
Dreaming Marissa Sánchez Music Video Treatment
Dreaming Marissa Sánchez Music Video TreatmentDreaming Marissa Sánchez Music Video Treatment
Dreaming Marissa Sánchez Music Video Treatment
 
Introduction to Prompt Engineering (Focusing on ChatGPT)
Introduction to Prompt Engineering (Focusing on ChatGPT)Introduction to Prompt Engineering (Focusing on ChatGPT)
Introduction to Prompt Engineering (Focusing on ChatGPT)
 
ICT role in 21st century education and it's challenges.pdf
ICT role in 21st century education and it's challenges.pdfICT role in 21st century education and it's challenges.pdf
ICT role in 21st century education and it's challenges.pdf
 
Busty Desi⚡Call Girls in Sector 51 Noida Escorts >༒8448380779 Escort Service-...
Busty Desi⚡Call Girls in Sector 51 Noida Escorts >༒8448380779 Escort Service-...Busty Desi⚡Call Girls in Sector 51 Noida Escorts >༒8448380779 Escort Service-...
Busty Desi⚡Call Girls in Sector 51 Noida Escorts >༒8448380779 Escort Service-...
 
Thirunelveli call girls Tamil escorts 7877702510
Thirunelveli call girls Tamil escorts 7877702510Thirunelveli call girls Tamil escorts 7877702510
Thirunelveli call girls Tamil escorts 7877702510
 
If this Giant Must Walk: A Manifesto for a New Nigeria
If this Giant Must Walk: A Manifesto for a New NigeriaIf this Giant Must Walk: A Manifesto for a New Nigeria
If this Giant Must Walk: A Manifesto for a New Nigeria
 
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
 
Air breathing and respiratory adaptations in diver animals
Air breathing and respiratory adaptations in diver animalsAir breathing and respiratory adaptations in diver animals
Air breathing and respiratory adaptations in diver animals
 
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docxANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
 
AWS Data Engineer Associate (DEA-C01) Exam Dumps 2024.pdf
AWS Data Engineer Associate (DEA-C01) Exam Dumps 2024.pdfAWS Data Engineer Associate (DEA-C01) Exam Dumps 2024.pdf
AWS Data Engineer Associate (DEA-C01) Exam Dumps 2024.pdf
 
SaaStr Workshop Wednesday w/ Lucas Price, Yardstick
SaaStr Workshop Wednesday w/ Lucas Price, YardstickSaaStr Workshop Wednesday w/ Lucas Price, Yardstick
SaaStr Workshop Wednesday w/ Lucas Price, Yardstick
 
Dreaming Music Video Treatment _ Project & Portfolio III
Dreaming Music Video Treatment _ Project & Portfolio IIIDreaming Music Video Treatment _ Project & Portfolio III
Dreaming Music Video Treatment _ Project & Portfolio III
 
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night EnjoyCall Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
 

Conférence CISCO ACSS 2018

  • 1. Oran – 4 Avril 2018 Consultant Securite Afrique Cisco 2018 Annual Cybersecurity Report Tendances Chez les Attaquants et chez les Defendants Babacar Wagne
  • 2. 2018 Annual Cybersecurity Report • Unprecedented levels of sophistication and impact • Becoming more adept at evasion • Exploiting new technology security gaps
  • 3. 2018 Annual Cybersecurity Report • Visibilite – Traffic Encrypte
  • 4. Malicious Binaries and Encryption Increase November 2016 Attackers embrace encryption to conceal their command-and-control activity 19% 12% Increase 268%70% 50% 38% Global Encrypted Web Traffic Malicious Sandbox Binaries with Encryption October 2017
  • 5. 2018 Annual Cybersecurity Report • What files are being used in mails?
  • 6. Malicious Documents in Email January-May June-October Compared usage of malicious attachments from first portion of 2017 to second Office 55% Archive 415% PDF 255%
  • 7. 2018 Annual Cybersecurity Report • Techniques d’evasion dans les Sandboxes
  • 8. Sandbox Evasion Patterns Attackers are constantly testing sandbox evasion techniques Document Close Doc Embedded in PDF Malicious Samples Total Samples Oct 2016 Volume Volume Oct 2017 Oct 2016 Oct 2017
  • 9. 2018 Annual Cybersecurity Report • Nouveaux Types de Malware
  • 10. Network-based Ransomware Network-Based Ransomware Worm WannaCry and Nyetya: rapid-moving, self-propagating network-based attacks With active, unpatched machines, these automated worms will attack again. Have you secured your network?
  • 11. 2018 Annual Cybersecurity Report • Utilisation du Cloud
  • 12. 53% manage over half of their infrastructure in the cloud Ease of use (46%) Scalability (48%) Lack of internal workforce (41%) Better security (57%) Appeal: The Cloud Organizations increase reliance on the cloud
  • 13. Malicious Use of Legitimate Resources Adaptability Subverts Domain and Certificate Intelligence Easy Setup Whitelisted IP Address Cybercriminals are adopting command-and-control channels that rely on legitimate Internet services, making malware traffic almost impossible to shut down Reduce Burning Infrastructure Leverage Encryption for C2 Source: Anomali
  • 14. 2018 Annual Cybersecurity Report • DDoS
  • 15. IoT and DDos Application-layer attacks are rising, network-layer attacks are declining Burst attacks are increasing Amplification attacks • Complexity • Frequency • Duration 2/5of businesses experienced a reflection amplification attack in 2017 of those organizations mitigated the attacks2/3 Source: Radware
  • 16. 2018 Annual Cybersecurity Report • Utilisation des Domaines
  • 17. How Malicious Actors Leverage Domains 60%Spam 20%Malvertising 20%Other Organizations need to minimize access to malicious domains Type of Attack RLD Registered Times New or Reused Domains 80% More than 1 week 20% Less than 1 week 42% New 58% Reused
  • 18. 2018 Annual Cybersecurity Report • Menace Interne
  • 19. Insider Threat Machine learning algorithms can greatly help detect internal malicious actors 62% occur outside of normal work hours 5200 docs per user / 1.5 months PDFs were the most common file type “Data” was the most popular keyword in doc titles High* accuracy of malicious activity detection since June 2017
  • 20. 2018 Annual Cybersecurity Report • IOT
  • 21. IT/OT Attack Sentiment 69% of organizations believe OT is a viable attack vector in 2018 • 20% believe it will be eventually • 10% believe it will remain in IT alone
  • 22. ICS Vulnerabilities Being Connected to the Internet Known Vulnerabilities Rarely Patched Lack of Knowledge Too Specialized USB or DVD as Entry Point Threat actors are actively engaged in researching pivot points to facilitate future attacks Source: TrapX
  • 23. 2018 Annual Cybersecurity Report • Vulnerability Management
  • 24. We need a better way to improve patch management processes High Severity Vulnerabilities and Patch Management High severity is driven by headlines MS17-010 Detections Patches double as organizations realize potential threat Exploited vulnerability makes headlines Microsoft warns of vulnerability NumberofDetections Month Source: Qualys
  • 25. 2018 Annual Cybersecurity Report • Gestion des alertes par les Defendants
  • 26. Alerts 44%of Alerts are NOT Investigated 8% Experienced NO Security Alert 56% of Alerts are Investigated 34% of Investigated Alerts are Legitimate 51% of Legitimate Alerts are Remediated 93% Experienced Security Alert Uninvestigated alerts still create huge business risk 49%of Legitimate Alerts are NOT Remediated
  • 27. 2018 Annual Cybersecurity Report • Orchestration
  • 28. Orchestration Challenges 8% 10% 21% 43% 55% 1-5 6-10 11-20 21-50 50+ Very Challenging 17% 24% 16% 42% 14% 25% 19% 14% 12% 27% Education Financial Services Government Healthcare Manufacturing Pharma Retail Telecom Transportation Utility/ Energy As the number of vendors increases, orchestration challenges grow
  • 29. 2018 Annual Cybersecurity Report • Defenders Still use Best of Breed Approach
  • 30. Defenders Still Favor Best of Breed 72%use best-of- breed 28%use single vendor solution vs.
  • 31. 2018 Annual Cybersecurity Report • Defenders Approach
  • 32. Strategic, Operational, and Tactical Issues 26% can be addressed by products alone 74% might also require people and/or processes to address People Products Policies An overemphasis on product solutions can leave openings for attackers
  • 33. The Need for Outsourcing In order to keep up, organizations are looking for outside help 54% Consulting (up 3%) 49% Monitoring (up 5%) 47% Incident Response (up 2%) Most Frequently Outsourced Services
  • 34. Market Expectations: Threat Landscape The threat landscape to remain complex and challenging • Few predict radically new threats on the horizon, but they see more capable and more diabolical bad actors • Believe they’ll need ever more sophisticated security arsenals to keep they at bay
  • 35. Market Expectations: Modern Workplace The modern workplace will continue to create conditions that favor the attackers • The footprint security executives must secure continues to expand • Employees increasingly carry their work (and the company’s data) with them wherever they go—a well- documented source of exposure • Clients, partners and suppliers all need secure access to corporate resources • With the increasing deployment of IoT sensors, etc., companies’ interfaces to the internet will multiply dramatically
  • 36. Market Expectations: Scrutiny Additional scrutiny of their ability to secure the organization • Many expect they’ll be under additional scrutiny—from regulators, executives, stakeholders, partners and clients • Top scrutiny from Executive Leadership, Clients, and Business Partners (76%, each) • Several CISOs mention that the need to meet others’ expectations for accessibility puts increasing strains on staff • Current and potential clients can be particularly demanding of information regarding security processes and protocols
  • 37. Market Expectations: Breaches Drive Budget Budgets will remain stable, unless a security breach drives unexpected investment • 51%: Budgets based on previous year’s budget • 51%: Organization’s security outcome objective • 46%: Percent of revenue • 47%: Breach drove improvements to a great extent !
  • 38. Market Expectations: AI and Machine Learning More spending on AI/ML capabilities • AI, ML and automation are all increasingly desired and expected • 83%: Reliant on automation to reduce the level of effort to secure the organization • 74%: Reliant on AI to reduce the level of effort to secure the organization • CISOs expect to take increasing advantage of AI and robotics
  • 39. Market Expectations: Outsourcing More reliance on outsourcing services • 53%: More cost efficient • 52%: Desire for more unbiased insight • 51%: More timely response to incidents
  • 40. Observed Threats and TTD Cloud-based security technology has been a key factor in helping Cisco maintain a low median despite an increase in threat samples Cisco Annual Median TTD (Hours) 37.1 14 4.6 2015 2016 2017 Number of Observed Threat Samples 10x Increase 2016 2017
  • 41. Adversary tactics are continuously evolving, using encryption and legitimate Internet services to conceal their activity and undermine traditional security technologies Lead from the top: executives/board set the security tone, culture Top 7 Actions: . Educate by roles for maximum benefit . Adhere to corporate policies, practices for application, system, and appliance patching . Assume ownership of IoT device security and add scanning for these devices to security reviews . Review, practice security response procedures . Back up data often, test restoration procedures . Review third-party efficacy testing of security technologies to reduce risk of supply chain attacks . Conduct security scanning of micro-service, cloud service, and application administration systems Conclusion/Recommendations
  • 42. Download the Cisco 2018 Annual Cybersecurity Report cisco.com/go/acr2018