SlideShare a Scribd company logo

Davitt Potter - CSA Arrow

Download as PPTX, PDF
T
Trish McGinity, CCSK

The Edge is Everywhere

Technology
1 of 16
www.cloudsecurityalliance.orgCopyright © 2016 Cloud Security Alliance The Edge is EverywhereSecurity and Risk Considerations of a Completely Connected World Davitt J. Potter Director, Engineering & Technical Services, Arrow Security
www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2015 Cloud Security Alliance What Edge?!
Security: Not just a buzzword anymore! When everything is connected to everything else, for better or for worse, everything matters. Source: Bruce Mau, Massive Change Any business that fails to invest heavily in the IoT in the next 10 years is unlikely to be able to remain competitive. Source: McKinsey A network of physical objects (things) that contain embedded technology to sense or interact with their internal state or external environment. The IoT comprises an ecosystem that includes things, communication, applications and data analysis. Source: Gartner
…Mind the gap! Meaning… what?
The Architecture of IoT
…Mind the gap! Meaning… what?
…Mind the gap! Meaning… what?  Gaps in visibility  Gaps in knowledge of the devices  Gaps in knowledge of activity
Who drives this bus, anyway? We still don’t do simple things well.  “Security is a process, not a product. Products provide some protection, but the only way to effectively do business in an insecure world is to put processes in place that recognize the inherent insecurity in the products. The trick is to reduce your risk of exposure regardless of the products or patches.” - Bruce Schneier, Information Security
Who drives this bus, anyway? We still don’t do simple things well.  “There is no patch for human stupidity.” – Various
Security cannot be an afterthought!  In the mad rush to connect everything, proper security controls and designs must be considered.  SHOULD a device be able to be seen by other devices? What is ‘proper’ traffic? What does normal traffic look like? Should it be segregated? Should it be encrypted?  Slow down – just a second.
Security cannot be an afterthought!  Have you designed a security strategy?  What policy or procedure does it fall under?  Who controls it?  Who does it talk to?  When does it talk?  What happens when you’re breached?
“This is what we call a target-rich environment…”  Look at all the edge devices to poke at!  If your edge device is breached, how do you know? Can you stop it at the gateway? Can you stop it at the device? Can you identify the data that was exfiltrated? Can you show me the ingress and egress paths?  Collector/aggregation points  Devices  Cloud-based systems
Or a security officer, or a network administrator, or… I’m a Security Analyst!  Is security awareness part of your organization at each level of IT? Do you provide options for visibility into security data for other roles, where relevant?  More eyes can discover “ah ha” moments. Automation helps cull the anomalies, but the human brain (thus far) still can make that intuitive leap.
Questions? Thank you! Davitt J. Potter dapotter@arrow.com Twitter: @DavittJPotter http://www.linkedin.com/in/davittjpotter

Recommended

How is ai important to the future of cyber security
How is ai important to the future of cyber security How is ai important to the future of cyber security
How is ai important to the future of cyber security Robert Smith
 
Cyber security and AI
Cyber security and AICyber security and AI
Cyber security and AIDexterJanPineda
 
Guardians of the future what should we do to secure future cyberspace
Guardians of the future what should we do to secure future cyberspace Guardians of the future what should we do to secure future cyberspace
Guardians of the future what should we do to secure future cyberspace Aladdin Dandis
 
Bankinfonews
BankinfonewsBankinfonews
BankinfonewsVikram Kalkat
 
Cybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already KnowCybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already Knowjxyz
 
Infographic: 5 Tips for Approaching Customers About Cloud Security
Infographic: 5 Tips for Approaching Customers About Cloud SecurityInfographic: 5 Tips for Approaching Customers About Cloud Security
Infographic: 5 Tips for Approaching Customers About Cloud SecurityIntronis MSP Solutions by Barracuda
 
NUS-ISS Learning Day 2019- AI and Cybersecurity – Solution or Threat?
NUS-ISS Learning Day 2019- AI and Cybersecurity – Solution or Threat?NUS-ISS Learning Day 2019- AI and Cybersecurity – Solution or Threat?
NUS-ISS Learning Day 2019- AI and Cybersecurity – Solution or Threat?NUS-ISS
 
Sizing the Cyber Skills Gap
Sizing the Cyber Skills GapSizing the Cyber Skills Gap
Sizing the Cyber Skills GapStephen Cobb
 

Recommended

How is ai important to the future of cyber security
How is ai important to the future of cyber security How is ai important to the future of cyber security
How is ai important to the future of cyber security Robert Smith
 
Cyber security and AI
Cyber security and AICyber security and AI
Cyber security and AIDexterJanPineda
 
Guardians of the future what should we do to secure future cyberspace
Guardians of the future what should we do to secure future cyberspace Guardians of the future what should we do to secure future cyberspace
Guardians of the future what should we do to secure future cyberspace Aladdin Dandis
 
Bankinfonews
BankinfonewsBankinfonews
BankinfonewsVikram Kalkat
 
Cybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already KnowCybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already Knowjxyz
 
Infographic: 5 Tips for Approaching Customers About Cloud Security
Infographic: 5 Tips for Approaching Customers About Cloud SecurityInfographic: 5 Tips for Approaching Customers About Cloud Security
Infographic: 5 Tips for Approaching Customers About Cloud SecurityIntronis MSP Solutions by Barracuda
 
NUS-ISS Learning Day 2019- AI and Cybersecurity – Solution or Threat?
NUS-ISS Learning Day 2019- AI and Cybersecurity – Solution or Threat?NUS-ISS Learning Day 2019- AI and Cybersecurity – Solution or Threat?
NUS-ISS Learning Day 2019- AI and Cybersecurity – Solution or Threat?NUS-ISS
 
Sizing the Cyber Skills Gap
Sizing the Cyber Skills GapSizing the Cyber Skills Gap
Sizing the Cyber Skills GapStephen Cobb
 
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...Netpluz Asia Pte Ltd
 
Privacy and Security by Design
Privacy and Security by DesignPrivacy and Security by Design
Privacy and Security by DesignUnisys Corporation
 
Digital Age-Preparing Yourself
Digital Age-Preparing YourselfDigital Age-Preparing Yourself
Digital Age-Preparing Yourselfjkl0202
 
State of the OpenCloud Report 2020
State of the OpenCloud Report 2020State of the OpenCloud Report 2020
State of the OpenCloud Report 2020Dharmesh Thakker
 
A collaborative security framework for software defined wireless sensor networks
A collaborative security framework for software defined wireless sensor networksA collaborative security framework for software defined wireless sensor networks
A collaborative security framework for software defined wireless sensor networksShakas Technologies
 
IoT in industry
IoT in industryIoT in industry
IoT in industryAlfred V Gilbert
 
Limitless xdr meetup
Limitless xdr meetupLimitless xdr meetup
Limitless xdr meetupDaliya Spasova
 
PKI for the People - a Beame.io Research Initiative
PKI for the People - a Beame.io Research InitiativePKI for the People - a Beame.io Research Initiative
PKI for the People - a Beame.io Research InitiativeSophia Tupolev
 
Cybersecurity | D-fend: Counter drone solution for urban environments
Cybersecurity | D-fend: Counter drone solution for urban environmentsCybersecurity | D-fend: Counter drone solution for urban environments
Cybersecurity | D-fend: Counter drone solution for urban environmentsVertex Holdings
 
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...CODE BLUE
 
MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...
MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...
MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...MITRE - ATT&CKcon
 
The view of auditor on cybercrime
The view of auditor on cybercrimeThe view of auditor on cybercrime
The view of auditor on cybercrimeMarc Vael
 
Strategically moving towards a secure hybrid it
Strategically moving towards a secure hybrid itStrategically moving towards a secure hybrid it
Strategically moving towards a secure hybrid itAvancercorp
 
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon SwainNTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon SwainNorth Texas Chapter of the ISSA
 
BISS - 11nov2011
BISS - 11nov2011BISS - 11nov2011
BISS - 11nov2011Agora Group
 
Anonymous two factor authentication in distributed systems certain goals are ...
Anonymous two factor authentication in distributed systems certain goals are ...Anonymous two factor authentication in distributed systems certain goals are ...
Anonymous two factor authentication in distributed systems certain goals are ...LeMeniz Infotech
 
Open Security and Privacy Reference Architecture
Open Security and Privacy Reference Architecture Open Security and Privacy Reference Architecture
Open Security and Privacy Reference Architecture Asim Jahan
 
Network security monitoring with open source tools
Network security monitoring with open source toolsNetwork security monitoring with open source tools
Network security monitoring with open source toolsterriert
 
Marcel van der Heijden - SpeedInvest & Aircloak - EU GDPR & Data Privacy Comp...
Marcel van der Heijden - SpeedInvest & Aircloak - EU GDPR & Data Privacy Comp...Marcel van der Heijden - SpeedInvest & Aircloak - EU GDPR & Data Privacy Comp...
Marcel van der Heijden - SpeedInvest & Aircloak - EU GDPR & Data Privacy Comp...Burton Lee
 
belajarnet.blogspot.com
belajarnet.blogspot.combelajarnet.blogspot.com
belajarnet.blogspot.comAl Kusno
 
Ordinanza halloween 2011
Ordinanza halloween 2011Ordinanza halloween 2011
Ordinanza halloween 2011Redazione Acquaviva Net
 
Tarea 1 1y2
Tarea 1 1y2Tarea 1 1y2
Tarea 1 1y2sergioaa2011
 

More Related Content

What's hot

Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...Netpluz Asia Pte Ltd
 
Privacy and Security by Design
Privacy and Security by DesignPrivacy and Security by Design
Privacy and Security by DesignUnisys Corporation
 
Digital Age-Preparing Yourself
Digital Age-Preparing YourselfDigital Age-Preparing Yourself
Digital Age-Preparing Yourselfjkl0202
 
State of the OpenCloud Report 2020
State of the OpenCloud Report 2020State of the OpenCloud Report 2020
State of the OpenCloud Report 2020Dharmesh Thakker
 
A collaborative security framework for software defined wireless sensor networks
A collaborative security framework for software defined wireless sensor networksA collaborative security framework for software defined wireless sensor networks
A collaborative security framework for software defined wireless sensor networksShakas Technologies
 
PKI for the People - a Beame.io Research Initiative
PKI for the People - a Beame.io Research InitiativePKI for the People - a Beame.io Research Initiative
PKI for the People - a Beame.io Research InitiativeSophia Tupolev
 
Cybersecurity | D-fend: Counter drone solution for urban environments
Cybersecurity | D-fend: Counter drone solution for urban environmentsCybersecurity | D-fend: Counter drone solution for urban environments
Cybersecurity | D-fend: Counter drone solution for urban environmentsVertex Holdings
 
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...CODE BLUE
 
MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...
MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...
MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...MITRE - ATT&CKcon
 
The view of auditor on cybercrime
The view of auditor on cybercrimeThe view of auditor on cybercrime
The view of auditor on cybercrimeMarc Vael
 
Strategically moving towards a secure hybrid it
Strategically moving towards a secure hybrid itStrategically moving towards a secure hybrid it
Strategically moving towards a secure hybrid itAvancercorp
 
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon SwainNTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon SwainNorth Texas Chapter of the ISSA
 
BISS - 11nov2011
BISS - 11nov2011BISS - 11nov2011
BISS - 11nov2011Agora Group
 
Anonymous two factor authentication in distributed systems certain goals are ...
Anonymous two factor authentication in distributed systems certain goals are ...Anonymous two factor authentication in distributed systems certain goals are ...
Anonymous two factor authentication in distributed systems certain goals are ...LeMeniz Infotech
 
Open Security and Privacy Reference Architecture
Open Security and Privacy Reference Architecture Open Security and Privacy Reference Architecture
Open Security and Privacy Reference Architecture Asim Jahan
 
Network security monitoring with open source tools
Network security monitoring with open source toolsNetwork security monitoring with open source tools
Network security monitoring with open source toolsterriert
 
Marcel van der Heijden - SpeedInvest & Aircloak - EU GDPR & Data Privacy Comp...
Marcel van der Heijden - SpeedInvest & Aircloak - EU GDPR & Data Privacy Comp...Marcel van der Heijden - SpeedInvest & Aircloak - EU GDPR & Data Privacy Comp...
Marcel van der Heijden - SpeedInvest & Aircloak - EU GDPR & Data Privacy Comp...Burton Lee
 

What's hot (19)

Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...
Are you Cyber ready? Introducing Netpluz managed cyber security - cyber intel...
 
Privacy and Security by Design
Privacy and Security by DesignPrivacy and Security by Design
Privacy and Security by Design
 
Digital Age-Preparing Yourself
Digital Age-Preparing YourselfDigital Age-Preparing Yourself
Digital Age-Preparing Yourself
 
State of the OpenCloud Report 2020
State of the OpenCloud Report 2020State of the OpenCloud Report 2020
State of the OpenCloud Report 2020
 
A collaborative security framework for software defined wireless sensor networks
A collaborative security framework for software defined wireless sensor networksA collaborative security framework for software defined wireless sensor networks
A collaborative security framework for software defined wireless sensor networks
 
IoT in industry
IoT in industryIoT in industry
IoT in industry
 
Limitless xdr meetup
Limitless xdr meetupLimitless xdr meetup
Limitless xdr meetup
 
PKI for the People - a Beame.io Research Initiative
PKI for the People - a Beame.io Research InitiativePKI for the People - a Beame.io Research Initiative
PKI for the People - a Beame.io Research Initiative
 
Cybersecurity | D-fend: Counter drone solution for urban environments
Cybersecurity | D-fend: Counter drone solution for urban environmentsCybersecurity | D-fend: Counter drone solution for urban environments
Cybersecurity | D-fend: Counter drone solution for urban environments
 
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
 
MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...
MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...
MITRE ATT&CKcon 2.0: AMITT - ATT&CK-based Standards for Misinformation Threat...
 
The view of auditor on cybercrime
The view of auditor on cybercrimeThe view of auditor on cybercrime
The view of auditor on cybercrime
 
Strategically moving towards a secure hybrid it
Strategically moving towards a secure hybrid itStrategically moving towards a secure hybrid it
Strategically moving towards a secure hybrid it
 
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon SwainNTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
 
BISS - 11nov2011
BISS - 11nov2011BISS - 11nov2011
BISS - 11nov2011
 
Anonymous two factor authentication in distributed systems certain goals are ...
Anonymous two factor authentication in distributed systems certain goals are ...Anonymous two factor authentication in distributed systems certain goals are ...
Anonymous two factor authentication in distributed systems certain goals are ...
 
Open Security and Privacy Reference Architecture
Open Security and Privacy Reference Architecture Open Security and Privacy Reference Architecture
Open Security and Privacy Reference Architecture
 
Network security monitoring with open source tools
Network security monitoring with open source toolsNetwork security monitoring with open source tools
Network security monitoring with open source tools
 
Marcel van der Heijden - SpeedInvest & Aircloak - EU GDPR & Data Privacy Comp...
Marcel van der Heijden - SpeedInvest & Aircloak - EU GDPR & Data Privacy Comp...Marcel van der Heijden - SpeedInvest & Aircloak - EU GDPR & Data Privacy Comp...
Marcel van der Heijden - SpeedInvest & Aircloak - EU GDPR & Data Privacy Comp...
 

Viewers also liked

belajarnet.blogspot.com
belajarnet.blogspot.combelajarnet.blogspot.com
belajarnet.blogspot.comAl Kusno
 
Apresentação Legal Care
Apresentação Legal CareApresentação Legal Care
Apresentação Legal CareMarcelo S
 
Súper ofertas
Súper ofertasSúper ofertas
Súper ofertasMari Blnco
 
Presentation1
Presentation1Presentation1
Presentation1rindah
 
From the Trenches: Building Comprehensive and Secure Solutions in AWS
From the Trenches: Building Comprehensive and Secure Solutions in AWSFrom the Trenches: Building Comprehensive and Secure Solutions in AWS
From the Trenches: Building Comprehensive and Secure Solutions in AWSAlert Logic
 

Viewers also liked (15)

belajarnet.blogspot.com
belajarnet.blogspot.combelajarnet.blogspot.com
belajarnet.blogspot.com
 
Ordinanza halloween 2011
Ordinanza halloween 2011Ordinanza halloween 2011
Ordinanza halloween 2011
 
Tarea 1 1y2
Tarea 1 1y2Tarea 1 1y2
Tarea 1 1y2
 
huj
hujhuj
huj
 
Sateanchai
SateanchaiSateanchai
Sateanchai
 
Apresentação Legal Care
Apresentação Legal CareApresentação Legal Care
Apresentação Legal Care
 
Súper ofertas
Súper ofertasSúper ofertas
Súper ofertas
 
31st october
31st october31st october
31st october
 
2016.11.11
2016.11.112016.11.11
2016.11.11
 
View cart
View cartView cart
View cart
 
Presentation1
Presentation1Presentation1
Presentation1
 
Zurich versión 2.0
Zurich versión 2.0Zurich versión 2.0
Zurich versión 2.0
 
Lam pt25-04
Lam pt25-04Lam pt25-04
Lam pt25-04
 
From the Trenches: Building Comprehensive and Secure Solutions in AWS
From the Trenches: Building Comprehensive and Secure Solutions in AWSFrom the Trenches: Building Comprehensive and Secure Solutions in AWS
From the Trenches: Building Comprehensive and Secure Solutions in AWS
 
Esteres
EsteresEsteres
Esteres
 

Similar to Davitt Potter - CSA Arrow

FinalResearch_95752_oliver
FinalResearch_95752_oliverFinalResearch_95752_oliver
FinalResearch_95752_oliverMadison Oliver
 
Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Hamisi Kibonde
 
Advice for CISOs: How to Approach OT Cybersecurity
Advice for CISOs: How to Approach OT CybersecurityAdvice for CISOs: How to Approach OT Cybersecurity
Advice for CISOs: How to Approach OT CybersecurityMighty Guides, Inc.
 
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...JoAnna Cheshire
 
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...North Texas Chapter of the ISSA
 
How the Switch to a Predominantly Remote Workforce Accelerated IT and Securit...
How the Switch to a Predominantly Remote Workforce Accelerated IT and Securit...How the Switch to a Predominantly Remote Workforce Accelerated IT and Securit...
How the Switch to a Predominantly Remote Workforce Accelerated IT and Securit...Dana Gardner
 
APT Monitoring and Compliance
APT Monitoring and ComplianceAPT Monitoring and Compliance
APT Monitoring and ComplianceMarcus Clarke
 
OT Experts Share Their Strategies - Securing Critical Infrastructure in the P...
OT Experts Share Their Strategies - Securing Critical Infrastructure in the P...OT Experts Share Their Strategies - Securing Critical Infrastructure in the P...
OT Experts Share Their Strategies - Securing Critical Infrastructure in the P...Mighty Guides, Inc.
 
IoT and security
IoT and securityIoT and security
IoT and securityIET India
 
Achieving high-fidelity security
Achieving high-fidelity securityAchieving high-fidelity security
Achieving high-fidelity securitybalejandre
 
Domain 7 of CEH Mobile Platform, IoT, and OT Hacking.pptx
Domain 7 of CEH Mobile Platform, IoT, and OT Hacking.pptxDomain 7 of CEH Mobile Platform, IoT, and OT Hacking.pptx
Domain 7 of CEH Mobile Platform, IoT, and OT Hacking.pptxInfosectrain3
 
Data Security Solutions - Cyber Security & Security Intelligence - @ Lithuani...
Data Security Solutions - Cyber Security & Security Intelligence - @ Lithuani...Data Security Solutions - Cyber Security & Security Intelligence - @ Lithuani...
Data Security Solutions - Cyber Security & Security Intelligence - @ Lithuani...Andris Soroka
 
76 s201917
76 s20191776 s201917
76 s201917IJRAT
 
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docxIoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docxvrickens
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxtjane3
 

Similar to Davitt Potter - CSA Arrow (20)

FinalResearch_95752_oliver
FinalResearch_95752_oliverFinalResearch_95752_oliver
FinalResearch_95752_oliver
 
Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)
 
Security
SecuritySecurity
Security
 
Internet
InternetInternet
Internet
 
expert tips
expert tipsexpert tips
expert tips
 
Ten Expert Tips on Internet of Things Security
Ten Expert Tips on Internet of Things SecurityTen Expert Tips on Internet of Things Security
Ten Expert Tips on Internet of Things Security
 
Advice for CISOs: How to Approach OT Cybersecurity
Advice for CISOs: How to Approach OT CybersecurityAdvice for CISOs: How to Approach OT Cybersecurity
Advice for CISOs: How to Approach OT Cybersecurity
 
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
 
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
NTXISSACSC2 - The Role of Threat Intelligence and Layered Security for Intrus...
 
How the Switch to a Predominantly Remote Workforce Accelerated IT and Securit...
How the Switch to a Predominantly Remote Workforce Accelerated IT and Securit...How the Switch to a Predominantly Remote Workforce Accelerated IT and Securit...
How the Switch to a Predominantly Remote Workforce Accelerated IT and Securit...
 
APT Monitoring and Compliance
APT Monitoring and ComplianceAPT Monitoring and Compliance
APT Monitoring and Compliance
 
OT Experts Share Their Strategies - Securing Critical Infrastructure in the P...
OT Experts Share Their Strategies - Securing Critical Infrastructure in the P...OT Experts Share Their Strategies - Securing Critical Infrastructure in the P...
OT Experts Share Their Strategies - Securing Critical Infrastructure in the P...
 
Secure your Space: The Internet of Things
Secure your Space: The Internet of ThingsSecure your Space: The Internet of Things
Secure your Space: The Internet of Things
 
IoT and security
IoT and securityIoT and security
IoT and security
 
Achieving high-fidelity security
Achieving high-fidelity securityAchieving high-fidelity security
Achieving high-fidelity security
 
Domain 7 of CEH Mobile Platform, IoT, and OT Hacking.pptx
Domain 7 of CEH Mobile Platform, IoT, and OT Hacking.pptxDomain 7 of CEH Mobile Platform, IoT, and OT Hacking.pptx
Domain 7 of CEH Mobile Platform, IoT, and OT Hacking.pptx
 
Data Security Solutions - Cyber Security & Security Intelligence - @ Lithuani...
Data Security Solutions - Cyber Security & Security Intelligence - @ Lithuani...Data Security Solutions - Cyber Security & Security Intelligence - @ Lithuani...
Data Security Solutions - Cyber Security & Security Intelligence - @ Lithuani...
 
76 s201917
76 s20191776 s201917
76 s201917
 
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docxIoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
IoT Referenceshttpswww.techrepublic.comarticlehow-to-secur.docx
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docx
 

More from Trish McGinity, CCSK

Csa privacy by design & gdpr austin chambers 11-4-17
Csa privacy by design & gdpr austin chambers 11-4-17Csa privacy by design & gdpr austin chambers 11-4-17
Csa privacy by design & gdpr austin chambers 11-4-17Trish McGinity, CCSK
 
Token Binding as the Foundation for a More Secure Web
Token Binding as the Foundation for a More Secure WebToken Binding as the Foundation for a More Secure Web
Token Binding as the Foundation for a More Secure WebTrish McGinity, CCSK
 
Security and Automation: Can they work together? Can we survive if they don't?
Security and Automation: Can they work together? Can we survive if they don't?Security and Automation: Can they work together? Can we survive if they don't?
Security and Automation: Can they work together? Can we survive if they don't?Trish McGinity, CCSK
 
Practical AWS Security - Scott Hogg
Practical AWS Security - Scott HoggPractical AWS Security - Scott Hogg
Practical AWS Security - Scott HoggTrish McGinity, CCSK
 
CSA colorado 2016 presentation CloudPassage
CSA colorado 2016 presentation CloudPassageCSA colorado 2016 presentation CloudPassage
CSA colorado 2016 presentation CloudPassageTrish McGinity, CCSK
 
Csa presentation november 2016 sloane ghx
Csa presentation november 2016 sloane ghxCsa presentation november 2016 sloane ghx
Csa presentation november 2016 sloane ghxTrish McGinity, CCSK
 
Privileged accesss management for den csa user group CA Technologies
Privileged accesss management for den csa user group CA TechnologiesPrivileged accesss management for den csa user group CA Technologies
Privileged accesss management for den csa user group CA TechnologiesTrish McGinity, CCSK
 
Andrew Useckas Csa presentation hacking custom webapps 4 3
Andrew Useckas Csa presentation hacking custom webapps 4 3Andrew Useckas Csa presentation hacking custom webapps 4 3
Andrew Useckas Csa presentation hacking custom webapps 4 3Trish McGinity, CCSK
 
Steve Kosten - Exploiting common web application vulnerabilities
Steve Kosten - Exploiting common web application vulnerabilities Steve Kosten - Exploiting common web application vulnerabilities
Steve Kosten - Exploiting common web application vulnerabilities Trish McGinity, CCSK
 
Larry Whiteside - Optiv Cloud ready or steam rolled csa version
Larry Whiteside - Optiv Cloud ready or steam rolled csa versionLarry Whiteside - Optiv Cloud ready or steam rolled csa version
Larry Whiteside - Optiv Cloud ready or steam rolled csa versionTrish McGinity, CCSK
 
Scott Hogg - Gtri cloud security knowledge and certs
Scott Hogg - Gtri cloud security knowledge and certsScott Hogg - Gtri cloud security knowledge and certs
Scott Hogg - Gtri cloud security knowledge and certsTrish McGinity, CCSK
 

More from Trish McGinity, CCSK (16)

Csa privacy by design & gdpr austin chambers 11-4-17
Csa privacy by design & gdpr austin chambers 11-4-17Csa privacy by design & gdpr austin chambers 11-4-17
Csa privacy by design & gdpr austin chambers 11-4-17
 
Privacy 101
Privacy 101Privacy 101
Privacy 101
 
Cloud Seeding
Cloud SeedingCloud Seeding
Cloud Seeding
 
Token Binding as the Foundation for a More Secure Web
Token Binding as the Foundation for a More Secure WebToken Binding as the Foundation for a More Secure Web
Token Binding as the Foundation for a More Secure Web
 
Security and Automation: Can they work together? Can we survive if they don't?
Security and Automation: Can they work together? Can we survive if they don't?Security and Automation: Can they work together? Can we survive if they don't?
Security and Automation: Can they work together? Can we survive if they don't?
 
GDPR Overview
GDPR OverviewGDPR Overview
GDPR Overview
 
Practical AWS Security - Scott Hogg
Practical AWS Security - Scott HoggPractical AWS Security - Scott Hogg
Practical AWS Security - Scott Hogg
 
CSA colorado 2016 presentation CloudPassage
CSA colorado 2016 presentation CloudPassageCSA colorado 2016 presentation CloudPassage
CSA colorado 2016 presentation CloudPassage
 
Csa presentation november 2016 sloane ghx
Csa presentation november 2016 sloane ghxCsa presentation november 2016 sloane ghx
Csa presentation november 2016 sloane ghx
 
Privileged accesss management for den csa user group CA Technologies
Privileged accesss management for den csa user group CA TechnologiesPrivileged accesss management for den csa user group CA Technologies
Privileged accesss management for den csa user group CA Technologies
 
Andrew Useckas Csa presentation hacking custom webapps 4 3
Andrew Useckas Csa presentation hacking custom webapps 4 3Andrew Useckas Csa presentation hacking custom webapps 4 3
Andrew Useckas Csa presentation hacking custom webapps 4 3
 
Steve Kosten - Exploiting common web application vulnerabilities
Steve Kosten - Exploiting common web application vulnerabilities Steve Kosten - Exploiting common web application vulnerabilities
Steve Kosten - Exploiting common web application vulnerabilities
 
Shawn Harris - CCSP SAH v2
Shawn Harris - CCSP SAH v2Shawn Harris - CCSP SAH v2
Shawn Harris - CCSP SAH v2
 
Larry Whiteside - Optiv Cloud ready or steam rolled csa version
Larry Whiteside - Optiv Cloud ready or steam rolled csa versionLarry Whiteside - Optiv Cloud ready or steam rolled csa version
Larry Whiteside - Optiv Cloud ready or steam rolled csa version
 
Ed Rios - New ncc brief
Ed Rios - New ncc briefEd Rios - New ncc brief
Ed Rios - New ncc brief
 
Scott Hogg - Gtri cloud security knowledge and certs
Scott Hogg - Gtri cloud security knowledge and certsScott Hogg - Gtri cloud security knowledge and certs
Scott Hogg - Gtri cloud security knowledge and certs
 

Recently uploaded

Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetEnjoy Anytime
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 

Recently uploaded (20)

Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 

Davitt Potter - CSA Arrow

  • 1. www.cloudsecurityalliance.orgCopyright © 2016 Cloud Security Alliance The Edge is EverywhereSecurity and Risk Considerations of a Completely Connected World Davitt J. Potter Director, Engineering & Technical Services, Arrow Security
  • 2. www.cloudsecurityalliance.orgCopyright © 2011 Cloud Security Alliance www.cloudsecurityalliance.orgCopyright © 2015 Cloud Security Alliance What Edge?!
  • 3.
  • 4. Security: Not just a buzzword anymore! When everything is connected to everything else, for better or for worse, everything matters. Source: Bruce Mau, Massive Change Any business that fails to invest heavily in the IoT in the next 10 years is unlikely to be able to remain competitive. Source: McKinsey A network of physical objects (things) that contain embedded technology to sense or interact with their internal state or external environment. The IoT comprises an ecosystem that includes things, communication, applications and data analysis. Source: Gartner
  • 8. …Mind the gap! Meaning… what?  Gaps in visibility  Gaps in knowledge of the devices  Gaps in knowledge of activity
  • 9. Who drives this bus, anyway? We still don’t do simple things well.  “Security is a process, not a product. Products provide some protection, but the only way to effectively do business in an insecure world is to put processes in place that recognize the inherent insecurity in the products. The trick is to reduce your risk of exposure regardless of the products or patches.” - Bruce Schneier, Information Security
  • 10. Who drives this bus, anyway? We still don’t do simple things well.  “There is no patch for human stupidity.” – Various
  • 11.
  • 12. Security cannot be an afterthought!  In the mad rush to connect everything, proper security controls and designs must be considered.  SHOULD a device be able to be seen by other devices? What is ‘proper’ traffic? What does normal traffic look like? Should it be segregated? Should it be encrypted?  Slow down – just a second.
  • 13. Security cannot be an afterthought!  Have you designed a security strategy?  What policy or procedure does it fall under?  Who controls it?  Who does it talk to?  When does it talk?  What happens when you’re breached?
  • 14. “This is what we call a target-rich environment…”  Look at all the edge devices to poke at!  If your edge device is breached, how do you know? Can you stop it at the gateway? Can you stop it at the device? Can you identify the data that was exfiltrated? Can you show me the ingress and egress paths?  Collector/aggregation points  Devices  Cloud-based systems
  • 15. Or a security officer, or a network administrator, or… I’m a Security Analyst!  Is security awareness part of your organization at each level of IT? Do you provide options for visibility into security data for other roles, where relevant?  More eyes can discover “ah ha” moments. Automation helps cull the anomalies, but the human brain (thus far) still can make that intuitive leap.
  • 16. Questions? Thank you! Davitt J. Potter dapotter@arrow.com Twitter: @DavittJPotter http://www.linkedin.com/in/davittjpotter

Editor's Notes

  1. 40 mins.
  2. This is a random, unpublished public IP on a mid-sized cable modem network. The scanning is done programmatically, with very little user intervention. But I’m sure you’re fine.
  3. This is a random, unpublished public IP on a mid-sized cable modem network. The scanning is done programmatically, with very little user intervention. But I’m sure you’re fine.
  4. Gaps in visibility Lack of aggregated view of events Lack of knowledge of SSL traffic Lack of knowledge of site-to-site traffic Lack of knowledge of BYOD device traffic Gaps in knowledge of the devices Lack of collection of all devices Lack of centralized asset control Lack of control of BYOD assets Less visibility of VDI resources (deploy now, fix later!) Gaps in knowledge of activity Who owns that? Who did that? Are they supposed to that? Is that thing supposed to do that? Why did that thing do that? How LONG has that thing been doing that?
  5. Are your teams aware of each other? Security vs. Desktop vs. Network vs. Audit vs. Users Clear guidelines around BYOD? Are you communicating with your peers? You don’t have to fly blind, or in a vacuum. Share your experiences, get feedback. Connected LED bulbs leak WiFI passwords (true) Authenticate! ASSUME the network is compromised. Trust no one.
  6. Are your teams aware of each other? Security vs. Desktop vs. Network vs. Audit vs. Users Clear guidelines around BYOD? Are you communicating with your peers? You don’t have to fly blind, or in a vacuum. Share your experiences, get feedback.