PROTECTING YOUR ORGANIZATION SECURITY 2.0 LUNCHEON AGAINST CYBER THREATS Tommy Montgomery, Principal Consultant Viral Dhimar, Consultant Adam Ferguson, VP October 22, 2014
#SWCEvents
Security 2.0: Next Generation Security Solutions Demonstration: Palo Alto Q&A SECURITY THREATS MALWARE FIREWALLS NETWORK
About SWC Technology Partners SWC is a leading provider of innovative IT solutions for the mid-market. For more than 30 years, SWC has excelled at providing strategic guidance and delivering best-in-class solutions tailored to fit growing organizations.
About SWC Technology Partners Collaboration Business Intelligence CRM Custom Development
About SWC Technology Partners Digital Creative and Design Web Design Digital Marketing Platforms Search Engine Optimization Search Engine Marketing Social Media Videography
About SWC Technology Partners Architecture & Strategy Information Security System Center Unified Communications Desktop Management, Deployment & Virtualization
About SWC Technology Partners Monitor and Manage Service Desk Remote and Onsite Support Enhanced Managed Services Zephyr EDI and Data Exchange Solutions
About SWC Technology Partners At SWC we get past the hype and help our clients use the cloud to move their business to new heights. Advisory Software Recovery Network
Awards
SWC Security Services TECHNICAL SECURITY Vulnerability Assessment Penetration Testing Web Application Testing Security Infrastructure Implementation Business Continuity Disaster Recovery Access Control & Management RISK Security Assessment Policy Design & Review Control Analysis Security Program Development Threat Profiling Phishing Campaigns User Awareness COMPLIANCE PCI Preparation HIPAA Readiness Review ISO 27001 / 27002 Gap Analysis Standards & Framework Design MANAGED SERVICES Managed & Monitored Firewall Virtual CIO Security Log Review IPS / IDS Tuning / Management Managed Vulnerability Scanning Next Generation Firewall Web Application Firewall Threat Intelligence Bulletins CERTIFICATIONS: CISSP, ISSMP, CISM, GPEN, C EH, GCFW, CCNA & CCNP 2014 SWC Technology Partners
Consequences of Failing to Act X CEO and CIO Lost Job X Loss of Customer Confidence X Millions in Financial Losses X Significant Shareholder Loss
Real World Example The Target Breach HVAC Midsize Business 1 Attacker phishes in malware to contractor Retail POS Terminal Attacker locates POS terminals and infects with malware 5 Malware scrapes RAM for CC data and stages on Windows server 6 2 Attacker leverages stolen credentials to connect to portal Windows Server Contractor Portal Firewall 4 Attacker finds and infects internal server Exfiltration FTP Servers 7 Stolen data is exfiltrated to Russian FTP servers 3 FireEye appliances detects attacker attempting to infect server. Target fails to act.
Security 1.0 No Mature Security Program Traditional Firewalls No Application Awareness Signature Based Anti-Virus No Directory Integration
Security 2.0 Information Security Program Next Generation Firewalls Next Generation Malware Protection Holistic Integration
Security Program Foundation Information Security Program Definition: The comprehensive, organized collection of polices, documents and processes that are used to continuously deliver information security across the enterprise
Security Program Foundation GOVERNANCE SECURITY AWARENESS DISASTER PLANNING INFORMATION SECURITY PROGRAM SECURITY ARCHITECTURE IT SECURITY OPERATIONS RISK MANAGEMENT
Advanced Malware Detection Advanced malware detection uses behavior to identify malware, unlike traditional defenses relying on signatures Inspects data coming into and leaving your network Protects against zero-day attacks with sandboxing Detects and blocks communication to botnet controllers Leverages a data sharing network
FireEye Alerts
Next Generation Firewalls Provides Application Aware Connection Tracking Integrates with Active Directory Enables User Based Filtering URL Filtering IPS Firewalls Identifies Systems Connected to Botnets Easy to Understand, Visually Rich Single Pane Traffic View Robust Reporting Full Product Integration
Demonstration PALO ALTO DEMO
Tying It All Together Technology is but the foundation must be in place to manage and empower it A solid security program will justify the technology investment Security awareness training reduces user risk An incident response plan as part of a security program is key to acting on alerts from technology in place Use the right technology, not just names that you have heard of SECURITY THREATS MALWARE FIREWALLS NETWORK
Why SWC? Balance of Technical, Business and Process Trusted, Established Partner with Over 30 Years Experience Holistic Approach Practicality We Get Security is Not Everyone's #1 Priority Wide Range of Solutions
Thank You For Your Time! COMPLIMENTARY SECURITY OFFER: luncheon we would like to offer you a COMPLIMENTARY SECURITY 2.0 READINESS CONSULTATION. Just let us know if you are interested on our feedback form. To learn more, please contact: Tommy Montgomery Principal Consultant Tommy.Montgomery@SWC.com 630.371.9423 Adam Ferguson Vice President, Client Engagement Adam.Ferguson@SWC.com 630.286.8124