SlideShare uma empresa Scribd logo

Survival In An Evolving Threat Landscape

Sirius
Sirius

In today’s threat landscape, nothing static remains secure. Cyber attackers continuously seek new vulnerabilities to exploit in order to keep ahead of the latest security advances, and they are succeeding. High-profile data breaches are dominating headlines, and attacks have become so pervasive that on average, a malware event occurs at a single organization once every three minutes. In this environment, no single security system can protect your organization from threats. You've got to adapt to survive. Learn: --The increased attack vectors inherent in the current security landscape. --How to rethink your approach and adapt your strategy to achieve a more nimble security stance with multiple layers of defense, analytics and incident response. --How to safeguard distributed applications and mobile, cloud and social interactions across the enterprise. --How to optimize your security operations without overspending.

Tecnologia
1 de 27
Processes are monitored and measured with trending Best practices are followed Continuous improvements identified and applied Formal global IT risk management process
The annual cost of cyber attacks rose to an average of $11.6M in 2013, an increase of 26% over 2012. The time it took to resolve an attack averaged 32 days, with a cost of over $32K per day (over $1M total).
1. Prevention is futile: Advanced Persistent Security Programs 2. The Post-Signature Era: Pervasive Monitoring and Detection 3. Security Big Data Analytics 4. Context-Aware Security 5. Reputation Services and “Trustability” 6. The Growing Role of Collective Intelligence 7. The Shift to Information-centric Security Strategies 8. Virtualized and x86 Software-based Security Controls 9. The Shift to Cloud-based security controls 10. The Software Defined Data Center comes to Security Gartner analyst: Neil McDonald | “Protection from Advanced Targeted Attacks in a Consumerized, Cloudified World”
HEADCOUNT AND SKILLS ESCALATING THREATS BUSINESS DEMANDS
TRADITIONAL DC HYBRID DC CLOUD ENTERPRISE DATA APPLICATIONS
HOTEL EMPLOYEES OFFICE CAR COFFEE SHOP CUSTOMERS HOME PARTNERS
OPERATIONAL SECURITY HEADCOUNT AND SKILLS ESCALATING THREATS BUSINESS DEMANDS
Reconnaissance Weaponization Delivery Exploitation Command and Control Exfiltration
1. Adversary performs reconnaissance on the target & starts to weaponize 2. Adversary delivers a spear phishing email with attachment to target 3. Target opens attachment, downloads malware & it is executed 4. Adversary exploits the system, allowing entry into the network 5. Command & control communication with adversary is established 6. Adversary moves laterally within the network & establishes multiple back doors to maintain persistence 7. Adversary accesses the directory & compromises legitimate system & user credentials 8. Adversary utilizes the legitimate system & user credentials to access sensitive file servers 9. Adversary starts sensitive data exfiltration, leveraging VPN with compromised credentials or evasive techniques From spear phishing to exfiltration in nine steps
Work from the assumption that you are already compromised; move from a reactive, perimeter-based mentality to an active approach: • Enhanced defenses • Incident response • Intelligence and analytics REPUTATION SERVICES THREAT INTELLIGENCE ATTACKER INTELLIGENCE Collective security intelligence services:
Cyber Attackers Diverse Users & Devices Distributed Applications & Data
APPLICATIONSSERVICES USERSDEVICES
Is your organization responding to the new perimeter and taking steps to counter targeted attacks?
Reconnaissance Weaponization Delivery Exploitation Command and Control Exfiltration Observe Detect Identify Neutralize
Core Risk Reduction Enhanced Risk Reduction Core Security State Enhanced Security State Optimized Security • Processes are ad hoc and disorganized • Security is not defined • No mgmt reporting metrics • Security is a reactive process • Processes follow a regular pattern • Security is defined but not aligned with business objectives • No mgmt reporting • Security involvement in projects and initiatives are ad hoc • Processes are documented and communicated • Formal integrated policy suite, with links to workforce awareness, education, and training programs • From a risk mgmt committee • Limited mgmt reporting • Processes are monitored and measured • Formal global IT risk mgmt process • Full mgmt reporting • Consistent and repeatable process • Processes are monitored and measured with trending • Best practices are followed • Continuous improvements identified and applied • Formal global IT risk mgmt process
 Knowing what you need to protect  Continuous security posture assessment  Enhanced defenses, detection and intelligence capabilities  Staff and operational support  Security awareness and training  Proactive incident response  Roadmap to optimized security model
Technology consulting, IT infrastructure technology and integration, and leasing solutions for your business. Visit us at www.forsythe.com. Brought to you by:
http://focus.forsythe.com/
Survival In An Evolving Threat Landscape

Recomendados

HaleResume17June2015
HaleResume17June2015HaleResume17June2015
HaleResume17June2015David Hale
 
ISR Systems Development
ISR Systems DevelopmentISR Systems Development
ISR Systems DevelopmentBooz Allen Hamilton
 
Modern C4ISR Integrates, Innovates and Secures Military Networks
Modern C4ISR Integrates, Innovates and Secures Military NetworksModern C4ISR Integrates, Innovates and Secures Military Networks
Modern C4ISR Integrates, Innovates and Secures Military NetworksBooz Allen Hamilton
 
071-332-5000 Prepare an Operation Overlay
071-332-5000 Prepare an Operation Overlay071-332-5000 Prepare an Operation Overlay
071-332-5000 Prepare an Operation OverlayMintcho Mintchev
 
Small Wars Journal_Identity and Biometrics Enabled Intelligence (BEI)_MAR_16
Small Wars Journal_Identity and Biometrics Enabled Intelligence (BEI)_MAR_16Small Wars Journal_Identity and Biometrics Enabled Intelligence (BEI)_MAR_16
Small Wars Journal_Identity and Biometrics Enabled Intelligence (BEI)_MAR_16Victor R. Morris
 
PMESII-DIME framework
PMESII-DIME frameworkPMESII-DIME framework
PMESII-DIME frameworkJeff Abbott
 
The Enterprise Integrator - C4ISR
The Enterprise Integrator - C4ISRThe Enterprise Integrator - C4ISR
The Enterprise Integrator - C4ISRBooz Allen Hamilton
 
Military symbols
Military symbolsMilitary symbols
Military symbolsRudy Flores
 

Recomendados

HaleResume17June2015
HaleResume17June2015HaleResume17June2015
HaleResume17June2015David Hale
 
ISR Systems Development
ISR Systems DevelopmentISR Systems Development
ISR Systems DevelopmentBooz Allen Hamilton
 
Modern C4ISR Integrates, Innovates and Secures Military Networks
Modern C4ISR Integrates, Innovates and Secures Military NetworksModern C4ISR Integrates, Innovates and Secures Military Networks
Modern C4ISR Integrates, Innovates and Secures Military NetworksBooz Allen Hamilton
 
071-332-5000 Prepare an Operation Overlay
071-332-5000 Prepare an Operation Overlay071-332-5000 Prepare an Operation Overlay
071-332-5000 Prepare an Operation OverlayMintcho Mintchev
 
Small Wars Journal_Identity and Biometrics Enabled Intelligence (BEI)_MAR_16
Small Wars Journal_Identity and Biometrics Enabled Intelligence (BEI)_MAR_16Small Wars Journal_Identity and Biometrics Enabled Intelligence (BEI)_MAR_16
Small Wars Journal_Identity and Biometrics Enabled Intelligence (BEI)_MAR_16Victor R. Morris
 
PMESII-DIME framework
PMESII-DIME frameworkPMESII-DIME framework
PMESII-DIME frameworkJeff Abbott
 
The Enterprise Integrator - C4ISR
The Enterprise Integrator - C4ISRThe Enterprise Integrator - C4ISR
The Enterprise Integrator - C4ISRBooz Allen Hamilton
 
Military symbols
Military symbolsMilitary symbols
Military symbolsRudy Flores
 
Counter Guerrilla Warfare
Counter Guerrilla WarfareCounter Guerrilla Warfare
Counter Guerrilla WarfareManjula Pradeep Gunathilake
 
KOKODA: So it was at Kokoda? [Humanities]
KOKODA: So it was at Kokoda? [Humanities]KOKODA: So it was at Kokoda? [Humanities]
KOKODA: So it was at Kokoda? [Humanities]Yaryalitsa
 
Mdmp How To Guide
Mdmp How To GuideMdmp How To Guide
Mdmp How To GuideThomas cleary
 
Intelligence Specialist Resume
Intelligence Specialist ResumeIntelligence Specialist Resume
Intelligence Specialist ResumeJennifer Ng
 
Military_Review_JAN_2017
Military_Review_JAN_2017Military_Review_JAN_2017
Military_Review_JAN_2017Victor R. Morris
 
Military_Intelligence_Professional_Bulletin_OCT_DEC_2015
Military_Intelligence_Professional_Bulletin_OCT_DEC_2015Military_Intelligence_Professional_Bulletin_OCT_DEC_2015
Military_Intelligence_Professional_Bulletin_OCT_DEC_2015Victor R. Morris
 
Military Decision Making Process (Mar 08) 3
Military Decision Making Process (Mar 08) 3Military Decision Making Process (Mar 08) 3
Military Decision Making Process (Mar 08) 3Thomas cleary
 
Military_Intelligence_Professional_Bulletin_APR_JUN_2015
Military_Intelligence_Professional_Bulletin_APR_JUN_2015Military_Intelligence_Professional_Bulletin_APR_JUN_2015
Military_Intelligence_Professional_Bulletin_APR_JUN_2015Victor R. Morris
 
TRADOC OE Operational Environment 2010-2025
TRADOC OE Operational Environment 2010-2025TRADOC OE Operational Environment 2010-2025
TRADOC OE Operational Environment 2010-2025US Army TRADOC G2
 
Teaching intelligence
Teaching intelligenceTeaching intelligence
Teaching intelligenceClifford Stone
 
Basic intelligence
Basic intelligenceBasic intelligence
Basic intelligenceJoann Villareal
 
ASCOPE
ASCOPEASCOPE
ASCOPEAndrew Major
 
Jason Mdmp Chart
Jason Mdmp ChartJason Mdmp Chart
Jason Mdmp ChartThomas cleary
 
Mdmp Bctp
Mdmp BctpMdmp Bctp
Mdmp BctpThomas cleary
 
Counterintelligence
CounterintelligenceCounterintelligence
Counterintelligencekelsports
 
Intelligence Cycle
Intelligence CycleIntelligence Cycle
Intelligence CyclePrincess Lyka De Guzman
 
7 Essential Services Every Data Center Solutions Provider Should Have
7 Essential Services Every Data Center Solutions Provider Should Have7 Essential Services Every Data Center Solutions Provider Should Have
7 Essential Services Every Data Center Solutions Provider Should HaveSirius
 
Homeland Threats: Today and Tomorrow
Homeland Threats: Today and TomorrowHomeland Threats: Today and Tomorrow
Homeland Threats: Today and TomorrowBooz Allen Hamilton
 
Espionage
EspionageEspionage
EspionageTom Clowers
 
Healthcare Cybersecurity Survey 2018 - Sirius
Healthcare Cybersecurity Survey 2018 - SiriusHealthcare Cybersecurity Survey 2018 - Sirius
Healthcare Cybersecurity Survey 2018 - SiriusSirius
 
6 Guidelines on Crafting a Charter for your Business Transformation
6 Guidelines on Crafting a Charter for your Business Transformation6 Guidelines on Crafting a Charter for your Business Transformation
6 Guidelines on Crafting a Charter for your Business TransformationSirius
 
Exhaust into Fuel: Turning Data into a Strategic Business Asset
Exhaust into Fuel: Turning Data into a Strategic Business AssetExhaust into Fuel: Turning Data into a Strategic Business Asset
Exhaust into Fuel: Turning Data into a Strategic Business AssetSirius
 

Mais conteúdo relacionado

Destaque

KOKODA: So it was at Kokoda? [Humanities]
KOKODA: So it was at Kokoda? [Humanities]KOKODA: So it was at Kokoda? [Humanities]
KOKODA: So it was at Kokoda? [Humanities]Yaryalitsa
 
Intelligence Specialist Resume
Intelligence Specialist ResumeIntelligence Specialist Resume
Intelligence Specialist ResumeJennifer Ng
 
Military_Intelligence_Professional_Bulletin_OCT_DEC_2015
Military_Intelligence_Professional_Bulletin_OCT_DEC_2015Military_Intelligence_Professional_Bulletin_OCT_DEC_2015
Military_Intelligence_Professional_Bulletin_OCT_DEC_2015Victor R. Morris
 
Military Decision Making Process (Mar 08) 3
Military Decision Making Process (Mar 08) 3Military Decision Making Process (Mar 08) 3
Military Decision Making Process (Mar 08) 3Thomas cleary
 
Military_Intelligence_Professional_Bulletin_APR_JUN_2015
Military_Intelligence_Professional_Bulletin_APR_JUN_2015Military_Intelligence_Professional_Bulletin_APR_JUN_2015
Military_Intelligence_Professional_Bulletin_APR_JUN_2015Victor R. Morris
 
TRADOC OE Operational Environment 2010-2025
TRADOC OE Operational Environment 2010-2025TRADOC OE Operational Environment 2010-2025
TRADOC OE Operational Environment 2010-2025US Army TRADOC G2
 
Counterintelligence
CounterintelligenceCounterintelligence
Counterintelligencekelsports
 
7 Essential Services Every Data Center Solutions Provider Should Have
7 Essential Services Every Data Center Solutions Provider Should Have7 Essential Services Every Data Center Solutions Provider Should Have
7 Essential Services Every Data Center Solutions Provider Should HaveSirius
 
Homeland Threats: Today and Tomorrow
Homeland Threats: Today and TomorrowHomeland Threats: Today and Tomorrow
Homeland Threats: Today and TomorrowBooz Allen Hamilton
 

Destaque (19)

Counter Guerrilla Warfare
Counter Guerrilla WarfareCounter Guerrilla Warfare
Counter Guerrilla Warfare
 
KOKODA: So it was at Kokoda? [Humanities]
KOKODA: So it was at Kokoda? [Humanities]KOKODA: So it was at Kokoda? [Humanities]
KOKODA: So it was at Kokoda? [Humanities]
 
Mdmp How To Guide
Mdmp How To GuideMdmp How To Guide
Mdmp How To Guide
 
Intelligence Specialist Resume
Intelligence Specialist ResumeIntelligence Specialist Resume
Intelligence Specialist Resume
 
Military_Review_JAN_2017
Military_Review_JAN_2017Military_Review_JAN_2017
Military_Review_JAN_2017
 
Military_Intelligence_Professional_Bulletin_OCT_DEC_2015
Military_Intelligence_Professional_Bulletin_OCT_DEC_2015Military_Intelligence_Professional_Bulletin_OCT_DEC_2015
Military_Intelligence_Professional_Bulletin_OCT_DEC_2015
 
Military Decision Making Process (Mar 08) 3
Military Decision Making Process (Mar 08) 3Military Decision Making Process (Mar 08) 3
Military Decision Making Process (Mar 08) 3
 
Military_Intelligence_Professional_Bulletin_APR_JUN_2015
Military_Intelligence_Professional_Bulletin_APR_JUN_2015Military_Intelligence_Professional_Bulletin_APR_JUN_2015
Military_Intelligence_Professional_Bulletin_APR_JUN_2015
 
TRADOC OE Operational Environment 2010-2025
TRADOC OE Operational Environment 2010-2025TRADOC OE Operational Environment 2010-2025
TRADOC OE Operational Environment 2010-2025
 
Teaching intelligence
Teaching intelligenceTeaching intelligence
Teaching intelligence
 
Basic intelligence
Basic intelligenceBasic intelligence
Basic intelligence
 
ASCOPE
ASCOPEASCOPE
ASCOPE
 
Jason Mdmp Chart
Jason Mdmp ChartJason Mdmp Chart
Jason Mdmp Chart
 
Mdmp Bctp
Mdmp BctpMdmp Bctp
Mdmp Bctp
 
Counterintelligence
CounterintelligenceCounterintelligence
Counterintelligence
 
Intelligence Cycle
Intelligence CycleIntelligence Cycle
Intelligence Cycle
 
7 Essential Services Every Data Center Solutions Provider Should Have
7 Essential Services Every Data Center Solutions Provider Should Have7 Essential Services Every Data Center Solutions Provider Should Have
7 Essential Services Every Data Center Solutions Provider Should Have
 
Homeland Threats: Today and Tomorrow
Homeland Threats: Today and TomorrowHomeland Threats: Today and Tomorrow
Homeland Threats: Today and Tomorrow
 
Espionage
EspionageEspionage
Espionage
 

Mais de Sirius

Healthcare Cybersecurity Survey 2018 - Sirius
Healthcare Cybersecurity Survey 2018 - SiriusHealthcare Cybersecurity Survey 2018 - Sirius
Healthcare Cybersecurity Survey 2018 - SiriusSirius
 
6 Guidelines on Crafting a Charter for your Business Transformation
6 Guidelines on Crafting a Charter for your Business Transformation6 Guidelines on Crafting a Charter for your Business Transformation
6 Guidelines on Crafting a Charter for your Business TransformationSirius
 
Exhaust into Fuel: Turning Data into a Strategic Business Asset
Exhaust into Fuel: Turning Data into a Strategic Business AssetExhaust into Fuel: Turning Data into a Strategic Business Asset
Exhaust into Fuel: Turning Data into a Strategic Business AssetSirius
 
3 Keys to Web Application Security
3 Keys to Web Application Security3 Keys to Web Application Security
3 Keys to Web Application SecuritySirius
 
Best Practices for Multi-Factor Authentication: Delivering Stronger Security ...
Best Practices for Multi-Factor Authentication: Delivering Stronger Security ...Best Practices for Multi-Factor Authentication: Delivering Stronger Security ...
Best Practices for Multi-Factor Authentication: Delivering Stronger Security ...Sirius
 
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid IT
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid ITOptimizing Your IT Strategy: 5 Steps to Successfull Hybrid IT
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid ITSirius
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessSirius
 
Keep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessKeep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessSirius
 
Beyond backup to intelligent data management
Beyond backup to intelligent data managementBeyond backup to intelligent data management
Beyond backup to intelligent data managementSirius
 
Making the Jump to Hyperconvergence: Don't Get Left Behind
Making the Jump to Hyperconvergence: Don't Get Left BehindMaking the Jump to Hyperconvergence: Don't Get Left Behind
Making the Jump to Hyperconvergence: Don't Get Left BehindSirius
 
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to SuccessAddressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to SuccessSirius
 
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Sirius
 
6 Ways to Deceive Cyber Attackers
6 Ways to Deceive Cyber Attackers6 Ways to Deceive Cyber Attackers
6 Ways to Deceive Cyber AttackersSirius
 
Your Cloud Strategy: Evolution or Revolution
Your Cloud Strategy: Evolution or RevolutionYour Cloud Strategy: Evolution or Revolution
Your Cloud Strategy: Evolution or RevolutionSirius
 
Maturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key ConsiderationsMaturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key ConsiderationsSirius
 
Open Source, Open Mindset: 4 Keys to Continuous Cloud Transformation
Open Source, Open Mindset: 4 Keys to Continuous Cloud TransformationOpen Source, Open Mindset: 4 Keys to Continuous Cloud Transformation
Open Source, Open Mindset: 4 Keys to Continuous Cloud TransformationSirius
 
10 Keys to Data-Centric Security
10 Keys to Data-Centric Security10 Keys to Data-Centric Security
10 Keys to Data-Centric SecuritySirius
 
5 Keys to Addressing Insider Threats
5 Keys to Addressing Insider Threats5 Keys to Addressing Insider Threats
5 Keys to Addressing Insider ThreatsSirius
 
6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat IntelligenceSirius
 
5 Ways to Close Your Information Technology Skills Gap
5 Ways to Close Your Information Technology Skills Gap5 Ways to Close Your Information Technology Skills Gap
5 Ways to Close Your Information Technology Skills GapSirius
 

Mais de Sirius (20)

Healthcare Cybersecurity Survey 2018 - Sirius
Healthcare Cybersecurity Survey 2018 - SiriusHealthcare Cybersecurity Survey 2018 - Sirius
Healthcare Cybersecurity Survey 2018 - Sirius
 
6 Guidelines on Crafting a Charter for your Business Transformation
6 Guidelines on Crafting a Charter for your Business Transformation6 Guidelines on Crafting a Charter for your Business Transformation
6 Guidelines on Crafting a Charter for your Business Transformation
 
Exhaust into Fuel: Turning Data into a Strategic Business Asset
Exhaust into Fuel: Turning Data into a Strategic Business AssetExhaust into Fuel: Turning Data into a Strategic Business Asset
Exhaust into Fuel: Turning Data into a Strategic Business Asset
 
3 Keys to Web Application Security
3 Keys to Web Application Security3 Keys to Web Application Security
3 Keys to Web Application Security
 
Best Practices for Multi-Factor Authentication: Delivering Stronger Security ...
Best Practices for Multi-Factor Authentication: Delivering Stronger Security ...Best Practices for Multi-Factor Authentication: Delivering Stronger Security ...
Best Practices for Multi-Factor Authentication: Delivering Stronger Security ...
 
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid IT
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid ITOptimizing Your IT Strategy: 5 Steps to Successfull Hybrid IT
Optimizing Your IT Strategy: 5 Steps to Successfull Hybrid IT
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to Success
 
Keep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR SuccessKeep Calm and Comply: 3 Keys to GDPR Success
Keep Calm and Comply: 3 Keys to GDPR Success
 
Beyond backup to intelligent data management
Beyond backup to intelligent data managementBeyond backup to intelligent data management
Beyond backup to intelligent data management
 
Making the Jump to Hyperconvergence: Don't Get Left Behind
Making the Jump to Hyperconvergence: Don't Get Left BehindMaking the Jump to Hyperconvergence: Don't Get Left Behind
Making the Jump to Hyperconvergence: Don't Get Left Behind
 
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to SuccessAddressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
Addressing the EU GDPR & New York Cybersecurity Requirements: 3 Keys to Success
 
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
 
6 Ways to Deceive Cyber Attackers
6 Ways to Deceive Cyber Attackers6 Ways to Deceive Cyber Attackers
6 Ways to Deceive Cyber Attackers
 
Your Cloud Strategy: Evolution or Revolution
Your Cloud Strategy: Evolution or RevolutionYour Cloud Strategy: Evolution or Revolution
Your Cloud Strategy: Evolution or Revolution
 
Maturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key ConsiderationsMaturing Endpoint Security: 5 Key Considerations
Maturing Endpoint Security: 5 Key Considerations
 
Open Source, Open Mindset: 4 Keys to Continuous Cloud Transformation
Open Source, Open Mindset: 4 Keys to Continuous Cloud TransformationOpen Source, Open Mindset: 4 Keys to Continuous Cloud Transformation
Open Source, Open Mindset: 4 Keys to Continuous Cloud Transformation
 
10 Keys to Data-Centric Security
10 Keys to Data-Centric Security10 Keys to Data-Centric Security
10 Keys to Data-Centric Security
 
5 Keys to Addressing Insider Threats
5 Keys to Addressing Insider Threats5 Keys to Addressing Insider Threats
5 Keys to Addressing Insider Threats
 
6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence6 Steps for Operationalizing Threat Intelligence
6 Steps for Operationalizing Threat Intelligence
 
5 Ways to Close Your Information Technology Skills Gap
5 Ways to Close Your Information Technology Skills Gap5 Ways to Close Your Information Technology Skills Gap
5 Ways to Close Your Information Technology Skills Gap
 

Último

Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Jeffrey Haguewood
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...itnewsafrica
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialJoão Esperancinha
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Nikki Chapple
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sectoritnewsafrica
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsYoss Cohen
 
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...amber724300
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentMahmoud Rabie
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Karmanjay Verma
 

Último (20)

Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorial
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
Microsoft 365 Copilot: How to boost your productivity with AI – Part two: Dat...
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platforms
 
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career Development
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#
 

Survival In An Evolving Threat Landscape

  • 1.
  • 2.
  • 3. Processes are monitored and measured with trending Best practices are followed Continuous improvements identified and applied Formal global IT risk management process
  • 4. The annual cost of cyber attacks rose to an average of $11.6M in 2013, an increase of 26% over 2012. The time it took to resolve an attack averaged 32 days, with a cost of over $32K per day (over $1M total).
  • 5.
  • 6. 1. Prevention is futile: Advanced Persistent Security Programs 2. The Post-Signature Era: Pervasive Monitoring and Detection 3. Security Big Data Analytics 4. Context-Aware Security 5. Reputation Services and “Trustability” 6. The Growing Role of Collective Intelligence 7. The Shift to Information-centric Security Strategies 8. Virtualized and x86 Software-based Security Controls 9. The Shift to Cloud-based security controls 10. The Software Defined Data Center comes to Security Gartner analyst: Neil McDonald | “Protection from Advanced Targeted Attacks in a Consumerized, Cloudified World”
  • 8. TRADITIONAL DC HYBRID DC CLOUD ENTERPRISE DATA APPLICATIONS
  • 9. HOTEL EMPLOYEES OFFICE CAR COFFEE SHOP CUSTOMERS HOME PARTNERS
  • 11. Reconnaissance Weaponization Delivery Exploitation Command and Control Exfiltration
  • 12. 1. Adversary performs reconnaissance on the target & starts to weaponize 2. Adversary delivers a spear phishing email with attachment to target 3. Target opens attachment, downloads malware & it is executed 4. Adversary exploits the system, allowing entry into the network 5. Command & control communication with adversary is established 6. Adversary moves laterally within the network & establishes multiple back doors to maintain persistence 7. Adversary accesses the directory & compromises legitimate system & user credentials 8. Adversary utilizes the legitimate system & user credentials to access sensitive file servers 9. Adversary starts sensitive data exfiltration, leveraging VPN with compromised credentials or evasive techniques From spear phishing to exfiltration in nine steps
  • 13. Work from the assumption that you are already compromised; move from a reactive, perimeter-based mentality to an active approach: • Enhanced defenses • Incident response • Intelligence and analytics REPUTATION SERVICES THREAT INTELLIGENCE ATTACKER INTELLIGENCE Collective security intelligence services:
  • 14. Cyber Attackers Diverse Users & Devices Distributed Applications & Data
  • 16. Is your organization responding to the new perimeter and taking steps to counter targeted attacks?
  • 17.
  • 18. Reconnaissance Weaponization Delivery Exploitation Command and Control Exfiltration Observe Detect Identify Neutralize
  • 19.
  • 20. Core Risk Reduction Enhanced Risk Reduction Core Security State Enhanced Security State Optimized Security • Processes are ad hoc and disorganized • Security is not defined • No mgmt reporting metrics • Security is a reactive process • Processes follow a regular pattern • Security is defined but not aligned with business objectives • No mgmt reporting • Security involvement in projects and initiatives are ad hoc • Processes are documented and communicated • Formal integrated policy suite, with links to workforce awareness, education, and training programs • From a risk mgmt committee • Limited mgmt reporting • Processes are monitored and measured • Formal global IT risk mgmt process • Full mgmt reporting • Consistent and repeatable process • Processes are monitored and measured with trending • Best practices are followed • Continuous improvements identified and applied • Formal global IT risk mgmt process
  • 21.
  • 22.
  • 23.
  • 24.  Knowing what you need to protect  Continuous security posture assessment  Enhanced defenses, detection and intelligence capabilities  Staff and operational support  Security awareness and training  Proactive incident response  Roadmap to optimized security model
  • 25. Technology consulting, IT infrastructure technology and integration, and leasing solutions for your business. Visit us at www.forsythe.com. Brought to you by:

Notas do Editor

  1. David Launches: This is not really a security problem – it’s an IT Ops problem…how can I tee this up? Applications and data may be in a traditional data center, hybrid data center, or somewhere in the cloud.
  2. David launches In the past, when IT was setting up access to restricted systems, it only had one location to consider: within the enterprise. Users who wanted to access corporate data had to be on-premise, where security systems were tested and hardened. That was OK, because they were employees who typically did their work from an assigned space at a specific location. The IT department created the systems and distributed the devices that could be used to work within that closed environment. Today, that intimate corporate network is a globally connected web of users and devices that are accessing IT environments wherever, whenever, and however they choose. And the users have extended beyond employees to include partners and customers. Users could be working from the office, from home, in a car, a coffee shop, an airport or a hotel room. Even if they are internal employees in an office, they may be using a shared space—“hoteling”—rather than working from an assigned port. Each of these cases presents a different set of circumstances that pose the same question: Maggie: How do you know the person attempting to access corporate data is who they appear to be? As apps move, companies need to have a better handle on who is using them:   Who are they? Where are they? What are they doing? They need a granular understanding of the following:   Where is the data? Who owns it? Do I have it classified? Do I have data protection controls (encryption etc.)?