CSPi. A Practical (low cost) Approach to Securing East-West Traffic & Critical Data. December 2018
|
|
- Kelley Manning
- 5 years ago
- Views:
Transcription
1 CSPi A Practical (low cost) Approach to Securing East-West Traffic & Critical Data December
2 About CSPi Delivering a portfolio of products and consulting solutions singularly focused on securing our customers business critical data from cyber attacks. Breach Detection & Data Capture Purpose-built appliances and network adapters with specialized software that capture traffic in the fight on terror, to detecting breaches in hours with complete detail on what records were exposed. IT Technology & Security Services Support for the entire lifecycle of technology innovation for Security and IT services. Advanced Security Solutions Remediation and forensic evaluation of detected threats; pen-testing, web auditing and social engineering to expose gaps Headquarters, Boston UK & Germany Florida Industries Served 2
3 Our Focus: Critical Data Needs to be Better Protected Two Premises - We Address: Breaches Need to be detected, verified, scoped quickly Breaches will happen it s not if it s when and how often Data needs to be better protected Breaches will happen it s not if it s when and how often Enterprise & Gov t customers need a simpler approach Security capabilities should be offered via a simple service model 3
4 Detecting Breaches How are we doing? 1000 Breaches in the US first 6 Months of 2018 a 20% jump over prior record setting 2017 Big Breaches: Equifax, SEC, IRS, BT, most every major retailor Compliance Laws are tightening Are organizations just incompetent? No today s threat detection solutions are operationally complex AND only as good as the data they ingest plus Don t do much - if anything to stop threats 4
5 PII/PHI Cost per record Average cost / PII data record lost - commercial sector is $230 vs. $400 for PHI 5
6 Compliance laws are changing - to punish the abusers 49 States + Canada have laws on the books Must notify state citizens/state authorities if you exposed their PII data Half of these states impose fines within 30days of the breach if this doesn t happen Texas mandates residents are notified in 30 days if PII is exposed - $10k/day if you miss Compliance with such laws stipulated by breach insurance policies typically required for coverage EU Has GDPR which allows you 3 days to notify Fines are 20M Euros or 4% of Revenue- which ever is greater Judicial Redress Act/Privacy Shield allows EU to file class action law suits against US entities that lose their citizen data 6
7 The Problem Organizations of all sizes struggle to pay for dealing with breach investigation. Compliance rules mandate it must be done in a timely fashion and impose rigorous requirements on how its done Financial, Insurance, Health Care (all forms) Retail, Government, Education All have stricter rules A breaches cost mid sized business over $1,000,000 - each breach 3rd Party Firms typically charge businesses over $500,000 to investigate a breach and it can take at least a month. It goes to the Millions for F1000 sized organizations 7
8 8 We need a better approach Breaches to Critical Data Repositories need to be stopped Yet it appears that s not going to happen with current approaches: 27 66% of breaches took months or even years to discover 60% of breaches have data exfiltrated in first 24 hours 5,000 Avg. number of alerts/day that enterprises are provided by their systems 229 Median number of days advanced attackers present before detection 33% Of organizations discover breaches through their own monitoring Cisco 2017 Report - Based on a survey of over 4600 Enterprises and Gov t organizations
9 #1 - Over reliance on system log data Method: detect threats once they are on systems Likely that s when damage is already being done! That misses network level threats! SIEMs, behavioural detection systems need more data to work effectively They need in-motion data ML detection capabilites: only as good as type and amount of data fed Additional data collected needs to be cost to risk optmized 9
10 What s Needed to Solve this Problem 1. Threats are better detected with live E-W network data information Feeds well into ML based threat detection systems in SIEMS, UEBAs, as well as N-IPS, IDS 2. Yet its too expensive to ingest raw data Systems overwhelmed- and/or can cost $millions per year for solution that charge by bytes ingested (Splunk, Q-Radar others) 3. What if we could feed them just the data needed? Netflow/IPfix flow data provides what these systems need to detect threats Each flow record accounts for 150bits of Splunk Ingest Less than $8K/mo. most enterprises 10
11 Threats now better detected Detect East West Threats in Motion Malware, APTs, Ransomware, DDoS Bruteforce Insider threats, compromised credentials Compromised end points, IOT devices, etc Works best when the right data is sent to the right tools Entire suspect classified traffic flows sent to N-IPS for example 11
12 #2 -Yet we need to stop these threats quickly Need an ability to stop such threats when detected Faster action means less damage and less potential data loss Need ability to enforce connection policies What devices should talk to what & where Relying on network devices to stop such connectivity proven a problem Network devices reconfigured by network guys can blow away ACLs 12
13 How? Packet Intelligence - Definition The ability to break out individual traffic flows and classify The ability to take action on those flows automatically per policy, or as driven by API 13
14 Packet Intelligence with Policy Triggered Actions Window onto the Wire /10G link 1. View into Packets identify and Classify flows Flow 1 MySQL Flow 2 Oracle Subnet Flow 3 FTP Flow 4 Present this meta info to the Analytics Tools Benefit: Does this without adding delay to the packets as they transit 2. Perform real-time line rate operations such as: ID Flow - Apply Policy Match Flow 1 MySQL Policy Action: Forward on to Destination Flow 2 Oracle Policy Action: Forward on Original and Make copy forward to forensic recorder Flow 3 FTP Policy Action: Drop & Alert and Make copy forward to inspection (IDS) service Flow 4 Policy Action: Redirect Original direct for inspection (anti-phish, DLP- lite, etc.. ) Benefit: Allows for service operation chaining Apply a series of actions upon filter matches without adding delay. 14
15 ARIA Packet Intelligence Offerings ARIA Enhanced Network Security & Remediation: Packet Intelligence Application Real-time examination of packets on the wire. Generates NetFlow or IPFIX data DPI used to ID applications Acts as a Network flow level Policy Enforcement function Includes intelligent policy actions such as dropping, redirection, replication, shunting, etc.. Performs all acts without impacting forwarding performance of the data Can be Deployed as a Bump-in-the-wire or as end point NIC - on Servers Intelligent Feeds to 3 rd Party Security Applications IDS, WAFs, Anti-phish etc And forensic recorders for Complaince Verification Fed by ARIA Filter match directed packet streams SNF Packet Capture Application Captures Packets and Load balances them for efficient hand off into host applications - Such as IDS/IPS applications, DLP, etc Runs at rates to 40Gbps 15
16 Uncompromised Enterprise-wide Security See into the Wire Take action on Traffic flows Off-load CPU intensive security applications e.g. Encryption, Tokenization Deploy as much or as little as needed to achieve desired level of security Tremendous Server Performance Boost up to 10x Orchestrator to automatically discover instances and set policies Multiport 10/25G Secure Intelligent Adapter (when needed) Services: Micro Segmentation, Capture, Advanced filtering File Encrypt, VPN Encrypt, Tokenization Threat & Breach Detection PUBLIC CLOUD ARIA SDS Offers Secure DevOps Across Any Enterprise PREMISES ENTERPRISE DATA CENTER C EC2 SIA NSX VM VM VM VM SIA APP1 C APP2 16 C = SDSi Secured Container or Pod Symmetric Encrypted VPN Path SDS ORCHESTRATOR Highly Encrypted Data-at-Rest Path
17 Threats now better detected/prevented Works best when the right data is sent to the right tools Entire suspect classified traffic flows sent to a VM based N-IPS for example Run entire traffic stream through filters looking for advanced threats, or critical data loss Costs only 10s of thousands per year vs 100s of thousands Especially good detecting threats involving unprotected server applications PII Files and data bases, POS, Industrial systems, IOT devices, etc When coupled with the nvoy Breach detection appliance Simple to Deploy Cost Effective Threat Detection and Prevention 17
18 ARIA Network Security Probe & Security Appliance Probe: Simple network insertion Small form factor High availability solution Passive monitoring Generates flows, Active measures redirect/copies select traffic streams Enforces policies including adding select stream protection or prohibiting communication Zero-touch provisioning API driven control Security Appliance: Centralized threat detection/control Provides data protection as required High compute capacity Deploys VM based threat detection From any vendor As well as from CSPi Orchestrates the entire solution Controls the Probes and SIAs Scales to high network capacities + 18
19 Myricom SIA (Security Intelligent Adapter) Next-generation Intelligent NIC Addition of Multicore processing and onboard memory allows for 1-40G Packet capture/manipulation and other services Extends life of existing server infrastructure while offering network upgrade to 25G PCIe gen3 x8 < 70W GHz 32GB DDR4 memory GB Flash memory Dual SFP+/SFP28 ports; 10/25G Runs our ARIA application Services Suite- including PBaaS, FlowaaS, Crypto as a service etc. 19
20 #3 Better protect your critical applications and their Data What s the 1 thing you could do that has the most impact to stopping exposure and loss of critical data That you are likely NOT doing today???? Answer Individually Encrypt your data as it produced and sent to on a per VM, application instance basis Why: if its exposed/taken but not readable = no harm Regulatory bodies agree: HIPPA, GDPR, PCI. No need to report if you can prove it 20
21 21 ARIA Crypto Applications
22 ARIA : Simplifies Crypto Application Deployments ARIA KMS - Key Management KMIP Key Server that can securely serve 1000s keys per second with zero footprint Works to protect VMware VMs, VSAN data etc ARIA - Crypto Services Protects services in transit Protects data at rest ARIA KMS 22
23 Myricom nvoy Threat Visibility Solution: Compliance Assurance Automated Breach Detection with Compliance Verification Quickly verifies if a threat has exposed PII/PHI On-demand access to captured data for analysis 10Gbit Packet Recorder Capture and extract for compliance, regulatory threat verification. AIR Extract specific threat conversations Extractions are driven by FW/IDS/IPS events Creates files of conversations associated with these threat events for analysis. TAP in Packet Broker Isolate critical data through replication, load balancing and filtering. 23
24 Standard Use case: Verifying Threats to PII/PHI Record critical asset conversations without impacting the production network 1. Build a passive continuously recording threat visibility and investigative system 2. Trigger it from Firewall or IDS/IPS events 3. Analyze the output Firewall or IDS ALERT: Potential Intrusion Detected Laptop & Mobile Myricom nvoy Packet Recorder Desktops & Phones TAP or SIA Analysis with tools such as Wireshark, ELK stack, Splunk Automatic Extract of Detailed Data Server Farm High Value Assets PII, PHI, Credit Card, Employee Records
25 Why nvoy for Breach Detection Assures Compliance with latest Laws and Rules 1. Provides forensic details including which PII/PHI records were exposed. 2. Provides evidence if such records were properly encrypted 3. Automated to generate such reports as the breach is happening 4. Allows Provider to help enterprises meet all compliance deadlines All State Law notification deadlines & EUs GDPR 3 Day deadline 26
ARIA SDS. Application
ARIA SDS Packet Intelligence Application CSPi s ARIA SDS Packet Intelligence (PI) application enhances an organization s existing network security capabilities by enabling the monitoring of all network
More informationCipherCloud CASB+ Connector for ServiceNow
ServiceNow CASB+ Connector CipherCloud CASB+ Connector for ServiceNow The CipherCloud CASB+ Connector for ServiceNow enables the full suite of CipherCloud CASB+ capabilities, in addition to field-level
More informationTeradata and Protegrity High-Value Protection for High-Value Data
Teradata and Protegrity High-Value Protection for High-Value Data 12.16 EB7178 DATA SECURITY Table of Contents 2 Data Centric Security: Providing High-Value Protection for High-Value Data 3 Visibility:
More informationAltitude Software. Data Protection Heading 2018
Altitude Software Data Protection Heading 2018 How to prevent our Contact Centers from Data Leaks? Why is this a priority for Altitude? How does it affect the Contact Center environment? How does this
More informationBusiness Strategy Theatre
Business Strategy Theatre Security posture in the age of mobile, social and new threats Steve Pao, GM Security Business 01 May 2014 In the midst of chaos, there is also opportunity. - Sun-Tzu Security:
More informationSecuring Your Most Sensitive Data
Software-Defined Access Securing Your Most Sensitive Data Company Overview Digital Growth Means Digital Threats Digital technologies offer organizations unprecedented opportunities to innovate their way
More informationCloudSOC and Security.cloud for Microsoft Office 365
Solution Brief CloudSOC and Email Security.cloud for Microsoft Office 365 DID YOU KNOW? Email is the #1 delivery mechanism for malware. 1 Over 40% of compliance related data in Office 365 is overexposed
More informationCompare Security Analytics Solutions
Compare Security Analytics Solutions Learn how Cisco Stealthwatch compares with other security analytics products. This solution scales easily, giving you visibility across the entire network. Stealthwatch
More informationMAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER
MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER Bret Hartman Cisco / Security & Government Group Session ID: SPO1-W25 Session Classification: General Interest 1 Mobility Cloud Threat Customer centric
More informationOffice 365 Buyers Guide: Best Practices for Securing Office 365
Office 365 Buyers Guide: Best Practices for Securing Office 365 Microsoft Office 365 has become the standard productivity platform for the majority of organizations, large and small, around the world.
More informationSobering statistics. The frequency and sophistication of cybersecurity attacks are getting worse.
Sobering statistics The frequency and sophistication of cybersecurity attacks are getting worse. 146 >63% $500B $3.8M The median # of days that attackers reside within a victim s network before detection
More informationAKAMAI CLOUD SECURITY SOLUTIONS
AKAMAI CLOUD SECURITY SOLUTIONS Whether you sell to customers over the web, operate data centers around the world or in the cloud, or support employees on the road, you rely on the Internet to keep your
More informationCybersecurity The Evolving Landscape
Cybersecurity The Evolving Landscape 1 Presenter Zach Shelton, CISA Principal DHG IT Advisory Zach.Shelton@DHG.com Raleigh, NC 14+ years of experience in IT Consulting 11+ years of experience with DHG
More informationCybersecurity Roadmap: Global Healthcare Security Architecture
SESSION ID: TECH-W02F Cybersecurity Roadmap: Global Healthcare Security Architecture Nick H. Yoo Chief Security Architect Disclosure No affiliation to any vendor products No vendor endorsements Products
More informationData Privacy and Protection GDPR Compliance for Databases
Data Privacy and Protection GDPR Compliance for Databases Walo Weber, Senior Sales Engineer September, 2016 Agenda GDPR: who, what, why, when Requirements for databases Discovery Classification Masking
More informationGDPR: An Opportunity to Transform Your Security Operations
GDPR: An Opportunity to Transform Your Security Operations McAfee SIEM solutions improve breach detection and response Is your security operations GDPR ready? General Data Protection Regulation (GDPR)
More informationGDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ
GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool Contact Ashley House, Ashley Road London N17 9LZ 0333 234 4288 info@networkiq.co.uk The General Data Privacy Regulation
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationCybersecurity Auditing in an Unsecure World
About This Course Cybersecurity Auditing in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that cybersecurity
More informationTitle: Planning AWS Platform Security Assessment?
Title: Planning AWS Platform Security Assessment? Name: Rajib Das IOU: Cyber Security Practices TCS Emp ID: 231462 Introduction Now-a-days most of the customers are working in AWS platform or planning
More informationRSA NetWitness Suite Respond in Minutes, Not Months
RSA NetWitness Suite Respond in Minutes, Not Months Overview One can hardly pick up a newspaper or turn on the news without hearing about the latest security breaches. The Verizon 2015 Data Breach Investigations
More informationPresenting the VMware NSX ECO System May Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe
Presenting the ware NSX ECO System May 2015 Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe Agenda 10:15-11:00 ware NSX, the Network Virtualization Platform 11.15-12.00 Palo Alto
More informationAND FINANCIAL CYBER FRAUD INSTITUTIONS FROM. Solution Brief PROTECTING BANKING
PROTECTING BANKING AND FINANCIAL INSTITUTIONS FROM CYBER FRAUD Enabling the financial industry to become proactively secure and compliant Overview In order to keep up with the changing digital payment
More informationRethinking Security CLOUDSEC2016. Ian Farquhar Distinguished Sales Engineer Field Lead for the Gigamon Security Virtual Team
Rethinking Security CLOUDSEC2016 Ian Farquhar Distinguished Sales Engineer Field Lead for the Gigamon Security Virtual Team Breaches Are The New Normal Only The Scale Surprises Us OPM will send notifications
More informationRethinking Security: The Need For A Security Delivery Platform
Rethinking Security: The Need For A Security Delivery Platform Cybercrime In Asia: A Changing Environment & Shifting Focus Asia, more vulnerable to cybercrime because of diversity and breadth of countries
More informationAnalytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS
Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS Overview Cyberattacks are increasingly getting more frequent, more sophisticated and more widespread than ever
More informationThe threat landscape is constantly
A PLATFORM-INDEPENDENT APPROACH TO SECURE MICRO-SEGMENTATION Use Case Analysis The threat landscape is constantly evolving. Data centers running business-critical workloads need proactive security solutions
More informationCisco Firepower NGFW. Anticipate, block, and respond to threats
Cisco Firepower NGFW Anticipate, block, and respond to threats You have a mandate to build and secure a network that supports ongoing innovation Mobile access Social collaboration Public / private hybrid
More information2017 Varonis Data Risk Report. 47% of organizations have at least 1,000 sensitive files open to every employee.
2017 Varonis Data Risk Report 47% of organizations have at least 1,000 sensitive files open to every employee. An Analysis of the 2016 Data Risk Assessments Conducted by Varonis Assessing the Most Vulnerable
More informationSOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM
RSA NETWITNESS EVOLVED SIEM OVERVIEW A SIEM is technology originally intended for compliance and log management. Later, as SIEMs became the aggregation points for security alerts, they began to be more
More informationTHE RSA SUITE NETWITNESS REINVENT YOUR SIEM. Presented by: Walter Abeson
THE RSA NETWITNESS SUITE REINVENT YOUR SIEM Presented by: Walter Abeson 1 Reality Goals GOALS VERSUS REALITY OF SIEM 1.0 Single compliance & security interface Analyze & prioritize alerts across various
More informationPopular SIEM vs aisiem
Popular SIEM vs aisiem You cannot flip a page in any Cybersecurity magazine, or scroll through security blogging sites without a mention of Next Gen SIEM. You can understand why traditional SIEM vendors
More informationSOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE
HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE PREPARATION FOR GDPR IS ESSENTIAL The EU GDPR imposes interrelated obligations for organizations handling
More informationDelivering Integrated Cyber Defense for the Cloud Generation Darren Thomson
Delivering Integrated Cyber Defense for the Generation Darren Thomson Vice President & CTO, EMEA Region Symantec In 2009 there were 2,361,414 new piece of malware created. In 2015 that number was 430,555,582
More informationSECURITY PLATFORM FOR HEALTHCARE PROVIDERS
SECURITY PLATFORM FOR HEALTHCARE PROVIDERS Hundreds of hospitals, clinics and healthcare networks across the globe prevent successful cyberattacks with our Next-Generation Security Platform. Palo Alto
More informationNETWORKING &SECURITY SOLUTIONSPORTFOLIO
NETWORKING &SECURITY SOLUTIONSPORTFOLIO NETWORKING &SECURITY SOLUTIONSPORTFOLIO Acomprehensivesolutionsportfoliotohelpyougetyourbusiness securelyconnected.clickononeofoursolutionstoknowmore NETWORKING
More informationCisco Cloud Security. How to Protect Business to Support Digital Transformation
Cisco Cloud Security How to Protect Business to Support Digital Transformation Dragan Novakovic Cybersecurity Consulting Systems Engineer January 2018. Security Enables Digitization Digital Disruption,
More informationCisco Tetration Analytics
Cisco Tetration Analytics Enhanced security and operations with real time analytics John Joo Tetration Business Unit Cisco Systems Security Challenges in Modern Data Centers Securing applications has become
More informationCisco CloudCenter Solution with Cisco ACI: Common Use Cases
Cisco CloudCenter Solution with Cisco ACI: Common Use Cases Cisco ACI increases network security, automates communication policies based on business-relevant application requirements, and decreases developer
More informationVectra Cognito. Brochure HIGHLIGHTS. Security analyst in software
Brochure Vectra Cognito HIGHLIGHTS Finds active attackers inside your network Automates security investigations with conclusive answers Persistently tracks threats across all phases of attack Monitors
More informationThe Cognito automated threat detection and response platform
Overview The Cognito automated threat detection and response platform HIGHLIGHTS Finds active cyberattackers inside cloud, data center and enterprise environments Automates security investigations with
More informationFirst Look Showcase. Expanding our prevention, detection and response solutions. Marco Rottigni Chief Technical Security Officer, Qualys, Inc.
18 QUALYS SECURITY CONFERENCE 2018 First Look Showcase Expanding our prevention, detection and response solutions Marco Rottigni Chief Technical Security Officer, Qualys, Inc. Secure Enterprise Mobility
More informationOperationalizing NSX Micro segmentation in the Software Defined Data Center
Operationalizing NSX Micro segmentation in the Software Defined Data Center A Comprehensive Solution for Visibility and Management of Heterogeneous Security Controls in a Data Center www.tufin.com Introduction
More informationJune 2 nd, 2016 Security Awareness
June 2 nd, 2016 Security Awareness Security is the degree of resistance to, or protection from, harm. if security breaks down, technology breaks down Protecting People, Property and Business Assets Goal
More informationQualys Cloud Platform
Qualys Cloud Platform Our Journey into the Cloud: The Qualys Cloud Platform & Architecture Thomas Wendt Regional Manager Post-Sales, DACH, Qualys Inc. Digital Transformation More than just adopting new
More informationUnlocking the Power of the Cloud
TRANSFORM YOUR BUSINESS With Smarter IT Unlocking the Power of the Cloud Hybrid Networking Managed Security Cloud Communications Software-defined solutions that adapt to the shape of your business The
More informationQuickSpecs. Aruba IntroSpect User and Entity Behavior Analytics. Overview. Aruba IntroSpect User and Entity Behavior Analytics Product overview
Overview Product overview Aruba s User and Entity Behavior Analytics (UEBA) solution, Aruba IntroSpect, detects attacks by spotting small changes in behavior that are often indicative of attacks that have
More informationARTIFICIAL INTELLIGENCE POWERED AUTOMATED THREAT HUNTING AND NETWORK SELF-DEFENSE
ARTIFICIAL INTELLIGENCE POWERED AUTOMATED THREAT HUNTING AND NETWORK SELF-DEFENSE Vectra Cognito HIGHLIGHTS Finds active attackers inside your network Automates security investigations with conclusive
More informationMcAfee Total Protection for Data Loss Prevention
McAfee Total Protection for Data Loss Prevention Protect data leaks. Stay ahead of threats. Manage with ease. Key Advantages As regulations and corporate standards place increasing demands on IT to ensure
More informationAre we breached? Deloitte's Cyber Threat Hunting
Are we breached? Deloitte's Cyber Threat Hunting Brochure / report title goes here Section title goes here Have we been breached? Are we exposed? How do we proactively detect an attack and minimize the
More informationMITIGATE CYBER ATTACK RISK
SOLUTION BRIEF MITIGATE CYBER ATTACK RISK CONNECTING SECURITY, RISK MANAGEMENT & BUSINESS TEAMS TO MINIMIZE THE WIDESPREAD IMPACT OF A CYBER ATTACK DIGITAL TRANSFORMATION CREATES NEW RISKS As organizations
More informationSentryWire Next generation packet capture and network security.
Next generation packet capture and network security. 1 The data landscape 5 big cyber security trends for 2018 More data, more danger. Data proliferation brings many new opportunities but also many downsides:
More informationA MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE
SESSION ID: SPO2-W12 A MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE Frank Bunton VP, CISO MedImpact Healthcare Systems, Security @frankbunton Larry Biggs Security Engineer III - Threat
More informationSentryWire Next generation packet capture and network security.
Next generation packet capture and network security. 1 The data landscape More data, more danger. Data proliferation brings many new opportunities but also many downsides: more data breaches, more sophisticated
More informationThe Future of Threat Prevention
The Future of Threat Prevention Bricata is the leading developer of Next Generation Intrusion Prevention Systems (NGIPS) technology, providing innovative, disruptive, high-speed, high-performance network
More informationAWS Reference Design Document
AWS Reference Design Document Contents Overview... 1 Amazon Web Services (AWS), Public Cloud and the New Security Challenges... 1 Security at the Speed of DevOps... 2 Securing East-West and North-South
More informationDIGITAL TRUST Making digital work by making digital secure
Making digital work by making digital secure MARKET DRIVERS AND CHALLENGES THE ROLE OF IT SECURITY IN THE DIGITAL AGE 2 In today s digital age we see the impact of poor security controls everywhere. Bots
More informationWhite Paper. Why IDS Can t Adequately Protect Your IoT Devices
White Paper Why IDS Can t Adequately Protect Your IoT Devices Introduction As a key component in information technology security, Intrusion Detection Systems (IDS) monitor networks for suspicious activity
More informationSeceon s Open Threat Management software
Seceon s Open Threat Management software Seceon s Open Threat Management software (OTM), is a cyber-security advanced threat management platform that visualizes, detects, and eliminates threats in real
More informationAgenda GDPR Overview & Requirements IBM Secure Virtualization Solution Overview Summary / Call to Action Q & A 2
GRC3386BUS GDPR Readiness with IBM Cloud Secure Virtualization Raghu Yeluri, Intel Corporation Shantu Roy, IBM Bill Hackenberger, Hytrust #VMworld #GRC3386BUS Agenda GDPR Overview & Requirements IBM Secure
More informationMission Defense via Information-Centric Security
Mission Defense via Information-Centric Security Overview It s About the Information Traditional CND Tools are Not Sufficient Not All Data is Created Equal "The views expressed in this presentation are
More informationKey Technologies for Security Operations. Copyright 2014 EMC Corporation. All rights reserved.
Key Technologies for Security Operations 2 Traditional Security Is Not Working 97% of breaches led to compromise within days or less with 72% leading to data exfiltration in the same time Source: Verizon
More informationForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.
Real-time Visibility Network Access Control Endpoint Compliance Mobile Security ForeScout CounterACT Continuous Monitoring and Mitigation Rapid Threat Response Benefits Rethink IT Security Security Do
More informationALIENVAULT USM FOR AWS SOLUTION GUIDE
ALIENVAULT USM FOR AWS SOLUTION GUIDE Summary AlienVault Unified Security Management (USM) for AWS is a unified security platform providing threat detection, incident response, and compliance management
More informationThe Business Case for Network Segmentation
Modern network segmentation to reduce risk and cost Abstract Modern network segmentation, also known as microsegmentation, offers a new way of managing and securing your network, offering tremendous benefits
More informationData Protection Everywhere. For the modern data center
Data Protection Everywhere For the modern data center Tale of two worlds You need both for Traditional apps IT centric & Next-gen apps Developer centric On-premise Trust Agility Live in the cloud 3 Copyright
More informationNOTICE TO ALL PROSPECTIVE RESPONDENTS RFP 18-ITSS/CY. Addendum No. 1 issued September 7, RFI responses are in red bold print
DEDICATED TO THE HEALTH OF OUR COMMUNITY www.hcdpbc.org NOTICE TO ALL PROSPECTIVE RESPONDENTS RFP 18-ITSS/CY Addendum No. 1 issued September 7, 2018 RFI responses are in red bold print How many public
More informationTRUE SECURITY-AS-A-SERVICE
TRUE SECURITY-AS-A-SERVICE To effectively defend against today s cybercriminals, organizations must look at ways to expand their ability to secure and maintain compliance across their evolving IT infrastructure.
More informationISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045
Solution Brief 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized intelligence that
More informationProtecting Your Data in the Cloud. Ulf Mattsson Chief Technology Officer ulf.mattsson [at] protegrity.com
Protecting Your Data in the Cloud Ulf Mattsson Chief Technology Officer ulf.mattsson [at] protegrity.com Ulf Mattsson 20 years with IBM Development & Global Services Inventor of 22 patents Encryption and
More informationNOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect
NOTHING IS WHAT IT SIEMs: COVER PAGE Simpler Way to Effective Threat Management TEMPLATE Dan Pitman Principal Security Architect Cybersecurity is harder than it should be 2 SIEM can be harder than it should
More informationUnderstanding Persistent Connectivity: How IoT and Data Will Impact the Connected Data Center
Understanding Persistent Connectivity: How IoT and Data Will Impact the Connected Data Center Speaker: Bill Kleyman, EVP of Digital Solutions - Switch AFCOM and Informa Writer/Contributor (@QuadStack)
More informationUnderstanding Cyber Insurance & Regulatory Drivers for Business Continuity
Understanding Cyber Insurance & Regulatory Drivers for Business Continuity Lily Yeoh, CISSP, CBCP lily@cb1security.com https://www.cb1security.com Agenda BC/DR Business Drivers Recent Regulatory & Cyber
More informationIBM services and technology solutions for supporting GDPR program
IBM services and technology solutions for supporting GDPR program 1 IBM technology solutions as key enablers - Privacy GDPR Program Work-stream IBM software 2.1 Privacy Risk Assessment and Risk Treatment
More informationFeatures. HDX WAN optimization. QoS
May 2013 Citrix CloudBridge Accelerates, controls and optimizes applications to all locations: datacenter, branch offices, public and private clouds and mobile users Citrix CloudBridge provides a unified
More informationPasiruoškite ateičiai: modernus duomenų centras. Laurynas Dovydaitis Microsoft Azure MVP
Pasiruoškite ateičiai: modernus duomenų centras Laurynas Dovydaitis Microsoft Azure MVP 2016-05-17 Tension drives change The datacenter today Traditional datacenter Tight coupling between infrastructure
More informationWITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:
SOLUTION OVERVIEW: ALERT LOGIC THREAT MANAGER WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE Protecting your business assets and sensitive data requires regular vulnerability assessment,
More informationTRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. John McDonald
TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE John McDonald 1 What is Trust? Can I trust that my assets will be available when I need them? Availability Critical Assets Security Can I trust
More informationNetwork Virtualization Business Case
SESSION ID: GPS2-R01 Network Virtualization Business Case Arup Deb virtual networking & security VMware NSBU adeb@vmware.com I. Data center security today Don t hate the player, hate the game - Ice T,
More informationGetting Started with AWS Security
Getting Started with AWS Security Tomas Clemente Sanchez Senior Consultant Security, Risk and Compliance September 21st 2017 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Move
More informationSecuring Office 365 with SecureCloud
Securing Office 365 with SecureCloud 1 Introduction Microsoft Office 365 has become incredibly popular because of the mobility and collaboration it enables. With Office 365, companies always have the latest
More informationCopyright 2011 Trend Micro Inc.
Copyright 2011 Trend Micro Inc. 2008Q1 2008Q2 2008Q3 2008Q4 2009Q1 2009Q2 2009Q3 2009Q4 2010Q1 2010Q2 2010Q3 2010Q4 2011Q1 2011Q2 2011Q3 2011Q4 M'JPY Cloud Security revenue Q to Q Growth DeepSecurity/Hosted/CPVM/IDF
More information10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS
10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS WHITE PAPER INTRODUCTION BANKS ARE A COMMON TARGET FOR CYBER CRIMINALS AND OVER THE LAST YEAR, FIREEYE HAS BEEN HELPING CUSTOMERS RESPOND
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationSecurity Terminology Related to a SOC
Security Terminology Related to a SOC Cybersecurity literacy is crucial for practicing proper security hygiene. As business leaders develop fluency in the language of information security (infosec), they
More informationTransforming the Network for the Digital Business
Transforming the Network for the Digital Business Driven by Software Defined Platforms Hugo Padilla Prad Enterprise Networks Digital Acceleration Team CCIE Emeritus #12444 Cisco Forum Kiev, November 14
More informationFirst Look Showcase. Expanding our prevention, detection and response solutions. Sumedh Thakar Chief Product Officer, Qualys, Inc.
18 QUALYS SECURITY CONFERENCE 2018 First Look Showcase Expanding our prevention, detection and response solutions Sumedh Thakar Chief Product Officer, Qualys, Inc. Secure Enterprise Mobility Identity (X.509,
More informationSECURING DEVICES IN THE INTERNET OF THINGS
SECURING DEVICES IN THE INTERNET OF THINGS WHEN IT MATTERS, IT RUNS ON WIND RIVER EXECUTIVE SUMMARY Security breaches at the device level in the Internet of Things (IoT) can have severe consequences, including
More informationWHITE PAPERS. INSURANCE INDUSTRY (White Paper)
(White Paper) Achieving PCI DSS Compliance with Vanguard Integrity Professionals Software & Professional Services Vanguard is the industry leader in z/os Mainframe Software to ensure enterprise compliance
More informationCognito Detect is the most powerful way to find and stop cyberattackers in real time
Overview Cognito Detect is the most powerful way to find and stop cyberattackers in real time HIGHLIGHTS Always-learning behavioral models use AI to find hidden and unknown attackers, enable quick, decisive
More informationGetting personal with your customers and GDPR
Getting personal with your customers and GDPR A practical approach to a secure, governed 360 degree customer view Darren Brunt Presales Director UK&I, Talend Colm Moynihan Partner Presales Manager EMEA,
More informationCisco Stealthwatch Improves Threat Defense with Network Visibility and Security Analytics
Solution Overview Cisco Stealthwatch Improves Threat Defense with Network Visibility and Security Analytics BENEFITS Gain visibility across all network conversations, including east-west and north-south
More informationGuide to Cyber Security Compliance with GDPR
Guide to Cyber Security Compliance with GDPR Security V1.3 General Data Protection Regulation GDPR Overview What is GDPR? An EU regulation coming into force in May 2018 Which means it applies to all EU
More informationSay Yes to BYOD How Fortinet Enables You to Protect Your Network from the Risk of Mobile Devices WHITE PAPER
Say Yes to BYOD How Fortinet Enables You to Protect Your Network from the Risk of Mobile Devices WHITE PAPER FORTINET Say Yes to BYOD PAGE 2 Introduction Bring Your Own Device (BYOD) and consumerization
More informationBest Practices in Securing a Multicloud World
Best Practices in Securing a Multicloud World Actions to take now to protect data, applications, and workloads We live in a multicloud world. A world where a multitude of offerings from Cloud Service Providers
More informationDEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise
DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS Security Without Compromise CONTENTS INTRODUCTION 1 SECTION 1: STRETCHING BEYOND STATIC SECURITY 2 SECTION 2: NEW DEFENSES FOR CLOUD ENVIRONMENTS 5 SECTION
More informationNasty Nine Information Security Mistakes
Nasty Nine Information Security Mistakes Peter Tippett CEO, HealthCelerate The Nasty Nine Slide 2 1. Risk is most related to vulnerability 2. Best way to reduce risk: implement stronger solutions, policies
More informationBest Practices in Healthcare Risk Management. Balancing Frameworks/Compliance and Practical Security
Best Practices in Healthcare Risk Management Balancing Frameworks/Compliance and Practical Security Our industry is full of jargon terms that make it difficult to understand what we are buying To accelerate
More informationCyber-Threats and Countermeasures in Financial Sector
Michael Mavroforakis, PhD Group CISO & CDO SEV: Workshop on Digital Enablers (Cloud & Cybersecurity) 27th March 2018 Agenda: CYBERSECURITY Potential Targets Attack Examples Insider vs Outsider Threats
More informationCybowall Solution Overview
Cybowall Solution Overview 1 EVOLVING SECURITY CHALLENGES 2 EXAMPLES OF CYBER BREACHES INCLUDING CARD DATA 2013: Adobe Systems Hackers raided an Adobe back-up server on which they found and published a
More information