SlideShare a Scribd company logo

Cyber Security Defense by vulnerability mgmt nov 11 2015

Download as PPTX, PDF
Kevin Murphy
Kevin Murphy

The year in review: the attacks and the defensive measures to put in place: Vulnerability Mgmt, monitoring, inventory, SIEM, etc.

Internet
1 of 18
Kevin J. Murphy Cyber Security Defense by Effective Vulnerability Mgmt. Director, Windows Security Architecture
Agenda 2 • Before We Begin.. • Year in Review: Cyber Crime & Nation States, Breaches, & Trends • Core of Vulnerability Management • Best Practices • Peer discussion
Before We Begin…… 3
Manufacturing Consulting Energy Software Retail Healthcare Telecommunications Government Banking Others? Industries Representation
PCI Standards 5
Year in Review 6
Year in Review : Baits and Social Media 7
Year in Review : Identity Exposure 8 This data was before the US Gov. OPM breach of 21.5 million identities
Year in Review : Attack Profiles 9
Year in Review : Cyber crime and Nation Threats 10 • 43% of all cyber attacks originated in China in 2014. http://vpncreative.net (I don’t believe this. I think China just gets caught) • Mobile O/S and app threats are rising as vectors into the enterprise • Dating sites have targeted phishing attacks • Facebook Twitter & Pinterest –sharing links to friends that are links to malware
Patch Management : Just Do IT! Please download this doc. Most attacks use known vulnerabilities Patches are available in most cases This should be considered as part of the normal operations
Patch Management: Core Elements 1. Accurate Asset Inventory a. Make sure you know your assets better than your attacker. 2. Patch availability awareness a. Microsoft Security Response Center b. http://csrc.nist.gov/ c. Your software vendors 3. Timely Monitoring, Scanning & Alerting infrastructure This should be considered as part of the normal operations
Patch Management: Core Elements 4. Type of Patches a. Core operating systems patches: Windows, Linux, Android, iOS, other b. Infrastructure patches: Cisco, Juniper, F5, Palo Alto, etc. c. Your application patches: 3rd party, your internal developed apps., mobile apps. d. Monitor tool patches e. Don’t forget your outliers: security cameras, HVAC, etc. This should be considered as part of the normal operations
Patch Management : Deployment  Plan on rolling out patches monthly  Critical patches should be patched out of sequence if an active exploit is in progress  Always test your patches first!  Full-time team  Fully funded in your budget cycle  Patch status should be part of your normal information system reporting metrics This should be viewed as part of the normal operations of your systems
Patch Management : Tips  Attackers would love to infect your patch and have you roll out their malware for them.  Use checksums/strong hash to verify patch integrity  Maintain configuration control  Secure network file transfer if possible  Automate and Phase your deployment to patch your high value systems first Verify your patch isn’t creating an outage Protect your patching infrastructure.
Patch Management : Cloud Based Systems  In most cases, your cloud provided will handle patches from the hypervisor and below  You still own patching your cloud based applications  Verify you cloud service level agreements and  Make sure there are no patching gaps. (Find the coverage gaps before your attacker does.)
Learning From Peers Let’s Share And Learn
Veteran’s Day

Recommended

Reorganizing Federal IT to Address Today's Threats
Reorganizing Federal IT to Address Today's ThreatsReorganizing Federal IT to Address Today's Threats
Reorganizing Federal IT to Address Today's Threats
Lumension
 
Vulnerability Assessment
Vulnerability AssessmentVulnerability Assessment
Vulnerability Assessment
primeteacher32
 
Vulnerability Management: How to Think Like a Hacker to Reduce Risk
Vulnerability Management: How to Think Like a Hacker to Reduce RiskVulnerability Management: How to Think Like a Hacker to Reduce Risk
Vulnerability Management: How to Think Like a Hacker to Reduce Risk
BeyondTrust
 
Vulnerability management today and tomorrow
Vulnerability management today and tomorrowVulnerability management today and tomorrow
Vulnerability management today and tomorrow
Jonathan Sinclair
 
Vulnerability Assessment Presentation
Vulnerability Assessment PresentationVulnerability Assessment Presentation
Vulnerability Assessment Presentation
Lionel Medina
 
Key Strategies to Address Rising Application Risk in Your Enterprise
Key Strategies to Address Rising Application Risk in Your EnterpriseKey Strategies to Address Rising Application Risk in Your Enterprise
Key Strategies to Address Rising Application Risk in Your Enterprise
Lumension
 
OSB130 Patch Management Best Practices
OSB130 Patch Management Best PracticesOSB130 Patch Management Best Practices
OSB130 Patch Management Best Practices
Ivanti
 
Software Vulnerability management
Software Vulnerability management Software Vulnerability management
Software Vulnerability management
Kishor Datta Gupta
 

Recommended

Reorganizing Federal IT to Address Today's Threats
Reorganizing Federal IT to Address Today's ThreatsReorganizing Federal IT to Address Today's Threats
Reorganizing Federal IT to Address Today's Threats
Lumension
 
Vulnerability Assessment
Vulnerability AssessmentVulnerability Assessment
Vulnerability Assessment
primeteacher32
 
Vulnerability Management: How to Think Like a Hacker to Reduce Risk
Vulnerability Management: How to Think Like a Hacker to Reduce RiskVulnerability Management: How to Think Like a Hacker to Reduce Risk
Vulnerability Management: How to Think Like a Hacker to Reduce Risk
BeyondTrust
 
Vulnerability management today and tomorrow
Vulnerability management today and tomorrowVulnerability management today and tomorrow
Vulnerability management today and tomorrow
Jonathan Sinclair
 
Vulnerability Assessment Presentation
Vulnerability Assessment PresentationVulnerability Assessment Presentation
Vulnerability Assessment Presentation
Lionel Medina
 
Key Strategies to Address Rising Application Risk in Your Enterprise
Key Strategies to Address Rising Application Risk in Your EnterpriseKey Strategies to Address Rising Application Risk in Your Enterprise
Key Strategies to Address Rising Application Risk in Your Enterprise
Lumension
 
OSB130 Patch Management Best Practices
OSB130 Patch Management Best PracticesOSB130 Patch Management Best Practices
OSB130 Patch Management Best Practices
Ivanti
 
Software Vulnerability management
Software Vulnerability management Software Vulnerability management
Software Vulnerability management
Kishor Datta Gupta
 
Best vulnerability assessment training
Best vulnerability assessment trainingBest vulnerability assessment training
Best vulnerability assessment training
AdarshMathuri
 
Effective Vulnerability Management
Effective Vulnerability ManagementEffective Vulnerability Management
Effective Vulnerability Management
Vicky Ames
 
September 2012 Security Vulnerability Session
September 2012 Security Vulnerability SessionSeptember 2012 Security Vulnerability Session
September 2012 Security Vulnerability Session
Kaseya
 
Vulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize RiskVulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize Risk
AlienVault
 
Blue Ocean IT Security
Blue Ocean IT SecurityBlue Ocean IT Security
Blue Ocean IT Security
Jonathan Sinclair
 
Assessment and Threats: Protecting Your Company from Cyber Attacks
Assessment and Threats: Protecting Your Company from Cyber AttacksAssessment and Threats: Protecting Your Company from Cyber Attacks
Assessment and Threats: Protecting Your Company from Cyber Attacks
Cimation
 
The Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day RealityThe Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day Reality
Lumension
 
Vulnerability Assessment & Analysis (VAA) Overview
Vulnerability Assessment & Analysis (VAA) OverviewVulnerability Assessment & Analysis (VAA) Overview
Vulnerability Assessment & Analysis (VAA) Overview
Susan Rantall
 
Malicious software
Malicious softwareMalicious software
Malicious software
CAS
 
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than EverNew USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
AlienVault
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the Cloud
Alert Logic
 
Enterprise Class Vulnerability Management Like A Boss
Enterprise Class Vulnerability Management Like A BossEnterprise Class Vulnerability Management Like A Boss
Enterprise Class Vulnerability Management Like A Boss
rbrockway
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessment
CAS
 
Trustport - Roman Veleba
Trustport - Roman VelebaTrustport - Roman Veleba
Trustport - Roman Veleba
Jan Fried
 
VAPT, Ethical Hacking and Laws in India by prashant mali
VAPT, Ethical Hacking and Laws in India by prashant maliVAPT, Ethical Hacking and Laws in India by prashant mali
VAPT, Ethical Hacking and Laws in India by prashant mali
Adv. Prashant Mali ♛ [Bsc(Phy),MSc(Comp Sci), CCFP,CISSA,LLM]
 
Cyber Attack Survival
Cyber Attack SurvivalCyber Attack Survival
Cyber Attack Survival
Skoda Minotti
 
VSEC LAN Security Assessment Service Profile
VSEC LAN Security Assessment Service ProfileVSEC LAN Security Assessment Service Profile
VSEC LAN Security Assessment Service Profile
Vietnamese Network Security J.S.C
 
Network Security Risk
Network Security RiskNetwork Security Risk
Network Security Risk
Dedi Dwianto
 
Web Application Vulnerability Management
Web Application Vulnerability ManagementWeb Application Vulnerability Management
Web Application Vulnerability Management
jpubal
 
VMRay intro video
VMRay intro videoVMRay intro video
VMRay intro video
Chad Loeven
 
Solvay
SolvaySolvay
Solvay
Ramón Mª Sola Jábega PhD. IES Manuel de Falla. Maracena. ( Granada)
 
Arte al ándalus
Arte al ándalusArte al ándalus
Arte al ándalus
Sergio Garcia
 

More Related Content

What's hot

Effective Vulnerability Management
Effective Vulnerability ManagementEffective Vulnerability Management
Effective Vulnerability Management
Vicky Ames
 
September 2012 Security Vulnerability Session
September 2012 Security Vulnerability SessionSeptember 2012 Security Vulnerability Session
September 2012 Security Vulnerability Session
Kaseya
 
Vulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize RiskVulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize Risk
AlienVault
 
Vulnerability Assessment & Analysis (VAA) Overview
Vulnerability Assessment & Analysis (VAA) OverviewVulnerability Assessment & Analysis (VAA) Overview
Vulnerability Assessment & Analysis (VAA) Overview
Susan Rantall
 
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than EverNew USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
AlienVault
 
Trustport - Roman Veleba
Trustport - Roman VelebaTrustport - Roman Veleba
Trustport - Roman Veleba
Jan Fried
 

What's hot (20)

Best vulnerability assessment training
Best vulnerability assessment trainingBest vulnerability assessment training
Best vulnerability assessment training
 
Effective Vulnerability Management
Effective Vulnerability ManagementEffective Vulnerability Management
Effective Vulnerability Management
 
September 2012 Security Vulnerability Session
September 2012 Security Vulnerability SessionSeptember 2012 Security Vulnerability Session
September 2012 Security Vulnerability Session
 
Vulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize RiskVulnerability Management: What You Need to Know to Prioritize Risk
Vulnerability Management: What You Need to Know to Prioritize Risk
 
Blue Ocean IT Security
Blue Ocean IT SecurityBlue Ocean IT Security
Blue Ocean IT Security
 
Assessment and Threats: Protecting Your Company from Cyber Attacks
Assessment and Threats: Protecting Your Company from Cyber AttacksAssessment and Threats: Protecting Your Company from Cyber Attacks
Assessment and Threats: Protecting Your Company from Cyber Attacks
 
The Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day RealityThe Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day Reality
 
Vulnerability Assessment & Analysis (VAA) Overview
Vulnerability Assessment & Analysis (VAA) OverviewVulnerability Assessment & Analysis (VAA) Overview
Vulnerability Assessment & Analysis (VAA) Overview
 
Malicious software
Malicious softwareMalicious software
Malicious software
 
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than EverNew USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
New USM v5.0 - Get Complete Security Visibility Faster & Easier Than Ever
 
Security Implications of the Cloud
Security Implications of the CloudSecurity Implications of the Cloud
Security Implications of the Cloud
 
Enterprise Class Vulnerability Management Like A Boss
Enterprise Class Vulnerability Management Like A BossEnterprise Class Vulnerability Management Like A Boss
Enterprise Class Vulnerability Management Like A Boss
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessment
 
Trustport - Roman Veleba
Trustport - Roman VelebaTrustport - Roman Veleba
Trustport - Roman Veleba
 
VAPT, Ethical Hacking and Laws in India by prashant mali
VAPT, Ethical Hacking and Laws in India by prashant maliVAPT, Ethical Hacking and Laws in India by prashant mali
VAPT, Ethical Hacking and Laws in India by prashant mali
 
Cyber Attack Survival
Cyber Attack SurvivalCyber Attack Survival
Cyber Attack Survival
 
VSEC LAN Security Assessment Service Profile
VSEC LAN Security Assessment Service ProfileVSEC LAN Security Assessment Service Profile
VSEC LAN Security Assessment Service Profile
 
Network Security Risk
Network Security RiskNetwork Security Risk
Network Security Risk
 
Web Application Vulnerability Management
Web Application Vulnerability ManagementWeb Application Vulnerability Management
Web Application Vulnerability Management
 
VMRay intro video
VMRay intro videoVMRay intro video
VMRay intro video
 

Viewers also liked

Elipse revista stivenson salazar rivas-ci.27000454-ing electrica-seccion 3 e
Elipse revista stivenson salazar rivas-ci.27000454-ing electrica-seccion 3 eElipse revista stivenson salazar rivas-ci.27000454-ing electrica-seccion 3 e
Elipse revista stivenson salazar rivas-ci.27000454-ing electrica-seccion 3 e
stivensonsalazar
 
СПЕЦПРОЕКТ ММСО-2017. ФОРУМ «Негосударственное дополнительное образование»
СПЕЦПРОЕКТ ММСО-2017. ФОРУМ «Негосударственное дополнительное образование»СПЕЦПРОЕКТ ММСО-2017. ФОРУМ «Негосударственное дополнительное образование»
СПЕЦПРОЕКТ ММСО-2017. ФОРУМ «Негосударственное дополнительное образование»
edexpert
 

Viewers also liked (18)

Solvay
SolvaySolvay
Solvay
 
Arte al ándalus
Arte al ándalusArte al ándalus
Arte al ándalus
 
TCS: Personalization Tools + Team Tools
TCS: Personalization Tools + Team ToolsTCS: Personalization Tools + Team Tools
TCS: Personalization Tools + Team Tools
 
Каталог 04/17
Каталог 04/17Каталог 04/17
Каталог 04/17
 
Placa
Placa Placa
Placa
 
Siderurgia
SiderurgiaSiderurgia
Siderurgia
 
Actividades de Melocotón en almíbar 16 17
Actividades de Melocotón en almíbar 16 17Actividades de Melocotón en almíbar 16 17
Actividades de Melocotón en almíbar 16 17
 
Eleven
ElevenEleven
Eleven
 
Kit media i24news.tv
Kit media i24news.tvKit media i24news.tv
Kit media i24news.tv
 
Trabajo ef entrenamiento
Trabajo ef entrenamientoTrabajo ef entrenamiento
Trabajo ef entrenamiento
 
Cloud Security
Cloud Security Cloud Security
Cloud Security
 
Desafios e perspectivas para a abertura e expansão do Mercado Livre de Energia
Desafios e perspectivas para a abertura e expansão do Mercado Livre de EnergiaDesafios e perspectivas para a abertura e expansão do Mercado Livre de Energia
Desafios e perspectivas para a abertura e expansão do Mercado Livre de Energia
 
Algoritmos
AlgoritmosAlgoritmos
Algoritmos
 
Elipse revista stivenson salazar rivas-ci.27000454-ing electrica-seccion 3 e
Elipse revista stivenson salazar rivas-ci.27000454-ing electrica-seccion 3 eElipse revista stivenson salazar rivas-ci.27000454-ing electrica-seccion 3 e
Elipse revista stivenson salazar rivas-ci.27000454-ing electrica-seccion 3 e
 
Hintaennusteiden tekeminen, Pasi Sorjonen
Hintaennusteiden tekeminen, Pasi SorjonenHintaennusteiden tekeminen, Pasi Sorjonen
Hintaennusteiden tekeminen, Pasi Sorjonen
 
СПЕЦПРОЕКТ ММСО-2017. ФОРУМ «Негосударственное дополнительное образование»
СПЕЦПРОЕКТ ММСО-2017. ФОРУМ «Негосударственное дополнительное образование»СПЕЦПРОЕКТ ММСО-2017. ФОРУМ «Негосударственное дополнительное образование»
СПЕЦПРОЕКТ ММСО-2017. ФОРУМ «Негосударственное дополнительное образование»
 
10 inspirational elephant quotes you need right now
10 inspirational elephant quotes you need right now10 inspirational elephant quotes you need right now
10 inspirational elephant quotes you need right now
 
LinkedIn
LinkedInLinkedIn
LinkedIn
 

Similar to Cyber Security Defense by vulnerability mgmt nov 11 2015

Why Patch Management is Still the Best First Line of Defense
Why Patch Management is Still the Best First Line of DefenseWhy Patch Management is Still the Best First Line of Defense
Why Patch Management is Still the Best First Line of Defense
Lumension
 
Current Article Review1. Locate a current article about Regul.docx
Current Article Review1. Locate a current article about Regul.docxCurrent Article Review1. Locate a current article about Regul.docx
Current Article Review1. Locate a current article about Regul.docx
annettsparrow
 
What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?
IBM Security
 
Protecting endpoints from targeted attacks
Protecting endpoints from targeted attacksProtecting endpoints from targeted attacks
Protecting endpoints from targeted attacks
AppSense
 

Similar to Cyber Security Defense by vulnerability mgmt nov 11 2015 (20)

Why Patch Management is Still the Best First Line of Defense
Why Patch Management is Still the Best First Line of DefenseWhy Patch Management is Still the Best First Line of Defense
Why Patch Management is Still the Best First Line of Defense
 
It's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityIt's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint Security
 
Protect Against 85% of Cyberattacks
Protect Against 85% of CyberattacksProtect Against 85% of Cyberattacks
Protect Against 85% of Cyberattacks
 
The uncool-security-hygiene
The uncool-security-hygieneThe uncool-security-hygiene
The uncool-security-hygiene
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security Basics
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
 
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
Manoj Purandare - Application Security - Secure Code Assessment Program - Pre...
 
Making Sense of Threat Reports
Making Sense of Threat ReportsMaking Sense of Threat Reports
Making Sense of Threat Reports
 
Patch Management Best Practices 2019
Patch Management Best Practices 2019Patch Management Best Practices 2019
Patch Management Best Practices 2019
 
Application security
Application securityApplication security
Application security
 
Current Article Review1. Locate a current article about Regul.docx
Current Article Review1. Locate a current article about Regul.docxCurrent Article Review1. Locate a current article about Regul.docx
Current Article Review1. Locate a current article about Regul.docx
 
How to Perform Continuous Vulnerability Management
How to Perform Continuous Vulnerability ManagementHow to Perform Continuous Vulnerability Management
How to Perform Continuous Vulnerability Management
 
OSB170: What a CISO Wants
OSB170: What a CISO WantsOSB170: What a CISO Wants
OSB170: What a CISO Wants
 
First line of defense for cybersecurity : AI
First line of defense for cybersecurity : AIFirst line of defense for cybersecurity : AI
First line of defense for cybersecurity : AI
 
Open Source Security for Newbies - Best Practices
Open Source Security for Newbies - Best PracticesOpen Source Security for Newbies - Best Practices
Open Source Security for Newbies - Best Practices
 
What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?
 
Protecting endpoints from targeted attacks
Protecting endpoints from targeted attacksProtecting endpoints from targeted attacks
Protecting endpoints from targeted attacks
 
BEST CYBER SECURITY PRACTICES
BEST CYBER SECURITY PRACTICESBEST CYBER SECURITY PRACTICES
BEST CYBER SECURITY PRACTICES
 
MITRE ATT&CKcon 2.0: Prioritizing ATT&CK Informed Defenses the CIS Way; Phili...
MITRE ATT&CKcon 2.0: Prioritizing ATT&CK Informed Defenses the CIS Way; Phili...MITRE ATT&CKcon 2.0: Prioritizing ATT&CK Informed Defenses the CIS Way; Phili...
MITRE ATT&CKcon 2.0: Prioritizing ATT&CK Informed Defenses the CIS Way; Phili...
 

More from Kevin Murphy

SecureWorld Seattle Vulnerability Mgmt Nov 11 2015
SecureWorld Seattle Vulnerability Mgmt Nov 11 2015SecureWorld Seattle Vulnerability Mgmt Nov 11 2015
SecureWorld Seattle Vulnerability Mgmt Nov 11 2015
Kevin Murphy
 
Cyber Crime Seminar Jan 2015
Cyber Crime Seminar Jan 2015Cyber Crime Seminar Jan 2015
Cyber Crime Seminar Jan 2015
Kevin Murphy
 
Cyber Sec Update Secure World Seattle Nov 13, 2014
Cyber Sec Update Secure World Seattle Nov 13, 2014Cyber Sec Update Secure World Seattle Nov 13, 2014
Cyber Sec Update Secure World Seattle Nov 13, 2014
Kevin Murphy
 

More from Kevin Murphy (7)

Cyber Resilency VANCOUVER, BC Nov 2017
Cyber Resilency VANCOUVER, BC Nov 2017 Cyber Resilency VANCOUVER, BC Nov 2017
Cyber Resilency VANCOUVER, BC Nov 2017
 
Law seminars intl cybersecurity in the power industry
Law seminars intl cybersecurity in the power industryLaw seminars intl cybersecurity in the power industry
Law seminars intl cybersecurity in the power industry
 
Leveraging Compliance to “Help” Prevent a Future Breach
Leveraging Compliance to “Help” Prevent a Future BreachLeveraging Compliance to “Help” Prevent a Future Breach
Leveraging Compliance to “Help” Prevent a Future Breach
 
Cyber warfare update 2016
Cyber warfare update 2016 Cyber warfare update 2016
Cyber warfare update 2016
 
SecureWorld Seattle Vulnerability Mgmt Nov 11 2015
SecureWorld Seattle Vulnerability Mgmt Nov 11 2015SecureWorld Seattle Vulnerability Mgmt Nov 11 2015
SecureWorld Seattle Vulnerability Mgmt Nov 11 2015
 
Cyber Crime Seminar Jan 2015
Cyber Crime Seminar Jan 2015Cyber Crime Seminar Jan 2015
Cyber Crime Seminar Jan 2015
 
Cyber Sec Update Secure World Seattle Nov 13, 2014
Cyber Sec Update Secure World Seattle Nov 13, 2014Cyber Sec Update Secure World Seattle Nov 13, 2014
Cyber Sec Update Secure World Seattle Nov 13, 2014
 

Recently uploaded

一比一原版UTS毕业证悉尼科技大学毕业证成绩单如何办理
一比一原版UTS毕业证悉尼科技大学毕业证成绩单如何办理一比一原版UTS毕业证悉尼科技大学毕业证成绩单如何办理
一比一原版UTS毕业证悉尼科技大学毕业证成绩单如何办理
aagad
 
Article writing on excessive use of internet.pptx
Article writing on excessive use of internet.pptxArticle writing on excessive use of internet.pptx
Article writing on excessive use of internet.pptx
abhinandnam9997
 
1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...
JeyaPerumal1
 

Recently uploaded (12)

The AI Powered Organization-Intro to AI-LAN.pdf
The AI Powered Organization-Intro to AI-LAN.pdfThe AI Powered Organization-Intro to AI-LAN.pdf
The AI Powered Organization-Intro to AI-LAN.pdf
 
一比一原版UTS毕业证悉尼科技大学毕业证成绩单如何办理
一比一原版UTS毕业证悉尼科技大学毕业证成绩单如何办理一比一原版UTS毕业证悉尼科技大学毕业证成绩单如何办理
一比一原版UTS毕业证悉尼科技大学毕业证成绩单如何办理
 
The Best AI Powered Software - Intellivid AI Studio
The Best AI Powered Software - Intellivid AI StudioThe Best AI Powered Software - Intellivid AI Studio
The Best AI Powered Software - Intellivid AI Studio
 
Multi-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesMulti-cluster Kubernetes Networking- Patterns, Projects and Guidelines
Multi-cluster Kubernetes Networking- Patterns, Projects and Guidelines
 
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shopHistory+of+E-commerce+Development+in+China-www.cfye-commerce.shop
History+of+E-commerce+Development+in+China-www.cfye-commerce.shop
 
The+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptxThe+Prospects+of+E-Commerce+in+China.pptx
The+Prospects+of+E-Commerce+in+China.pptx
 
The Use of AI in Indonesia Election 2024: A Case Study
The Use of AI in Indonesia Election 2024: A Case StudyThe Use of AI in Indonesia Election 2024: A Case Study
The Use of AI in Indonesia Election 2024: A Case Study
 
Article writing on excessive use of internet.pptx
Article writing on excessive use of internet.pptxArticle writing on excessive use of internet.pptx
Article writing on excessive use of internet.pptx
 
Stay Ahead with 2024's Top Web Design Trends
Stay Ahead with 2024's Top Web Design TrendsStay Ahead with 2024's Top Web Design Trends
Stay Ahead with 2024's Top Web Design Trends
 
1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...1.Wireless Communication System_Wireless communication is a broad term that i...
1.Wireless Communication System_Wireless communication is a broad term that i...
 
How to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptxHow to Use Contact Form 7 Like a Pro.pptx
How to Use Contact Form 7 Like a Pro.pptx
 
ER(Entity Relationship) Diagram for online shopping - TAE
ER(Entity Relationship) Diagram for online shopping - TAEER(Entity Relationship) Diagram for online shopping - TAE
ER(Entity Relationship) Diagram for online shopping - TAE
 

Cyber Security Defense by vulnerability mgmt nov 11 2015

  • 1. Kevin J. Murphy Cyber Security Defense by Effective Vulnerability Mgmt. Director, Windows Security Architecture
  • 2. Agenda 2 • Before We Begin.. • Year in Review: Cyber Crime & Nation States, Breaches, & Trends • Core of Vulnerability Management • Best Practices • Peer discussion
  • 7. Year in Review : Baits and Social Media 7
  • 8. Year in Review : Identity Exposure 8 This data was before the US Gov. OPM breach of 21.5 million identities
  • 9. Year in Review : Attack Profiles 9
  • 10. Year in Review : Cyber crime and Nation Threats 10 • 43% of all cyber attacks originated in China in 2014. http://vpncreative.net (I don’t believe this. I think China just gets caught) • Mobile O/S and app threats are rising as vectors into the enterprise • Dating sites have targeted phishing attacks • Facebook Twitter & Pinterest –sharing links to friends that are links to malware
  • 11. Patch Management : Just Do IT! Please download this doc. Most attacks use known vulnerabilities Patches are available in most cases This should be considered as part of the normal operations
  • 12. Patch Management: Core Elements 1. Accurate Asset Inventory a. Make sure you know your assets better than your attacker. 2. Patch availability awareness a. Microsoft Security Response Center b. http://csrc.nist.gov/ c. Your software vendors 3. Timely Monitoring, Scanning & Alerting infrastructure This should be considered as part of the normal operations
  • 13. Patch Management: Core Elements 4. Type of Patches a. Core operating systems patches: Windows, Linux, Android, iOS, other b. Infrastructure patches: Cisco, Juniper, F5, Palo Alto, etc. c. Your application patches: 3rd party, your internal developed apps., mobile apps. d. Monitor tool patches e. Don’t forget your outliers: security cameras, HVAC, etc. This should be considered as part of the normal operations
  • 14. Patch Management : Deployment  Plan on rolling out patches monthly  Critical patches should be patched out of sequence if an active exploit is in progress  Always test your patches first!  Full-time team  Fully funded in your budget cycle  Patch status should be part of your normal information system reporting metrics This should be viewed as part of the normal operations of your systems
  • 15. Patch Management : Tips  Attackers would love to infect your patch and have you roll out their malware for them.  Use checksums/strong hash to verify patch integrity  Maintain configuration control  Secure network file transfer if possible  Automate and Phase your deployment to patch your high value systems first Verify your patch isn’t creating an outage Protect your patching infrastructure.
  • 16. Patch Management : Cloud Based Systems  In most cases, your cloud provided will handle patches from the hypervisor and below  You still own patching your cloud based applications  Verify you cloud service level agreements and  Make sure there are no patching gaps. (Find the coverage gaps before your attacker does.)

Editor's Notes

  1. Intel collected – By knowing all the logging sources and working with the customer to incorporate them into the Detection Controls strategy, we will know what they have and the Good, Bad, and the Ugly of the entire environment.
  2. Intel collected – By knowing all the logging sources and working with the customer to incorporate them into the Detection Controls strategy, we will know what they have and the Good, Bad, and the Ugly of the entire environment.