Cybersecurity & Security as a Service Trends. SteakOut, August 1, 2017
|
|
- Spencer Perry
- 5 years ago
- Views:
Transcription
1 Cybersecurity & Security as a Service Trends SteakOut, August 1, 2017
2 AGENDA Speaker Intros Top Cybersecurity Trends Security as a Service Trends Anti-Ransomware Solutions
3 MARK DALLMEIER CSO/CMO, Terra Verde Senior Executive, Entrepreneur Board Advisor, Consultant to Cybersecurity & Tech Companies Management Consultant to Start Up & Fortune 50 Companies: HP Hitachi Verizon Business DELL Century Link XO ABOUT TERRA VERDE Founded in 2008 by Cyber Security, Risk, Compliance Executives & Experts Headquartered in Phoenix Arizona Security, Risk, Compliance Consulting One of the Largest PCI QSA in Arizona Hundreds of Engagements Performed Across Multiple Continents Annually Invested Millions of Dollars, Thousands of Hours Developing TruSOC and Breach Radar - Managed Security Services TruSOC utilized by customers across the U.S.
4 Cybersecurity & Security as a Service Trends
5 You are a target: Its not paranoia - they really are Out to Get You! Criminals are organized, focused: Targeting businesses & individuals. It takes more than technology: People and Process (Gaps) create vulnerabilities.
6 DarkReading.com: : No one is safe.
7 March 2017 / Your Data = $: They want your data no really, they really want your data.
8 June 2017 / Your Data = $: They want your data no really, they really want your data.
9 August 2017 / Your Data = $: They want your data no really, they really want your data.
10 Top Data Types Stolen 2016 (
11 1.6 points 54 points 8.6 points -20 points points Top Data Types Stolen June 2017 (
12 12.5 points 47 Point - 1,663,844 records in 40 Days 6.2 points -19 points points 600,000 records Top Data Types Stolen August 2017 (
13
14 Attack Trend 1: Ransomware - $1.8B+ (2016)
15 Ransomware Exploit Family Growth 2017
16 Ransomware 2017 Weaponized with NSA Tools
17 WannaCry 2.0 / EternalRocks When downloaded the tool downloads TOR browser and sends a signal to the tools server. Response delay set to 24 hours. It does not contain an attack command at this time however, leaves backdoor open for remote execution at any time. Renames itself to WannaCry once the callback is complete. Does not contain the KillSwitch that WannaCry does. Utilized 7 NSA Leaked Tools EternalBlue SMBv1 exploit tool EternalRomance SMBv1 exploit tool EternalChampion SMBv2 exploit tool EternalSynergy SMBv3 exploit tool SMBTouch SMB reconnaissance tool ArchTouch SMB reconnaissance tool DoublePulsar Backdoor Trojan
18 A large international company based in Asia Didn t know which of its devices and servers the hack had impacted, or even whether a hack had definitively occurred. Just a lot of weird stuff on their networks The company was already using security products like firewalls, network filters, and scanners, but none had detected an intrusion. After blocking the attackers from the network, they would resurge anywhere from 48 hours to four weeks later. In all, the attackers used over 70 different pieces of malware to carry out the various phases of the long-term attack.
19
20 Attack Trend 2: Business Compromise - $3B+ (2016)
21 Business Compromise Average Payout $140K
22 Attack Trend 3: Business Process Compromise - $3B+
23 Business Process Compromise Flow (Ave Payout - $1M+)
24 Business Trend 1: Compliance Investment, Enforcement
25 PCI DSS Compliance Average Fine: $5K-$50K+
26 HIPAA Compliance Average Fine: $1M+
27 Heath Record Data Breach Fine 2017: $115M
28 Consumer Financial Protection Bureau (CFPB) & Federal Trade Commission (FTC) Consumer Protection Average Fine & Penalty: $49M+
29 Telco MSPs Next Generation Security as a Service VARs Consulting Security as a Service Market Trend: Convergence
30 Market Trend: Telcos, IaaS, MSPs Entering The Market
31 Market Trend: Consolidation to Expand Services
32 Compliance PCI, HIPAA, SOX NIST, NERC-CIP COMBO Assessment Audit Pen Testing Vuln Scanning Prevention Social Engineering Risk Assessment Cyber Next Generation Security as a Service Ops SIEM IDS/IPS GRC Incident Response Detection Forensics Monitoring SIC vs SOC Threat Integration Big Data Analytics Risk Modeling Dark Web R/D R&D Market Trend: Security & GRC as a Service ( )
33 Top 10 Proactive Measures
34 Note: Utilize a maturity scale to identify what next steps are required to evolve your cybersecurity and compliance programs and your security defense posture, systems, tools, procedures. Cybersecurity Program development best practices resources and webinar can be found here: 1: Know Your Maturity Level & Define Future State
35 A. People B. Passwords C. Patching D. Backups 2-7: Deploy a Holistic Cyber-Hygiene Program
36 C Level Awareness Discussions Cyber Insurance Liability, Exposure Risk Management Process Disaster Recovery, Business Continuity 2016 SANS Cyber Insurance Survey Employee Awareness Campaigns Cyber-Hero & Cyber Squads: Internal Advocates. Cyber Minute: Ongoing Awareness. Cyber-Hygiene 101 Tips. SETA / LMS 8: Awareness Upstream & Downstream
37 9: Map Out & Align with Critical Security Controls
38 Research resources, partners. (ISACA, ISSA, ISC2, CSA) Utilize available tools, partners, resources. (MS-ISAC) Subscribe to cyber intelligence resources, feeds. (Infragard.org, ACTRA) Participate in various cybersecurity industry associations and events. Find a trusted partner(s) & subject matter expert(s). Review, assess, rank, prioritize partners and vendors by ability to assist with planning, response. 10: Find Strategic Partners
39 Top 10 Measures 1. Cybersecurity & Compliance Gap Analysis (Current State) 2. Cyber-Hygiene Program (People, Passwords, Patching) 3. Ongoing Discovery (What is, should not be on network) 4. Modernize BCDR Plans (Ransomware, Social Engineering) 5. Data Back Ups (Off network) & Encryption (At Rest In Flight) 6. Update Tech & End Point Protection (+ Usage Policies) 7. Ongoing Risk, Cyber, Compliance Assessments (Program) 8. Security Education Training & Awareness 9. Evaluate Managed Security Operations & Compliance Services Partners (Making Investments in Next Gen Tech) 10. Identify Strategic Partners (Pre-Post Planning, Response)
40 Next Generation Anti-Ransomware Technology Dave Fore, Territory Account Executive: Sophos
41 DAVE FORE Territory Account Executive, Sophos Business Builder Customer & Executive Advocate Sophos Lenovo IBM University of Georgia ABOUT SOPHOS Sophos began producing antivirus and encryption products nearly 30 years ago. Today our products help secure the networks used by 100 million people in 150 countries and 100,000 businesses, including Pixar, Under Armour, Northrop Grumman, Xerox, Ford, Avis, and Toshiba.
42 Security & Program Evolution Imperative Attacks from within the perimeter: focused on Human & Software Exploits Ransomware reaching $1.8B in damages Lack of Threat Intelligence after a Breach
43 Advanced Malware Evolving Zero Day Exploits Accelerating Limited Visibility Continuing
44
45 The Evolution of Endpoint Threats From Malware to Exploits Melissa Virus Love Letter Worm FinFischer Spyware Exploit as a Service Locky Ransomware $1.2B $15B $780M $2.3B $800M $500M $1.1B TRADITIONAL MALWARE ADVANCED THREATS 45
46 The Evolution of Sophos Endpoint Security From Anti-Malware to Anti-Exploit to Next-Generation Exposure Prevention Pre-Exec Analytics File- Scanning Run-Time Exploit Detection URL Blocking Web Scripts Download Rep Generic Matching Heuristics Core Rules Signatures Known Malware Malware Bits Signatureless Behavior Analytics Runtime Behavior Technique Identification TRADITIONAL MALWARE ADVANCED THREATS
47 } Where Malware Gets Stopped Note: Each Model Standalone is 80-95% Effective This 5% is the SCARY stuff 80% 10% 5% 3% 2% Exposure Prevention Pre-Exec Analytics Signatures Run-Time Exploit Detection URL Blocking Web Scripts Download Rep Generic Matching Heuristics Core Rules Known Malware Malware Bits Signatureless Behavior Analytics Technique Identification Traditional Malware Advanced Threats
48 ! MALICIOUS URLS UNAUTHORIZED APPS REMOVABLE MEDIA EXECUTABLE FILES MS FILES & PDF RANSOMWARE PREVENTION EXPLOIT PREVENTION ADVANCED CLEAN INCIDENT RESPONSE 90% OFDATA BREACHES ARE FROM EXPLOITS KITS 90% OF EXPLOIT KITS ARE BUILT FROM KNOWN VULNERABILITIES AND YET MORE THAN 60% OF IT STAFF LACK INCIDENT RESPONSE SKILLS BEFORE IT REACHES DEVICE PREVENT BEFORE IT RUNS ON DEVICE DETECT RESPOND SOPHOS NEXT GENERATION ENDPOINT DETECTION AND RESPONSE
49
50 Introducing Sophos Intercept X Anti-Ransomware Anti-Exploit Root-Cause Analysis Detect Next-Gen Threats Stops Malicious Encryption Behavior-based Conviction Automatically Reverts Affected Files Identifies source of Attack Prevent Exploit Techniques Signatureless Exploit Prevention Protects Patient-Zero / Zero-Day Blocks Memory-Resident Attacks Tiny Footprint & Low False Positives Automated Incident Response IT-friendly Incident Response Process Threat Chain Visualization Prescriptive Remediation Guidance Advanced Malware Clean ADVANCED MALWARE ZERO DAY EXPLOITS LIMITED VISIBILITY Prevent Ransomware Attacks Roll-Back Changes Attack Chain Analysis No User/Performance Impact No File Scanning No Signatures Faster Incident Response Root-Cause Visualization Forensic Strength Clean
51 Anatomy of a Ransomware Attack Exploit Kit or Spam with Infection CryptoGuard Command & Control Established Simple and Comprehensive Universally Prevents Spontaneous Encryption of Data Restores Files to Known State Simple Activation in Sophos Central Local Files are Encrypted CRYPTOGUARD Ransomware deleted, Ransom Instructions delivered
52 Updated EndUser Agent UI Updated Admin UI NEW Anti-Exploit Attack Prevention Provides advanced exploit protection by focusing on common techniques used by attackers Protects applications against zero-day exploits, malicious traffic, and process breaches
53 Security 6,787 new vulnerabilities in % increase from 2014 (Source: Gartner) Why Is It So Challenging to Address New Threats? 193 Days on average to fix vulnerabilities after discovery (Source: WhiteHat Security) IT Ops 90% of breaches are from known vulnerabilities (Source: Forrester)
54 Enforce Data Execution Prevention (DEP) Prevents exploit code running from data memory Mandatory Address Space Layout Randomization (ASLR) Prevents predictable code locations Bottom Up ASLR Improves code location randomization Null Page Prevents exploits that jump via page 0 Anti-HeapSpraying Pre-allocates common memory areas to block standard attacks Dynamic Heap Spray Stops attacks that spray suspicious sequences on the heap Import Address Table Filtering (IAF) Stops attackers that lookup API addresses in the IAT VTable Hijacking Helps to stop attacks that exploit virtual tables in Adobe Flash Stack Pivot Stops abuse of the stack pointer Stack Exec Stops attacker code on the stack SEHOP Stops abuse of the structured exception handler Stack-based ROP gadget detection Stops standard Return-Oriented Programming attacks Control-Flow Integrity (CFI) assisted by hardware Stops advanced Return-Oriented Programming attacks Syscall Stops attackers that attempt to bypass security hooks WOW64 Stops attacks that address a 64-bit function from Wow64 Load Library Blocks libraries that load reflectively or from UNC paths Shellcode Stops code execution in the presence of exploit shellcode VBScript God Mode Prevents abuse of VBScript in IE to execute malicious code Block Untrusted Fonts (Windows 10 only) Stops elevation of privilege (EOP) attacks via untrusted fonts Application Lockdown Stops logic-flaw attacks that bypass mitigations Process Protection Stops attacks that perform process hijacking or replacement Network Lockdown Helps to stop attacks that connect back to C&C
55 Root Cause Analysis Understanding the Who, What, When, Where, Why and How 55
56 Sophos Clean Advanced Malware Removal. Second opinion scan. Removes Threats Deep System Inspection Removes Malware Remnants Full Quarantine / Removal Effective Breach Remediation On-Demand Assessment Identifies Risky Files / Processes Constantly Refreshed Database Provides Additional Confidence Command-Line Capable 100% Automated with Intercept X Also available as a standalone Forensic Clean Utility
57 Sophos Intercept X Two Ways to Play The Ultimate Bundle Central Endpoint Advanced Add-On Product Ultimate Promo Bundle Contact re: Discount Upgrades the Endpoint to a Single Agent Existing AV? Better Together Compliments and enhances traditional AV Adds Levels of Protection currently lacking Provides a Forensic-Level Clean Purpose built to compliment and enhance traditional endpoint solutions Security focused on exploit techniques, not merely the tools used Designed for the IT Generalist. Powerful enough for the Info-Sec Professional
58 Machine Learning
59 Next-Gen Endpoint Higher Detection Rates Lower False Positives Best in Class Performance Trained on 100+ Million Samples Orders of Magnitude Better Accuracy in Decision Making
60 Innovation Continues Early Access Program Starts July 27 Credential Theft Protection Deep Machine Learning Stops Techniques that Harvest User Credentials Improved Process Protection The NEXT in Next-Gen Endpoint Technology Disk and Boot Record Protection Detect and Stop Bad Actors from Attacking Stops Advanced Attacks that attempt to Lock a device pre-os
61 THANK YOU! ASK ABOUT A DEMO & COMPLIMENTRY EXTERNAL VULNERABILITY SCAN!
Sustainable Security & Compliance Solutions
Sustainable Security & Compliance Solutions Ransomware Realities & Trends Top Data Types Impacted Top 10 Proactive Measures Sophos Next Gen Technologies TopGolf! Core Team Experienced cyber, compliance,
More informationCybersecurity & Security as a Service Trends. SteakOut, June 29, 2017
Cybersecurity & Security as a Service Trends SteakOut, June 29, 2017 AGENDA Speaker Intros Top Cybersecurity Trends Security as a Service Trends Anti-Ransomware Solutions MARK DALLMEIER CSO/CMO, Terra
More informationAgenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options
Agenda Why we need a new approach to endpoint security Introducing Sophos Intercept X Demonstration / Feature Walk Through Deployment Options Q & A 2 Endpoint Security has reached a Tipping Point Attacks
More informationINTRODUCING SOPHOS INTERCEPT X
INTRODUCING SOPHOS INTERCEPT X Matt Cooke Senior Product Marketing Manager November 2016 A Leader in Endpoint Security Sophos delivers the most enterprise-friendly SaaS endpoint security suite. Sophos
More informationNext Generation Enduser Protection
Next Generation Enduser Protection Janne Timisjärvi Systems Engineer 10.5.2017 What is the the real threat? Encrypted! Give me all your Bitcoin$ Let s check if there Is something of value The Evolution
More informationBackground FAST FACTS
Background Terra Verde was founded in 2008 by cybersecurity, risk and compliance executives. The founders believed that the market needed a company that was focused on using security, risk and compliance
More informationBackground FAST FACTS
Background Terra Verde was founded in 2008 by cyber security, risk and compliance executives. The founders believed that the market needed a company that was focused on using security, risk and compliance
More informationDefense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation
Defense-in-Depth Against Malicious Software Speaker name Title Group Microsoft Corporation Agenda Understanding the Characteristics of Malicious Software Malware Defense-in-Depth Malware Defense for Client
More informationGetting over Ransomware - Plan your Strategy for more Advanced Threats
Getting over Ransomware - Plan your Strategy for more Advanced Threats Kaspersky Lab Hong Kong Eric Kwok General Manager Lapcom Ltd. BEYOND ANTI-VIRUS: TRUE CYBERSECURITY FROM KASPERSKY LAB 20 years ago
More informationSurprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS
Surprisingly Successful: What Really Works in Cyber Defense John Pescatore, SANS 1 Largest Breach Ever 2 The Business Impact Equation All CEOs know stuff happens in business and in security The goal is
More informationDATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE
DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE EXECUTIVE SUMMARY ALIGNING CYBERSECURITY WITH RISK The agility and cost efficiencies
More information10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS
10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS WHITE PAPER INTRODUCTION BANKS ARE A COMMON TARGET FOR CYBER CRIMINALS AND OVER THE LAST YEAR, FIREEYE HAS BEEN HELPING CUSTOMERS RESPOND
More informationReinvent Your 2013 Security Management Strategy
Reinvent Your 2013 Security Management Strategy Laurent Boutet 18 septembre 2013 Phone:+33 6 25 34 12 01 Email:laurent.boutet@skyboxsecurity.com www.skyboxsecurity.com What are Your Key Objectives for
More information2017 Annual Meeting of Members and Board of Directors Meeting
2017 Annual Meeting of Members and Board of Directors Meeting Dan Domagala; "Cybersecurity: An 8-Point Checklist for Protecting Your Assets" Join this interactive discussion about cybersecurity trends,
More informationSustainable Security & Compliance Solutions NSAA IT Conference & Workshop Copyright 2016 Terra Verde, LLC. All rights reserved.
Sustainable Security & Compliance Solutions 2016 NSAA IT Conference & Workshop 9-21-2016 FAST FACTS Founded in 2008 by Cyber Security, Risk, Compliance Executives & Experts Headquartered in Phoenix Arizona
More informationthe SWIFT Customer Security
TECH BRIEF Mapping BeyondTrust Solutions to the SWIFT Customer Security Controls Framework Privileged Access Management and Vulnerability Management Table of ContentsTable of Contents... 2 Purpose of This
More informationSymantec Endpoint Protection 14
Symantec Endpoint Protection Cloud Security Made Simple Symantec Endpoint Protection 14 Data Data Sheet: Sheet: Endpoint Endpoint Security Security Overview Last year, we saw 431 million new malware variants,
More informationSecuring Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &
Securing Dynamic Data Centers Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan & Afghanistan @WajahatRajab Modern Challenges By 2020, 60% of Digital Businesses will suffer Major Service
More informationProtecting Against Modern Attacks. Protection Against Modern Attack Vectors
Protecting Against Modern Attacks Protection Against Modern Attack Vectors CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $4.0M 81% >300K 87% is the average cost of a data breach per incident. of breaches
More information3 Ways to Prevent and Protect Your Clients from a Cyber-Attack. George Anderson Product Marketing Director Business October 31 st 2017
3 Ways to Prevent and Protect Your Clients from a Cyber-Attack George Anderson Product Marketing Director Business October 31 st 2017 Agenda One ounce of prevention is worth a pound of protection 01 Aiming
More informationTechnology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited
Technology Risk Management in Banking Industry Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited Change in Threat Landscape 2 Problem & Threats faced by Banking Industry
More informationBuilding Resilience in a Digital Enterprise
Building Resilience in a Digital Enterprise Top five steps to help reduce the risk of advanced targeted attacks To be successful in business today, an enterprise must operate securely in the cyberdomain.
More informationEndpoint Protection : Last line of defense?
Endpoint Protection : Last line of defense? First TC Noumea, New Caledonia 10 Sept 2018 Independent Information Security Advisor OVERVIEW UNDERSTANDING ENDPOINT SECURITY AND THE BIG PICTURE Rapid development
More informationManaged Endpoint Defense
DATA SHEET Managed Endpoint Defense Powered by CB Defense Next-gen endpoint threat detection and response DEPLOY AND HARDEN. Rapidly deploy and optimize endpoint prevention with dedicated security experts
More informationBest Practices in Securing a Multicloud World
Best Practices in Securing a Multicloud World Actions to take now to protect data, applications, and workloads We live in a multicloud world. A world where a multitude of offerings from Cloud Service Providers
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationDell EMC Isolated Recovery
Dell EMC Isolated Recovery Andreas El Maghraby Advisory Systems Engineer DPS @andyem_si GLOBAL SPONSORS Incident Response: Categories of Cybercrime Activity April to June 2016 37% 27% 12% 9% 7% 7% 5% 2
More informationDHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1
Addressing the Evolving Cybersecurity Tom Tollerton, CISSP, CISA, PCI QSA Manager Cybersecurity Advisory Services DHG presenter Tom Tollerton, Manager DHG IT Advisory 704.367.7061 tom.tollerton@dhgllp.com
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY
ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY OUTLINE Advanced Threat Landscape (genv) Why is endpoint protection essential? Types of attacks and how to prevent them
More informationManaged Enterprise Phishing Protection. Comprehensive protection delivered 24/7 by anti-phishing experts
Managed Enterprise Phishing Protection Comprehensive protection delivered 24/7 by anti-phishing experts MANAGED ENTERPRISE PHISHING PROTECTION 24/7 expert protection against phishing attacks that get past
More informationProtect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com
Protect Your Endpoint, Keep Your Business Safe. White Paper Exosphere, Inc. getexosphere.com White Paper Today s Threat Landscape Cyber attacks today are increasingly sophisticated and widespread, rendering
More informationISACA Arizona May 2016 Chapter Meeting
ISACA Arizona May 2016 Chapter Meeting Suzanne Farr / Carlos A. Villalba Agenda Introduction Preliminary questions CCM Preliminaries Definition Benefits Challenges Beyond Templates Questions 1 Background
More informationToday s Security Threats: Emerging Issues Keeping CFOs Up at Night Understanding & Protecting Against Information Security Breaches
Today s Security Threats: Emerging Issues Keeping CFOs Up at Night Understanding & Protecting Against Information Security Breaches Chris Bucolo, PCIP, MBA Today s Speaker Chris Bucolo Sr. Manager, Sikich
More informationCyber Security. Our part of the journey
Cyber Security Our part of the journey The Journey Evolved Built on the past Will be continued Not always perfect Small Steps moving forward The Privileged How to make enemies quickly Ask before acting
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationAutomated Response in Cyber Security SOC with Actionable Threat Intelligence
Automated Response in Cyber Security SOC with Actionable Threat Intelligence while its biggest weakness is lack of visibility: SOCs still can t detect previously unknown threats, which is a consistent
More informationDigital Wind Cyber Security from GE Renewable Energy
Digital Wind Cyber Security from GE Renewable Energy BUSINESS CHALLENGES The impact of a cyber attack to power generation operations has the potential to be catastrophic to the renewables industry as well
More informationRANSOMWARE PROTECTION. A Best Practices Approach to Securing Your Enterprise
RANSOMWARE PROTECTION A Best Practices Approach to Securing Your Enterprise TABLE OF CONTENTS Introduction...3 What is Ransomware?...4 Employee Education...5 Vulnerability Patch Management...6 System Backups...7
More informationwith Advanced Protection
with Advanced Email Protection OVERVIEW Today s sophisticated threats are changing. They re multiplying. They re morphing into new variants. And they re targeting people, not just technology. As organizations
More informationChecklist for Evaluating Deception Platforms
Checklist for Evaluating Deception Platforms With over 700 reported breaches occurring annually, a modern day adaptive security defense requires a combination of prevention, detection, response, and prediction
More informationEnterprise Cybersecurity Best Practices Part Number MAN Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationmhealth SECURITY: STATS AND SOLUTIONS
mhealth SECURITY: STATS AND SOLUTIONS www.eset.com WHAT IS mhealth? mhealth (also written as m-health) is an abbreviation for mobile health, a term used for the practice of medicine and public health supported
More informationto Enhance Your Cyber Security Needs
Our Service to Enhance Your Cyber Security Needs Since the business critical systems by its nature are ON all of the time and the increasingly connected world makes you open your organization to everything
More informationCombating Cyber Risk in the Supply Chain
SESSION ID: CIN-W10 Combating Cyber Risk in the Supply Chain Ashok Sankar Senior Director Cyber Strategy Raytheon Websense @ashoksankar Introduction The velocity of data breaches is accelerating at an
More informationBUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE
BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE 1 WHAT IS YOUR SITUATION? Excel spreadsheets Manually intensive Too many competing priorities Lack of effective reporting Too many consultants Not
More informationCybersecurity. Overview. Define Cyber Security Importance of Cyber Security 2017 Cyber Trends Top 10 Cyber Security Controls
Cybersecurity Hospitality Finance and Technology Professionals June 27, 2017 Presented by: Harvey Johnson, CPA Partner Overview Define Cyber Security Importance of Cyber Security 2017 Cyber Trends 1 About
More informationTop 10 most important IT priorities over the next 12 months. (Percent of respondents, N=633, ten responses accepted)
ESG Lab Review Sophos Security Heartbeat Date: January 2016 Author: Tony Palmer, Sr. ESG Lab Analyst; and Jack Poller, ESG Lab Analyst Abstract: This report examines the key attributes of Sophos synchronized
More informationEU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux
EU GENERAL DATA PROTECTION: TIME TO ACT Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux Is this the WAY you handle GDPR today 2 3 area s to consider
More informationRSA NetWitness Suite Respond in Minutes, Not Months
RSA NetWitness Suite Respond in Minutes, Not Months Overview One can hardly pick up a newspaper or turn on the news without hearing about the latest security breaches. The Verizon 2015 Data Breach Investigations
More informationCompliance Audit Readiness. Bob Kral Tenable Network Security
Compliance Audit Readiness Bob Kral Tenable Network Security Agenda State of the Market Drifting Out of Compliance Continuous Compliance Top 5 Hardest To Sustain PCI DSS Requirements Procedural support
More informationIntercepting WannaCry
Intercepting WannaCry Sophos Intercept-X Yannick Escudero Sales Engineer June 2017 Exploit Techniques vs Antivirus How (not) to test endpoint security software https://www.youtube.com/watch?v=aq2bucgqzjg
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Elevation of Privilege
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationDesigning and Building a Cybersecurity Program
Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework (CSF) Larry Wilson lwilson@umassp.edu ISACA Breakfast Meeting January, 2016 Designing & Building a Cybersecurity
More informationCyber Risks in the Boardroom Conference
Cyber Risks in the Boardroom Conference Managing Business, Legal and Reputational Risks Perspectives for Directors and Executive Officers Preparing Your Company to Identify, Mitigate and Respond to Risks
More informationBalancing Compliance and Operational Security Demands. Nov 2015 Steve Winterfeld
Balancing Compliance and Operational Security Demands Nov 2015 Steve Winterfeld What is more important? Compliance with laws / regulations Following industry best practices Developing a operational practice
More informationThreat Centric Vulnerability Management
Threat Centric Vulnerability Management Q. Which vulnerabilities should I address first? A. Your EXPOSED vulnerabilities AND the ones criminals are using. Agenda Understanding exploited vulnerabilities
More informationNERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS
NERC CIP VERSION 6 COMPLIANCE BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements
More informationUniversity of Pittsburgh Security Assessment Questionnaire (v1.7)
Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.7) Directions and Instructions for completing this assessment The answers provided
More informationSymantec Ransomware Protection
Symantec Ransomware Protection Protection Against Ransomware Defense in depth across all control points is required to stop ransomware @ Email Symantec Email Security.cloud, Symantec Messaging Gateway
More informationCybowall Solution Overview
Cybowall Solution Overview 1 EVOLVING SECURITY CHALLENGES 2 EXAMPLES OF CYBER BREACHES INCLUDING CARD DATA 2013: Adobe Systems Hackers raided an Adobe back-up server on which they found and published a
More informationAT&T Endpoint Security
AT&T Endpoint Security November 2016 Security Drivers Market Drivers Online business 24 x 7, Always on Globalization Virtual Enterprise Business Process / IT Alignment Financial Drivers CapEx / OpEx Reduction
More informationTHE TRIPWIRE NERC SOLUTION SUITE
CONFIDENCE: SECURED BUSINESS INTELLIGENCE SOLUTION BRIEF THE TRIPWIRE NERC SOLUTION SUITE A TAILORED SUITE OF PRODUCTS AND SERVICES TO AUTOMATE NERC CIP COMPLIANCE u u We ve been able to stay focused on
More informationSecuring the SMB Cloud Generation
Securing the SMB Cloud Generation Intelligent Protection Against the New Generation of Threats Colin Brackman, National Distribution Manager, Consumer Sales, Symantec Christopher Covert Principal Product
More informationMay 14, :30PM to 2:30PM CST. In Plain English: Cybersecurity and IT Exam Expectations
May 14, 2018 1:30PM to 2:30PM CST In Plain English: Cybersecurity and IT Exam Expectations Options to Join Webinar and audio Click on the link: https://www.webcaster4.com/webcast/page/584/24606 Choose
More information2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management. Follow Along
2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management Today s Speakers Olivia Munro Senior Marketing Specialist Eze Castle Integration Bob Shaw Director, Technical Architecture Eze Castle
More informationTHE ACCENTURE CYBER DEFENSE SOLUTION
THE ACCENTURE CYBER DEFENSE SOLUTION A MANAGED SERVICE FOR CYBER DEFENSE FROM ACCENTURE AND SPLUNK. YOUR CURRENT APPROACHES TO CYBER DEFENSE COULD BE PUTTING YOU AT RISK Cyber-attacks are increasingly
More informationDefense in Depth Security in the Enterprise
Defense in Depth Security in the Enterprise Mike Mulville SAIC Cyber Chief Technology Officer MulvilleM@saic.com Agenda The enterprise challenge - threat; vectors; and risk Traditional data protection
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationStopping Advanced Persistent Threats In Cloud and DataCenters
Stopping Advanced Persistent Threats In Cloud and DataCenters Frederik Van Roosendael PSE Belgium Luxembourg 10/9/2015 Copyright 2013 Trend Micro Inc. Agenda How Threats evolved Transforming Your Data
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Virus Outbreak
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationSecurity and Compliance Powered by the Cloud. Ben Friedman / Strategic Accounts Director /
Security and Compliance Powered by the Cloud Ben Friedman / Strategic Accounts Director / bf@alertlogic.com Founded: 2002 Headquarters: Ownership: Houston, TX Privately Held Customers: 1,200 + Employees:
More informationCybersecurity Today Avoid Becoming a News Headline
Cybersecurity Today 2017 Avoid Becoming a News Headline Topics Making News Notable Incidents Current State of Affairs Common Points of Failure Three Quick Wins How to Prepare for and Respond to Cybersecurity
More informationJoe Stocker, CISSP, MCITP, VTSP Patriot Consulting
Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting Microsoft Cloud Evangelist at Patriot Consulting Principal Systems Architect with 17 Years of experience Technical certifications: MCSE, MCITP Office
More informationINCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Data Theft
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response playbook guide. This guide has been created especially for you for use in within your security
More informationTable of Content Security Trend
Table of Content Security Trend New Business, New Challenges Difficulties of O&M for Network Security New Security Model SANGFOR Security Concept NGAF Your Security Guard to the Future Cyber Risks: The
More informationRSA INCIDENT RESPONSE SERVICES
RSA INCIDENT RESPONSE SERVICES Enabling early detection and rapid response EXECUTIVE SUMMARY Technical forensic analysis services RSA Incident Response services are for organizations that need rapid access
More informationEFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave
EFFECTIVELY TARGETING ADVANCED THREATS Terry Sangha Sales Engineer at Trustwave THE CHALLENGE PROTECTING YOUR ENVIRONMENT IS NOT GETTING EASIER ENDPOINT POINT OF SALE MOBILE VULNERABILITY MANAGEMENT CYBER
More informationEvolution Of Cyber Threats & Defense Approaches
Evolution Of Cyber Threats & Defense Approaches Antony Abraham IT Architect, Information Security, State Farm Kevin McIntyre Tech Lead, Information Security, State Farm Agenda About State Farm Evolution
More informationCloudSOC and Security.cloud for Microsoft Office 365
Solution Brief CloudSOC and Email Security.cloud for Microsoft Office 365 DID YOU KNOW? Email is the #1 delivery mechanism for malware. 1 Over 40% of compliance related data in Office 365 is overexposed
More informationPrescriptive Security Operations Centers. Leveraging big data capabilities to build next generation SOC
Prescriptive Security Operations Centers Leveraging big data capabilities to build next generation SOC Cyber Security Industry in constant renewal in 2016 and 2017 1 Tbps Mirai IoT Botnet broke the Internet
More informationDeMystifying Data Breaches and Information Security Compliance
May 22-25, 2016 Los Angeles Convention Center Los Angeles, California DeMystifying Data Breaches and Information Security Compliance Presented by James Harrison OM32 5/25/2016 3:00 PM - 4:15 PM The handouts
More informationIntroducing MVISION. Cohesive Cloud-based Management of Threat Countermeasures and Devices Leveraging Built-in Device Controls. Jon Parkes.
Introducing MVISION Cohesive Cloud-based Management of Threat Countermeasures and Devices Leveraging Built-in Device Controls Jon Parkes McAfee 1 All information provided here is subject to non-disclosure
More informationRisk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23
Risk: Security s New Compliance Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23 Agenda Market Dynamics Organizational Challenges Risk: Security s New Compliance
More informationSophos. Allan Widell Channel Account Executive. 24. August 2017
Sophos Allan Widell Channel Account Executive 24. August 2017 Our Differentiated Model Focus on mid-market enterprises: over 50% of IT security market Complete, advanced, and highly effective security
More informationJune 2 nd, 2016 Security Awareness
June 2 nd, 2016 Security Awareness Security is the degree of resistance to, or protection from, harm. if security breaks down, technology breaks down Protecting People, Property and Business Assets Goal
More informationWhite Paper. Why IDS Can t Adequately Protect Your IoT Devices
White Paper Why IDS Can t Adequately Protect Your IoT Devices Introduction As a key component in information technology security, Intrusion Detection Systems (IDS) monitor networks for suspicious activity
More informationEvolution of Cyber Security. Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa
Evolution of Cyber Security Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa Nasser.Kettani@microsoft.com @nkettani MODERN SECURITY THREATS THERE ARE TWO KINDS OF BIG COMPANIES:
More informationCybersecurity Threat Modeling ISACA Atlanta Chapter Geek Week Conference
www.pwc.com 2016 ISACA Atlanta Chapter Geek Week Conference Highlights from surveys 38% Amount of security incidents In 2015, 38% more security incidents were detected than in 2014. $4.9M Cost of security
More informationData Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle
Data Security and Privacy : Compliance to Stewardship Jignesh Patel Solution Consultant,Oracle Agenda Connected Government Security Threats and Risks Defense In Depth Approach Summary Connected Government
More informationBUFFERZONE Advanced Endpoint Security
BUFFERZONE Advanced Endpoint Security Enterprise-grade Containment, Bridging and Intelligence BUFFERZONE defends endpoints against a wide range of advanced and targeted threats with patented containment,
More informationHIPAA 2017 Compliancy Group, LLC
1 Meet Your Expert Charles Weiselberg Compliancy Group, LLC Director of Customer Service Chuck@compliancygroup.com ENDORSED PARTNER 2 Compliancy Group We simplify compliance so you can confidently focus
More informationService Provider View of Cyber Security. July 2017
Service Provider View of Cyber Security July 2017 Quick Stats Caribbean and LatAm: 3 rd largest population of Internet Users You Are Here Visualization from the Opte Project of the various routes through
More informationBrian S. Dennis Director Cyber Security Center for Small Business Kansas Small Business Development Center
Brian S. Dennis Director Cyber Security Center for Small Business Kansas Small Business Development Center What to expect from today: The ugly truth about planning Why you need a plan that works Where
More informationSO YOU THINK YOU ARE PROTECTED? THINK AGAIN! NEXT GENERATION ENDPOINT SECURITY
SO YOU THINK YOU ARE PROTECTED? THINK AGAIN! NEXT GENERATION ENDPOINT SECURITY www.securelink.net BACKGROUND Macro trends like cloud and mobility change the requirements for endpoint security. Data can
More informationSecuring Your Most Sensitive Data
Software-Defined Access Securing Your Most Sensitive Data Company Overview Digital Growth Means Digital Threats Digital technologies offer organizations unprecedented opportunities to innovate their way
More information2018 GLOBAL CHANNEL PARTNER SURVEY THYCOTIC CHANNEL PARTNER SURVEY REPORT
2018 GLOBAL CHANNEL PARTNER SURVEY THYCOTIC CHANNEL PARTNER SURVEY REPORT THYCOTIC 2018 GLOBAL CHANNEL PARTNER SURVEY Channel Partner survey highlights client cybersecurity concerns and opportunities for
More informationSecuring the Modern Data Center with Trend Micro Deep Security
Advania Fall Conference Securing the Modern Data Center with Trend Micro Deep Security Okan Kalak, Senior Sales Engineer okan@trendmicro.no Infrastructure change Containers 1011 0100 0010 Serverless Public
More informationCybersecurity The Evolving Landscape
Cybersecurity The Evolving Landscape 1 Presenter Zach Shelton, CISA Principal DHG IT Advisory Zach.Shelton@DHG.com Raleigh, NC 14+ years of experience in IT Consulting 11+ years of experience with DHG
More informationUnlocking the Power of the Cloud
TRANSFORM YOUR BUSINESS With Smarter IT Unlocking the Power of the Cloud Hybrid Networking Managed Security Cloud Communications Software-defined solutions that adapt to the shape of your business The
More information