Gregg Gerber. Strategic Engagement, Emerging Markets
|
|
- Kristopher Bond
- 8 years ago
- Views:
Transcription
1 Government of Mauritius Gregg Gerber Strategic Engagement, Emerging Markets
2 2
3 (Advanced) Persistent Targeted attacks Time
4 Era of Discovery Era of Transition Era of Fame & Glory Present Era of Mass Cybercrime Vision & Security Solution Strategy - Confidential 4
5 Attackers Malicious Outsiders State Nation Government Sponsored Hack-tivists Hacking for a Cause Insiders Malicious and Non-Malicious Cyber Criminals Hacking for Profit Vision & Security Solution Strategy - Confidential 5
6 APT Attacker (Malicious Outsider) Insider (Malicious and Non-malicious) Hack-tivist Cyber Criminals State Nation RECON Free Scanners Insider Knowledge Social Networks / Google Data Mining Espionage / Collusion INCURSION Basic Scripts /MetaSploit Privileged Access Social Engineering Attack Kits / Malcode / Bots / Affiliates Tailored Malcode / 0-Day DISCOVERY Random Targeting Asset Awareness Targets of Chance Targets of Chance / Choice Targets of Choice CAPTURE Visible / Low Value Critical Assets Media Worthy Asset or Access Monetized Assets High Value IP / Government Secrets EXFILTRATE Tagging and Damage Theft and Damage DDoS, Theft and Damage Fraud and Financial Gain Gain / Maintain Strategic Advantage Vision & Security Solution Strategy - Confidential 6
7 Strategy Rethink: Anatomy of an attack 1. Research 2. Incursion 3. Discovery 4. Capture 5. Exfiltrate Risk Posture and Policies Strong security awareness, counter intelligence Continuous enforcement of controls according to risk policy (mgmt and protection) Actively monitor infrastructure (endpoint to perimeter), information and users Control unusual internal movement and access of sensitive data Counter intelligence, forensics, damage mitigations and information recovery 7
8 IT Security pressures changing world User demands - Social Networking - Fav technology Time - to enable - to respond Reduce costs Information - Supply chain - De-perimeterisation New Tech adoption Governance Compliance Security Complexity (More controls) Threats - Volume - Type
9 Where Does Your Threat Intelligence Reside? Internal Targeted Attacks Are meant specific organizations They re not seen at a global level, Symantec can provide researcher-level tools & local assistance to help you detect and prevent these types of attacks Global Intelligence Network Like-minded organizations can share intelligence to help peers, some industries and agencies are not able to for National Security Reasons External 9
10 Symantec Cyber Threat Intelligence Cyber Awareness Cyber Briefing Center Strategist Advisories Cyber Risk Assessments Cyber Training Cyber Readiness Assessments Cyber Preparedness Security Base lining Threat Intelligence Reports Reputation Analysis Business Risk Modeling Cyber Forensics Security Base lining Incident & Event Management Threat Analysis & Response Threat Impact Assessment Cyber Response Product & Threat Analysis Support Cyber Incident Advice Cyber Threat Response Scribe January 3, 2013
11 What Makes Symantec Unique? 2 Million URLs 6.3 Billion Files 1.5 Million Machines Leaders in Threat Research & Technology The Biggest Organisations Trust our People & Services Provide Risk-Based Perspective Market Validation 11
12 Symantec Cyber Threat Intelligence Summary Government Engagement Security Intelligence Group Highly Targeted Threat Analysis Leverage Existing Investments Cyber Readiness Programs Participation in National Cyber Strategies Our Global Intelligence Network and Reputation Feeds add Threat Context to YOUR Infrastructure The Symantec s Threat Analysis Tools Used by Our Researchers Are Also Available to You to Analyze Highly Targeted Attacks Our Modular Approach means we can Leverage Investments in Your Existing Security Controls, and Demonstrate Where to allocate resources With Risk Modeling We Help you understand YOUR risks and Prepare for Cyber Threats
13 Attack Scenarios Economically motivated steal money/info to resell 17 th century privateering and modern cybercrime Link between crime and national security actors 13
14 Targets - Depend on the objective of the attacker Consumers Small Business Large Business Trusted Stepping Stone / Economic IPR / Economic / Espionage CII Operators Defense Government Economic / Intel / Warfare / Political Intel / Warfare / Political Economic / Intel / Warfare / Political 14
15 Modus operandi Because there is no patch for stupidity Social Engineering Unique Malware Mass Scale Targeted APT Democratization of Malware 15
16 Modus operandi Value of Information Jumping the Air Gap SCADA Zero-Day Vulnerabilities Smart Grid OS Intelligence 16
17 Specifically on defense 5th Domain of Warfare Land Sea Air Space Cyber Merge of EW and SIGINT with cyber Bletchley Park Codebreaker 17
18 Specifically on defense Makes sense from a military point of view Sensors, communications and robotics technologies dominating future battlefield 18
19 Specifically on defense Historically listen to information & deny access to information New paradigms include modifying information to create a false operational picture and damage the infrastructure, or remotely control it 19
20 Cyber Awareness Strategist Cyber Advisories Summary business reports defining best practices for mitigating the attack Cyber Training Cyber threat detection and incident response course (10day) Cyber Briefing Center Briefing on the latest threats, Understand the processes and techniques required to deal with today s cyber attacks Cyber Risk Assessments Information risk assessments, cyber security policy assessments Cyber Readiness Join in Symantec s Cyber war games to test and develop your skills and capability 20
21 Cyber Preparedness Security Base Lining Threat Intelligence Feeds & Reports Business Risk Modeling Define/validate the state of your environment & security controls Map & validate potential risks to the business & Apply controls Define/validate the state of your environment & security controls CCS Policy/Assessment Mgr. Altiris SEP/CSP Cyber V Assessments Enterprise Security Assessment CCS Vulnerability Mgr. DeepSight Feeds Reputation Feeds Threat Analyst service Vulnerability assessment CCS Risk Manager SPC Business Continuity Planning service * 21
22 Cyber Response Business Critical Services Cyber Incident Advisory Malware Research Cyber Threat Response Product and threat analysis support Symantec strategists help drive response process and provide business guidance Symantec Partners provide on-site expertise including forensics and other technical capabilities 24x7 Access Personalized Priority Access to Strategists Trusted Partner Ecosystem Scribe 22
23 Cyber Forensics In-Progress & Post Incident Security Base Lining (Re) Define/validate the state of your environment & security controls Incident/Event Management Malware Research Gather logs & event data to identify anomalous behavior Threat Analysis & Response (Technical) Identify and quantify new attacks, define and apply technical responses Threat Impact Assessment (Business) Identify the threat genealogy to assess threat actor and motives. Define potential business impact CCS Policy/Assessme nt Mgr. Altiris SEP/CSP Cyber V Assessments Enterprise Security Assessment Managed Security Services SSIM DeepSight Feeds SIM design & optimization Threat Analyst Non-classified Reputation Feeds STAR BCS - Scribe Classified Smart Harness Threat Expert Security cleared Threat Analysis Non-classified Reputation Feeds DeepSight Feeds Threat Analyst Classified Reputation Feeds Data Cache DeepSight Feeds Security cleared Threat Analyst 23
24 Symantec Cyber Lifecycle Offering Cyber Awareness Cyber Preparedness Strategist Advisories Cyber Risk Assessments Cyber Training Cyber Readiness Security Base Lining Threat Intelligence Feeds & Reports Business Risk Modeling Cyber SOC Tour Threat Impact Assessment Threat Analysis & Response Incident & Event Mgmt. Security Base Lining Cyber Threat Response Cyber Incident Advice BCS Cyber Forensics Cyber Response
25 Thank You Gregg
Information Protection in Today s Changing Mobile and Cloud Environments
Information Protection in Today s Changing Mobile and Cloud Environments Art Gilliland, Sr. Vice President Symantec, Information Security Group Session ID: SPO1-107 Session Classification: Intermediate
More informationDealing with Big Data in Cyber Intelligence
Dealing with Big Data in Cyber Intelligence Greg Day Security CTO, EMEA, Symantec Session ID: HT-303 Session Classification: General Interest What will I take away from this session? What is driving big
More informationPreparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS
Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS CONTENTS PAGE RECONNAISSANCE STAGE 4 INCURSION STAGE 5 DISCOVERY STAGE 6 CAPTURE STAGE 7 EXFILTRATION STAGE
More informationCyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown
Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available
More informationSymantec Cyber Security Services: DeepSight Intelligence
Symantec Cyber Security Services: DeepSight Intelligence Actionable intelligence to get ahead of emerging threats Overview: Security Intelligence Companies face a rapidly evolving threat environment with
More informationPractical Threat Intelligence. with Bromium LAVA
Practical Threat Intelligence with Bromium LAVA Practical Threat Intelligence Executive Summary Threat intelligence today is costly and time consuming and does not always result in a reduction of successful
More informationPractical Steps To Securing Process Control Networks
Practical Steps To Securing Process Control Networks Villanova University Seminar Rich Mahler Director, Commercial Cyber Solutions Lockheed Martin Lockheed Martin Corporation 2014. All Rights Reserved.
More informationSecurity and Privacy
Security and Privacy Matthew McCormack, CISSP, CSSLP CTO, Global Public Sector, RSA The Security Division of EMC 1 BILLIONS OF USERS MILLIONS/BILLIONS OF APPS 2010 Cloud Big Data Social Mobile Devices
More informationSymantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team
Symantec Cyber Threat Analysis Program Symantec Cyber Threat Analysis Program Team White Paper: Symantec Security Intelligence Services Symantec Cyber Threat Analysis Program Contents Overview...............................................................................................
More informationWho Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015
Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence AIBA Quarterly Meeting September 10, 2015 The Answer 2 Everyone The relationship between the board, C-suite, IT, and compliance leaders
More informationPromoting a cyber security culture and demand compliance with minimum security standards;
Input by Dr. S.C. Cwele Minister of State Security, Republic of South Africa Cyber Security Meeting, Johannesburg 27 March 2014 I would like to thank the Wits School of Governance for inviting us to contribute
More informationDigital Evidence and Threat Intelligence
Digital Evidence and Threat Intelligence 09 November 2015 Mark Clancy CEO www.soltra.com @soltraedge External Threats Growing 117,339 incoming attacks every day The total number of security incidents detected
More informationMike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program
Cyber: The Catalyst to Transform the Security Program Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA A Common Language? Hyper Connected World Rapid IT Evolution Agile Targeted Threat
More informationCYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS
CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS PREPARING FOR ADVANCED CYBER THREATS Cyber attacks are evolving faster than organizations
More informationAddressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave
More informationProtecting against cyber threats and security breaches
Protecting against cyber threats and security breaches IBM APT Survival Kit Alberto Benavente Martínez abenaventem@es.ibm.com IBM Security Services Jun 11, 2015 (Madrid, Spain) 12015 IBM Corporation So
More informationSecurity Analytics for Smart Grid
Security Analytics for Smart Grid Dr. Robert W. Griffin Chief Security Architect RSA, the Security Division of EMC robert.griffin@rsa.com blogs.rsa.com/author/griffin @RobtWesGriffin 1 No Shortage of Hard
More informationRethinking Information Security for Advanced Threats. CEB Information Risk Leadership Council
Rethinking Information Security for Advanced Threats CEB Information Risk Leadership Council Advanced threats differ from conventional security threats along many dimensions, making them much more difficult
More informationModern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth
Modern Cyber Threats how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure Axel Wirth Healthcare Solutions Architect Distinguished Systems Engineer AAMI 2013 Conference
More informationCyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte
Cyber security Time for a new paradigm Stéphane Hurtaud Partner Information & Technology Risk Deloitte 90 More than ever, cyberspace is a land of opportunity but also a dangerous world. As public and private
More informationIBM Security Strategy
IBM Security Strategy Intelligence, Integration and Expertise Kate Scarcella CISSP Security Tiger Team Executive M.S. Information Security IBM Security Systems IBM Security: Delivering intelligence, integration
More informationCYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility
CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to
More informationCSM-ACE 2014 Cyber Threat Intelligence Driven Environments
CSM-ACE 2014 Cyber Threat Intelligence Driven Environments Presented by James Calder Client Services Manager, Singapore 1 CONTENTS Digital criminality Intelligence-led security Shylock case study Making
More informationPROMOTION // TECHNOLOGY. The Economics Of Cyber Security
PROMOTION // TECHNOLOGY The Economics Of Cyber Security Written by Peter Mills Malicious cyber activity, from hacking and identity fraud to intellectual property theft, is a growing problem within the
More informationThe session is about to commence. Please switch your phone to silent!
The session is about to commence. Please switch your phone to silent! 1 Defend with Confidence Against Advanced Threats Nicholas Chia SE Manager, SEA RSA 2 TRUST? Years to earn, seconds to break 3 Market
More informationCyber intelligence in an online world
Cyber intelligence in an online world James Hanlon CISM, CISSP, CMI Cyber Strategy & GTM, EMEA Cyber intelligence in an online world SYMANTEC VISION SYMPOSIUM 2014 2 Software and data powers the world
More informationBreach Found. Did It Hurt?
ANALYST BRIEF Breach Found. Did It Hurt? INCIDENT RESPONSE PART 2: A PROCESS FOR ASSESSING LOSS Authors Christopher Morales, Jason Pappalexis Overview Malware infections impact every organization. Many
More informationCyber Security Metrics Dashboards & Analytics
Cyber Security Metrics Dashboards & Analytics Feb, 2014 Robert J. Michalsky Principal, Cyber Security NJVC, LLC Proprietary Data UNCLASSIFIED Agenda Healthcare Sector Threats Recent History Security Metrics
More informationNorth American Electric Reliability Corporation (NERC) Cyber Security Standard
North American Electric Reliability Corporation (NERC) Cyber Security Standard Symantec Managed Security Services Support for CIP Compliance Overviewview The North American Electric Reliability Corporation
More informationInto the cybersecurity breach
Into the cybersecurity breach Tim Sanouvong State Sector Cyber Risk Services Deloitte & Touche LLP April 3, 2015 Agenda Setting the stage Cyber risks in state governments Cyber attack vectors Preparing
More informationHow To Create Situational Awareness
SIEM: The Integralis Difference January, 2013 Avoid the SIEM Pitfalls Get it right the first time Common SIEM challenges Maintaining staffing levels 24/7 Blended skills set, continuous building of rules
More informationResearch Topics in the National Cyber Security Research Agenda
Research Topics in the National Cyber Security Research Agenda Trust and Security for our Digital Life About this document: This document summarizes the research topics as identified in the National Cyber
More informationBuilding Blocks of a Cyber Resilience Program. Monika Josi monika.josi@safis.ch
Building Blocks of a Cyber Resilience Program Monika Josi monika.josi@safis.ch About me Chief Security Advisor for Microsoft Europe, Middle East and Africa providing support to Governments and CIIP until
More informationUnified Cyber Security Monitoring and Management Framework By Vijay Bharti Happiest Minds, Security Services Practice
Unified Cyber Security Monitoring and Management Framework By Vijay Bharti Happiest Minds, Security Services Practice Introduction There are numerous statistics published by security vendors, Government
More informationAccenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges
Accenture Intelligent Security for the Digital Enterprise Archer s important role in solving today's pressing security challenges The opportunity to improve cyber security has never been greater 229 2,287
More informationWHITE PAPER: THREAT INTELLIGENCE RANKING
WHITE PAPER: THREAT INTELLIGENCE RANKING SEPTEMBER 2015 2 HOW WELL DO YOU KNOW YOUR THREAT DATA? HOW THREAT INTELLIGENCE FEED MODELING CAN SAVE MONEY AND PREVENT BREACHES Who are the bad guys? What makes
More informationIBM Security re-defines enterprise endpoint protection against advanced malware
IBM Security re-defines enterprise endpoint protection against advanced malware Break the cyber attack chain to stop advanced persistent threats and targeted attacks Highlights IBM Security Trusteer Apex
More informationSymantec Managed Security Services The Power To Protect
Symantec Managed Security Services The Power To Protect Peter Sparkes Senior Director, Cyber Security Services Asia Pacific & Japan Symantec Managed Security Services Cyber Security Services 1 Expanding
More informationAdvanced Visibility. Moving Beyond a Log Centric View. Matthew Gardiner, RSA & Richard Nichols, RSA
Advanced Visibility Moving Beyond a Log Centric View Matthew Gardiner, RSA & Richard Nichols, RSA 1 Security is getting measurability worse Percent of breaches where time to compromise (red)/time to Discovery
More informationNext Generation IPS and Reputation Services
Next Generation IPS and Reputation Services Richard Stiennon Chief Research Analyst IT-Harvest 2011 IT-Harvest 1 IPS and Reputation Services REPUTATION IS REQUIRED FOR EFFECTIVE IPS Reputation has become
More informationDefensible Strategy To. Cyber Incident Response
Cyber Incident Response Defensible Strategy To Cyber Incident Response Cyber Incident Response Plans Every company should develop a written plan (cyber incident response plan) that identifies cyber attack
More informationSymantec Protection Center Enterprise 3.0. Release Notes
Symantec Protection Center Enterprise 3.0 Release Notes Symantec Protection Center Enterprise 3.0 Release Notes The software described in this book is furnished under a license agreement and may be used
More informationTHREAT VISIBILITY & VULNERABILITY ASSESSMENT
THREAT VISIBILITY & VULNERABILITY ASSESSMENT Date: April 15, 2015 IKANOW Analysts: Casey Pence IKANOW Platform Build: 1.34 11921 Freedom Drive, Reston, VA 20190 IKANOW.com TABLE OF CONTENTS 1 Key Findings
More information24/7 Visibility into Advanced Malware on Networks and Endpoints
WHITEPAPER DATA SHEET 24/7 Visibility into Advanced Malware on Networks and Endpoints Leveraging threat intelligence to detect malware and exploitable vulnerabilities Oct. 24, 2014 Table of Contents Introduction
More informationCombating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center
Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored. It takes an average
More informationNext-Generation Penetration Testing. Benjamin Mossé, MD, Mossé Security
Next-Generation Penetration Testing Benjamin Mossé, MD, Mossé Security About Me Managing Director of Mossé Security Creator of an Mossé Cyber Security Institute - in Melbourne +30,000 machines compromised
More informationHow we see malware introduced Phishing Targeted Phishing Water hole Download (software (+ free ), music, films, serialz)
How we see malware introduced Phishing Targeted Phishing Water hole Download (software (+ free ), music, films, serialz) Domain.Local DC Client DomainAdmin Attack Operator Advise Protect Detect Respond
More informationCompliance Guide ISO 27002. Compliance Guide. September 2015. Contents. Introduction 1. Detailed Controls Mapping 2.
ISO 27002 Compliance Guide September 2015 Contents Compliance Guide 01 02 03 Introduction 1 Detailed Controls Mapping 2 About Rapid7 7 01 INTRODUCTION If you re looking for a comprehensive, global framework
More informationCyber Threats Insights from history and current operations. Prepared by Cognitio May 5, 2015
Cyber Threats Insights from history and current operations Prepared by Cognitio May 5, 2015 About Cognitio Cognitio is a strategic consulting and engineering firm led by a team of former senior technology
More informationCyber4sight TM Threat. Anticipatory and Actionable Intelligence to Fight Advanced Cyber Threats
Cyber4sight TM Threat Intelligence Services Anticipatory and Actionable Intelligence to Fight Advanced Cyber Threats Preparing for Advanced Cyber Threats Cyber attacks are evolving faster than organizations
More informationKnowing Your Enemy How Your Business is Attacked. Andrew Rogoyski June 2014
Knowing Your Enemy How Your Business is Attacked Andrew Rogoyski June 2014 Why Cyber is the New Security 1986: Lawrence Berkeley NL discovers attempt to copy US Government Information on Arpanet 1988:
More informationStaying Ahead of the Cyber Security Game. Nigel Tan ASEAN Technical Leader IBM Security
Staying Ahead of the Cyber Security Game Nigel Tan ASEAN Technical Leader IBM Security PARADIGM SHIFT in crime ORGANIZED COLLABORATIVE AUTOMATED Cyber Criminals Use BUSINESS INTELLIGENCE NOBODY IS IMMUNE
More informationServices. Cybersecurity. Capgemini & Sogeti. Guiding enterprises and government through digital transformation while keeping them secure
Home Secure digital transformation SMACT Advise, Protect & Monitor Why Capgemini & Sogeti? In safe hands Capgemini & Sogeti Cybersecurity Services Guiding enterprises and government through digital transformation
More informationStop advanced targeted attacks, identify high risk users and control Insider Threats
TRITON AP-EMAIL Stop advanced targeted attacks, identify high risk users and control Insider Threats From socially engineered lures to targeted phishing, most large cyberattacks begin with email. As these
More informationCombating a new generation of cybercriminal with in-depth security monitoring
Cybersecurity Services Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored.
More informationCybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix
Cybercrime myths, challenges and how to protect our business Vladimir Kantchev Managing Partner Service Centrix Agenda Cybercrime today Sources and destinations of the attacks Breach techniques How to
More informationHow To Handle A Threat From A Corporate Computer System
Politics of Security Webcast Summary Cyber Threat News and APT Defenses Introduction Stories about cyber espionage and Advanced Persistent Threats (APTs) are part of the mainstream news cycle. Concerns
More informationIMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE
IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE Solution Brief SUMMARY New security threats demand a new approach to security management. Security teams need a security analytics architecture that can handle
More informationWeb 2.0 and Data Protection. Paul Tsang Security Consultant McAfee
Web 2.0 and Data Protection Paul Tsang Security Consultant McAfee Criminal Motivators For Profit Targeted Attacks Cyber Warfare (Credit Cards, PII, Criminal Infrastructure) (Nation-State Secrets, Trade
More informationAttackers are highly skilled, persistent, and very motivated at finding and exploiting new vectors. Microsoft Confidential for internal use only
Attackers are highly skilled, persistent, and very motivated at finding and exploiting new vectors Microsoft Confidential for internal use only Wall Street Journal, JP Morgan, Lockheed, Bushehr nuclear
More informationASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES
ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES Leonard Levy PricewaterhouseCoopers LLP Session ID: SEC-W03 Session Classification: Intermediate Agenda The opportunity Assuming
More information2012 Bit9 Cyber Security Research Report
2012 Bit9 Cyber Security Research Report Table of Contents Executive Summary Survey Participants Conclusion Appendix 3 4 10 11 Executive Summary According to the results of a recent survey conducted by
More informationCHAPTER 3 : INCIDENT RESPONSE THREAT INTELLIGENCE GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC
: INCIDENT RESPONSE THREAT INTELLIGENCE 1 THREAT INTELLIGENCE How it applies to our clients, and discuss some of the key components and benefits of a comprehensive threat intelligence strategy. Threat
More informationRich Baich Principal March 22, 2012
Cyber espionage The harsh reality of advanced security threats Rich Baich Principal March 22, 2012 Agenda Introductions Threat landscape update How organizations are responding Other discussion topics
More information2012 雲 端 資 安 報 告. 黃 建 榮 資 深 顧 問 - Verizon Taiwan. August 2012
2012 雲 端 資 安 報 告 黃 建 榮 資 深 顧 問 - Verizon Taiwan August 2012 1 It s All About Security Protecting assets from threats that could impact the business Protecting Assets... Stationary data Data in transit
More informationGetting real about cyber threats: where are you headed?
Getting real about cyber threats: where are you headed? Energy, utilities and power generation companies that understand today s cyber threats will be in the best position to defeat them June 2011 At a
More informationSurviving the Ever Changing Threat Landscape
Surviving the Ever Changing Threat Landscape Kevin Jordan Cyber Security Specialist Dell GLBA FFIEC NCUA PCI HIPAA NERC CIP FISMA 700+ Percentage of U.S. adults who Federal named online and banking state
More informationOffice of Emergency Communications (OEC) Mobile Applications for Public Safety (MAPS)
Office of Emergency Communications (OEC) Mobile Applications for Public Safety (MAPS) PSCR Public Safety Broadband Stakeholder Conference June 4 th, 2014 Alex Kreilein Technology Policy Strategist Office
More informationMiddle Class Economics: Cybersecurity Updated August 7, 2015
Middle Class Economics: Cybersecurity Updated August 7, 2015 The President's 2016 Budget is designed to bring middle class economics into the 21st Century. This Budget shows what we can do if we invest
More informationBy John Pirc. THREAT DETECTION HAS moved beyond signature-based firewalls EDITOR S DESK SECURITY 7 AWARD WINNERS ENHANCED THREAT DETECTION
THE NEXT (FRONT) TIER IN SECURITY When conventional security falls short, breach detection systems and other tier 2 technologies can bolster your network s defenses. By John Pirc THREAT HAS moved beyond
More informationCybersecurity and internal audit. August 15, 2014
Cybersecurity and internal audit August 15, 2014 arket insights: what we are seeing so far? 60% of organizations see increased risk from using social networking, cloud computing and personal mobile devices
More informationMISSION-ESSENTIAL INTELLIGENCE AND CYBER SOLUTIONS
Presentation to the Cyber Security & Critical Infrastructure Protection Symposium March 20, 2013 PREPARED REMARKS BARBARA ALEXANDER, DIRECTOR OF CYBER INTELLIGENCE TASC INFRASTRUCTURE PROTECTION AND SECURITY
More informationSR B17. The Threat Landscape Continues to Change: How are You Keeping Pace? Dean Turner
SR B17 The Threat Landscape Continues to Change: How are You Keeping Pace? Dean Turner Director - Engineering, Global Intelligence Network Symantec Intelligence Group Agenda 1 2 3 5 Symantec Intelligence
More informationFuture Threat Landscape - How will technology evolve and what does it mean for cyber security?
James Hanlon CISSP, CISM Security Strategist Office of the CTO EMEA Future Threat Landscape - How will technology evolve and what does it mean for cyber security? Think > What does the future of technology
More informationCybersecurity Awareness. Part 1
Part 1 Objectives Discuss the Evolution of Data Security Define and Discuss Cybersecurity Review Threat Environment Part 1 Discuss Information Security Programs s Enhancements for Cybersecurity Risks Threat
More informationEXTREME CYBER SCENARIO PLANNING & ATTACK TREE ANALYSIS
EXTREME CYBER SCENARIO PLANNING & ATTACK TREE ANALYSIS Ian Green Manager, Cybercrime & Intelligence Commonwealth Bank of Australia Session ID: GRC T17 Session Classification: ADVANCED WHY? What keeps you
More informationTargeted Intrusion Remediation: Lessons From The Front Lines. Jim Aldridge
Targeted Intrusion Remediation: Lessons From The Front Lines Jim Aldridge All information is derived from MANDIANT observations in non-classified environments. Information has beensanitized where necessary
More informationExtreme Networks Security Analytics G2 Vulnerability Manager
DATA SHEET Extreme Networks Security Analytics G2 Vulnerability Manager Improve security and compliance by prioritizing security gaps for resolution HIGHLIGHTS Help prevent security breaches by discovering
More informationCyber Intelligence Workforce
Cyber Intelligence Workforce Troy Townsend Melissa Kasan Ludwick September 17, 2013 Agenda Project Background Research Methodology Findings Training and Education Project Findings Workshop Results Objectives
More informationContinuous Network Monitoring
Continuous Network Monitoring Eliminate periodic assessment processes that expose security and compliance programs to failure Continuous Network Monitoring Continuous network monitoring and assessment
More informationAdvanced Persistent Threats
Advanced Persistent Threats Craig Harwood Channel Manager SADC and Indian Ocean Islands 1 Agenda Introduction Today s Threat landscape What is an Advance persistent Threat How are these crimes perpetrated
More informationThreat Intelligence & Analytics Cyber Threat Intelligence and how to best understand the adversary s operations
Threat Intelligence & Analytics Cyber Threat Intelligence and how to best understand the adversary s operations September 2015 Copyright 2015 Deloitte Development LLC. All rights reserved. This presentation
More informationSYMANTEC CYBERV ASSESSMENT SERVICE OVER THE HORIZON VISIBILITY INTO YOUR CYBER RESILIENCE MORE FOCUS, LESS RISK.
SYMANTEC CYBERV ASSESSMENT SERVICE OVER THE HORIZON VISIBILITY INTO YOUR CYBER RESILIENCE Cyberspace the always-on, technologically hyperconnected world offers unprecedented opportunities for connectivity,
More informationGaining the upper hand in today s cyber security battle
IBM Global Technology Services Managed Security Services Gaining the upper hand in today s cyber security battle How threat intelligence can help you stop attackers in their tracks 2 Gaining the upper
More informationUsing big data analytics to identify malicious content: a case study on spam emails
Using big data analytics to identify malicious content: a case study on spam emails Mamoun Alazab & Roderic Broadhurst Mamoun.alazab@anu.edu.au http://cybercrime.anu.edu.au 2 Outline Background Cybercrime
More informationAddressing Cyber Risk Building robust cyber governance
Addressing Cyber Risk Building robust cyber governance Mike Maddison Partner Head of Cyber Risk Services The future of security The business environment is changing The IT environment is changing The cyber
More informationSecuring the endpoint and your data
#SymVisionEmea #SymVisionEmea Securing the endpoint and your data Piero DePaoli Sr. Director, Product Marketing Marcus Brownell Sr. Regional Product Manager Securing the Endpoint and Your Data 2 Safe harbor
More informationThe FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED
The FBI Cyber Program Bauer Advising Symposium October 11, 2012 Today s Agenda What is the threat? Who are the adversaries? How are they attacking you? What can the FBI do to help? What can you do to stop
More informationIntegrating MSS, SEP and NGFW to catch targeted APTs
#SymVisionEmea #SymVisionEmea Integrating MSS, SEP and NGFW to catch targeted APTs Tom Davison Information Security Practice Manager, UK&I Antonio Forzieri EMEA Solution Lead, Cyber Security 2 Information
More informationZak Khan Director, Advanced Cyber Defence
Securing your data, intellectual property and intangible assets from cybercrime Zak Khan Director, Advanced Cyber Defence Agenda (16 + optional video) Introduction (2) Context Global Trends Strategic Impacts
More informationContent Security: Protect Your Network with Five Must-Haves
White Paper Content Security: Protect Your Network with Five Must-Haves What You Will Learn The continually evolving threat landscape is what makes the discovery of threats more relevant than defense as
More informationInternal audit of cybersecurity. Presentation to the Atlanta IIA Chapter January 2015
Internal audit of cybersecurity Presentation to the Atlanta IIA Chapter January 2015 Agenda Executive summary Why is this topic important? Cyber attacks: increasing complexity arket insights: What are
More informationVulnerability Risk Management 2.0. Best Practices for Managing Risk in the New Digital War
Vulnerability Risk Management 2.0 Best Practices for Managing Risk in the New Digital War In 2015, 17 new security vulnerabilities are identified every day. One nearly every 90 minutes. This consistent
More informationStephen Coty Director, Threat Research
Emerging threats facing Cloud Computing Stephen Coty Director, Threat Research Cloud Environments 101 Cloud Adoption is Gaining Momentum Cloud market revenue will increase at a 36% annual rate Analyst
More informationWorking with the FBI
Working with the FBI WMACCA Data Privacy & Security Conference September 17, 2014 Individuals Organized Crime Syndicates Hacktivist Groups Nation States Nation-States Individuals Industry Law Enforcement
More informationCisco & Big Data Security
Cisco & Big Data Security 巨 量 資 料 的 傳 輸 保 護 Joey Kuo Borderless Networks Manager hskuo@cisco.com The any-to-any world and the Internet of Everything is an evolution in connectivity and collaboration that
More informationAlways Worry About Cyber Security. Always. Track 4 Session 8
Always Worry About Cyber Security. Always. Track 4 Session 8 Mark Stevens SVP, Global Services and Support Digital Guardian MStevens@DigitalGuardian.com 781-902-7818 www.digitalguardian.com 2 Abstract
More informationModular Network Security. Tyler Carter, McAfee Network Security
Modular Network Security Tyler Carter, McAfee Network Security Surviving Today s IT Challenges DDos BOTS PCI SOX / J-SOX Data Exfiltration Shady RAT Malware Microsoft Patches Web Attacks No Single Solution
More informationKASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com
KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global
More informationProtecting critical infrastructure from Cyber-attack
Protecting critical infrastructure from Cyber-attack ACI-NA BIT Workshop, Session 6 (Cybersecurity) Long Beach, California October 4, 2015 Ben Trethowan Aviation Systems & Security Architect The scale
More information