Agenda: Insurance Academy Event

Similar documents
Cisco Security Exposed Through the Cyber Kill Chain

Cisco Security. Advanced Malware Protection. Guillermo González Security Systems Engineer Octubre 2017

Modern attacks and malware

Cisco Advanced Malware Protection against WannaCry

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

Cisco Cyber Range. Paul Qiu Senior Solutions Architect

Cisco Security Enterprise License Agreement

How to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption

Aby se z toho bezpečnostní správci nezbláznili Cisco security integrace. Milan Habrcetl Cisco CyberSecurity Specialist Mikulov, 5. 9.

ANATOMY OF AN ATTACK!

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Cisco Secure Boot and Trust Anchor Module Differentiation

Cisco Security: Advanced Threat Defense for Microsoft Office 365

Cisco ASA 5500-X NGFW

How Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity

The Internet of Everything is changing Everything

Cisco Advanced Malware Protection. May 2016

Cisco Firepower NGFW. Anticipate, block, and respond to threats

How to build a multi-layer Security Architecture to detect and remediate threats in real time

Agile Security Solutions

Application Whitelisting and Active Analysis Nick Levay, Chief Security Officer, Bit9

Simplify Technology Deployments

Security Experts Webinar

CloudSOC and Security.cloud for Microsoft Office 365

Cisco Firepower NGFW. Anticipate, block, and respond to threats

CipherCloud CASB+ Connector for ServiceNow

Advanced Endpoint Protection

A New Security Model for the IoE World. Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization

Cisco Ransomware Defense The Ransomware Threat Is Real

Cisco s Appliance-based Content Security: IronPort and Web Security

Intelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales

Cisco Advanced Malware Protection

Cloud Security & Advance Threat Protection. Cloud Security & Advance Threat Protection

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

IBM Security Network Protection Solutions

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

Innovative Cisco Security- Lösungen für den Endpoint Das Alpha und Omega unsere Next Gen Security

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

RSA INCIDENT RESPONSE SERVICES

The Evolution of : Continuous Advanced Threat Protection

Detecting breach. There are only two types of organisations in the world... Terry Greer-King Director, Cyber security, UK & Africa May 2017

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

Office 365 Buyers Guide: Best Practices for Securing Office 365

SYMANTEC DATA CENTER SECURITY

Threat Control and Containment in Intelligent Networks. Philippe Roggeband - Product Manager, Security, Emerging Markets

MODERN DESKTOP SECURITY

Proactive Approach to Cyber Security

Advanced Malware Protection: A Buyer s Guide

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

GSE/Belux Enterprise Systems Security Meeting

LA RELEVANCIA DEL ANALISIS POST- BRECHA

RiskSense Attack Surface Validation for IoT Systems

AT&T Endpoint Security

RSA INCIDENT RESPONSE SERVICES

Key Security Measures to Enable Next-Generation Data Center Transformation

Intelligent Cyber Security for Real World

Building Resilience in a Digital Enterprise

SentinelOne Technical Brief

SOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE

Combating Cyber Risk in the Supply Chain

Cybersecurity Roadmap: Global Healthcare Security Architecture

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Security: The Key to Affordable Unmanned Aircraft Systems

Network Visibility and Segmentation

Identity-Based Cyber Defense. March 2017

with Advanced Protection

SAFE Architecture Guide. Places in the Network: Secure Campus

Future-ready security for small and mid-size enterprises

The Eight Components of a Strong Cyber Security Defense System

Passit4Sure (50Q) Cisco Advanced Security Architecture for System Engineers

Cisco Cyber Range. Paul Qiu Senior Solutions Architect June 2016

Cisco Comstor

McAfee Complete Endpoint Threat Protection Advanced threat protection for sophisticated attacks

Agenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options

Designing and Building a Cybersecurity Program

CCISO Blueprint v1. EC-Council

Designing an Adaptive Defense Security Architecture. George Chiorescu FireEye

WHITEPAPER ATTIVO NETWORKS THREATDEFEND PLATFORM AND THE MITRE ATT&CK MATRIX

Vulnerability Assessments and Penetration Testing

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Cisco Advanced Malware Protection for Endpoints

Security Issues and Best Practices for Water Facilities

Best Practices in Securing a Multicloud World

Secure solutions for advanced threats

Combating Today s Cyber Threats Inside Look at McAfee s Security

Enabling AMP on Content Security Products (ESA/WSA) November 2016 Version 2.0. Bill Yazji

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

A MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE

Teradata and Protegrity High-Value Protection for High-Value Data

Continuous protection to reduce risk and maintain production availability

Getting ready for GDPR

SentinelOne Technical Brief

CA Security Management

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS

locuz.com SOC Services

From Managed Security Services to the next evolution of CyberSoc Services

Cisco & IBM Security SECURING THE THREATS OF TOMORROW, TODAY, TOGETHER

Transcription:

Agenda: Insurance Academy Event Drs Ing René Pluis MBA MBI Cyber Security Lead, Country Digitization Acceleration program the Netherlands The Hague, Thursday 16 November Introduction Integrated Security Architecture BDA Before, During and After System Assurance PBD Privacy By Design Dangerous Times Introduction Jan. 2015 World Economic Forum, Davos Switzerland Relentless vs Tireless 1

Lack of Talent Change Relentless Flooded with Products Tireless vs Undetected Multi-vector and Advanced Threats Why defense in-depth is BROKEN! Known threats are blocked Current defense inindepth approach is built on binary detection Good files make it through Unknown threats are passed to the next system Integrated Security Architecture NGFW NGIPS EMAIL WEB ENDPOINT ROUTER Single points of inspection have their limitations Solution Integration: Cisco Portfolio Unified By Threat... Database Cloudlock Stealthwatch Static & Dymanic Analysis Threat Score Advanced Malware Protection Cloud 5. File Metadata Cloud Umbrella Network ISR/ASR Advanced Malware Meraki NGIPS Event Threat Intel Policy Context ISE Umbrella NGFW ISR Meraki M 1. Network Attached Controls ESA CES WSA 2. CWS Endpoint 3. Web Threat Grid 4. Host and Network WWW Cognitive Threat Analytics Network Telemetry Web ISE Stealthwatch NGFW/ NGIPS 2

URL Rep & Cat Insurance Academy Event - Preparation Intrusion Active Breach 1. Reconnaissance Harvest information to create attack strategy and toolset 3. Delivery Delivering weaponized bundle to the victim via email, web, USB, etc. 5. Installation Installing malware on the asset 7. Actions on Objectives With Hands on Keyboard access, intruders accomplish BDA Before, During and After 2. Weaponization Coupling exploit with backdoor into deliverable payload 4. Exploitation Exploiting a vulnerability to execute code on victim s system 6. Command & Control Command channel for remote manipulation of victim s system Based on Lockheed Martin s Cyber Kill Chain The new security model Cisco Security (Overview) Incoming Threat Before During Talos Cisco Cloud Appliance After Virtual BEFORE Discover Enforce Harden DURING Detect Defend AFTER Scope Contain Remediate Inbound Reputation Mail Flow Policies Acceptance Controls Anti-Spam Anti-Virus File Graymail Reputation Management ThreatGrid Safe Unsubscribe Content Controls Outbreak Filters Anti-Phish File Sandboxing & Retrospection Tracking User click Activity (Anti-Phish) Network Endpoint Mobile Virtual Cloud Threat Intelligence Point in Time Continuous Before Outbound Outbound Liability HIPAA Mail Flow Policies During Anti-Spam Data Loss and Protection Anti-Virus Encryption Admin HQ Allow Warn Management Reporting Message Track Partial Secure Boot In-depth Hardware-anchored anchored Secure Boot Helps protect against persistent Software Tampering Helps ensure only authentic signed software boots up on a platform UEFI Unified Extensible Firmware Interface System Assurance Power On Immutable Anchor ensuring hardware integrity and key authenticity Cisco Hardware-Anchored Secure Boot Anchors UEFI boot security to hardware Resists supply chain and physical possession-based firmware tampering attacks Secure Signed Signed Operating Microloader Bootloader/BIOS System Microloader verifies A Signed Bootloader/ Launch Operating Bootloader/ BIOS validates Operating System BIOS System UEFI Nothing validates BIOS o Susceptible to BIOS rootkits o Susceptible to easy modifications in supply chain or with physical possession 3

Privacy by Design (PbD) Proactive not reactive process; preventative not remedial Privacy by Design Privacy as the default setting PBD Privacy By Design Privacy embedded into design Full functionality positive-sum, not sero-sum End-to-end security full lifecycle protection Visibility and transparency keep it open Respect for user privacy keep us user-centric Privacy notices as meta-use case requirements / Business Plan Realistic technology capabilities and limitations Privacy Engineering is A discrete discipline or field of inquiry and innovation using engineering principles and The creative innovation process to manage increasingly more complex data streams and data sets that describe individual humans. Economic pressure to create value through efficient sharing/relationship building Usability, access and availability for end users of information systems The gathering and application of privacy requirements with the same primacy as other Design processes to build controls and measures into processes, systems, components, and products that enable the authorized processing of personal information. Industry standards traditional feature- or process requirements and then incorporating, prioritizing, and addressing them at each stage of the development process, project, product or system lifecycle. Privacy Policy Ethical obligations Enforceability and compliance Local and international legal, jurisdictional and regulatory necessities Organisation/business requirements Brand identity Permission marketing/customer relationship management/business intelligence Cisco s Approach to Managing Privacy Understand Prioritize Develop Compliance EU General Data Protection Regulation Govern Business Requirement Privacy Impact Analysis Kickstart a program Periodic review of capability evolution Privacy Program - Assessment and Strategy Development Comprehensive assessment of requirements and development of a program roadmap Privacy Compliance Program Support Accelerate development and implementation Transform compliance requirements into a practical program Comply to the EU General Data Protection Regulation (GDPR) For all companies servicing >5000 Data Subjects in the EU Drivers Digital Capabilities Offers Be able to Sensor any Security Breach or Data Loss Network as a Sensor Security Analytics The Visibility you need, Across your Entire Network Protect the data from any Unauthorized Access or Usage Network as an Enforcer 802.1 enabled and automated Infrastructure Use your Network to enforce Security Policies Be able to Report any Breach with no delay and show the implications Secure Policy and Visibility enabled infrastructure System of Record System of Change Offer mapping with Bundles All kinds of Cisco products, services and designs 1 All kinds of Cisco products, services and designs 2 4

Insurance Academy Event - Cisco Security Introduction and GDPR Many LEGO blocks already available: Encryption Trust systems CVD / DIG Privacy by design / security by design Etc. Open questions: Certification Forensic grade safe keeping 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback