November 2017 Midwest Cyber Security Alliance Meeting. Continuing Education Credit 11/30/2017. Thursday, November 30, :30 p.m. 6:30 p.m.
|
|
- Caitlin Miles
- 5 years ago
- Views:
Transcription
1 Thursday, November 30, 2017 November 2017 Midwest Cyber Security Alliance Meeting 4:30 p.m. 6:30 p.m. CT Continuing Education Credit CLE: Foley & Lardner LLP will apply for continuing legal education (CLE) credit after the program, wherever applicable. Foley & Lardner LLP certifies that this activity has been approved for California MCLE credits by the State Bar of California. Foley & Lardner LLP is a State Bar of California MCLE approved provider. Please note that participants must be in attendance on the date of the event; credit may not be obtained by viewing and/or listening to a program recording after the event. Before leaving today, be sure to sign next to your name on the CLE sign-in sheet available at the registration table. If the sheet does not already include your bar state(s) and/or license number(s), please add in that information. Certificates of attendance will be distributed to eligible participants approximately eight weeks after the program via . CPE: This program may be eligible for continuing privacy education (CPE) credit toward CISA, CISM, CGEIT, and/or CRISC certifications and maintenance. Please visit the ISACA website to review the specific CPE requirements for your certification and verify whether the topic(s) addressed in this program align with one or more of your certification s job practice areas: CISA, CISM, CGEIT, CRISC. If believed to be eligible, you may pick up a copy of the ISACA Verification of Attendance form at the registration table. Attendees are responsible for submitting this form to ISACA; Foley cannot submit this form on your behalf. PROGRAM SURVEY: We welcome your feedback. Please take a few moments to complete the questionnaire before leaving the program today. CONTINUING EDUCATION QUESTIONS: Contact Allison Jones at ajones@foley.com. 1
2 MidwestCyber.org Full chart available for download at: 2
3 3
4 Thank You to Our Co-Sponsors Presenters MODERATOR: Jennifer Rathburn Partner Foley & Lardner LLP Joseph Abrenio Founder and Chief Executive Officer CyberSquire, LLC Zach Forsyth Security Architect Juniper Networks 4
5 When Does a Managed Security Service Makes Sense for Your Business? Got Security? Date Breach of the Day Uber's disclosure that hackers accessed the personal information of 57 million riders and drivers last year, a breach it didn't disclose publicly until Tuesday, adds new potential legal woes for the already troubled company. 5
6 Causes of Data Breaches 28% 47% Malicious or criminal attack System glitch Human error 25% Data Breach Findings that have Implications for Organizations Who s behind the breaches? 75% perpetrated by outsiders. 25% involved internal actors. 18% conducted by state-affiliated actors. 3% featured multiple parties. 2% involved partners. 51% involved organized criminal groups. What tactics do they use? 62% of breaches featured hacking. 51% over half of breaches included malware. 81% of hacking-related breaches leveraged either stolen and/or weak passwords. 43% were social attacks. 14% Errors were causal events in 14% of breaches. The same proportion involved privilege misuse. 8% Physical actions were present in 8% of breaches. Source: 2017 Verizon Data Breach Investigations Report 6
7 Data Breach Findings that have Implications for Organizations (cont.) Who are the victims? 24% of breaches affected financial organizations. 15% of breaches involved healthcare organizations. 12% Public sector entities were the third most prevalent breach victim at 12%. 15% Retail and Accommodation combined to account for 15% of breaches. What else is common? 66% of malware was installed via malicious attachments. 73% of breaches were financially motivated. 21% of breaches were related to espionage. 27% of breaches were discovered by third parties. Source: 2017 Verizon Data Breach Investigations Report The Threat The Defensive Dilemma Source: Cisco 2017 Security Capabilities Benchmark Study 7
8 The Cyber Dilemma Cybercrime is poised to be a $2 trillion problem by Nearly 1.5 million Sec-Ops jobs will go unfulfilled because of a lack of skillsets by The Enterprise Strategy Group indicates that 45 percent of organizations report a problematic shortage of cybersecurity skills today, more than any other area within IT 3. 1 Source: Forbes, January 17, Source: CSO Magazine, July 28, Source: What is a Managed Security Service? A Managed Security Services Provider (MSS) defends client networks by anticipating, detecting, and responding to internal and external cyber threats. Security Operations Center (SOC) Syracuse University, Syracuse New York CuseLabs Training & Innovation Center 8
9 Security Stack MANAGED SECURITY SERVICES SERVICE TYPE Managed Firewall Managed Intrusion Prevention System (IDSS) and Intrusion Detection Systems (IDSS) Managed Anti-Malware Managed Managed Gateway DDoS SIEM Log Management What We Do Asset Discovery Know who and what is connected to your environment at all times. Vulnerability Assessment Find and remediate your vulnerabilities before an exploit or intrusion. Intrusion Detection Be alerted to suspicious activities with HIDS, NIDS, and Cloud IDS. Behavioral Monitoring Identify anomalous or suspicious behaviors in your environment. SIEM & Log Management Correlate and analyze event data from across your environment. 9
10 Cyber Defense Program Proactive Threat Defense Visibility Event Priority Sustainable & Affordable Program Focus on your Business Evolving Threat Landscape Targeted attacks Zero-day vulnerabilities and rootkits Attack kits Mobile threats Cyber Defense Program Proactive Threat Defense Visibility Event Priority Sustainable & Affordable Program Focus on Your Business Where are the gaps? Endpoint Protection Security monitoring NIDS Firewall HIDS Endpoint Web Proxy OS & Apps WebApp Firewall Network Infra. VA 10
11 Cyber Defense Program Stay ahead of threats Visibility Event Priority Sustainable & Affordable Program Focus on your Business Actionable Incidents Eliminate irrelevant events. Focus on the most critical events. Avoid over and under-reacting to events. Cyber Defense Program Stay ahead of threats Visibility Focus on top priorities Sustainable & Affordable Program Focus on Your Business Security Operation Center 24x7 Security State of the Art technologies Well-trained staff 11
12 Stay ahead of threats Visibility Cyber Defense Program Focus on top priorities Build a sustainable program Focus on Your Business How to Demonstrate Value? Protect revenue Process improvement Predictable cost-base Measure and report on effectiveness and improvement The Cyber Risks Personal Liability for data breaches Financial Costs Legal Costs Brand Damage GLBA NERC CIP FFIEC SOC 2 PCI DSS ISO HIPPA 12
13 Business Case for Moving to a MSSP People Demand for dedicated skilled manpower to defend the enterprise network. Lack the in-house capabilities required to keep pace with changing business demands, compliance mandates, and emerging threats requiring strategic implementation of new IT security solutions. Have in-house IT staffs that spend too much time on day- to-day operational security issues versus new strategic projects. Security staffing and budgeting constraints. Process Increasing regulatory compliance and data protection laws. Technology Depend on IT security tools and processes that provide a reactive, rather than proactive, approach to mitigating risk and minimizing data loss and downtime. Increase in spending on IT infrastructure security. Continuous growth in deployment of cloud services, mobile, and apps. Software-Defined Secure Networks Zach Forsyth - Security Architect 13
14 A defender has to be flawless every single time A defender has to be flawless every single time An attacker only needs to succeed once! 28 PAC File 1 Web Filter Sandbox SSL DLP Aggregation firewall 27 2 SSL Client - side SSL tunnel Load balancers Flow management 11 15, 16 Inspection Log files Perimeter firewalls 14
15 WannaCry had surprising victims Every single day attackers are using zero dollar tools, written in 2006, to circumvent million dollar solutions built in 2017 via exploits in code that we knew how to fix way back in
16 16
17 Phishing is still the #1 threat vector because it just works It is the #1 delivery method for ransomware 85% of organizations have suffered a phishing compromise 1 in 3 companies have been victims of a CEO fraud filtering will never be 100% effective End user training is important, but users will still fall for well crafted s Traditional detection falls short September
18 18
19 19
20 Malware is continually evolving Payloads are encrypted before transit Memory injection is used and files are never written to disk Appears to exfiltrate data to google web addresses, but sends it elsewhere via dns Data appended to fake image headers in post requests Multi-part payloads are downloaded and then compiled locally 20
21 Ransomware timeline C&C communications are well camouflaged 21
22 Fake DNS request set up subsequent communication to toolbarqueries.google.com What s powershell really doing on your network? 22
23 23
24 You can t trust LinkedIn either 24
25 Never underestimate attack complexity 25
26 Drive-by Cryptocurrency Mining Drive-by Cryptocurrency Mining One week snapshot 35,000+ unique URLs associated with coinhive.min.js. 144 unique IP addresses 1,025 unique hostnames 6,000-10,000 newurls per day leading to the coinhive script 26
27 Devices are built without fundamental security Breaches aren t being discovered internally 27
28 Payloads are almost always unique Rapid Response is critical Time to compromise Time to exfiltration 28
29 28 PAC File 1 Web Filter Sandbox SSL DLP Aggregation firewall 27 2 SSL Client - side SSL tunnel Load balancers Flow management 11 15, 16 Inspection Log files Perimeter firewalls 29
30 Software Defined Secure Networks 30
31 Software Defined Secure Networks AV NGFW WAF IPS Sandbox Web SIEM Uncoordinated and perimeter focused Orchestrated, holistic system encompassing security + infrastructure Global Policy Orchestration, Policy Engine Open and Unified Threat Detection Dynamic, Automated Enforcement How do we get there? Day 0 Human-driven automation Day 1 Event-driven automation Day N Machine-driven automation Establish standard-based network interfaces and data models Automate network provisioning & management Simplify security and network operations Gather security & network information (Telemetry) Intelligence drives automated response and policies Rule-based action on critical network events (Closed loop automation) Use machine-learning tools to train the system Machines makes decisions and drives network change Humans make decisions where machines cannot 31
32 SDSN Architecture POLICY DETECTION ENFORCEMENT DETECTION Security Director + Policy Enforcer Policy Enforcement, Visibility, Automation Switches Threat Intelligence Physical Firewalls Sandbox Advanced Threat Prevention (ATP) Analysis Routers Third Party Threat Intel Virtual Firewalls Third Party Elements Detection Fast, effective protection from advanced threats Integrated threat intelligence Policy Adaptive enforcement to firewalls, switches, 3 rd party devices and routers Robust visibility and management Enforcement Consistent protection across physical/virtual Open and programmable environment The Network fabric is now a single enforcement domain What if your Network could be a Firewall? DETECTION & ENFORCEMENT DETECTION POLICY You need true end-toend visibility to secure the entire network Instant threat intelligence and detection Dynamically adapting policy, deployed in realtime Enforce security everywhere Sally School District Network 32
33 How does SDSN completely isolate infected host? Stateful filter on Firewall + Access list on the switch port SKY ATP Infected Host = NGFW NGFW SWITCH SWITCH Data Center Micro-segmentation Internet Perimeter Firewall Cluster Internal Firewall Cluster vfw DMZ VLAN IT Web vfw DMZ VLAN DATA CENTER vfw Fin Web vfw vsrx Policy 3 rd Party Feeds SKY ATP Threat Feeds SDSN Policy Engine POLICY Policy defined in Policy Engine 1. IT Applications cannot access Finance Applications even if they share same VLAN 2. Traffic in and out of Infected Applications should be logged DETECTION Sky detection applicable for infected applications scenario (#2 above) IT App IT DB DB_VLAN Fin App Fin DB Switch ACLs Provisions vsrx in Service Chain SDN Controller Security Groups IT Apps Fin Apps ENFORCEMENT VM related traffic controls enforced in vsrx Physical to physical traffic controls in access/aggregation switches 33
34 Juniper SDSN Portfolio Security Director Policy Enforcer Management, Visibility, Automation Secure Analytics SIEM Sky Advanced Threat Prevention Advanced Malware Defense Service Application Security SSL Inspection Intrusion Prevention User Firewall UTM Next Gen Security Services SRX300 4Gb/s (2 vcpu) 25Gb/s (16 vcpu) vsrx csrx* 5RU 480Gb/s 2RU 1RU 1RU 1RU 5.5Gb/s 5Gb/s 20Gb/s 40Gb/s SRX500 SRX1500 SRX4100 SRX4200 SRX5400 8RU 960Gb/s SRX5600 SRX5800 Branch Campus Data Center Cloud Service Provider 16RU 2Tb/s Beta* Ecosystem Partners CASB Access Security Endpoint Security Cloud App Risk Management Visibility and Control Malware and Threat Protection for Cloud Extend Security Policy Context-based BYOD Onboarding Role-based Network Access Assignment Access Control and Enforcement Discovery of All Endpoints Vulnerability and Patch Management Continuous Policy Enforcement Ready to Deploy End to End Security Solutions 34
35 Q&A Thank You CONTACT US: Jennifer Rathburn Joseph Abrenio Zach Forsyth ATTORNEY ADVERTISEMENT. The contents of this document, current at the date of publication, are for reference purposes only and do not constitute legal advice. Where previous cases are included, prior results do not guarantee a similar outcome. Images of people may not be Foley personnel Foley & Lardner LLP 35
Build a Software-Defined Network to Defend your Business
Build a Software-Defined Network to Defend your Business Filip Vanierschot Systems Engineer fvanierschot@juniper.net Kappa Data 2020 Software Defined Secure Networks Juniper s Innovation in Secure Networks
More informationDelivering Integrated Cyber Defense for the Cloud Generation Darren Thomson
Delivering Integrated Cyber Defense for the Generation Darren Thomson Vice President & CTO, EMEA Region Symantec In 2009 there were 2,361,414 new piece of malware created. In 2015 that number was 430,555,582
More informationDefending Against Unkown Automation is the Key. Rajesh Kumar Juniper Networks
Defending Against Unkown Automation is the Key Rajesh Kumar Juniper Networks When and not if you will get attacked! ON AVERAGE, ATTACKERS GO UNDETECTED FOR OVER 229 DAYS Root cause of Security Incidents
More informationHOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS
HOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS Danielle M. Zeedick, Ed.D., CISM, CBCP Juniper Networks August 2016 Today s Objectives Goal Objectives To understand how holistic network
More informationTop 10 most important IT priorities over the next 12 months. (Percent of respondents, N=633, ten responses accepted)
ESG Lab Review Sophos Security Heartbeat Date: January 2016 Author: Tony Palmer, Sr. ESG Lab Analyst; and Jack Poller, ESG Lab Analyst Abstract: This report examines the key attributes of Sophos synchronized
More informationSecuring Digital Transformation
September 4, 2017 Securing Digital Transformation DXC Security Andreas Wuchner, CTO Security Innovation Risk surface is evolving and increasingly complex The adversary is highly innovative and sophisticated
More informationCloudSOC and Security.cloud for Microsoft Office 365
Solution Brief CloudSOC and Email Security.cloud for Microsoft Office 365 DID YOU KNOW? Email is the #1 delivery mechanism for malware. 1 Over 40% of compliance related data in Office 365 is overexposed
More informationTHE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION
BREACH & ATTACK SIMULATION THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION Cymulate s cyber simulation platform allows you to test your security assumptions, identify possible security gaps and receive
More informationCybersecurity Roadmap: Global Healthcare Security Architecture
SESSION ID: TECH-W02F Cybersecurity Roadmap: Global Healthcare Security Architecture Nick H. Yoo Chief Security Architect Disclosure No affiliation to any vendor products No vendor endorsements Products
More informationSoftware-Define Secure Networks The Future of Network Security for Digital Learning
Software-Define Secure Networks The Future of Network Security for Digital Learning SIGS, 5.Juli 2015 Klaus Ernst, Systems Engineer Juniper Networks Threat Landscape Feels like Treading Water 2017 IT Priorities
More informationCisco Cloud Security. How to Protect Business to Support Digital Transformation
Cisco Cloud Security How to Protect Business to Support Digital Transformation Dragan Novakovic Cybersecurity Consulting Systems Engineer January 2018. Security Enables Digitization Digital Disruption,
More informationAKAMAI CLOUD SECURITY SOLUTIONS
AKAMAI CLOUD SECURITY SOLUTIONS Whether you sell to customers over the web, operate data centers around the world or in the cloud, or support employees on the road, you rely on the Internet to keep your
More informationData Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle
Data Security and Privacy : Compliance to Stewardship Jignesh Patel Solution Consultant,Oracle Agenda Connected Government Security Threats and Risks Defense In Depth Approach Summary Connected Government
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationSOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM
SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM OVERVIEW The Verizon 2016 Data Breach Investigations Report highlights that attackers are regularly outpacing the defenders.
More informationWhat can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco
What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco Increasing Digital Traffic Creates a Greater Attack Surface Global IP Traffic
More informationSoftware-Defined Secure Networks. Sergei Gotchev April 2016
Software-Defined Secure Networks Sergei Gotchev April 2016 Security Trends Today Network security landscape has changed. CISOs Treading Water Pouring money into security, yet not any more secure - Average
More informationRethinking Security: The Need For A Security Delivery Platform
Rethinking Security: The Need For A Security Delivery Platform Cybercrime In Asia: A Changing Environment & Shifting Focus Asia, more vulnerable to cybercrime because of diversity and breadth of countries
More informationJuniper Sky Advanced Threat Prevention
Juniper Sky Advanced Threat Prevention The evolution of malware threat mitigation Nguyễn Tiến Đức ntduc@juniper.net 1 Most network security strategies focus on security at the perimeter only outside in.
More informationBackground FAST FACTS
Background Terra Verde was founded in 2008 by cybersecurity, risk and compliance executives. The founders believed that the market needed a company that was focused on using security, risk and compliance
More informationSecuring Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &
Securing Dynamic Data Centers Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan & Afghanistan @WajahatRajab Modern Challenges By 2020, 60% of Digital Businesses will suffer Major Service
More informationBuilding a Software-Defined Secure Network for Healthcare
Building a Software-Defined Secure Network for Healthcare Detect, adapt, and enforce security policies faster with network-wide visibility, orchestration, and control Challenge Enable digital transformation
More informationCloud-Enable Your District s Network For Digital Learning
Cloud-Enable Your District s Network For Digital Learning Session B40 BrainStorm 17.0 Gavin Lee Education Business Development Manager Juniper Networks gavinl@juniper.net Juniper Innovations for Mission
More informationFTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.
FTA 2017 SEATTLE Cybersecurity and the State Tax Threat Environment 1 Agenda Cybersecurity Trends By the Numbers Attack Trends Defensive Trends State and Local Intelligence What Can You Do? 2 2016: Who
More informationCybersecurity The Evolving Landscape
Cybersecurity The Evolving Landscape 1 Presenter Zach Shelton, CISA Principal DHG IT Advisory Zach.Shelton@DHG.com Raleigh, NC 14+ years of experience in IT Consulting 11+ years of experience with DHG
More informationStrategies for a Successful Security and Digital Transformation
#RSAC SESSION ID: GPS-F02A Strategies for a Successful Security and Digital Transformation Jonathan Nguyen-Duy Vice President, Strategic Programs jnguyenduy@fortinet.com AGENDA 2017 Digital transformation
More informationRSA NetWitness Suite Respond in Minutes, Not Months
RSA NetWitness Suite Respond in Minutes, Not Months Overview One can hardly pick up a newspaper or turn on the news without hearing about the latest security breaches. The Verizon 2015 Data Breach Investigations
More informationFrom Managed Security Services to the next evolution of CyberSoc Services
From Managed Security Services to the next evolution of CyberSoc Services Gianluca Busco Arré Country Manager pandasecurity.com MSSP / MDR Where the Industry is going leaders and laggers MSSP industry
More information5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief
5 Trends That Will Impact Your IT Planning in 2012 Layered Security Executive Brief a QuinStreet Excutive Brief. 2011 Layered Security Many of the IT trends that your organization will tackle in 2012 aren
More informationDefense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation
Defense-in-Depth Against Malicious Software Speaker name Title Group Microsoft Corporation Agenda Understanding the Characteristics of Malicious Software Malware Defense-in-Depth Malware Defense for Client
More informationMAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER
MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER Bret Hartman Cisco / Security & Government Group Session ID: SPO1-W25 Session Classification: General Interest 1 Mobility Cloud Threat Customer centric
More informationManaged Enterprise Phishing Protection. Comprehensive protection delivered 24/7 by anti-phishing experts
Managed Enterprise Phishing Protection Comprehensive protection delivered 24/7 by anti-phishing experts MANAGED ENTERPRISE PHISHING PROTECTION 24/7 expert protection against phishing attacks that get past
More informationManaged Endpoint Defense
DATA SHEET Managed Endpoint Defense Powered by CB Defense Next-gen endpoint threat detection and response DEPLOY AND HARDEN. Rapidly deploy and optimize endpoint prevention with dedicated security experts
More informationCyber Security Incident Response Fighting Fire with Fire
Cyber Security Incident Response Fighting Fire with Fire Arun Perinkolam, Senior Manager Deloitte & Touche LLP Professional Techniques T21 CRISC CGEIT CISM CISA AGENDA Companies like yours What is the
More informationProtecting your next investment: The importance of cybersecurity due diligence
Protecting your next investment: The importance of cybersecurity due diligence Oct. 11, 2018 Baker Tilly Virchow Krause, LLP. All rights reserved. Baker Tilly refers to Baker Tilly Virchow Krause, LLP,
More informationDATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE
DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE EXECUTIVE SUMMARY ALIGNING CYBERSECURITY WITH RISK The agility and cost efficiencies
More informationUnlocking the Power of the Cloud
TRANSFORM YOUR BUSINESS With Smarter IT Unlocking the Power of the Cloud Hybrid Networking Managed Security Cloud Communications Software-defined solutions that adapt to the shape of your business The
More information2016 State of Cybersecurity in Small & Medium-Sized Businesses (SMB)
2016 State of Cybersecurity in Small & Medium-Sized Businesses (SMB) Sponsored by Keeper Security Independently conducted by Ponemon Institute LLC Publication Date: June 2016 Ponemon Institute Research
More informationCYBER ATTACKS DON T DISCRIMINATE. Michael Purcell, Systems Engineer Manager
CYBER ATTACKS DON T DISCRIMINATE Michael Purcell, Systems Engineer Manager THREAT LANDSCAPE IS HUGE AND ORGANIZED $8 TRILLION Will be cost of fighting cybercrime in 2022 (JuniperResearch) 14.5 BILLION
More informationNETWORKING &SECURITY SOLUTIONSPORTFOLIO
NETWORKING &SECURITY SOLUTIONSPORTFOLIO NETWORKING &SECURITY SOLUTIONSPORTFOLIO Acomprehensivesolutionsportfoliotohelpyougetyourbusiness securelyconnected.clickononeofoursolutionstoknowmore NETWORKING
More informationPONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY
PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY Benchmark research sponsored by Raytheon. Independently conducted by Ponemon Institute LLC. February 2018 2018 Study on
More informationProtecting Against Modern Attacks. Protection Against Modern Attack Vectors
Protecting Against Modern Attacks Protection Against Modern Attack Vectors CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $4.0M 81% >300K 87% is the average cost of a data breach per incident. of breaches
More informationCyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS
Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS Continual disclosed and reported
More informationAutomated Response in Cyber Security SOC with Actionable Threat Intelligence
Automated Response in Cyber Security SOC with Actionable Threat Intelligence while its biggest weakness is lack of visibility: SOCs still can t detect previously unknown threats, which is a consistent
More informationCybersecurity Conference Presentation North Bay Business Journal. September 27, 2016
Cybersecurity Conference Presentation North Bay Business Journal September 27, 2016 1 PRESENTER Francis Tam, CPA, CISM, CISA, CITP, CRISC, PCI QSA Partner Information Security and Infrastructure Practice
More informationCybersecurity Survey Results
Cybersecurity Survey Results 4 November 2015 DISCLAIMER: The views and opinions expressed in this presentation are those of the author and do not necessarily represent official policy or position of HIMSS.
More informationSYMANTEC DATA CENTER SECURITY
SYMANTEC DATA CENTER SECURITY SYMANTEC UNIFIED SECURITY STRATEGY Users Cyber Security Services Monitoring, Incident Response, Simulation, Adversary Threat Intelligence Data Threat Protection Information
More informationCYBERSECURITY HOW IT IS TRANSFORMING THE IT ASSURANCE FIELD
CYBERSECURITY HOW IT IS TRANSFORMING THE IT ASSURANCE FIELD December 2014 KEVIN GROOM ISACA Involvement (Middle Tennessee Chapter) Treasurer (2009 2011) Vice President (2011 2013) President (2013 present)
More information10 FOCUS AREAS FOR BREACH PREVENTION
10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual
More informationwith Advanced Protection
with Advanced Email Protection OVERVIEW Today s sophisticated threats are changing. They re multiplying. They re morphing into new variants. And they re targeting people, not just technology. As organizations
More informationHave breaches declined since the massive Heartland Payments leak in 2008? What proportion of breaches are the result of hacking?
The financial sector struggles with data leakage in part because many such organizations rely on dinosaurs - security solutions that struggle to protect data outside the corporate network. These orgs also
More informationTransforming Security Part 2: From the Device to the Data Center
SESSION ID: SP01-R11 Transforming Security Part 2: From the Device to the Data Center John Britton Director, EUC Security VMware @RandomDevice The datacenter as a hospital 3 4 5 Digital transformation
More informationALIENVAULT USM FOR AWS SOLUTION GUIDE
ALIENVAULT USM FOR AWS SOLUTION GUIDE Summary AlienVault Unified Security Management (USM) for AWS is a unified security platform providing threat detection, incident response, and compliance management
More informationDEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise
DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS Security Without Compromise CONTENTS INTRODUCTION 1 SECTION 1: STRETCHING BEYOND STATIC SECURITY 2 SECTION 2: NEW DEFENSES FOR CLOUD ENVIRONMENTS 5 SECTION
More informationTHE ACCENTURE CYBER DEFENSE SOLUTION
THE ACCENTURE CYBER DEFENSE SOLUTION A MANAGED SERVICE FOR CYBER DEFENSE FROM ACCENTURE AND SPLUNK. YOUR CURRENT APPROACHES TO CYBER DEFENSE COULD BE PUTTING YOU AT RISK Cyber-attacks are increasingly
More informationCyber-Threats and Countermeasures in Financial Sector
Michael Mavroforakis, PhD Group CISO & CDO SEV: Workshop on Digital Enablers (Cloud & Cybersecurity) 27th March 2018 Agenda: CYBERSECURITY Potential Targets Attack Examples Insider vs Outsider Threats
More informationRun the business. Not the risks.
Run the business. Not the risks. RISK-RESILIENCE FOR THE DIGITAL BUSINESS Cyber-attacks are a known risk to business. Today, with enterprises becoming pervasively digital, these risks have grown multifold.
More informationConverged security. Gerben Verstraete, CTO, HP Software Services Colin Henderson, Managing Principal, Enterprise Security Products
Converged security Gerben Verstraete, CTO, HP Software Services Colin Henderson, Managing Principal, Enterprise Security Products Increased risk and wasted resources Gartner estimates more than $1B in
More information10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS
10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS WHITE PAPER INTRODUCTION BANKS ARE A COMMON TARGET FOR CYBER CRIMINALS AND OVER THE LAST YEAR, FIREEYE HAS BEEN HELPING CUSTOMERS RESPOND
More informationForeScout Extended Module for Splunk
Enterprise Strategy Group Getting to the bigger truth. ESG Lab Review ForeScout Extended Module for Splunk Date: May 2017 Author: Tony Palmer, Senior Lab Analyst Abstract This report provides a first look
More informationDefensible and Beyond
TELUS Defensible and Beyond Mike Vamvakaris Director and Head of Cyber Security Consulting November 2017 Digital transformation brings many benefits Communication and Collaboration Autonomous and Artificial
More informationGladiator Incident Alert
Gladiator Incident Alert Allen Eaves Sabastian Fazzino FINANCIAL PERFORMANCE RETAIL DELIVERY IMAGING PAYMENT SOLUTIONS INFORMATION SECURITY & RISK MANAGEMENT ONLINE & MOBILE 1 2016 Jack Henry & Associates,
More informationNOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect
NOTHING IS WHAT IT SIEMs: COVER PAGE Simpler Way to Effective Threat Management TEMPLATE Dan Pitman Principal Security Architect Cybersecurity is harder than it should be 2 SIEM can be harder than it should
More informationJune 2 nd, 2016 Security Awareness
June 2 nd, 2016 Security Awareness Security is the degree of resistance to, or protection from, harm. if security breaks down, technology breaks down Protecting People, Property and Business Assets Goal
More informationRiskSense Attack Surface Validation for IoT Systems
RiskSense Attack Surface Validation for IoT Systems 2018 RiskSense, Inc. Surfacing Double Exposure Risks Changing Times and Assessment Focus Our view of security assessments has changed. There is diminishing
More informationJuniper Sky Advanced Threat Prevention
Juniper Sky Advanced Threat Prevention Product Overview Juniper Sky Advanced Threat Prevention is a cloud-based service that provides complete advanced malware protection. Integrated with SRX Series Services
More informationCyber Threat Landscape April 2013
www.pwc.co.uk Cyber Threat Landscape April 2013 Cyber Threats: Influences of the global business ecosystem Economic Industry/ Competitors Technology-led innovation has enabled business models to evolve
More informationHow to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption
How to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption Nikos Mourtzinos, CCIE #9763 Cisco Cyber Security Sales Specialist April 2018 New
More informationEU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux
EU GENERAL DATA PROTECTION: TIME TO ACT Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux Is this the WAY you handle GDPR today 2 3 area s to consider
More informationJUNIPER SKY ADVANCED THREAT PREVENTION
Data Sheet JUNIPER SKY ADVANCED THREAT PREVENTION Product Overview Juniper Sky Advanced Threat Prevention is a cloud-based service that provides complete advanced malware protection. Integrated with SRX
More informationCybowall Solution Overview
Cybowall Solution Overview 1 EVOLVING SECURITY CHALLENGES 2 EXAMPLES OF CYBER BREACHES INCLUDING CARD DATA 2013: Adobe Systems Hackers raided an Adobe back-up server on which they found and published a
More informationPopular SIEM vs aisiem
Popular SIEM vs aisiem You cannot flip a page in any Cybersecurity magazine, or scroll through security blogging sites without a mention of Next Gen SIEM. You can understand why traditional SIEM vendors
More informationTHE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM
THE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM Modern threats demand analytics-driven security and continuous monitoring Legacy SIEMs are Stuck in the Past Finding a mechanism to collect, store
More informationCrises Control Cloud Security Principles. Transputec provides ICT Services and Solutions to leading organisations around the globe.
Crises Control Cloud Security Principles Transputec provides ICT Services and Solutions to leading organisations around the globe. As a provider of these services for over 30 years, we have the credibility
More informationCybersecurity Threat Modeling ISACA Atlanta Chapter Geek Week Conference
www.pwc.com 2016 ISACA Atlanta Chapter Geek Week Conference Highlights from surveys 38% Amount of security incidents In 2015, 38% more security incidents were detected than in 2014. $4.9M Cost of security
More informationSECURING THE MULTICLOUD
SECURING THE MULTICLOUD Bahul Harikumar and Ali Bidabadi Juniper Networks This statement of direction sets forth Juniper Networks current intention and is subject to change at any time without notice.
More informationFFIEC Cyber Security Assessment Tool. Overview and Key Considerations
FFIEC Cyber Security Assessment Tool Overview and Key Considerations Overview of FFIEC Cybersecurity Assessment Tool Agenda Overview of assessment tool Review inherent risk profile categories Review domain
More informationSurprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS
Surprisingly Successful: What Really Works in Cyber Defense John Pescatore, SANS 1 Largest Breach Ever 2 The Business Impact Equation All CEOs know stuff happens in business and in security The goal is
More informationCybersecurity Auditing in an Unsecure World
About This Course Cybersecurity Auditing in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that cybersecurity
More informationSecurity in India: Enabling a New Connected Era
White Paper Security in India: Enabling a New Connected Era India s economy is growing rapidly, and the country is expanding its network infrastructure to support digitization. India s leapfrogging mobile
More informationBusiness Strategy Theatre
Business Strategy Theatre Security posture in the age of mobile, social and new threats Steve Pao, GM Security Business 01 May 2014 In the midst of chaos, there is also opportunity. - Sun-Tzu Security:
More informationNational Cyber Security Operations Center (N-CSOC) Stakeholders' Conference
National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference Benefits to the Stakeholders A Collaborative and Win-Win Strategy Lal Dias Chief Executive Officer Sri Lanka CERT CC Cyber attacks
More informationCisco Firepower NGFW. Anticipate, block, and respond to threats
Cisco Firepower NGFW Anticipate, block, and respond to threats You have a mandate to build and secure a network that supports ongoing innovation Mobile access Social collaboration Public / private hybrid
More informationTHE EVOLUTION OF SIEM
THE EVOLUTION OF SIEM Why it is critical to move beyond logs BUSINESS-DRIVEN SECURITY SOLUTIONS THE EVOLUTION OF SIEM Why it is critical to move beyond logs Despite increasing investments in security,
More informationCisco Firepower NGFW. Anticipate, block, and respond to threats
Cisco Firepower NGFW Anticipate, block, and respond to threats Digital Transformation on a Massive Scale 15B Devices Today Attack Surface 500B Devices In 2030 Threat Actors $19T Opportunity Next 10 Years
More informationSoftware-Defined Secure Networks in Action
Software-Defined Secure Networks in Action Enabling automated threat remediation without impacting business continuity Challenge Businesses need to continuously evolve to fight the increasingly sophisticated
More informationGDPR: An Opportunity to Transform Your Security Operations
GDPR: An Opportunity to Transform Your Security Operations McAfee SIEM solutions improve breach detection and response Is your security operations GDPR ready? General Data Protection Regulation (GDPR)
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationDisaggregation and Virtualization within the Juniper Networks Mobile Cloud Architecture. White Paper
Disaggregation and Virtualization within the Juniper Networks Mobile Cloud Architecture White Paper June 2017 Juniper Networks, Inc. 1133 Innovation Way Sunnyvale, California 94089 USA 408-745-2000 www.juniper.net
More informationThe Internet of Everything is changing Everything
The Internet of Everything is changing Everything Intelligent Threat Defense for the Enterprise Mobility Nikos Mourtzinos, CCIE #9763 Global Security Sales Organization Changing Business Models Any Device
More informationCourse Outline Topic 1: Current State Assessment, Security Operations Centers, and Security Architecture
About this Course This course will best position your organization to analyse threats and detect anomalies that could indicate cybercriminal behaviour. The payoff for this new proactive approach would
More information3 Ways to Prevent and Protect Your Clients from a Cyber-Attack. George Anderson Product Marketing Director Business October 31 st 2017
3 Ways to Prevent and Protect Your Clients from a Cyber-Attack George Anderson Product Marketing Director Business October 31 st 2017 Agenda One ounce of prevention is worth a pound of protection 01 Aiming
More informationHacking and Cyber Espionage
Hacking and Cyber Espionage September 19, 2013 Prophylactic and Post-Breach Concerns for In-House Counsel Raymond O. Aghaian, McKenna Long & Aldridge LLP Elizabeth (Beth) Ferrell, McKenna Long & Aldridge
More informationalign security instill confidence
align security instill confidence cyber security Securing data has become a top priority across all industries. High-profile data breaches and the proliferation of advanced persistent threats have changed
More informationINTRODUCTION. We would like to thank HelpSystems for supporting this unique research. We hope you will enjoy the report.
2019 SIEM REPORT INTRODUCTION Security Information and Event Management (SIEM) is a powerful technology that allows security operations teams to collect, correlate and analyze log data from a variety of
More informationBuilding an Effective Threat Intelligence Capability. Haider Pasha, CISSP, C EH Director, Security Strategy Emerging Markets Office of the CTO
Building an Effective Threat Intelligence Capability Haider Pasha, CISSP, C EH Director, Security Strategy Emerging Markets Office of the CTO The Race To Digitize Automotive Telematics In-vehicle entertainment
More informationThreat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ
Threat Containment and Operations Yong Kwang Kek, Director of Presales SE, APJ 2018-07-19 1 1 2017 Infoblox Inc. All Rights 2013 Infoblox Inc. All Reserved. Rights Reserved. Three Aspects of Security #1
More informationSTOPS CYBER ATTACKS BEFORE THEY STOP YOU. Prepare, recognize, and respond to today s attacks earlier with Verizon Security Solutions.
Intelligence-driven security STOPS CYBER ATTACKS BEFORE THEY STOP YOU. Prepare, recognize, and respond to today s attacks earlier with Verizon Security Solutions. BETTER INTELLIGENCE. BETTER DEFENSE. The
More informationRSA INCIDENT RESPONSE SERVICES
RSA INCIDENT RESPONSE SERVICES Enabling early detection and rapid response EXECUTIVE SUMMARY Technical forensic analysis services RSA Incident Response services are for organizations that need rapid access
More informationHow Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity
How Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity Why is the NIST framework important? GOH Seow Hiong Executive Director, Global Policy & Government Affairs, Asia Pacific
More information