This presentation from the NTXISSA June 2015 Lunch and Learn meeting covers: “Survival in an evolving threat landscape” and “How to talk security in the boardroom”
What We’ve Learned Building a Cyber Security Operation Center: du Case StudyPriyanka Aash
The cybersecurity landscape is rapidly evolving, with new threats and threat actors emerging, and traditional security operations centers (SOCs) need to be augmented accordingly. This session will detail the journey of du in building and continually enhancing its SOC, physically and philosophically, to best deal with attack detection (offensively and defensively) and response.
(Source: RSA Conference USA 2017)
What We’ve Learned Building a Cyber Security Operation Center: du Case StudyPriyanka Aash
The cybersecurity landscape is rapidly evolving, with new threats and threat actors emerging, and traditional security operations centers (SOCs) need to be augmented accordingly. This session will detail the journey of du in building and continually enhancing its SOC, physically and philosophically, to best deal with attack detection (offensively and defensively) and response.
(Source: RSA Conference USA 2017)
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsShah Sheikh
Abstract: Modern day cyber threats are ever increasing in sophistication and evasiveness against Process Control Networks. Organizations in the industry are facing a constant challenge to adopt modern techniques to proactively monitor the security posture within the SCADA infrastructure whilst keeping cyber attackers and threat actors at bay.
In this presentation we will cover the fundamental building blocks of building a SCADA cyber security operations center with key responsibilities such as Incident Response Management, Vulnerability and Patch Management, Secure-by-design Architecture, Security Logging and Monitoring and how such security domains drive accountability and act as a line of authority across the PCN.
Vulnerability management is one of the most important, yet most difficult and ‘boring’ information security processes I know. As it includes stakeholders from various business functions it requires delicate design and execution. I see VM as a big data and stakeholder management challenge.
When GDPR becomes law in a few months, it will be the most wide-ranging and stringent data protection initiative in history. To prepare for this sea change, most organizations have streamlined and detailed their information security policies; however, many are unaware that immature application security programs arguably pose the biggest threat of a data breach. This oft-forgotten piece of data protection puts organizations at risk of GDPR fines.
Attend this joint webinar with Security Innovation and Smarttech247 to learn practical tips on incorporating application security best practices into an InfoSec program to achieve GDPR compliance.
Topics include:
* Summary of GDPR key concepts
* Security of data processing in software and the CIA triad
* The people and process problem of GDPR: Governance
* Using Data Protection by Design for secure design and business logic
* Assessments to verify the security of processing
Presenters:
Roman Garber, Security Innovation
Edward Skraba, Smarttech247
Top 20 Security Controls for a More Secure InfrastructureInfosec
The CIS® (Center for Internet Security, Inc.®) Controls offer 20 proven, globally recognized best practices for securing your IT systems and data against the most pervasive attacks. Join Tony Sager, CIS Senior Vice President and Chief Evangelist, to learn:
- Origin and purpose of the CIS Controls
- How to prioritize implementation
- How to make the CIS Controls a foundational part of your security program, and improve your enterprise defenses, operations, compliance and security awareness
Watch the full webinar: https://www2.infosecinstitute.com/l/12882/2018-12-06/bcbc68
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Sirius
SIEM technology has been around for years and continues to enjoy broad market adoption. Companies continue to rely on SIEM capabilities to handle proactive security monitoring, detection and response, and regulatory compliance. However, with today’s staggering volume of cyber-security threats and the number of security devices, network infrastructures and system logs, IT security staff can become quickly overwhelmed.
Gartner projects that by 2020:
-- 50% of new SIEM implementations will be delivered via SIEM as a service.
-- 60% of all advanced security analytics will be delivered from the cloud as part of SIEM-as-a-service offerings.
Identifying Code Risks in Software M&AMatt Tortora
Strategic fit and table stakes KPIs aren't the only things acquirers evaluate during the software M&A process. A software code review is one of the many components that is often overlooked by sellers.
Information technology is a complex business, at best. While IT can provide amazing benefits, it still requires vigilance and diligence to ensure it is running correctly and that it is secure. A security framework can be an excellent tool to evaluate what you might be missing and confirm that what you are already doing is spot-on correct. This session will discuss the importance of using security frameworks and walk attendees through the NIST Cyber Security Framework to review how the framework functions, how to use a framework, and most importantly, how the use of a framework can and will benefit their organization.
A Security hole in an application can cause not only major financial loss but also loss of customer confidence, trust and reputation severely impacting the business. This webinar looks at well-established industry practices to identify and secure applications from breaches while adhering with regulatory compliances.
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsShah Sheikh
Abstract: Modern day cyber threats are ever increasing in sophistication and evasiveness against Process Control Networks. Organizations in the industry are facing a constant challenge to adopt modern techniques to proactively monitor the security posture within the SCADA infrastructure whilst keeping cyber attackers and threat actors at bay.
In this presentation we will cover the fundamental building blocks of building a SCADA cyber security operations center with key responsibilities such as Incident Response Management, Vulnerability and Patch Management, Secure-by-design Architecture, Security Logging and Monitoring and how such security domains drive accountability and act as a line of authority across the PCN.
Vulnerability management is one of the most important, yet most difficult and ‘boring’ information security processes I know. As it includes stakeholders from various business functions it requires delicate design and execution. I see VM as a big data and stakeholder management challenge.
When GDPR becomes law in a few months, it will be the most wide-ranging and stringent data protection initiative in history. To prepare for this sea change, most organizations have streamlined and detailed their information security policies; however, many are unaware that immature application security programs arguably pose the biggest threat of a data breach. This oft-forgotten piece of data protection puts organizations at risk of GDPR fines.
Attend this joint webinar with Security Innovation and Smarttech247 to learn practical tips on incorporating application security best practices into an InfoSec program to achieve GDPR compliance.
Topics include:
* Summary of GDPR key concepts
* Security of data processing in software and the CIA triad
* The people and process problem of GDPR: Governance
* Using Data Protection by Design for secure design and business logic
* Assessments to verify the security of processing
Presenters:
Roman Garber, Security Innovation
Edward Skraba, Smarttech247
Top 20 Security Controls for a More Secure InfrastructureInfosec
The CIS® (Center for Internet Security, Inc.®) Controls offer 20 proven, globally recognized best practices for securing your IT systems and data against the most pervasive attacks. Join Tony Sager, CIS Senior Vice President and Chief Evangelist, to learn:
- Origin and purpose of the CIS Controls
- How to prioritize implementation
- How to make the CIS Controls a foundational part of your security program, and improve your enterprise defenses, operations, compliance and security awareness
Watch the full webinar: https://www2.infosecinstitute.com/l/12882/2018-12-06/bcbc68
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Sirius
SIEM technology has been around for years and continues to enjoy broad market adoption. Companies continue to rely on SIEM capabilities to handle proactive security monitoring, detection and response, and regulatory compliance. However, with today’s staggering volume of cyber-security threats and the number of security devices, network infrastructures and system logs, IT security staff can become quickly overwhelmed.
Gartner projects that by 2020:
-- 50% of new SIEM implementations will be delivered via SIEM as a service.
-- 60% of all advanced security analytics will be delivered from the cloud as part of SIEM-as-a-service offerings.
Identifying Code Risks in Software M&AMatt Tortora
Strategic fit and table stakes KPIs aren't the only things acquirers evaluate during the software M&A process. A software code review is one of the many components that is often overlooked by sellers.
Information technology is a complex business, at best. While IT can provide amazing benefits, it still requires vigilance and diligence to ensure it is running correctly and that it is secure. A security framework can be an excellent tool to evaluate what you might be missing and confirm that what you are already doing is spot-on correct. This session will discuss the importance of using security frameworks and walk attendees through the NIST Cyber Security Framework to review how the framework functions, how to use a framework, and most importantly, how the use of a framework can and will benefit their organization.
A Security hole in an application can cause not only major financial loss but also loss of customer confidence, trust and reputation severely impacting the business. This webinar looks at well-established industry practices to identify and secure applications from breaches while adhering with regulatory compliances.
Cyber Security in the market place: HP CTO DaySymantec
Cyber Security in the market place overview presented at HP CTO Day,covering: the current cyber-security threats to Enterprise Businesses and Government Departments, along with the board-level concerns and priorities for investment in systems and services to protect and secure their information.
Federal Webinar: Best Practices and Tools for Reducing Insider ThreatsSolarWinds
Our presenter discussed and demonstrated best practices to help detect and combat insider threats, including information about implementing the right tools, along with continuous monitoring of systems and networks to aid in mitigation and prevention. Monitoring data can help agencies make informed decisions, safeguard against insider threats, and quickly identify and fix vulnerabilities. He also suggested ideas that we believe will help to enforce good information security habits within your organization to help improve your agency’s security posture.
During this interactive webinar, attendees learned:
How event monitoring, performance monitoring, and log management can be utilized to help detect and prevent threats, and help ensure that devices are operating and being used properly
How configuration management can be leveraged to help prevent errors and reduce vulnerabilities
How the implementation of Security Incident and Event Management (SIEM) tools can better equip agencies to quickly detect and respond to security threats
How to track devices and users on your network, and maintain historic data for forensics
Ideas about building security into your IT community with daily activities and conversations
How an approach styled after a secure development lifecycle can lead to improved security practices
put the
finishing touches on this book, Twitter is busy recovering
from the latest very public and newsworthy cybersecurity
incident widely reported in the media. For every one of
these highly publicized breaches there are hundreds of
other damaging cyberattacks experienced by businesses
and government entities. To help organizations protect
themselves against and respond to information security
incidents, many of them turn to the chief information
security officer (CISO) for leadership. The CISO is
becoming the guardian of the modern business, charged
with protecting the organization against security threats
in the digital world.
This presentation shows customers how IBM Security products and services help clients transform their security program, orchestrate their defenses throughout the attack lifecycle, and protect their most critical information and risks.
Learn how to overcome security challenges, such as: identity theft, spoofed transactions, DDoS business disruption, criminal extortion and more. You'll learn how a security strategy promotes confidence in the cloud.
Protecting health and life science organizations from breaches and ransomwareCloudera, Inc.
3 Things to Learn About:
* 1. Ransomware is a particular problem and currently the highest priority for healthcare organizations. Machine learning can use the structure of a malicious email to detect an attack even before the email is opened.
* 2. Big data architectures provide the machine-learning models with the volume and variety of data required to achieve complete visibility across the spectrum of IT activity—from packets to logs to alerts.
* 3. Intel and industry partners are currently running one-hour, complimentary, confidential benchmark engagements for HLS organizations that want to see how their security compares with the industry .
This slide deck highlights the continued growth and evolution of Core Security Technologies and helps introduce an entirely new product for enterprise security testing andmeasurement - CORE INSIGHT Enterprise.
Similar to Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David Poarch (20)
Acorn Recovery: Restore IT infra within minutesIP ServerOne
Introducing Acorn Recovery as a Service, a simple, fast, and secure managed disaster recovery (DRaaS) by IP ServerOne. A DR solution that helps restore your IT infra within minutes.
This presentation by Morris Kleiner (University of Minnesota), was made during the discussion “Competition and Regulation in Professions and Occupations” held at the Working Party No. 2 on Competition and Regulation on 10 June 2024. More papers and presentations on the topic can be found out at oe.cd/crps.
This presentation was uploaded with the author’s consent.
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...Orkestra
UIIN Conference, Madrid, 27-29 May 2024
James Wilson, Orkestra and Deusto Business School
Emily Wise, Lund University
Madeline Smith, The Glasgow School of Art
0x01 - Newton's Third Law: Static vs. Dynamic AbusersOWASP Beja
f you offer a service on the web, odds are that someone will abuse it. Be it an API, a SaaS, a PaaS, or even a static website, someone somewhere will try to figure out a way to use it to their own needs. In this talk we'll compare measures that are effective against static attackers and how to battle a dynamic attacker who adapts to your counter-measures.
About the Speaker
===============
Diogo Sousa, Engineering Manager @ Canonical
An opinionated individual with an interest in cryptography and its intersection with secure software development.
Have you ever wondered how search works while visiting an e-commerce site, internal website, or searching through other types of online resources? Look no further than this informative session on the ways that taxonomies help end-users navigate the internet! Hear from taxonomists and other information professionals who have first-hand experience creating and working with taxonomies that aid in navigation, search, and discovery across a range of disciplines.
2. AGENDA
• Who is Forsythe?
• Shift is Happening
• Spending Trends
• Relationships Matter
• Adapting Defenses
• An Effective Program
• Q&A / Wrap Up
3. 3
Forsythe is one of the largest security integrators in North America.
With 44 years of deep data center expertise, we use a security lens to
help clients make smart IT investment decisions.
FORSYTHE FACTS
Migration capabilities:
• 1,400 data center
migrations
• 150 per year
• 325,000 workload
migrations
Technology Evaluation Center:
• Independent, multi-vendor test bed
• 150+ technologies
• 40+ leading manufacturers and vendors
Serve 1,000+ clients.
Retention rates:
• 100% for
top 50 clients
• 97% for
top 200 clients
Worked with 20
of the Fortune
100 companies
in 2014
1,000+ employees
• 500 engineers
and consultants
• 2,500+ certifications
• 15+ average
years of experience
$1B revenue
in 2014 and
profitable for 44
consecutive years
One of the largest
security
integrators in
North America
4. 4
FORSYTHE SECURITY BY THE NUMBERS
one of the top
security integrators
in North America
$260M practice inside
a $1.1B integrator
4 acquisitions in
the security space,
rounding out or portfolio
and expanding our
geographical footprint
13 years of experience
evaluating, managing
and delivering leading
information security
technologies
60 leading security
technology partners
and 10 leading
advisory boards
have active Forsythe
participation
100+ managed security
services clients
300 professional services
engagements per year
with 60,000 hours logged to
client work
300+ certifications
with leading security
manufacturers
$40M state-of-the-art
Technology Evaluation
Center, with over 50
engagements annually
5. 5
OPTIMIZED SECURITY PROGRAM
Processes are
monitored and
measured with
trending
Best practices
are followed
Continuous
improvements
identified and
applied
Formal
global IT risk
management
process
9. 9
229205
Median number of
days attackers were
present on a victim’s
network before they
were discovered
STATISTICS
32 64
Number of days
to resolution if
an INSIDER
was involved
Number of days it
took to resolve an
incident
Source: https://www2.fireeye.com/rs/fireye/images/rpt-m-trends-2015.pdf
256
14. 14
2012 2013 2014 2015 2016 2017 2018
SECURITY SPENDING THROUGH 2018
(In Billions Of Dollars)
90B
80B
70B
60B
50B
40B
GLOBAL & NORTH AMERICA
SPENDING
Global
NA
CAGR 8.1%
100B
30B
20B
10B
0
15. The annual cost of cyber
attacks is an average of
$11.6M. The time it takes to
resolve an attack averages
32 days, with a cost of over
$32K per day (over $1M
total).
The global economic cost of
cybercrime is currently
estimated at $400 billion* per
year; by 2020, that number
could top $3 trillion*
COST OF A
BREACH
16. 16
10 “KEY SHIFTS”
GARTNER FORESEES
1. Prevention is futile: Advanced Persistent Security Programs
2. The Post-Signature Era: Pervasive Monitoring and Detection
3. Security Big Data Analytics
4. Context-Aware Security
5. Reputation Services and “Trustability”
6. The Growing Role of Collective Intelligence
7. The Shift to Information-centric Security Strategies
8. Virtualized and x86 Software-based Security Controls
9. The Shift to Cloud-based security controls
10. The Software Defined Data Center comes
17. 17
TOP 10 SEGMENTS THROUGH 2018
21B
18B
15B
12B
9B
6B
3B
0
Top 10 Fastest Growing Segments 2014
2018
CAGR%
DAST/SAST = Dynamic/Static Application Security Testing
Other IAM = Other than Provisioning & Web Access management
26. 26
Core Risk
Reduction
Enhanced
Risk
Reduction
Core Security
State
Enhanced
Security State
Optimized
Security
• Processes are
ad hoc and
disorganized
• Security is not
defined
• No mgmt
reporting
metrics
• Security is a
reactive
process
• Processes
follow a regular
pattern
• Security is
defined but not
aligned with
business
objectives
• No mgmt
reporting
• Security
involvement in
projects and
initiatives are
ad hoc
• Processes are
documented and
communicated
• Formal integrated
policy suite,
with links to
workforce
awareness,
education,
and training
programs
• From a risk mgmt
committee
• Limited mgmt
reporting
• Processes are
monitored and
measured
• Formal global IT
risk mgmt
process
• Full mgmt
reporting
• Consistent and
repeatable
process
• Processes are
monitored and
measured with
trending
• Best practices are
followed
• Continuous
improvements
identified and
applied
• Formal global
IT risk mgmt
process
PROGRAM
MATURITY MODEL