New Trends in Security Threats

Similar documents
Does your Citrix or Terminal Server environment have an Achilles heel?

Teradata and Protegrity High-Value Protection for High-Value Data

Seven Things To Consider When Evaluating Privileged Account Security Solutions

I D C A N A L Y S T C O N N E C T I O N

Balancing Cloud-Based Benefits With Security. White Paper

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

Take the cost, complexity and frustration out of two-factor authentication

Microsoft s cybersecurity commitment

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Protecting and empowering your connected organization. with Microsoft Enterprise Mobility Suite (EMS)

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be!

ONLINE AND MOBILE BANKING, YOUR RISKS COVERED

Process Solutions. Staying Ahead of Today s Cyber Threats. White Paper

Cloud Assurance: Ensuring Security and Compliance for your IT Environment

Zero Trust Requires Effective Business-Centric Application Segmentation

MOVE YOUR To The Cloud With Confidence

THE BLUENOSE SECURITY FRAMEWORK

Certified PCI Compliant and Still Breached. 4 Cornerstones of Securing Payment Card Data

Protecting Your Organisation from Targeted Cyber Intrusion

WHITE PAPER. Managed Security. Five Reasons to Adopt a Managed Security Service

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

Host-based Protection for ATM's

PENETRATION TESTING GUIDE. 1

Stay ahead of insiderthreats with predictive,intelligent security

Microsoft Azure Multi-Factor authentication. (Concept Overview Part 1)

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Advanced Persistent. From FUD to Facts. A Websense Brief By Patrick Murray, Senior Director of Product Management

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

ITAR Compliance Best Practices Guide

OVERVIEW. Enterprise Security Solutions

Developing Secure Software in the Age of Advanced Persistent Threats

THREE KEYS TO COST-EFFECTIVE SECURITY FOR YOUR SMALL BUSINESS

AB 1149 Compliance: Data Security Best Practices

Encryption, Key Management, and Consolidation in Today s Data Center

Perspectives on Cybersecurity in Healthcare June 2015

What Consumers Believe About Cloud File Sharing & Why That s a Warning to IT Pros

Cloud and Data Center Security

Strong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment

Table of Contents. Application Vulnerability Trends Report Introduction. 99% of Tested Applications Have Vulnerabilities

Cisco Advanced Malware Protection for Endpoints

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION

BUYER S GUIDE. The Unified Communications Buyer s Guide: Four Steps to Prepare for the Modern, Mobile Workforce

What Do You Mean My Cloud Data Isn t Secure?

Driving Success in 2013: Enabling a Smart Protection Strategy in the age of Consumerization, Cloud and new Cyber Threats. Eva Chen CEO and Co-Founder

IDENTITY SOLUTIONS: Security Beyond the Perimeter

White Paper. Five Steps to Firewall Planning and Design

IDENTITY & ACCESS. Providing Cost-Effective Strong Authentication in the Cloud. a brief for cloud service providers

GETTING REAL ABOUT SECURITY MANAGEMENT AND "BIG DATA"

Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media

The Next Generation Security Operations Center

Virginia Government Finance Officers Association Spring Conference May 28, Cloud Security 101

Proactive controls to mitigate IT security risk

HIPAA Compliant Infrastructure Services. Real Security Outcomes. Delivered.

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

2014 Authentication Survey Executive Summary. How Organizations Are Responding to Mobile and Cloud Threats

MEETING CSIP OBJECTIVES WITH AN AUTOMATED AND PREVENTIVE SECURITY APPROACH

Securing the Microsoft Cloud

How To Buy Nitro Security

I ve been breached! Now what?

Authentication Strategy: Balancing Security and Convenience

Seven Strategies to Defend ICSs

The Education Fellowship Finance Centralisation IT Security Strategy

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

Securing the Cloud Infrastructure

Formulate A Database Security Strategy To Ensure Investments Will Actually Prevent Data Breaches And Satisfy Regulatory Requirements

Breaking the Cyber Attack Lifecycle

The Stacks Approach. Why It s Time to Start Thinking About Enterprise Technology in Stacks

defending against advanced persistent threats: strategies for a new era of attacks agility made possible

Preventing Attackers from Getting What They Want

Public Cloud Security: Surviving in a Hostile Multitenant Environment

How Do Threat Actors Move Deeper Into Your Network?

DISCLAIMER AND NOTICES

Building a Business Case:

Cyber Security Related Excerpts from the Global Risk Forum Berlin September 25-26, 2013 Draft 10/24/13

Staying Secure After Microsoft Windows Server 2003 Reaches End of Life. Trevor Richmond, Sales Engineer Trend Micro

The Benefits of an Integrated Approach to Security in the Cloud

Cloud Based Secure Web Gateway

integrating cutting-edge security technologies the case for SIEM & PAM

OVERVIEW. Enterprise Security Solutions

Securing Internet Payments across Europe. Guidelines for Detecting and Preventing Fraud

The Convergence of IT Operations

How To Secure Your System From Cyber Attacks

SANS Top 20 Critical Controls for Effective Cyber Defense

White Paper. What is an Identity Provider, and Why Should My Organization Become One?

CA Host-Based Intrusion Prevention System r8.1

Building Secure Cloud Applications. On the Microsoft Windows Azure platform

The Protection Mission a constant endeavor

Defending against modern threats Kruger National Park ICCWS 2015

Security in the smart grid

Cyber Exploits: Improving Defenses Against Penetration Attempts

Nine Cyber Security Trends for 2016

ProtectWise: Shifting Network Security to the Cloud Date: March 2015 Author: Tony Palmer, Senior Lab Analyst and Aviv Kaufmann, Lab Analyst

Maintaining PCI-DSS compliance. Daniele Bertolotti Antonio Ricci

A POLYCOM WHITEPAPER Polycom. Recommended Best Security Practices for Unified Communications

Choosing Encryption for Microsoft SQL Server

IBM Data Security Services for endpoint data protection endpoint encryption solution

Transcription:

TRANSCRIPT New Trends in Security Threats Advice for CSOs on what they need to be asking their security vendors and how to protect against security threats

Executive Summary Recently Dark Reading sat down with Leo Taddeo, Cryptzone CSO and Former FBI Special Agent in Charge of Special Operations. They discussed new trends in security threats, if adversaries are becoming more sophisticated, why prevention not detection strategies are needed and the evolving security threat landscape. Leo also discussed what drew him to Cryptzone and how we help customers prevent adversaries from exploiting weak points within an enterprise. Read the transcript of the Dark Reading interview to learn more on: The evolving cyber-threat sophistication from Nation States Why the public cloud (AWS, Azure, etc.) provides security advantages Skills CSOs need to succeed What CSOs are asking their security vendors to provide 2

As a former FBI agent, what are you seeing as some of the new trends in security threats lately? I think the breakout trend is the activity of nation states today. Not even 10 years ago, we knew that nation states were developing the capability, but it was a tool that they had in their arsenal but were not willing to deploy. Now we see, in many cases, nation states are the most active adversary and are experimenting with new tools, techniques and new ways of influencing US policy through a cyber-attack. I think what s also troubling is that criminal groups are adopting the same tools and techniques and the gap between deployment by a nation state and deployment by a criminal group, in terms of time and quality, is shrinking. What drew you to Cryptzone? During my time at the FBI we investigated a number of intrusions. Many of those involved stolen credentials and the bypassing of perimeter detection tools. I was drawn to Cryptzone because the technology was more of a hardening-the-interior approach which made it harder for the adversary to do lateral movement, reconnaissance and escalate privileges. I wanted to be involved with a technology that was making it harder for the adversary rather than trying to find the adversary. Let s discuss adversaries and nation states becoming more of a threat than they had been in the past. Are they also becoming more sophisticated? Certainly. We see nation states, some of the top players being Russia and China, moving from traditional malware tools to attacking the human element within an organization, to attacking the supply-chain. So it s not just the ones and zeros part of an attack that s sophisticated, it s also the development of exploitations of other weak points within an enterprise. What does Cryptzone do to help customers with that kind of attack? Cryptzone is an enterprise gateway. We secure the user and the interior of the network by creating a close-binding between a user and the assets within a network. So, through robust authentication, meaning username, password, multifactor authentication, and some other attributes of the endpoint, things like time, date, geo-location, we check who the user truly is. And it s very hard to spoof all of the things that go into a digital identity. We then create an encrypted tunnel to the assets that are protected. Once in the tunnel and connected, the user cannot move laterally away from that asset. So we prevent lateral movement on a network segment. The focus for Cryptzone is prevention, not detection? Well, we see ourselves as providing both prevention and detection because we also have a very robust logging feature. So by logging user activity and by monitoring user activity, we also have a detection function. But we see our primary role as maintaining the integrity of the network rather than trying to pick up signatures or defend the perimeter. 3

We talked about the changes in the type of threats that customers are seeing and a little bit about the sophistication. What about complexity? It s a complex and daunting job, for many of the people we ve spoken to, to defend against some of the threats out there. If you look at some of the most sophisticated actors, they are deploying malware that studies the network and the network defenses. In addition, inside the malware are built-in techniques to avoid detection. They are searching for sensitive applications, they are testing defenses and adapting to those defenses, so if you have a behavior analytics tool on your network the most advanced malware can detect that. The behavior analytics tool is there and will determine what activity will trigger an alert. They then do things that won t trigger that alert. There s a huge evolution in enterprise IT and that s the move to the cloud. What advice does Cryptzone, do you, have for customers who have moved to the cloud, might be working with Amazon Web Services, etc. What would you tell them? We think there s great benefit to moving to the cloud, and we think there are great security benefits to moving to the could but it has to be managed properly. The traditional threats that face an on-premises infrastructure also are pointed against cloud infrastructures so you are not only facing traditional threats like insider threats and application access vulnerability and application vulnerability, you re facing some new threats including the employees of the cloud service provider. Now, many of the biggest cloud service providers are very good at security. So, it s a buyer beware, it s a shared responsibility between the cloud service provider and the tenant and it s something that security professionals need to understand as they migrate to the cloud in order to gain those efficiencies. I was going to tease you a moment ago when you said cloud is a security advantage and I was going to say that I don t really ever hear anybody say that, but now I m thinking, let s talk about that. What do you mean by that, why is cloud a security advantage now? Most companies say, or they maybe have stopped saying it as much oh my god we ve got to be careful about moving to the cloud, everybody is going there. But, still it has that stigma of being a security threat. That s understandable. In a traditional enterprise you could build a perimeter and protect your resources by putting them behind it. We ve seen that that no longer works, a perimeter is hard to define and harder to defend. What cloud offers is shared resources for getting security right. So if you re talking about, for example, physical security, the large cloud service providers are very careful about how they secure the physical structure that houses your servers and other resources that you deploy in the cloud. Things like employee screening, patching, vulnerability management and updating operating systems and software, if done collectively by a dedicated cloud service provider, will deliver more efficiencies on the security side. I think cloud can be a game changer. We ve had a hard time creating a deterrent for the adversary because it is low risk high profit. I think cloud can start to change that equation. You re a former FBI agent. You re now a CSO. You ve seen the role of the CSO from both sides. Are there any bits of advice you might offer having seen the security threats from both sides? What kinds of skills do CSOs need these days? 4

Well CSOs have to be excellent communicators, above all. They have to be able to communicate the value that they and their team bring to an enterprise. That s their first and foremost obligation when talking to the C-suite or to the board. You have to be able to demonstrate that there not only is a threat, but that your team is deploying the tools necessary to mitigate the threat according to the appetite of the company. So I think first and foremost communication is a top level skill that you need to have. Beyond that, of course there s an understanding of the tools and how they overlay to create a layered defense. That goes into the technical skillset of a CSO. More and more CSOs are leading bigger teams and integrating with other business lines so CSOs are increasingly becoming business-enablers above all. In fact you say communicate and business enablers and one of their primary responsibilities now, especially, is being able to communicate to the board. So it s okay I need to explain to the board what we re doing that s going to help preserve our business, keep us out of trouble, etc. What sorts of advice would you give about their communication with the board specifically? The CSO has to understand the business, what drives the business, what s of value to the business and from that point of view translate value that the team and the budget brings. Without an understanding of what is driving the business and how the different divisions within a business interoperate and complement one another, and how the business process is enabled by IT in general, I think a CSO would be at a great disadvantage trying to communicate security value. Beyond understanding the business a CSO needs to understand how that organization intends to grow; it s not a steady state. So, enabling a defensive posture that works today is falling down on the job. One has to be able to predict where the company is going in order to predict the security requirements for the future. As that FBI agent you used to be, you were around the world all the time communicating with all sorts of actors, you kept on top of what was going on in the security community. How, as a CSO, are you doing that? That s a great question. It s important to maintain contact with your professional network. Having a baseline of best practices and experts to turn to, being able to call someone in a pinch is critical. I would advise this as well, if you re in a highly regulated industry like finance or energy, you need to have a close connection to the regulators. You need to have someone to call when you have a question about compliance or about a security issue that you re concerned about. And of course you need to have someone s number in the FBI or secret service in case you have an incident and need to call law enforcement. My final question is what you are hearing from Cryptzone s customers, either here or over the past six months or so, what are they saying to you hey we need you to start looking into this for us or we would love it if you could help us with this kind of a situation? That s a great question. So security is one benefit that CSOs are looking for, the other benefit that s almost as important is a reduction in complexity. There are many tools out there and many of them overlap. It s necessary for a new approach to reduce that complexity to be adopted. No one s going to add another tool to the toolbox because it requires people to manage and integrate it. What CSOs are looking for are tools that can replace existing defensive measures with simpler tools that provide transparency, ease of management, ease of adoption and integration into existing infrastructure. Leo thank you for joining us here on the news desk it s been fun I enjoyed talking with you. That was Leo Taddeo he is the CSO of Cryptzone. 5

About Cryptzone Cryptzone reduces the enterprise attack surface by 99% with its secure network access solutions. Using a distributed, scalable and highly available Software-Defined Perimeter model, Cryptzone protects applications and content from internal and external threats while significantly lowering costs. In cloud environments including AWS and Azure, Cryptzone provides user access control, increases operational agility and improves the ability to meet regulatory and compliance standards. More than 450 companies rely on Cryptzone to secure their networks and data. For more information visit www.cryptzone.com. Learn more about AppGate network access software that reduces your attack surface by 99% while significantly lowering costs. Americas +1 888 272 2484 EMEA & APAC +44 118 900 1236 www.cryptzone.com sales@cryptzone.com Copyright 2016 Cryptzone North America Inc. All rights reserved. Cryptzone, the Cryptzone Logo and AppGate are trademarks of Cryptzone North America Inc.,or its affiliates. Microsoft is a registered trademark of Microsoft Corporation in the United States and/or other countries. All other product names mentioned hereinare trademarks of their respective owners.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information