An Aflac Case Study: Moving a Security Program from Defense to Offense

Similar documents
An Aflac Case Study: Moving a Security Program from Defense to Offense

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Managed Enterprise Phishing Protection. Comprehensive protection delivered 24/7 by anti-phishing experts

Prescriptive Security Operations Centers. Leveraging big data capabilities to build next generation SOC

Building Resilience in a Digital Enterprise

Automated Response in Cyber Security SOC with Actionable Threat Intelligence

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

Building a Threat-Based Cyber Team

2018 Edition. Security and Compliance for Office 365

SECURITY OPERATIONS CENTER BUY BUILD BUY. vs. Which Solution is Right for You?

RSA NetWitness Suite Respond in Minutes, Not Months

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Security and Compliance for Office 365

Designing and Building a Cybersecurity Program

Pedal to the Metal: Mitigating New Threats Faster with Rapid Intel and Automation

The Art and Science of Deception Empowering Response Actions and Threat Intelligence

Noam Ikar R&DVP. Complex Event Processing and Situational Awareness in the Digital Age

Evolution Of Cyber Threats & Defense Approaches

RSA Advanced Security Operations Richard Nichols, Director EMEA. Copyright 2015 EMC Corporation. All rights reserved. 1

The Value of Automated Penetration Testing White Paper

EFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

Your network is your business lifeline. Protect it. LEVEL 3 ADAPTIVE NETWORK SECURITY

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

NetWitness Overview. Copyright 2011 EMC Corporation. All rights reserved.

with Advanced Protection

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Checklist for Evaluating Deception Platforms

Transforming Security from Defense in Depth to Comprehensive Security Assurance

SIEM Overview with OSSIM Case Study. Mohammad Husain, PhD Cal Poly Pomona

Barracuda Advanced Threat Protection. Bringing a New Layer of Security for . White Paper

STOPS CYBER ATTACKS BEFORE THEY STOP YOU. Prepare, recognize, and respond to today s attacks earlier with Verizon Security Solutions.

Best Practices in Securing a Multicloud World

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco

AKAMAI CLOUD SECURITY SOLUTIONS

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Prevent and Detect Malware with Symantec Advanced Threat Protection: Network

The Evolution of : Continuous Advanced Threat Protection

Artificial Intelligence Drives the next Generation of Internet Security

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

Perimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN

From Managed Security Services to the next evolution of CyberSoc Services

SIEM Solutions from McAfee

CYBER THREAT INTEL: A STATE OF MIND. Internal Audit, Risk, Business & Technology Consulting

C T I A CERTIFIED THREAT INTELLIGENCE ANALYST. EC-Council PROGRAM BROCHURE. Certified Threat Intelligence Analyst 1. Certified

THE ACCENTURE CYBER DEFENSE SOLUTION

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

First Look Showcase. Expanding our prevention, detection and response solutions. Sumedh Thakar Chief Product Officer, Qualys, Inc.

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

SECURITY REDEFINED. Managing risk and securing the business in the age of the third platform. Copyright 2014 EMC Corporation. All rights reserved.

CA Host-Based Intrusion Prevention System r8

THREAT INTELLIGENCE: UNDERSTANDING WHAT IT IS AND WHY YOU NEED IT

Abstract. The Challenges. ESG Lab Review Lumeta Spectre: Cyber Situational Awareness

Securing the Internet of Things (IoT) at the U.S. Department of Veterans Affairs

Building an Effective Threat Intelligence Capability. Haider Pasha, CISSP, C EH Director, Security Strategy Emerging Markets Office of the CTO

A MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE

Strategies for a Successful Security and Digital Transformation

Proofpoint, Inc.

Building a Resilient Security Posture for Effective Breach Prevention

Which Side Are You On?

Orchestrating and Automating Trend Micro TippingPoint and IBM QRadar

Securing intelligent networks: a guide for CISO and CIOs

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group

Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS

Surprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS

THREAT INTEL AND CONTENT CURATION: ORGANIZING THE PATH TO SUCCESSFUL DETECTION

SIEMLESS THREAT MANAGEMENT

Sobering statistics. The frequency and sophistication of cybersecurity attacks are getting worse.

How NSFOCUS Protected the G20 Summit. Guy Rosefelt on the Strategy, Staff and Tools Needed to Ensure Cybersecurity

Cyber Defense Operations Center

CYBER ATTACKS DON T DISCRIMINATE. Michael Purcell, Systems Engineer Manager

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

Automated, Real-Time Risk Analysis & Remediation

Effective Data Security Takes More Than Just Technology

ACHIEVING FIFTH GENERATION CYBER SECURITY

empow s Security Platform The SIEM that Gives SIEM a Good Name

FTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.

An All-Source Approach to Threat Intelligence Using Recorded Future

STUDENT LEARNING OUTCOMES Beacom College of Computer and Cyber Sciences

SECURITY SERVICES SECURITY

Threat Centric Vulnerability Management

NINE MYTHS ABOUT. DDo S PROTECTION

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

The New Normal. Unique Challenges When Monitoring Hybrid Cloud Environments

The Cyber Threat. Bob Gourley, Partner, Cognitio June 22, How we think. 1

Cybowall Solution Overview

85% 89% 10/5/2018. Do You Have A Firewall Around Your Cloud? Conquering The Big Threats & Challenges

Cisco Security. Advanced Malware Protection. Guillermo González Security Systems Engineer Octubre 2017

SECOPS: NAVIGATE THE NEW LANDSCAPE FOR PREVENTION, DETECTION AND RESPONSE

Unlocking the Power of the Cloud

Protecting Against Online Fraud. F5 EMEA Webinar August 2014

RSA IT Security Risk Management

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

Battle between hackers and machine learning. Alexey Lukatsky Cybersecurity Business Consultant April 03, 2019

Security Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:

Intro to Niara. no compromise behavioral analytics. Tomas Muliuolis HPE Aruba Baltics Lead

ATTIVO NETWORKS THREATDEFEND INTEGRATION WITH MCAFEE SOLUTIONS

First Look Showcase. Expanding our prevention, detection and response solutions. Marco Rottigni Chief Technical Security Officer, Qualys, Inc.

From Reactive to Proactive: How to Avoid Alert Fatigue

Transcription:

SESSION ID: CXO-W11 An Aflac Case Study: Moving a Security Program from Defense to Offense Tim Callahan SVP & Global CISO Aflac

Threat Landscape Selected losses > 30,000 records (updated 10/15/16) Security risks are growing at a faster pace than the industry can react or adapt to

How to Build a Good Offense Intelligence Leverage several types of sources Analytics Find a solution that best applies to your environment Fight Far Build more layers in between assets and threats Staff Security tools are important, but building and finding the right talent is also important

Intelligence Internal Analyze network traffic, log files, security appliances and even employee behavior External Open sources, organization memberships, vendors, government programs (DHS)) Dark Web Monitoring the dark web helps companies see planned attacks against them or see stolen credentials

Analytics Information/Data Threat Intelligence Platform Op Intelligence Platform Output High Confidence Action Corporate Infrastructure Security Infrastructure Network Infrastructure Systems and Applications Big Data Analysis Confidence Rating Visualization Automated Alerts Low Confidence Action Enrichment into other alerts

Confidence Scores High Confidence Score Domain that is well-known to be malicious Low Confidence Score Logging in to network incorrectly multiple times Higher confidence scores set off automated event alerts Lower confidence scores go through an enrichment process and other alerts

Analytics Tool Results 2,042,000 Connections have been blocked with fewer than 12 false positives >5M Average number of IoC s maintained 90 Average number of threat actor campaigns maintained 5 Member team effectively manage 5M pieces of threat intel data

Capabilities DNS Firewall: Performing automated checks against aggregated list of dangerous domains to sinkhole or block the connection attempts associated with malware. Blackholing: A technique in which an internet service provider (ISP) dumps packets coming from a certain domain or address. DDoS Service: Prevention of attacks that attempt to exhaust the resources available to a network, application or service so genuine users cannot gain access.

Internet Edge Router Fight Far It is more difficult for an enemy to defeat a complex and multilayered defense system than to penetrate a single barrier. 5 Outer Firewall 9Inner Firewall Company Assets 4 Blackholing 3 Cloud Web App Firewall 2 Cloud Email Filtering 6 DMZ DNS Firewall 7 Web Proxies 10 IPS 11 LAN Sandboxing 12 Deception 13 HIDS 1 DDoS Prevention Service 8 Anti Virus Quarantine

1. Gartner-25 billion connected devices press release. 2. 2015 Global Information Security Workforce Study, Frost & Sullivan. Staff Challenges Threats and vulnerabilities constantly changing Gartner s prediction about the Internet of Things is that we ll have 25 billion connected devices globally by 2020 each bringing new security challenges. 1 The cybersecurity skills gap is real This is unlikely to change in the near future, as it is predicted that 1.5 million jobs will be unfilled by 2020. 2

Seek Unconventional Perspective Military/Veterans Experience (SOC, security administration, monitoring) Aptitude and focus Data Scientists Ability to make correlations and predictions Analytical skills to spot trends and patterns

Invest into the Future Grow from within Look within your own IT staff Years of experience of systems and operations can be groomed into a security professional Use local opportunities Work with technical and vocational programs in your area Establish internship programs and participate in capstone opportunities Aflac s internship and apprenticeship program gives exposure and experience

Be Pre-emptive Intelligence Review, add and diversify your intelligence sources Analytics Find a solution that not only produces intelligence but takes action with the intelligence Fight Far Review your current security capabilities and build in additional layers to create distance Staff Think outside the box by changing your hiring strategies and invest in local schools/programs

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback