Duo Security, profile picture
Uploaded byDuo Security
662 views

How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authentication

The document presents insights on stopping targeted attacks and avoiding 'expense in depth' through strong authentication, featuring speakers from Forrester Research, Duo Security, and the University of Tennessee. Key topics include the necessity of a robust security strategy, the importance of strong authentication, and the implementation of multi-factor authentication strategies. The discussion highlights the evolution of security in response to rising user-targeted attacks and emphasizes a zero trust environment as crucial for effective defense.

Embed presentation

How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authentication Presented by Duo Security with guests Forrester Research and University of Tennessee, Knoxville September 25, 2014 #duowebinar
Agenda Rick Holland, Forrester Research How To Stop Targeted Attacks and Avoid “Expense In Depth” with Strong Authentication Brian Kelly, Duo Security How Duo Helps You Avoid “Expense In Depth” Bob Hillhouse, University of Tennessee, Knoxville A Case for Multi-factor Authentication #duowebinar
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authentication Rick Holland, Principal Analyst Forrester Research #duowebinar
Agenda › Targeted attacks! › Targeted-Attack Hierarchy Of Needs › Recommendations © 2014 Forrester Research, Inc. Reproduction Prohibited
APT! © 2014 Forrester Research, Inc. Reproduction Prohibited
Heartbleed OpenSSL vulnerability exploited to compromise SSL VPN © 2014 Forrester Research, Inc. Reproduction Prohibited
Adversaries are on shopping sprees © 2014 Forrester Research, Inc. Reproduction Prohibited
Except the adversary isn’t being timed © 2014 Forrester Research, Inc. Reproduction Prohibited
We are hyper focused on the © 2014 Forrester Research, Inc. Reproduction Prohibited WRONG things
Anything but the data © 2014 Forrester Research, Inc. Reproduction Prohibited Malware sandboxes Alert driven security Perimeter security controls
Agenda › Targeted attacks! › Targeted-Attack Hierarchy Of Needs › Recommendations © 2014 Forrester Research, Inc. Reproduction Prohibited
Targeted-Attack Hierarchy Of Needs © 2014 Forrester Research, Inc. Reproduction Prohibited
Targeted-Attack Hierarchy Of Needs © 2014 Forrester Research, Inc. Reproduction Prohibited
Targeted-Attack Hierarchy Of Needs Need No. 1: An Actual Security Strategy © 2014 Forrester Research, Inc. Reproduction Prohibited
Silver bullets, for investment not defense © 2014 Forrester Research, Inc. Reproduction Prohibited
Expense in Depth © 2014 Forrester Research, Inc. Reproduction Prohibited
Targeted-Attack Hierarchy Of Needs Need No. 2: A Dedication To Recruiting And Retaining Staff © 2014 Forrester Research, Inc. Reproduction Prohibited
Lack of staff is a problem © 2014 Forrester Research, Inc. Reproduction Prohibited
Targeted-Attack Hierarchy Of Needs Need No. 3: A Focus On The Fundamentals © 2014 Forrester Research, Inc. Reproduction Prohibited
A Focus On The Fundamentals © 2014 Forrester Research, Inc. Reproduction Prohibited
Forrester’s Zero Trust model © 2014 Forrester Research, Inc. Reproduction Prohibited
Forrester’s Zero Trust model © 2014 Forrester Research, Inc. Reproduction Prohibited
Zero Trust is fundamental © 2014 Forrester Research, Inc. Reproduction Prohibited
Strong Authentication › Strong authentication is critical for disrupting attackers © 2014 Forrester Research, Inc. Reproduction Prohibited
Strong Authentication › Strong auth is critical for disrupting attackers › Protect your VPNs and Citrix but don’t forget about SaaS applications › Consider step up authentication for admins © 2014 Forrester Research, Inc. Reproduction Prohibited
Least privilege › Privileged accounts need to be monitored and audited › Don’t share local admin passwords across all hosts › Work towards a data classification program © 2014 Forrester Research, Inc. Reproduction Prohibited
Detecting lateral movement › Segment your network › Deploy visibility to key ingress/egress chokepoints › NETFLOW can be used for lateral movement detection © 2014 Forrester Research, Inc. Reproduction Prohibited
Agenda › Targeted attacks! › Targeted-Attack Hierarchy Of Needs › Recommendations © 2014 Forrester Research, Inc. Reproduction Prohibited
Return on Expense in Depth? © 2014 Forrester Research, Inc. Reproduction Prohibited
Recommendations › Evaluate your potential investments › What provides greatest marginal return on your investment? › What technology reduces the greatest attack surface? © 2014 Forrester Research, Inc. Reproduction Prohibited
Thank you Rick Holland rholland@forrester.com Twitter: @rickhholland
How Duo Helps You Avoid “Expense In Depth” Brian Kelly, Principal Product Marketing Manager Duo Security #duowebinar
Adoption of cloud, mobile, and BYOD is accelerating dramatically    # #  &  ☁#☁# IT 1.0: Mainframe IT 2.0: Client/Server IT 3.0: Cloud/Mobile
   # #  &   &   &  ☁#☁# 1995 2000 2005 2010  &  Data Breaches Along this same timeline we’ve also seen dramatic growth in user-targeted attacks
   # #  &   &   &  ☁#☁# 1995 2000 2005 2010  &  Data Breaches Why?
What’s new in IT 3.0? ‣ Users ‣ Access from anywhere ‣ “Zero Trust” environment ‣ Devices ‣ Mobile proliferation ‣ BYOD acceptance ‣ Services ‣ Diminishing perimeter ‣ Platform and Software -as-a-Service  &  ☁#☁#
What’s new in Security 3.0? ‣ Users ‣ Access from anywhere ‣ “Zero Trust” environment ‣ Devices ‣ Mobile proliferation ‣ BYOD acceptance ‣ Services ‣ Diminishing perimeter ‣ Platform and Software -as-a-Service Better OS and app security …but, limited endpoint control Better service security …but, limited network visibility
What’s new in Security 3.0? ‣ Users ‣ Access from anywhere ‣ “Zero Trust” environment ‣ Devices ‣ Mobile proliferation ‣ BYOD acceptance ‣ Services ‣ Diminishing perimeter ‣ Platform and Software -as-a-Service User-targeted attacks Credentials are easily stolen • Phished • Guessed • Keylogged • Sniffed • Cracked • Reused • Bypassed
100% OF BREACHES involve stolen credentials — Mandiant Source: mandiant.com/threat-landscape and M-Trends annual reports
advanced adversary will compromise your environment and accomplish their goal. The Targeted Attack Figure 2 The Hierarchy Targeted-Attack Hierarchy Of Of Needs Needs Detection and response Prevention An integrated portfolio that enables orchestration A focus on the fundamentals A dedication to recruiting and retaining staff An actual security strategy 107121 Source: Forrester Research,
advanced adversary will compromise your environment and accomplish their goal. The Targeted Attack Figure 2 The Hierarchy Targeted-Attack Hierarchy Of Of Needs Needs Detection and response Prevention An integrated portfolio that enables orchestration A focus on the fundamentals A dedication to recruiting and retaining staff An actual security strategy 107121 Source: Forrester Research, Back to Basics ‣ Patch, harden, update (everything) ‣ Segment data, services, networks ‣ Review access controls (often) ‣ Inspect endpoints, enforce policy ‣ Require strong authentication
Legacy two-factor authentication solutions overlook TCO On boarding Deployment $  #  ✉ $ $ $ Management Login  ⚠  ⏲
Duo Security minimizes cost throughout 2FA lifecycle On boarding Deployment ☁ . Management Login / 
Thousands Getting Better Security, Not Just More duosecurity.com/success-stories
A Case For Multi-Factor Authentication Bob Hillhouse, Associate CIO and CISO University of Tennessee, Knoxville #duowebinar
Cast ▪ The University of Tennessee, Knoxville ▪ 57 merchants across campus ▪ 130 Users; 150 Devices ▪ The UT Office of the Treasurer ▪ The Office of Information Technology (OIT)
Act I - Prelude ▪ PCI-DSS Requirement 8.3 – Incorporate two-factor authentication for remote access to the network by employees, administrators, and third parties… ▪ 150 devices in the PCI-Subnet require Remote Desktop Services (RDP)
Act II – The Timeline ▪ 8:00 AM ▪ 8:15 AM ▪ 8:30 AM ▪ 9:00 AM
Act III – Prologue ▪ 2013 – The end of strong password-only security. – http://duo.sc/utk-vid
Epilogue ▪ Compliance Goal was met ▪ Next: Two-Factor Authentication for all central IT staff using the VPN – 200 additional users ▪ Next: Two-Factor Authentication for all VPN Users – Usage Patterns – Establish scope (Campus-wide? Privileged Users Only?)
Questions + Answers #duowebinar Rick Holland, Forrester Research rholland@forrester.com @rickhholland Brian Kelly, Duo Security bkelly@duosecurity.com @resetbrian Bob Hillhouse, University of Tennessee, Knoxville bob@utk.edu @ut_oit

More Related Content

PDF
Securing Access to PeopleSoft ERP with Duo Security and GreyHeller
byDuo Security
 
PDF
Security Fact & Fiction: Three Lessons from the Headlines
byDuo Security
 
PDF
Forrester and Duo Security Webinar - 5 Signs You're Doing Authentication Wrong
byDuo Security
 
PDF
Security For The People: End-User Authentication Security on the Internet by ...
byDuo Security
 
PDF
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
byBrian Kelly
 
PPTX
Kent King - PKI: Do You Know Your Exposure?
bycentralohioissa
 
PDF
Understanding Cyber Kill Chain and OODA loop
byDavid Sweigert
 
PPTX
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
bymdagrossa
 
Securing Access to PeopleSoft ERP with Duo Security and GreyHeller
byDuo Security
 
Security Fact & Fiction: Three Lessons from the Headlines
byDuo Security
 
Forrester and Duo Security Webinar - 5 Signs You're Doing Authentication Wrong
byDuo Security
 
Security For The People: End-User Authentication Security on the Internet by ...
byDuo Security
 
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
byBrian Kelly
 
Kent King - PKI: Do You Know Your Exposure?
bycentralohioissa
 
Understanding Cyber Kill Chain and OODA loop
byDavid Sweigert
 
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
bymdagrossa
 

What's hot

PPTX
Application Security Architecture and Threat Modelling
byPriyanka Aash
 
PPTX
Jim Wojno: Incident Response - No Pain, No Gain!
bycentralohioissa
 
PPTX
The state of endpoint defense in 2021
byAdrian Sanabria
 
PDF
DATA LOSS PREVENTION OVERVIEW
bySylvain Martinez
 
PDF
What Happens Before the Kill Chain
byOpenDNS
 
PDF
Addressing the cyber kill chain
bySymantec Brasil
 
PPTX
Operationalizing Security Intelligence
bySplunk
 
PPT
Top Tactics For Endpoint Security
byBen Rothke
 
PDF
Corporate threat vector and landscape
byyohansurya2
 
PDF
Overview of the Cyber Kill Chain [TM]
byDavid Sweigert
 
PDF
Cyber Kill Chain Deck for General Audience
byTom K
 
PPTX
How I Learned to Stop Information Sharing and Love the DIKW
bySounil Yu
 
PDF
Hands on Security, Disrupting the Kill Chain, SplunkLive! Austin
bySplunk
 
PPTX
New Paradigms for the Next Era of Security
bySounil Yu
 
PPTX
Ransomware Has Evolved And So Should Your Company
byVeriato
 
PDF
Two-factor authentication- A sample writing _Zaman
byAsad Zaman
 
PPTX
The Internal Signs of Compromise
byFireEye, Inc.
 
PDF
CSF18 - Incident Response in the Cloud - Yuri Diogenes
byNCCOMMS
 
PDF
Automation: The Wonderful Wizard of CTI (or is it?)
byMITRE ATT&CK
 
PPTX
Keynote Session : The Non - Evolution of Security
byPriyanka Aash
 
Application Security Architecture and Threat Modelling
byPriyanka Aash
 
Jim Wojno: Incident Response - No Pain, No Gain!
bycentralohioissa
 
The state of endpoint defense in 2021
byAdrian Sanabria
 
DATA LOSS PREVENTION OVERVIEW
bySylvain Martinez
 
What Happens Before the Kill Chain
byOpenDNS
 
Addressing the cyber kill chain
bySymantec Brasil
 
Operationalizing Security Intelligence
bySplunk
 
Top Tactics For Endpoint Security
byBen Rothke
 
Corporate threat vector and landscape
byyohansurya2
 
Overview of the Cyber Kill Chain [TM]
byDavid Sweigert
 
Cyber Kill Chain Deck for General Audience
byTom K
 
How I Learned to Stop Information Sharing and Love the DIKW
bySounil Yu
 
Hands on Security, Disrupting the Kill Chain, SplunkLive! Austin
bySplunk
 
New Paradigms for the Next Era of Security
bySounil Yu
 
Ransomware Has Evolved And So Should Your Company
byVeriato
 
Two-factor authentication- A sample writing _Zaman
byAsad Zaman
 
The Internal Signs of Compromise
byFireEye, Inc.
 
CSF18 - Incident Response in the Cloud - Yuri Diogenes
byNCCOMMS
 
Automation: The Wonderful Wizard of CTI (or is it?)
byMITRE ATT&CK
 
Keynote Session : The Non - Evolution of Security
byPriyanka Aash
 

Viewers also liked

PPTX
Wines of France
byAshish Gupta
 
POTX
Social media bishop haley
byHaley Bishop
 
PDF
Скидки и акции в универсамах Магнит с 13 по 26 января 2016
bymbych
 
PPT
BETT: Educational Change
byDannno
 
DOCX
Online assignment
byparvathyvspettah
 
PPT
overdorp_v2
byMark de Bruin
 
DOCX
tello resume
bymatthew tello
 
PDF
Скидки и акции в магазинах Магнит с 04 по 17 ноября 2015г.
byМихаил Бычков
 
PDF
Information Security Management 101
byJerod Brennen
 
Wines of France
byAshish Gupta
 
Social media bishop haley
byHaley Bishop
 
Скидки и акции в универсамах Магнит с 13 по 26 января 2016
bymbych
 
BETT: Educational Change
byDannno
 
Online assignment
byparvathyvspettah
 
overdorp_v2
byMark de Bruin
 
tello resume
bymatthew tello
 
Скидки и акции в магазинах Магнит с 04 по 17 ноября 2015г.
byМихаил Бычков
 
Information Security Management 101
byJerod Brennen
 

Similar to How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authentication

PDF
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
byDean Iacovelli
 
PPTX
ciso-workshop-3-identity-protection.pptx
byelyas44
 
PPTX
Presentation for information security & hacking
byfaizanmalik255119
 
PDF
The hacker playbook: How to think and act like a cybercriminal to reduce risk...
byPaula Januszkiewicz
 
PPTX
Make your Azure PaaS Deployment More Safe
byThuan Ng
 
PPTX
Webinar: Beyond Two-Factor: Secure Access Control for Office 365
bySecureAuth
 
PPTX
6 Biggest Cyber Security Risks and How You Can Fight Back
byMTG IT Professionals
 
DOCX
Hot Cyber Security Technologies
byRuchikaSachdeva4
 
PPTX
Identity and Security in the Cloud
byRichard Diver
 
PPTX
Indianapolis Splunk User Group Dec 22
byWesComer2
 
PDF
Industry Overview: Big Data Fuels Intelligence-Driven Security
byEMC
 
PPTX
Mapping the Enterprise Threat, Risk, and Security Control Landscape with Splunk
byAndrew Gerber
 
PPTX
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...
bySecureAuth
 
PDF
Strong authentication implementation guide
byNis
 
PPTX
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
byEC-Council
 
PDF
1. security 20 20 - ebook-vol2
byAdela Cocic
 
PPTX
Stopping Breaches at the Perimeter: Strategies for Secure Access Control
bySecureAuth
 
PDF
Big Data & Security Have Collided - What Are You Going to do About It?
byEMC
 
PPTX
Infosec is Broken “did you bring a knife to a gun fight?"
byJorge Sebastiao
 
PDF
Building Security Controls around Attack Models
bySeniorStoryteller
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
byDean Iacovelli
 
ciso-workshop-3-identity-protection.pptx
byelyas44
 
Presentation for information security & hacking
byfaizanmalik255119
 
The hacker playbook: How to think and act like a cybercriminal to reduce risk...
byPaula Januszkiewicz
 
Make your Azure PaaS Deployment More Safe
byThuan Ng
 
Webinar: Beyond Two-Factor: Secure Access Control for Office 365
bySecureAuth
 
6 Biggest Cyber Security Risks and How You Can Fight Back
byMTG IT Professionals
 
Hot Cyber Security Technologies
byRuchikaSachdeva4
 
Identity and Security in the Cloud
byRichard Diver
 
Indianapolis Splunk User Group Dec 22
byWesComer2
 
Industry Overview: Big Data Fuels Intelligence-Driven Security
byEMC
 
Mapping the Enterprise Threat, Risk, and Security Control Landscape with Splunk
byAndrew Gerber
 
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...
bySecureAuth
 
Strong authentication implementation guide
byNis
 
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
byEC-Council
 
1. security 20 20 - ebook-vol2
byAdela Cocic
 
Stopping Breaches at the Perimeter: Strategies for Secure Access Control
bySecureAuth
 
Big Data & Security Have Collided - What Are You Going to do About It?
byEMC
 
Infosec is Broken “did you bring a knife to a gun fight?"
byJorge Sebastiao
 
Building Security Controls around Attack Models
bySeniorStoryteller
 

More from Duo Security

PDF
A Place to Hang Our Hats: Security Community and Culture by Domenic Rizzolo
byDuo Security
 
PDF
Internet of Fails: Where IoT Has Gone Wrong and How We're Making it Right by ...
byDuo Security
 
PDF
Making Web Development "Secure By Default"
byDuo Security
 
PDF
Probing Mobile Operator Networks - Collin Mulliner
byDuo Security
 
PDF
The Real Deal of Android Device Security: The Third Party
byDuo Security
 
PDF
No Apology Required: Deconstructing BB10
byDuo Security
 
PDF
The Internet of Things: We've Got to Chat
byDuo Security
 
A Place to Hang Our Hats: Security Community and Culture by Domenic Rizzolo
byDuo Security
 
Internet of Fails: Where IoT Has Gone Wrong and How We're Making it Right by ...
byDuo Security
 
Making Web Development "Secure By Default"
byDuo Security
 
Probing Mobile Operator Networks - Collin Mulliner
byDuo Security
 
The Real Deal of Android Device Security: The Third Party
byDuo Security
 
No Apology Required: Deconstructing BB10
byDuo Security
 
The Internet of Things: We've Got to Chat
byDuo Security
 

Recently uploaded

PDF
Greetings All Students Update 3 by Mia Corp
by©LDMMIA, ©Reiki Yoga
 
PDF
How Mobile Apps Are Shaping the Future of Digital Innovation
byWilliam Taylor
 
PDF
The year in review - MarvelClient in 2025
bypanagenda
 
PDF
Top Cybersecurity Threats 2025 Guide by Sureshdas
byPrintersassist
 
DOCX
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
PPTX
Combining Induction and Transduction for Abstract Reasoning.pptx
byallen578468
 
PDF
Agentic Automation for Testers – A Hands-On Deep Dive
byUiPathCommunity
 
PDF
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
PDF
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
PDF
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
PDF
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 
PDF
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
PDF
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
PDF
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
PDF
Generative AI in UiPath: Mastering the Generative Extractor for Intelligent D...
byDianaGray10
 
PDF
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
PDF
The Ultimate Guide to Problem Management Dashboards for IT Teams.pdf
byomnex systems
 
PDF
AI Technology important knowledge ......
byutkarshj2007
 
PDF
eResource Scheduler Enterprise Resource Management and Scheduling Software.pdf
byeResource Scheduler
 
Greetings All Students Update 3 by Mia Corp
by©LDMMIA, ©Reiki Yoga
 
How Mobile Apps Are Shaping the Future of Digital Innovation
byWilliam Taylor
 
The year in review - MarvelClient in 2025
bypanagenda
 
Top Cybersecurity Threats 2025 Guide by Sureshdas
byPrintersassist
 
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
Combining Induction and Transduction for Abstract Reasoning.pptx
byallen578468
 
Agentic Automation for Testers – A Hands-On Deep Dive
byUiPathCommunity
 
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
Generative AI in UiPath: Mastering the Generative Extractor for Intelligent D...
byDianaGray10
 
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
The Ultimate Guide to Problem Management Dashboards for IT Teams.pdf
byomnex systems
 
AI Technology important knowledge ......
byutkarshj2007
 
eResource Scheduler Enterprise Resource Management and Scheduling Software.pdf
byeResource Scheduler
 

How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authentication

  • 1.
    How To StopTargeted Attacks And Avoid “Expense In Depth” With Strong Authentication Presented by Duo Security with guests Forrester Research and University of Tennessee, Knoxville September 25, 2014 #duowebinar
  • 2.
    Agenda Rick Holland,Forrester Research How To Stop Targeted Attacks and Avoid “Expense In Depth” with Strong Authentication Brian Kelly, Duo Security How Duo Helps You Avoid “Expense In Depth” Bob Hillhouse, University of Tennessee, Knoxville A Case for Multi-factor Authentication #duowebinar
  • 3.
    How To StopTargeted Attacks And Avoid “Expense In Depth” With Strong Authentication Rick Holland, Principal Analyst Forrester Research #duowebinar
  • 4.
    Agenda › Targetedattacks! › Targeted-Attack Hierarchy Of Needs › Recommendations © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 5.
    APT! © 2014Forrester Research, Inc. Reproduction Prohibited
  • 6.
    Heartbleed OpenSSL vulnerability exploited to compromise SSL VPN © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 7.
    Adversaries are onshopping sprees © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 8.
    Except the adversaryisn’t being timed © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 9.
    We are hyperfocused on the © 2014 Forrester Research, Inc. Reproduction Prohibited WRONG things
  • 10.
    Anything but the data © 2014 Forrester Research, Inc. Reproduction Prohibited Malware sandboxes Alert driven security Perimeter security controls
  • 11.
    Agenda › Targetedattacks! › Targeted-Attack Hierarchy Of Needs › Recommendations © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 12.
    Targeted-Attack Hierarchy OfNeeds © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 13.
    Targeted-Attack Hierarchy OfNeeds © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 14.
    Targeted-Attack Hierarchy OfNeeds Need No. 1: An Actual Security Strategy © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 15.
    Silver bullets, forinvestment not defense © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 16.
    Expense in Depth © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 17.
    Targeted-Attack Hierarchy OfNeeds Need No. 2: A Dedication To Recruiting And Retaining Staff © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 18.
    Lack of staffis a problem © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 19.
    Targeted-Attack Hierarchy OfNeeds Need No. 3: A Focus On The Fundamentals © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 20.
    A Focus OnThe Fundamentals © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 21.
    Forrester’s Zero Trustmodel © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 22.
    Forrester’s Zero Trustmodel © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 23.
    Zero Trust isfundamental © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 24.
    Strong Authentication ›Strong authentication is critical for disrupting attackers © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 25.
    Strong Authentication ›Strong auth is critical for disrupting attackers › Protect your VPNs and Citrix but don’t forget about SaaS applications › Consider step up authentication for admins © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 26.
    Least privilege ›Privileged accounts need to be monitored and audited › Don’t share local admin passwords across all hosts › Work towards a data classification program © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 27.
    Detecting lateral movement › Segment your network › Deploy visibility to key ingress/egress chokepoints › NETFLOW can be used for lateral movement detection © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 28.
    Agenda › Targetedattacks! › Targeted-Attack Hierarchy Of Needs › Recommendations © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 29.
    Return on Expensein Depth? © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 30.
    Recommendations › Evaluateyour potential investments › What provides greatest marginal return on your investment? › What technology reduces the greatest attack surface? © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 31.
    Thank you RickHolland rholland@forrester.com Twitter: @rickhholland
  • 32.
    How Duo HelpsYou Avoid “Expense In Depth” Brian Kelly, Principal Product Marketing Manager Duo Security #duowebinar
  • 33.
    Adoption of cloud,mobile, and BYOD is accelerating dramatically    # #  &  ☁#☁# IT 1.0: Mainframe IT 2.0: Client/Server IT 3.0: Cloud/Mobile
  • 34.
       # #  &   &   &  ☁#☁# 1995 2000 2005 2010  &  Data Breaches Along this same timeline we’ve also seen dramatic growth in user-targeted attacks
  • 35.
       # #  &   &   &  ☁#☁# 1995 2000 2005 2010  &  Data Breaches Why?
  • 36.
    What’s new inIT 3.0? ‣ Users ‣ Access from anywhere ‣ “Zero Trust” environment ‣ Devices ‣ Mobile proliferation ‣ BYOD acceptance ‣ Services ‣ Diminishing perimeter ‣ Platform and Software -as-a-Service  &  ☁#☁#
  • 37.
    What’s new inSecurity 3.0? ‣ Users ‣ Access from anywhere ‣ “Zero Trust” environment ‣ Devices ‣ Mobile proliferation ‣ BYOD acceptance ‣ Services ‣ Diminishing perimeter ‣ Platform and Software -as-a-Service Better OS and app security …but, limited endpoint control Better service security …but, limited network visibility
  • 38.
    What’s new inSecurity 3.0? ‣ Users ‣ Access from anywhere ‣ “Zero Trust” environment ‣ Devices ‣ Mobile proliferation ‣ BYOD acceptance ‣ Services ‣ Diminishing perimeter ‣ Platform and Software -as-a-Service User-targeted attacks Credentials are easily stolen • Phished • Guessed • Keylogged • Sniffed • Cracked • Reused • Bypassed
  • 39.
    100% OF BREACHES involve stolen credentials — Mandiant Source: mandiant.com/threat-landscape and M-Trends annual reports
  • 40.
    advanced adversary willcompromise your environment and accomplish their goal. The Targeted Attack Figure 2 The Hierarchy Targeted-Attack Hierarchy Of Of Needs Needs Detection and response Prevention An integrated portfolio that enables orchestration A focus on the fundamentals A dedication to recruiting and retaining staff An actual security strategy 107121 Source: Forrester Research,
  • 41.
    advanced adversary willcompromise your environment and accomplish their goal. The Targeted Attack Figure 2 The Hierarchy Targeted-Attack Hierarchy Of Of Needs Needs Detection and response Prevention An integrated portfolio that enables orchestration A focus on the fundamentals A dedication to recruiting and retaining staff An actual security strategy 107121 Source: Forrester Research, Back to Basics ‣ Patch, harden, update (everything) ‣ Segment data, services, networks ‣ Review access controls (often) ‣ Inspect endpoints, enforce policy ‣ Require strong authentication
  • 42.
    Legacy two-factor authenticationsolutions overlook TCO On boarding Deployment $  #  ✉ $ $ $ Management Login  ⚠  ⏲
  • 43.
    Duo Security minimizescost throughout 2FA lifecycle On boarding Deployment ☁ . Management Login / 
  • 44.
    Thousands Getting BetterSecurity, Not Just More duosecurity.com/success-stories
  • 45.
    A Case ForMulti-Factor Authentication Bob Hillhouse, Associate CIO and CISO University of Tennessee, Knoxville #duowebinar
  • 46.
    Cast ▪ TheUniversity of Tennessee, Knoxville ▪ 57 merchants across campus ▪ 130 Users; 150 Devices ▪ The UT Office of the Treasurer ▪ The Office of Information Technology (OIT)
  • 47.
    Act I -Prelude ▪ PCI-DSS Requirement 8.3 – Incorporate two-factor authentication for remote access to the network by employees, administrators, and third parties… ▪ 150 devices in the PCI-Subnet require Remote Desktop Services (RDP)
  • 48.
    Act II –The Timeline ▪ 8:00 AM ▪ 8:15 AM ▪ 8:30 AM ▪ 9:00 AM
  • 49.
    Act III –Prologue ▪ 2013 – The end of strong password-only security. – http://duo.sc/utk-vid
  • 50.
    Epilogue ▪ ComplianceGoal was met ▪ Next: Two-Factor Authentication for all central IT staff using the VPN – 200 additional users ▪ Next: Two-Factor Authentication for all VPN Users – Usage Patterns – Establish scope (Campus-wide? Privileged Users Only?)
  • 51.
    Questions + Answers#duowebinar Rick Holland, Forrester Research rholland@forrester.com @rickhholland Brian Kelly, Duo Security bkelly@duosecurity.com @resetbrian Bob Hillhouse, University of Tennessee, Knoxville bob@utk.edu @ut_oit