SlideShare a Scribd company logo

WE16 - Defense in Depth: Top 10 Critical Security Controls

Download as PPT, PDF
Society of Women Engineers
Society of Women Engineers

The document discusses the top 10 critical security controls as identified by the Center for Internet Security. It provides an overview of each control, including taking inventory of hardware and software, securing configurations, continuous vulnerability assessment, controlling administrative privileges, maintaining audit logs, email and web protections, malware defenses, limiting network ports and services, and ensuring data recovery capabilities. The controls are based on actual attacks and focus on priorities over one-size-fits-all solutions. The presentation encourages organizations to implement these controls to strengthen their cybersecurity defenses.

Engineering
1 of 16
Copyright © 2016 Raytheon Company. All rights reserved. Defense in Depth: Top 10 Critical Security Controls Mary Y Wang October 28, 2016 Non-Export controlled technical information N o n - e x p o r t c o n t r o l l e d t e c h n i c a l i n f o r m a t i o n Annual Women Engineers Conference 2016
Why Center for Internet Security (CIS) Critical Security Controls Work? Based on actual attacks and effective defenses Based on priorities Not one-size-fits-all solutions Non-Export controlled technical information Non-Export controlled technical information
1. Inventory of Hardware  Authorized and Unauthorized Devices – Attackers are continuously scanning the target organizations – Attackers are waiting for new and unprotected systems to be attached to network Non-Export controlled technical information Non-Export controlled technical information
2. Inventory of Software  Authorized and Unauthorized Software –Attackers are continuously looking for vulnerable versions of software that can be remotely exploited Non-Export controlled technical information Non-Export controlled technical information
3. Secure Configurations of Hardware and Software  Default configurations are for ease-of-use not security  Open services, ports, default account or passwords –Can be exploitable Non-Export controlled technical information Non-Export controlled technical information
4. Continuous Vulnerability Assessment and Remediation  Scan for vulnerabilities and address discovered flaws  Understand and manage vulnerabilities is a continuous discovered activity  Attackers have the same information – Race to deploy an attack Non-Export controlled technical information Non-Export controlled technical information
5. Controlled Use of Administrative Privileges  Track and control the use of administrative privileges  Attackers can take advantage of uncontrolled administrative privileges –Can crack the password Non-Export controlled technical information Non-Export controlled technical information
6. Maintenance, Monitoring and Analysis of Audit Logs  Collect, analyze audit logs of events – Detect an attack – Recover from an attack  Sometimes, logs are the only evidence of an attack  Attackers can also hide their activities Non-Export controlled technical information Non-Export controlled technical information
7. Email and Web Browser Protections  Minimize the attack surface through web browsers –Fully up to date and patched –Default – not installing plugins, ActiveX controls –Block third-party cookies  Attackers use phishing emails as the entry point of attack Non-Export controlled technical information Non-Export controlled technical information
8. Malware Defenses  Control the installation and spread of malicious code  Attackers can use malware to attack target organizations via number of entry points like end- user devices, email attachments and web pages Non-Export controlled technical information Non-Export controlled technical information
9. Limitation and Control of Network Ports and Services Manage and track the use of ports, protocols and services Attackers are continuously searching for remotely accessible network services and open ports Non-Export controlled technical information Non-Export controlled technical information
10. Data Recovery Capability  Backup critical information  When attackers compromise systems – Make significant changes to configurations of software – Make alterations of data  When discovered, need to remove all data that have been altered by attackers Non-Export controlled technical information Non-Export controlled technical information
Win the Cyber War !!
Biography Mary Y Wang Information Systems Security Officer Raytheon Space and Airborne Systems, California Mary Wang joined Raytheon in August, 2015. Currently, she works in the Raytheon Space and Airborne Systems Information Assurance organization. She has a strong passion in cybersecurity especially in the penetration testing and application security areas. Prior to joining Raytheon, she was a Senior Software Engineer and Project Lead at The Boeing Company. She worked on a variety of software projects at Boeing. Mary holds a Bachelor of Science degree in Computer Science and Masters degree in Master Business Administration. She is currently attending SANS Technology Institute for a graduate degree in Pen Testing & Ethical Hacking. Mary also has been a frequent speaker at Annual Women Engineers Conferences.

Recommended

Network Security Tools and applications
Network Security Tools and applicationsNetwork Security Tools and applications
Network Security Tools and applicationswebhostingguy
 
Taking the Pain out of PCI Compliance
Taking the Pain out of PCI ComplianceTaking the Pain out of PCI Compliance
Taking the Pain out of PCI Compliance
Tripwire
 
Network Security Tools
Network Security ToolsNetwork Security Tools
Network Security ToolsEmanuela Boroș
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Rohan Raj
 
PCI Change Detection: Thinking Beyond the Checkbox
PCI Change Detection: Thinking Beyond the CheckboxPCI Change Detection: Thinking Beyond the Checkbox
PCI Change Detection: Thinking Beyond the Checkbox
Tripwire
 
Edu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfEdu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdf
ANJUMOHANANU
 
edu03firewall,Antivirus software.pptx
edu03firewall,Antivirus software.pptxedu03firewall,Antivirus software.pptx
edu03firewall,Antivirus software.pptx
ANJUMOHANANU
 
mcq edu03 Anju 23.pdf
mcq edu03 Anju 23.pdfmcq edu03 Anju 23.pdf
mcq edu03 Anju 23.pdf
ANJUMOHANANU
 

Recommended

Network Security Tools and applications
Network Security Tools and applicationsNetwork Security Tools and applications
Network Security Tools and applicationswebhostingguy
 
Taking the Pain out of PCI Compliance
Taking the Pain out of PCI ComplianceTaking the Pain out of PCI Compliance
Taking the Pain out of PCI Compliance
Tripwire
 
Network Security Tools
Network Security ToolsNetwork Security Tools
Network Security ToolsEmanuela Boroș
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
Rohan Raj
 
PCI Change Detection: Thinking Beyond the Checkbox
PCI Change Detection: Thinking Beyond the CheckboxPCI Change Detection: Thinking Beyond the Checkbox
PCI Change Detection: Thinking Beyond the Checkbox
Tripwire
 
Edu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdfEdu 03Anju 23 assignment.pdf
Edu 03Anju 23 assignment.pdf
ANJUMOHANANU
 
edu03firewall,Antivirus software.pptx
edu03firewall,Antivirus software.pptxedu03firewall,Antivirus software.pptx
edu03firewall,Antivirus software.pptx
ANJUMOHANANU
 
mcq edu03 Anju 23.pdf
mcq edu03 Anju 23.pdfmcq edu03 Anju 23.pdf
mcq edu03 Anju 23.pdf
ANJUMOHANANU
 
RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5
CAS
 
Information Security (Malicious Software)
Information Security (Malicious Software)Information Security (Malicious Software)
Information Security (Malicious Software)
Zara Nawaz
 
Check point nerc cip compliance
Check point nerc cip complianceCheck point nerc cip compliance
Check point nerc cip compliance
Ivan Carmona
 
Jorge gil martínez presentation about security i.t.
Jorge gil martínez presentation about security i.t.Jorge gil martínez presentation about security i.t.
Jorge gil martínez presentation about security i.t.
JorgeGilMartnez2
 
Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in Depth
Dilum Bandara
 
Linux Security best Practices with Fedora
Linux Security best Practices with FedoraLinux Security best Practices with Fedora
Linux Security best Practices with Fedora
Uditha Bandara Wijerathna
 
Sallysspecialservices networksecurityproposal2-100305141834-phpapp02
Sallysspecialservices networksecurityproposal2-100305141834-phpapp02Sallysspecialservices networksecurityproposal2-100305141834-phpapp02
Sallysspecialservices networksecurityproposal2-100305141834-phpapp02
Sally's Special Services
 
Ethical Hacking Certification Course
Ethical Hacking Certification CourseEthical Hacking Certification Course
Ethical Hacking Certification Course
Novel Vista
 
Lesson 3
Lesson 3Lesson 3
Lesson 3
MLG College of Learning, Inc
 
Mapping the ASD Essential 8 to the Mitre ATTACK™ framework
Mapping the ASD Essential 8 to the Mitre ATTACK™ frameworkMapping the ASD Essential 8 to the Mitre ATTACK™ framework
Mapping the ASD Essential 8 to the Mitre ATTACK™ framework
Digital Shadows
 
CounterSnipe Network Security
CounterSnipe Network SecurityCounterSnipe Network Security
CounterSnipe Network Security
amarpsr
 
Payment Card Industry Compliance Requirements
Payment Card Industry Compliance Requirements Payment Card Industry Compliance Requirements
Payment Card Industry Compliance Requirements
Jamal Soudi
 
HACKERS ATTACK PROCESS
HACKERS ATTACK PROCESSHACKERS ATTACK PROCESS
HACKERS ATTACK PROCESS
UK Defence Cyber School
 
How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...
How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...
How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...
Edureka!
 
Ch04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and AttacksCh04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and Attacks
Information Technology
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
Rahmat Suhatman
 
Security and Privacy in Visual Sensor Network
Security and Privacy in Visual Sensor NetworkSecurity and Privacy in Visual Sensor Network
Security and Privacy in Visual Sensor Network
Khan Reaz
 
How Medical Devices Risk Patient Safety and Security
How Medical Devices Risk Patient Safety and SecurityHow Medical Devices Risk Patient Safety and Security
How Medical Devices Risk Patient Safety and Security
Great Bay Software
 
Network security
Network security Network security
Network security
Vikas Jagtap
 
Network basic security
Network basic securityNetwork basic security
Network basic securityMohamed Radji
 
WE16 - Unfortunately Money Doesn't Grow on Trees: How to Fund Your Graduate S...
WE16 - Unfortunately Money Doesn't Grow on Trees: How to Fund Your Graduate S...WE16 - Unfortunately Money Doesn't Grow on Trees: How to Fund Your Graduate S...
WE16 - Unfortunately Money Doesn't Grow on Trees: How to Fund Your Graduate S...
Society of Women Engineers
 
WE16 - Navigating the Seas of Open Source Projects
WE16 - Navigating the Seas of Open Source ProjectsWE16 - Navigating the Seas of Open Source Projects
WE16 - Navigating the Seas of Open Source Projects
Society of Women Engineers
 

More Related Content

What's hot

RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5
CAS
 
Information Security (Malicious Software)
Information Security (Malicious Software)Information Security (Malicious Software)
Information Security (Malicious Software)
Zara Nawaz
 
Check point nerc cip compliance
Check point nerc cip complianceCheck point nerc cip compliance
Check point nerc cip compliance
Ivan Carmona
 
Jorge gil martínez presentation about security i.t.
Jorge gil martínez presentation about security i.t.Jorge gil martínez presentation about security i.t.
Jorge gil martínez presentation about security i.t.
JorgeGilMartnez2
 
Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in Depth
Dilum Bandara
 
Linux Security best Practices with Fedora
Linux Security best Practices with FedoraLinux Security best Practices with Fedora
Linux Security best Practices with Fedora
Uditha Bandara Wijerathna
 
Sallysspecialservices networksecurityproposal2-100305141834-phpapp02
Sallysspecialservices networksecurityproposal2-100305141834-phpapp02Sallysspecialservices networksecurityproposal2-100305141834-phpapp02
Sallysspecialservices networksecurityproposal2-100305141834-phpapp02
Sally's Special Services
 
Ethical Hacking Certification Course
Ethical Hacking Certification CourseEthical Hacking Certification Course
Ethical Hacking Certification Course
Novel Vista
 
Lesson 3
Lesson 3Lesson 3
Lesson 3
MLG College of Learning, Inc
 
Mapping the ASD Essential 8 to the Mitre ATTACK™ framework
Mapping the ASD Essential 8 to the Mitre ATTACK™ frameworkMapping the ASD Essential 8 to the Mitre ATTACK™ framework
Mapping the ASD Essential 8 to the Mitre ATTACK™ framework
Digital Shadows
 
CounterSnipe Network Security
CounterSnipe Network SecurityCounterSnipe Network Security
CounterSnipe Network Security
amarpsr
 
Payment Card Industry Compliance Requirements
Payment Card Industry Compliance Requirements Payment Card Industry Compliance Requirements
Payment Card Industry Compliance Requirements
Jamal Soudi
 
HACKERS ATTACK PROCESS
HACKERS ATTACK PROCESSHACKERS ATTACK PROCESS
HACKERS ATTACK PROCESS
UK Defence Cyber School
 
How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...
How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...
How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...
Edureka!
 
Ch04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and AttacksCh04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and Attacks
Information Technology
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
Rahmat Suhatman
 
Security and Privacy in Visual Sensor Network
Security and Privacy in Visual Sensor NetworkSecurity and Privacy in Visual Sensor Network
Security and Privacy in Visual Sensor Network
Khan Reaz
 
How Medical Devices Risk Patient Safety and Security
How Medical Devices Risk Patient Safety and SecurityHow Medical Devices Risk Patient Safety and Security
How Medical Devices Risk Patient Safety and Security
Great Bay Software
 
Network security
Network security Network security
Network security
Vikas Jagtap
 
Network basic security
Network basic securityNetwork basic security
Network basic securityMohamed Radji
 

What's hot (20)

RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5RRB JE Stage 2 Computer and Applications Questions Part 5
RRB JE Stage 2 Computer and Applications Questions Part 5
 
Information Security (Malicious Software)
Information Security (Malicious Software)Information Security (Malicious Software)
Information Security (Malicious Software)
 
Check point nerc cip compliance
Check point nerc cip complianceCheck point nerc cip compliance
Check point nerc cip compliance
 
Jorge gil martínez presentation about security i.t.
Jorge gil martínez presentation about security i.t.Jorge gil martínez presentation about security i.t.
Jorge gil martínez presentation about security i.t.
 
Network security - Defense in Depth
Network security - Defense in DepthNetwork security - Defense in Depth
Network security - Defense in Depth
 
Linux Security best Practices with Fedora
Linux Security best Practices with FedoraLinux Security best Practices with Fedora
Linux Security best Practices with Fedora
 
Sallysspecialservices networksecurityproposal2-100305141834-phpapp02
Sallysspecialservices networksecurityproposal2-100305141834-phpapp02Sallysspecialservices networksecurityproposal2-100305141834-phpapp02
Sallysspecialservices networksecurityproposal2-100305141834-phpapp02
 
Ethical Hacking Certification Course
Ethical Hacking Certification CourseEthical Hacking Certification Course
Ethical Hacking Certification Course
 
Lesson 3
Lesson 3Lesson 3
Lesson 3
 
Mapping the ASD Essential 8 to the Mitre ATTACK™ framework
Mapping the ASD Essential 8 to the Mitre ATTACK™ frameworkMapping the ASD Essential 8 to the Mitre ATTACK™ framework
Mapping the ASD Essential 8 to the Mitre ATTACK™ framework
 
CounterSnipe Network Security
CounterSnipe Network SecurityCounterSnipe Network Security
CounterSnipe Network Security
 
Payment Card Industry Compliance Requirements
Payment Card Industry Compliance Requirements Payment Card Industry Compliance Requirements
Payment Card Industry Compliance Requirements
 
HACKERS ATTACK PROCESS
HACKERS ATTACK PROCESSHACKERS ATTACK PROCESS
HACKERS ATTACK PROCESS
 
How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...
How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...
How to Become an Ethical Hacker? | Ethical Hacking Career | Ethical Hacker Sa...
 
Ch04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and AttacksCh04 Network Vulnerabilities and Attacks
Ch04 Network Vulnerabilities and Attacks
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
Security and Privacy in Visual Sensor Network
Security and Privacy in Visual Sensor NetworkSecurity and Privacy in Visual Sensor Network
Security and Privacy in Visual Sensor Network
 
How Medical Devices Risk Patient Safety and Security
How Medical Devices Risk Patient Safety and SecurityHow Medical Devices Risk Patient Safety and Security
How Medical Devices Risk Patient Safety and Security
 
Network security
Network security Network security
Network security
 
Network basic security
Network basic securityNetwork basic security
Network basic security
 

Viewers also liked

WE16 - Unfortunately Money Doesn't Grow on Trees: How to Fund Your Graduate S...
WE16 - Unfortunately Money Doesn't Grow on Trees: How to Fund Your Graduate S...WE16 - Unfortunately Money Doesn't Grow on Trees: How to Fund Your Graduate S...
WE16 - Unfortunately Money Doesn't Grow on Trees: How to Fund Your Graduate S...
Society of Women Engineers
 
WE16 - Navigating the Seas of Open Source Projects
WE16 - Navigating the Seas of Open Source ProjectsWE16 - Navigating the Seas of Open Source Projects
WE16 - Navigating the Seas of Open Source Projects
Society of Women Engineers
 
WE16 - Courageous Conversation on Diversity and Inclusion
WE16 - Courageous Conversation on Diversity and InclusionWE16 - Courageous Conversation on Diversity and Inclusion
WE16 - Courageous Conversation on Diversity and Inclusion
Society of Women Engineers
 
WE16 - 4 Ways Improv Can Improve Your Career
WE16 - 4 Ways Improv Can Improve Your CareerWE16 - 4 Ways Improv Can Improve Your Career
WE16 - 4 Ways Improv Can Improve Your Career
Society of Women Engineers
 
WE16 - Disciplined Entrepreneurship
WE16 - Disciplined EntrepreneurshipWE16 - Disciplined Entrepreneurship
WE16 - Disciplined Entrepreneurship
Society of Women Engineers
 
WE16 - Shine Theory
WE16 - Shine TheoryWE16 - Shine Theory
WE16 - Shine Theory
Society of Women Engineers
 
WE16 - The State of Women in Engineering
WE16 - The State of Women in EngineeringWE16 - The State of Women in Engineering
WE16 - The State of Women in Engineering
Society of Women Engineers
 
WE16 - Diving into Entrepreneurship
WE16 - Diving into EntrepreneurshipWE16 - Diving into Entrepreneurship
WE16 - Diving into Entrepreneurship
Society of Women Engineers
 
WE16 - Project Collaboration in a Changing World
WE16 - Project Collaboration in a Changing WorldWE16 - Project Collaboration in a Changing World
WE16 - Project Collaboration in a Changing World
Society of Women Engineers
 
WE16 - Women Engineers and Academics - The Nigerian Perspective
WE16 - Women Engineers and Academics - The Nigerian PerspectiveWE16 - Women Engineers and Academics - The Nigerian Perspective
WE16 - Women Engineers and Academics - The Nigerian Perspective
Society of Women Engineers
 
WE16 - Project Management As Your Next Career Move
WE16 - Project Management As Your Next Career MoveWE16 - Project Management As Your Next Career Move
WE16 - Project Management As Your Next Career Move
Society of Women Engineers
 
WE16 - Leaving a Legacy - Donating to SWE & Inspiring the Future
WE16 - Leaving a Legacy - Donating to SWE & Inspiring the FutureWE16 - Leaving a Legacy - Donating to SWE & Inspiring the Future
WE16 - Leaving a Legacy - Donating to SWE & Inspiring the Future
Society of Women Engineers
 
WE16 - Navigating the Corporate Maze Effectively
WE16 - Navigating the Corporate Maze EffectivelyWE16 - Navigating the Corporate Maze Effectively
WE16 - Navigating the Corporate Maze Effectively
Society of Women Engineers
 
WE16 - How do Faculty Ensure Student Competency at Course Completion?
WE16 - How do Faculty Ensure Student Competency at Course Completion?WE16 - How do Faculty Ensure Student Competency at Course Completion?
WE16 - How do Faculty Ensure Student Competency at Course Completion?
Society of Women Engineers
 
WE16 - They're People Not Data! The Human Side of Insider Cyberthreats
WE16 - They're People Not Data! The Human Side of Insider CyberthreatsWE16 - They're People Not Data! The Human Side of Insider Cyberthreats
WE16 - They're People Not Data! The Human Side of Insider Cyberthreats
Society of Women Engineers
 
WE16 - Feeling Over Scheduled and Overworked? Use These Tools to Manage Your ...
WE16 - Feeling Over Scheduled and Overworked? Use These Tools to Manage Your ...WE16 - Feeling Over Scheduled and Overworked? Use These Tools to Manage Your ...
WE16 - Feeling Over Scheduled and Overworked? Use These Tools to Manage Your ...
Society of Women Engineers
 
WE16 - Confronting Workplace Sexism
WE16 - Confronting Workplace SexismWE16 - Confronting Workplace Sexism
WE16 - Confronting Workplace Sexism
Society of Women Engineers
 
WE16 - Increasing Equity in Faculty Searches
WE16 - Increasing Equity in Faculty SearchesWE16 - Increasing Equity in Faculty Searches
WE16 - Increasing Equity in Faculty Searches
Society of Women Engineers
 
WE16 - How to Lead a Double Life
WE16 - How to Lead a Double LifeWE16 - How to Lead a Double Life
WE16 - How to Lead a Double Life
Society of Women Engineers
 
WE16 - Practical Integration of Diversity and Inclusion Competencies into Eng...
WE16 - Practical Integration of Diversity and Inclusion Competencies into Eng...WE16 - Practical Integration of Diversity and Inclusion Competencies into Eng...
WE16 - Practical Integration of Diversity and Inclusion Competencies into Eng...
Society of Women Engineers
 

Viewers also liked (20)

WE16 - Unfortunately Money Doesn't Grow on Trees: How to Fund Your Graduate S...
WE16 - Unfortunately Money Doesn't Grow on Trees: How to Fund Your Graduate S...WE16 - Unfortunately Money Doesn't Grow on Trees: How to Fund Your Graduate S...
WE16 - Unfortunately Money Doesn't Grow on Trees: How to Fund Your Graduate S...
 
WE16 - Navigating the Seas of Open Source Projects
WE16 - Navigating the Seas of Open Source ProjectsWE16 - Navigating the Seas of Open Source Projects
WE16 - Navigating the Seas of Open Source Projects
 
WE16 - Courageous Conversation on Diversity and Inclusion
WE16 - Courageous Conversation on Diversity and InclusionWE16 - Courageous Conversation on Diversity and Inclusion
WE16 - Courageous Conversation on Diversity and Inclusion
 
WE16 - 4 Ways Improv Can Improve Your Career
WE16 - 4 Ways Improv Can Improve Your CareerWE16 - 4 Ways Improv Can Improve Your Career
WE16 - 4 Ways Improv Can Improve Your Career
 
WE16 - Disciplined Entrepreneurship
WE16 - Disciplined EntrepreneurshipWE16 - Disciplined Entrepreneurship
WE16 - Disciplined Entrepreneurship
 
WE16 - Shine Theory
WE16 - Shine TheoryWE16 - Shine Theory
WE16 - Shine Theory
 
WE16 - The State of Women in Engineering
WE16 - The State of Women in EngineeringWE16 - The State of Women in Engineering
WE16 - The State of Women in Engineering
 
WE16 - Diving into Entrepreneurship
WE16 - Diving into EntrepreneurshipWE16 - Diving into Entrepreneurship
WE16 - Diving into Entrepreneurship
 
WE16 - Project Collaboration in a Changing World
WE16 - Project Collaboration in a Changing WorldWE16 - Project Collaboration in a Changing World
WE16 - Project Collaboration in a Changing World
 
WE16 - Women Engineers and Academics - The Nigerian Perspective
WE16 - Women Engineers and Academics - The Nigerian PerspectiveWE16 - Women Engineers and Academics - The Nigerian Perspective
WE16 - Women Engineers and Academics - The Nigerian Perspective
 
WE16 - Project Management As Your Next Career Move
WE16 - Project Management As Your Next Career MoveWE16 - Project Management As Your Next Career Move
WE16 - Project Management As Your Next Career Move
 
WE16 - Leaving a Legacy - Donating to SWE & Inspiring the Future
WE16 - Leaving a Legacy - Donating to SWE & Inspiring the FutureWE16 - Leaving a Legacy - Donating to SWE & Inspiring the Future
WE16 - Leaving a Legacy - Donating to SWE & Inspiring the Future
 
WE16 - Navigating the Corporate Maze Effectively
WE16 - Navigating the Corporate Maze EffectivelyWE16 - Navigating the Corporate Maze Effectively
WE16 - Navigating the Corporate Maze Effectively
 
WE16 - How do Faculty Ensure Student Competency at Course Completion?
WE16 - How do Faculty Ensure Student Competency at Course Completion?WE16 - How do Faculty Ensure Student Competency at Course Completion?
WE16 - How do Faculty Ensure Student Competency at Course Completion?
 
WE16 - They're People Not Data! The Human Side of Insider Cyberthreats
WE16 - They're People Not Data! The Human Side of Insider CyberthreatsWE16 - They're People Not Data! The Human Side of Insider Cyberthreats
WE16 - They're People Not Data! The Human Side of Insider Cyberthreats
 
WE16 - Feeling Over Scheduled and Overworked? Use These Tools to Manage Your ...
WE16 - Feeling Over Scheduled and Overworked? Use These Tools to Manage Your ...WE16 - Feeling Over Scheduled and Overworked? Use These Tools to Manage Your ...
WE16 - Feeling Over Scheduled and Overworked? Use These Tools to Manage Your ...
 
WE16 - Confronting Workplace Sexism
WE16 - Confronting Workplace SexismWE16 - Confronting Workplace Sexism
WE16 - Confronting Workplace Sexism
 
WE16 - Increasing Equity in Faculty Searches
WE16 - Increasing Equity in Faculty SearchesWE16 - Increasing Equity in Faculty Searches
WE16 - Increasing Equity in Faculty Searches
 
WE16 - How to Lead a Double Life
WE16 - How to Lead a Double LifeWE16 - How to Lead a Double Life
WE16 - How to Lead a Double Life
 
WE16 - Practical Integration of Diversity and Inclusion Competencies into Eng...
WE16 - Practical Integration of Diversity and Inclusion Competencies into Eng...WE16 - Practical Integration of Diversity and Inclusion Competencies into Eng...
WE16 - Practical Integration of Diversity and Inclusion Competencies into Eng...
 

Similar to WE16 - Defense in Depth: Top 10 Critical Security Controls

Enterprise mobileapplicationsecurity
Enterprise mobileapplicationsecurityEnterprise mobileapplicationsecurity
Enterprise mobileapplicationsecurityVenkat Alagarsamy
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security
Lancope, Inc.
 
IoT Security
IoT SecurityIoT Security
IoT Security
Narudom Roongsiriwong, CISSP
 
Module 6.Security in Evolving Technology
Module 6.Security in Evolving TechnologyModule 6.Security in Evolving Technology
Module 6.Security in Evolving Technology
Sitamarhi Institute of Technology
 
PatrOwl - Security Operations Orchestration
PatrOwl - Security Operations OrchestrationPatrOwl - Security Operations Orchestration
PatrOwl - Security Operations Orchestration
MaKyOtOx
 
FireEye
FireEyeFireEye
FireEye
gigamon
 
iotsecurity-171108154118.pdf
iotsecurity-171108154118.pdfiotsecurity-171108154118.pdf
iotsecurity-171108154118.pdf
KerimBozkanli
 
OSB180: Learn More About Ivanti Endpoint Security
OSB180: Learn More About Ivanti Endpoint SecurityOSB180: Learn More About Ivanti Endpoint Security
OSB180: Learn More About Ivanti Endpoint Security
Ivanti
 
CyberSecurity Assignment.pptx
CyberSecurity Assignment.pptxCyberSecurity Assignment.pptx
CyberSecurity Assignment.pptx
VinayPratap58
 
Presentation about security i.t.
Presentation about security i.t.Presentation about security i.t.
Presentation about security i.t.
MarianaGilMartnez1
 
Presentation about security I.T.
Presentation about security I.T.Presentation about security I.T.
Presentation about security I.T.
HugoBarrionuevoSobri
 
Cs Quick Pres
Cs Quick PresCs Quick Pres
Cs Quick Pres
beckygill
 
IoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsIoT Security and Privacy Considerations
IoT Security and Privacy Considerations
Kenny Huang Ph.D.
 
Security Testing Approach for Web Application Testing.pdf
Security Testing Approach for Web Application Testing.pdfSecurity Testing Approach for Web Application Testing.pdf
Security Testing Approach for Web Application Testing.pdf
AmeliaJonas2
 
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New VulnerabilitiesProtect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Symantec
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
hcls
 
Criticalcontrolsofcyberdefensefinal 100128032433 Phpapp02
Criticalcontrolsofcyberdefensefinal 100128032433 Phpapp02Criticalcontrolsofcyberdefensefinal 100128032433 Phpapp02
Criticalcontrolsofcyberdefensefinal 100128032433 Phpapp02technext1
 
Critical Controls Of Cyber Defense
Critical Controls Of Cyber DefenseCritical Controls Of Cyber Defense
Critical Controls Of Cyber DefenseRishu Mehra
 
IDS+Honeypots Making Security Simple
IDS+Honeypots Making Security SimpleIDS+Honeypots Making Security Simple
IDS+Honeypots Making Security Simple
Gregory Hanis
 

Similar to WE16 - Defense in Depth: Top 10 Critical Security Controls (20)

Enterprise mobileapplicationsecurity
Enterprise mobileapplicationsecurityEnterprise mobileapplicationsecurity
Enterprise mobileapplicationsecurity
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security
 
IoT Security
IoT SecurityIoT Security
IoT Security
 
Module 6.Security in Evolving Technology
Module 6.Security in Evolving TechnologyModule 6.Security in Evolving Technology
Module 6.Security in Evolving Technology
 
Module 6.pdf
Module 6.pdfModule 6.pdf
Module 6.pdf
 
PatrOwl - Security Operations Orchestration
PatrOwl - Security Operations OrchestrationPatrOwl - Security Operations Orchestration
PatrOwl - Security Operations Orchestration
 
FireEye
FireEyeFireEye
FireEye
 
iotsecurity-171108154118.pdf
iotsecurity-171108154118.pdfiotsecurity-171108154118.pdf
iotsecurity-171108154118.pdf
 
OSB180: Learn More About Ivanti Endpoint Security
OSB180: Learn More About Ivanti Endpoint SecurityOSB180: Learn More About Ivanti Endpoint Security
OSB180: Learn More About Ivanti Endpoint Security
 
CyberSecurity Assignment.pptx
CyberSecurity Assignment.pptxCyberSecurity Assignment.pptx
CyberSecurity Assignment.pptx
 
Presentation about security i.t.
Presentation about security i.t.Presentation about security i.t.
Presentation about security i.t.
 
Presentation about security I.T.
Presentation about security I.T.Presentation about security I.T.
Presentation about security I.T.
 
Cs Quick Pres
Cs Quick PresCs Quick Pres
Cs Quick Pres
 
IoT Security and Privacy Considerations
IoT Security and Privacy ConsiderationsIoT Security and Privacy Considerations
IoT Security and Privacy Considerations
 
Security Testing Approach for Web Application Testing.pdf
Security Testing Approach for Web Application Testing.pdfSecurity Testing Approach for Web Application Testing.pdf
Security Testing Approach for Web Application Testing.pdf
 
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New VulnerabilitiesProtect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Criticalcontrolsofcyberdefensefinal 100128032433 Phpapp02
Criticalcontrolsofcyberdefensefinal 100128032433 Phpapp02Criticalcontrolsofcyberdefensefinal 100128032433 Phpapp02
Criticalcontrolsofcyberdefensefinal 100128032433 Phpapp02
 
Critical Controls Of Cyber Defense
Critical Controls Of Cyber DefenseCritical Controls Of Cyber Defense
Critical Controls Of Cyber Defense
 
IDS+Honeypots Making Security Simple
IDS+Honeypots Making Security SimpleIDS+Honeypots Making Security Simple
IDS+Honeypots Making Security Simple
 

More from Society of Women Engineers

Schneider electric overview laurie addisonlavelle_2
Schneider electric overview laurie addisonlavelle_2Schneider electric overview laurie addisonlavelle_2
Schneider electric overview laurie addisonlavelle_2
Society of Women Engineers
 
Opening keynote
Opening keynoteOpening keynote
Opening keynote
Society of Women Engineers
 
Moonshot rodriguez slides
Moonshot rodriguez slidesMoonshot rodriguez slides
Moonshot rodriguez slides
Society of Women Engineers
 
Moonshot fetch slides
Moonshot fetch slidesMoonshot fetch slides
Moonshot fetch slides
Society of Women Engineers
 
H ivs ai_wehr_slides
H ivs ai_wehr_slidesH ivs ai_wehr_slides
H ivs ai_wehr_slides
Society of Women Engineers
 
H ivs ai_faust_slides
H ivs ai_faust_slidesH ivs ai_faust_slides
H ivs ai_faust_slides
Society of Women Engineers
 
H ivs ai_bestelmeyer_slides
H ivs ai_bestelmeyer_slidesH ivs ai_bestelmeyer_slides
H ivs ai_bestelmeyer_slides
Society of Women Engineers
 
Closing keynote
Closing keynoteClosing keynote
Closing keynote
Society of Women Engineers
 
Ball d 8
Ball d 8Ball d 8
Ball d 8
Society of Women Engineers
 
Ball d 7
Ball d 7Ball d 7
Ball d 7
Society of Women Engineers
 
Ball d 6
Ball d 6Ball d 6
Ball d 6
Society of Women Engineers
 
Ball d 4
Ball d 4Ball d 4
Ball d 4
Society of Women Engineers
 
How to Develop Your Section's Corporate Relations
How to Develop Your Section's Corporate Relations How to Develop Your Section's Corporate Relations
How to Develop Your Section's Corporate Relations
Society of Women Engineers
 
How to Find Your Section's Next Officer Team
How to Find Your Section's Next Officer Team How to Find Your Section's Next Officer Team
How to Find Your Section's Next Officer Team
Society of Women Engineers
 
Using SWE to Complement your Career
Using SWE to Complement your Career Using SWE to Complement your Career
Using SWE to Complement your Career
Society of Women Engineers
 
How to Have a Difficult Conversation with an Underperforming SWE Leader
How to Have a Difficult Conversation with an Underperforming SWE LeaderHow to Have a Difficult Conversation with an Underperforming SWE Leader
How to Have a Difficult Conversation with an Underperforming SWE Leader
Society of Women Engineers
 
18 cd 32
18 cd 3218 cd 32
18 cd 32
Society of Women Engineers
 
How to Get the Most out of your LCC Coach!
How to Get the Most out of your LCC Coach!How to Get the Most out of your LCC Coach!
How to Get the Most out of your LCC Coach!
Society of Women Engineers
 
The Mars Ice Challenge (RASC-AL)
The Mars Ice Challenge (RASC-AL)The Mars Ice Challenge (RASC-AL)
The Mars Ice Challenge (RASC-AL)
Society of Women Engineers
 
Beyond Disruption
Beyond Disruption Beyond Disruption
Beyond Disruption
Society of Women Engineers
 

More from Society of Women Engineers (20)

Schneider electric overview laurie addisonlavelle_2
Schneider electric overview laurie addisonlavelle_2Schneider electric overview laurie addisonlavelle_2
Schneider electric overview laurie addisonlavelle_2
 
Opening keynote
Opening keynoteOpening keynote
Opening keynote
 
Moonshot rodriguez slides
Moonshot rodriguez slidesMoonshot rodriguez slides
Moonshot rodriguez slides
 
Moonshot fetch slides
Moonshot fetch slidesMoonshot fetch slides
Moonshot fetch slides
 
H ivs ai_wehr_slides
H ivs ai_wehr_slidesH ivs ai_wehr_slides
H ivs ai_wehr_slides
 
H ivs ai_faust_slides
H ivs ai_faust_slidesH ivs ai_faust_slides
H ivs ai_faust_slides
 
H ivs ai_bestelmeyer_slides
H ivs ai_bestelmeyer_slidesH ivs ai_bestelmeyer_slides
H ivs ai_bestelmeyer_slides
 
Closing keynote
Closing keynoteClosing keynote
Closing keynote
 
Ball d 8
Ball d 8Ball d 8
Ball d 8
 
Ball d 7
Ball d 7Ball d 7
Ball d 7
 
Ball d 6
Ball d 6Ball d 6
Ball d 6
 
Ball d 4
Ball d 4Ball d 4
Ball d 4
 
How to Develop Your Section's Corporate Relations
How to Develop Your Section's Corporate Relations How to Develop Your Section's Corporate Relations
How to Develop Your Section's Corporate Relations
 
How to Find Your Section's Next Officer Team
How to Find Your Section's Next Officer Team How to Find Your Section's Next Officer Team
How to Find Your Section's Next Officer Team
 
Using SWE to Complement your Career
Using SWE to Complement your Career Using SWE to Complement your Career
Using SWE to Complement your Career
 
How to Have a Difficult Conversation with an Underperforming SWE Leader
How to Have a Difficult Conversation with an Underperforming SWE LeaderHow to Have a Difficult Conversation with an Underperforming SWE Leader
How to Have a Difficult Conversation with an Underperforming SWE Leader
 
18 cd 32
18 cd 3218 cd 32
18 cd 32
 
How to Get the Most out of your LCC Coach!
How to Get the Most out of your LCC Coach!How to Get the Most out of your LCC Coach!
How to Get the Most out of your LCC Coach!
 
The Mars Ice Challenge (RASC-AL)
The Mars Ice Challenge (RASC-AL)The Mars Ice Challenge (RASC-AL)
The Mars Ice Challenge (RASC-AL)
 
Beyond Disruption
Beyond Disruption Beyond Disruption
Beyond Disruption
 

Recently uploaded

Water Industry Process Automation and Control Monthly - May 2024.pdf
Water Industry Process Automation and Control Monthly - May 2024.pdfWater Industry Process Automation and Control Monthly - May 2024.pdf
Water Industry Process Automation and Control Monthly - May 2024.pdf
Water Industry Process Automation & Control
 
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
obonagu
 
CME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional ElectiveCME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional Elective
karthi keyan
 
Student information management system project report ii.pdf
Student information management system project report ii.pdfStudent information management system project report ii.pdf
Student information management system project report ii.pdf
Kamal Acharya
 
Forklift Classes Overview by Intella Parts
Forklift Classes Overview by Intella PartsForklift Classes Overview by Intella Parts
Forklift Classes Overview by Intella Parts
Intella Parts
 
DfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributionsDfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributions
gestioneergodomus
 
Unbalanced Three Phase Systems and circuits.pptx
Unbalanced Three Phase Systems and circuits.pptxUnbalanced Three Phase Systems and circuits.pptx
Unbalanced Three Phase Systems and circuits.pptx
ChristineTorrepenida1
 
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
bakpo1
 
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
thanhdowork
 
Building Electrical System Design & Installation
Building Electrical System Design & InstallationBuilding Electrical System Design & Installation
Building Electrical System Design & Installation
symbo111
 
14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application
SyedAbiiAzazi1
 
CW RADAR, FMCW RADAR, FMCW ALTIMETER, AND THEIR PARAMETERS
CW RADAR, FMCW RADAR, FMCW ALTIMETER, AND THEIR PARAMETERSCW RADAR, FMCW RADAR, FMCW ALTIMETER, AND THEIR PARAMETERS
CW RADAR, FMCW RADAR, FMCW ALTIMETER, AND THEIR PARAMETERS
veerababupersonal22
 
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
MdTanvirMahtab2
 
Cosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdfCosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdf
Kamal Acharya
 
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdfHybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
fxintegritypublishin
 
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
ydteq
 
AP LAB PPT.pdf ap lab ppt no title specific
AP LAB PPT.pdf ap lab ppt no title specificAP LAB PPT.pdf ap lab ppt no title specific
AP LAB PPT.pdf ap lab ppt no title specific
BrazilAccount1
 
Standard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - NeometrixStandard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - Neometrix
Neometrix_Engineering_Pvt_Ltd
 
space technology lecture notes on satellite
space technology lecture notes on satellitespace technology lecture notes on satellite
space technology lecture notes on satellite
ongomchris
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generation
Robbie Edward Sayers
 

Recently uploaded (20)

Water Industry Process Automation and Control Monthly - May 2024.pdf
Water Industry Process Automation and Control Monthly - May 2024.pdfWater Industry Process Automation and Control Monthly - May 2024.pdf
Water Industry Process Automation and Control Monthly - May 2024.pdf
 
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
在线办理(ANU毕业证书)澳洲国立大学毕业证录取通知书一模一样
 
CME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional ElectiveCME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional Elective
 
Student information management system project report ii.pdf
Student information management system project report ii.pdfStudent information management system project report ii.pdf
Student information management system project report ii.pdf
 
Forklift Classes Overview by Intella Parts
Forklift Classes Overview by Intella PartsForklift Classes Overview by Intella Parts
Forklift Classes Overview by Intella Parts
 
DfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributionsDfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributions
 
Unbalanced Three Phase Systems and circuits.pptx
Unbalanced Three Phase Systems and circuits.pptxUnbalanced Three Phase Systems and circuits.pptx
Unbalanced Three Phase Systems and circuits.pptx
 
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
 
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
RAT: Retrieval Augmented Thoughts Elicit Context-Aware Reasoning in Long-Hori...
 
Building Electrical System Design & Installation
Building Electrical System Design & InstallationBuilding Electrical System Design & Installation
Building Electrical System Design & Installation
 
14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application
 
CW RADAR, FMCW RADAR, FMCW ALTIMETER, AND THEIR PARAMETERS
CW RADAR, FMCW RADAR, FMCW ALTIMETER, AND THEIR PARAMETERSCW RADAR, FMCW RADAR, FMCW ALTIMETER, AND THEIR PARAMETERS
CW RADAR, FMCW RADAR, FMCW ALTIMETER, AND THEIR PARAMETERS
 
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)
 
Cosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdfCosmetic shop management system project report.pdf
Cosmetic shop management system project report.pdf
 
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdfHybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdf
 
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
一比一原版(UofT毕业证)多伦多大学毕业证成绩单如何办理
 
AP LAB PPT.pdf ap lab ppt no title specific
AP LAB PPT.pdf ap lab ppt no title specificAP LAB PPT.pdf ap lab ppt no title specific
AP LAB PPT.pdf ap lab ppt no title specific
 
Standard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - NeometrixStandard Reomte Control Interface - Neometrix
Standard Reomte Control Interface - Neometrix
 
space technology lecture notes on satellite
space technology lecture notes on satellitespace technology lecture notes on satellite
space technology lecture notes on satellite
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generation
 

WE16 - Defense in Depth: Top 10 Critical Security Controls

  • 1. Copyright © 2016 Raytheon Company. All rights reserved. Defense in Depth: Top 10 Critical Security Controls Mary Y Wang October 28, 2016 Non-Export controlled technical information N o n - e x p o r t c o n t r o l l e d t e c h n i c a l i n f o r m a t i o n Annual Women Engineers Conference 2016
  • 2. Why Center for Internet Security (CIS) Critical Security Controls Work? Based on actual attacks and effective defenses Based on priorities Not one-size-fits-all solutions Non-Export controlled technical information Non-Export controlled technical information
  • 3. 1. Inventory of Hardware  Authorized and Unauthorized Devices – Attackers are continuously scanning the target organizations – Attackers are waiting for new and unprotected systems to be attached to network Non-Export controlled technical information Non-Export controlled technical information
  • 4. 2. Inventory of Software  Authorized and Unauthorized Software –Attackers are continuously looking for vulnerable versions of software that can be remotely exploited Non-Export controlled technical information Non-Export controlled technical information
  • 5. 3. Secure Configurations of Hardware and Software  Default configurations are for ease-of-use not security  Open services, ports, default account or passwords –Can be exploitable Non-Export controlled technical information Non-Export controlled technical information
  • 6. 4. Continuous Vulnerability Assessment and Remediation  Scan for vulnerabilities and address discovered flaws  Understand and manage vulnerabilities is a continuous discovered activity  Attackers have the same information – Race to deploy an attack Non-Export controlled technical information Non-Export controlled technical information
  • 7. 5. Controlled Use of Administrative Privileges  Track and control the use of administrative privileges  Attackers can take advantage of uncontrolled administrative privileges –Can crack the password Non-Export controlled technical information Non-Export controlled technical information
  • 8. 6. Maintenance, Monitoring and Analysis of Audit Logs  Collect, analyze audit logs of events – Detect an attack – Recover from an attack  Sometimes, logs are the only evidence of an attack  Attackers can also hide their activities Non-Export controlled technical information Non-Export controlled technical information
  • 9. 7. Email and Web Browser Protections  Minimize the attack surface through web browsers –Fully up to date and patched –Default – not installing plugins, ActiveX controls –Block third-party cookies  Attackers use phishing emails as the entry point of attack Non-Export controlled technical information Non-Export controlled technical information
  • 10. 8. Malware Defenses  Control the installation and spread of malicious code  Attackers can use malware to attack target organizations via number of entry points like end- user devices, email attachments and web pages Non-Export controlled technical information Non-Export controlled technical information
  • 11. 9. Limitation and Control of Network Ports and Services Manage and track the use of ports, protocols and services Attackers are continuously searching for remotely accessible network services and open ports Non-Export controlled technical information Non-Export controlled technical information
  • 12. 10. Data Recovery Capability  Backup critical information  When attackers compromise systems – Make significant changes to configurations of software – Make alterations of data  When discovered, need to remove all data that have been altered by attackers Non-Export controlled technical information Non-Export controlled technical information
  • 14.
  • 15.
  • 16. Biography Mary Y Wang Information Systems Security Officer Raytheon Space and Airborne Systems, California Mary Wang joined Raytheon in August, 2015. Currently, she works in the Raytheon Space and Airborne Systems Information Assurance organization. She has a strong passion in cybersecurity especially in the penetration testing and application security areas. Prior to joining Raytheon, she was a Senior Software Engineer and Project Lead at The Boeing Company. She worked on a variety of software projects at Boeing. Mary holds a Bachelor of Science degree in Computer Science and Masters degree in Master Business Administration. She is currently attending SANS Technology Institute for a graduate degree in Pen Testing & Ethical Hacking. Mary also has been a frequent speaker at Annual Women Engineers Conferences.

Editor's Notes

  1. <number>
  2. <number>
  3. <number>
  4. <number>