Modern workplace environments are rapidly becoming cyber attackers’ prime target, because of the broad attack surface that our cloud-based digitalization offers. We, as an employee in the office or at home are always ‘connected’ and we are mixing personal with professional matters all the time. With BYOD (bring your own device) policies and all those cool SaaS cloud apps we love to use; company data and users are moving constantly outside the network perimeter of the company. Recent breaches clearly demonstrate that the traditional network security approach doesn’t work anymore within this ever-changing cyber threat landscape. Securing a modern workplace across identities, endpoints, user data, cloud apps and infrastructure becomes quite a challenge.
Stopping cyber attackers’ threats requires an innovative approach, with evolving technology powered by AI & machine learning. In this session we will give you a sneak peak of the current tactics cyber attackers are using to get their foot between the door and how modern cyber defense tooling is used to detect and stop these threats.
15. Security in a cloud enabled world
Cloud service provider responsibility
Tenantresponsibility
Your responsibility for security is based on the type
of cloud service selected.
Cybersecurity threats make security more
challenging – however the public cloud makes it
easier for you to manage as the security load
shifts to the service provider.
16. Who is looking to attack you?
Script kiddie
Hacktivist
Malicious insiders
Hackers
Cybercrime Syndicates
Nation state sponsored hackers
19. Azure ATPMicrosoft Defender ATP
Identity protectionEnd Point protection
Office 365 ATP
Windows Defender AV
User browses to a
website
Phishing
mail
Opens
attachment
Clicks on a URL
+
Exploitation
&
Installation
Command
&
Control
Brute force account or
use stolen account credentials
User account
is compromised
Attacker
attempts
lateral
movement
Privileged
account
compromised
Domain
compromised
Attacker accesses
sensitive data
Exfiltrate data
Phishing kill chain -
Attacker
performs
Reconnaissance
Next Gen AV
Email protection
Cloud App Security
Extends protection & conditional
access to other cloud apps
Azure AD Identity Protection
Identity protection &
conditional access
22. IF
Privileged user?
Credentials found in public?
Accessing critical app?
(Un)managed device?
Malware detected?
IP detected in Botnet?
Impossible travel?
Anonymous client?
High
Medium
Low
User risk
10TB
per day
THEN
Require MFA
Allow access
Deny access
Force password reset******
Limit access
High
Medium
Low
Session risk
AZURE AD
CONDITIONAL
ACCESS
User
Device
Apps
Location
23.
24.
25.
26.
27. Some cases out of the field
1) De ‘huis-tuin & keuken’ hack = phishing attempt
2) Targeted Ransomware attack
36. ➢ IAM is your new first line of defense: Strong Identity & Access management
(Conditional Access, MFA,…)
➢ Threat detection & protection across the kill chain (Endpoints n°1)
➢ Detect Cloud Shadow IT
➢ Security awareness / security hygiene
➢ Follow-up on Security Operations
➢ Cyber Remediation playbooks & IT best practices
37. HOW CAN WE HELP YOU?
Security & Risk
Assessment
Audit the AS IS security &
compliance set-up, needs
and pains
Set-up
consultancy
Pilot POC
A to Z implementation
services, coaching &
guidance
Security Blueprint &
Roadmap
Design of the best-practice
TO BE security architecture
& roadmap forward
Monitor
24/7 monitoring, alert
analysis, remediation
support
A t o Z G U I D A N C E