Incident Response. Summary of Expertise and Experience

Similar documents
Cyber Security Services: Data Loss Prevention Monitoring Overview

Partner Technical Support Benefits Quick Guide

Symantec Cyber Security Services: DeepSight Intelligence

Host-based Protection for ATM's

SYMANTEC DATA CENTER SECURITY: MONITORING EDITION 6.5

SYMANTEC ENDPOINT PROTECTION SMALL BUSINESS EDITION

Keeping GE Healthcare Universal Viewer Highly Available with Symantec ApplicationHA

Microsoft Office 365 Migrations with Symantec Enterprise Vault.cloud

Achieving Business Agility Through An Agile Data Center

Delivering Performance and Value through Multiple Deduplication Pools

Symantec Messaging Gateway 10.6

Symantec Endpoint Protection

The Symantec Approach to Defeating Advanced Threats

Forensic Certifications

Symantec Control Compliance Suite Standards Manager

How to Unlock Agility by Backing up to, from, and in the Cloud

Symantec RuleSpace Data Sheet

Realizing the True Potential of Software-Defined Storage

Backup Exec 2014: Protecting Microsoft SharePoint

Top 5 Reasons to Choose User-Friendly Strong Authentication

SYMANTEC DATA CENTER SECURITY: SERVER ADVANCED 6.5

DATASHEET CONTROL COMPLIANCE SUITE VENDOR RISK MANAGER 11.1

Guide to information security certifications. SearchSecurity.com's guide to vendor-neutral security certifications

Backup Exec 2014: Protecting Microsoft SQL

Backup Exec 15: Protecting Microsoft SQL

5 Must-Haves for an Enterprise Mobility Management (EMM) Solution

Asset Discovery with Symantec Control Compliance Suite

Symantec Enterprise Vault and Symantec Enterprise Vault.cloud

Symantec Enterprise Vault for Microsoft Exchange Server

Symantec Server Management Suite 7.6 powered by Altiris technology

Cyber Intelligence Workforce

Computer Forensics Preparation

Datacane - When the bits hit the fan!

Delivering a New Level of Data Protection Resiliency with Appliances

Ever-Evolving Security Threat Landscape

Report on CAP Cybersecurity November 5, 2015

2014 Montana Government IT Conference. Securing Data Networks and People

Finding Security in the Cloud

Confidently Virtualize Business-critical Applications in Microsoft Hyper-V with Symantec ApplicationHA

Professional Services Overview

Cybersecurity Global status update. Dr. Hamadoun I. Touré Secretary-General, ITU

Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Landscape

GIAC Program Overview 2015 Q4 Version

IBM. RiskIQ. Symantec. Bastille. Sponsor Level. Vendor and Sponsor Descriptions (Listed by Level by Alpha) Platinum. Platinum. Platinum.

ORGANIZADOR: APOIANTE PRINCIPAL:

North American Electric Reliability Corporation (NERC) Cyber Security Standard

Maryland Leaders Raise Concerns about Computer Forensic Shortages IN THIS ISSUE. School of Graduate and Professional Studies Issue:

Securing Mobile App Data - Comparing Containers and App Wrappers

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Information Systems Security Certificate Program

Symantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team

Veritas NetBackup for Epic Healthcare Protection

Symantec Advanced Threat Protection: Network

Keynote: FBI Wednesday, February 4 noon 1:10 p.m.

CSN08101 Digital Forensics. Module Leader: Dr Gordon Russell Lecturers: Robert Ludwiniak

The Geospatial Approach to Cybersecurity: An Executive Overview. An Esri White Paper January 2014

Information Security Engineering

National Cybersecurity & Communications Integration Center (NCCIC)

Presented by Frederick J. Santarsiere

Capstone Compliance Using Symantec Archiving and ediscovery Solutions

Contents. Facts. Contact. Company Biography...4. Qualifications & Accolades...5. Executive Leadership Team...6. Products & Services...

IT Security Management 100 Success Secrets

Executive Cyber Security Training. One Day Training Course

CyberSecurity Solutions. Delivering

Developing a Mature Security Operations Center

Social Media Security Training and Certifications. Stay Ahead. Get Certified. Ultimate Knowledge Institute. ultimateknowledge.com

FROM INBOX TO ACTION AND THREAT INTELLIGENCE:

How To Manage Security On A Networked Computer System

Cybersecurity on a Global Scale

Protecting critical infrastructure from Cyber-attack

Course Descriptions November 2014

Web Protection for Your Business, Customers and Data

FBI AND CYBER SECURITY

Cybercrime Security Risks and Challenges Facing Business

Dealing with Big Data in Cyber Intelligence

Backup Exec 15: Protecting Microsoft Hyper-V

SECURITY CERTIFICATIONS

SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles

Security and Privacy

Top 5 Global Bank Selects Resolution1 for Cyber Incident Response.

Cybersecurity Report on Small Business: Study Shows Gap between Needs and Actions

THOMAS WELCH, CISSP, CPP, CISA, CISM, CFI, CHS-III SUMMARY

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

Closing the Vulnerability Gap of Third- Party Patching

Security Certifications. Presentatie SecCert 101 Jordy Kersten MSc., ISC2 Ass., CEH, OSCP

CSM-ACE 2014 Cyber Threat Intelligence Driven Environments

How To Build A Cybersecurity Company

Protecting Energy s Infrastructure and Beyond: Cybersecurity for the Smart Grid

Transcription:

Incident Response Summary of Expertise and Experience 2015 The copyright to this document is owned by Symantec. No part of this document may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without their prior permission.

Combined Expertise and Certifications Years of experience Degrees and Certifications Experience by Sector Private Sector Public Sector Patents and Process Experience 255 total years of forensic investigation experience on the delivery team, with the ability to call on an extended pool of over 1,000 security experts around the globe that are actively engaged in Managed Security Services, Security Technology and Response, and Managed Adversary & Threat Intelligence. Each incident response team member averages over 15 years of active investigation experience in the field. ACE, APMP, CCE, CCNA, CCNAS, CCNP, CCNPS, CCPF, CCSA, CCSE, CCSI, CCSK, CEH, CFCE, CHFI, CISSP, CSFA, CSTP, DOD-CCCI, EnCE, GCFA Gold, GFCW, GCFE, GCIH, GNFA, GPEN, GREM, GSEC, IACIS, MCMI, MCSE+, NSA CNSS NSTISSI #4011 and NSA CNSS CNSSI #4014, OSCP, PCI-QSA, PMP, PRINCE2, SCSA, SCSE, SFCP, J.D., M.S. in Forensics Extensive experience from founding start-up firms to international experience with the Big 4 consulting organizations. Symantec s leads have served as security consultant or analyst for many industries including: Finance Healthcare Manufacturing Entertainment and Gaming National Infrastructure Technology Retail Telco & Communications 124 combined years working in the U.S. and U.K. governments, with particular experience in: U.S. Department of Defense U.S. Department of Energy United States Naval Criminal Investigative Service U.S. Army Signals Intelligence FBI NATO U.K. National Cyber Crime Unit New Scotland Yard Computer Crime Unit Police Central e-crime Unit UK South West Regional Cyber Crime Unit Patents and Technology Automated threat intelligence across enterprise devices Machine-learning threat-intelligence feedback Dynamic malware analysis Covert/counterintelligence measures Process Collaborative incident response platforms Design for preserving and maintaining electronic evidence SCADA system architecture and defense Web applications and penetration testing

Leadership Special Individual Projects Malware outbreak response Incident response best practices Member of HTCIA, HTCC, CTIN, CERT, ISC(2), and other professional security forums Led primary research on the following malware: LSASS, Stuxnet, Duqu, Flamer, Elderwood Expert witnesses for criminal cases in the U.S., U.K., and Asia Developed and executed security plans for 2012 London Olympics including both physical and logical security Established and led the Computer Crime Investigation Unit in Durham, U.K. Customer Profiles and Statistics It is important not to look at each individual incident in a vacuum the same attack types are used by adversaries over and over when they have success. To anticipate possible future incidents one needs understand the patterns of these actors and learn the characteristics of the types of attacks that are currently being targeted against each organization size and type. To get a more detailed view of our most recent experience, we ve summarized all the incidents we ve triaged, investigated, and contained from January 2013 to March 2015 by vertical, by incident type, and by membership in the Fortune 500 on the following page.

Figure 1 Incident Response Engagements by Vertical: Jan 2013 March 2015 Healthcare 13% 13% Communications 3% 6% 14% 4% 1% 5% 14% Software Retail Financial Services Accounting 27% Telco Gaming Education Manufacturing Figure 2 Incidents by Incident Type: Jan 2013 March 2015 Virus 10% 27% 21% Web Application Attack Malware outbreak - known 17% Advanced Persistent Threat 21% 2% 2% DDoS Application Exploitation

Figure 3 Incidents by Fortune 500 Status: Jan 2013 March 2015

More Information Get help with a security incident Email: incidentresponse@symantec.com US Incident Response Hotline: (855) 378-0073 UK Incident Response Hotline: +44 (0) 800 917 2793 Visit our website http://go.symantec.com/incidentresponse Check out our Cyber Security Group blogs http://www.symantec.com/connect/symantec-blogs/cyber-security-services About Symantec Symantec Corporation (NASDAQ: SYMC) is an information protection expert that helps people, businesses, and governments seeking the freedom to unlock the opportunities technology brings anytime, anywhere. Founded in April 1982, Symantec, a Fortune 500 company operating one of the largest global data intelligence networks, has provided leading security, backup, and availability solutions for where vital information is stored, accessed, and shared. The company's more than 20,000 employees reside in more than 50 countries. Ninety-nine percent of Fortune 500 companies are Symantec customers. In fiscal 2014, it recorded revenue of $6.7 billion. To learn more go to www.symantec.com or connect with Symantec at: go.symantec.com/socialmedia. Symantec World Headquarters 350 Ellis St. Mountain View, CA 94043 USA +1 (650) 527 8000 1 (800) 721 3934 www.symantec.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information