SlideShare a Scribd company logo
1 of 34
Download to read offline
Stay Ahead of Threats with Advanced Security Protection
John Gleason – CISSP
Risk - The common driver
Stay ahead…. Have a goal and a plan!
• Threat Landscape
• Cyber Security finally reaches #1 in C-Level concerns
• Security Program vs. Compliance checkboxes
• Definitions are important
• Security basics – blocking and tackling before technology
• The end goal – Lower residual risk = Acceptable level of risk
Stay Ahead of Threats with Advanced Security Protection - Fortinet
Virus Lifecycle to Scale
Virus.A (#1) Virus.B (#2) Virus.AA (#27) Virus.BL (#120)
VendorUpdate(Virus.A)
+0 +30 Sec +13 Min +1 Hour
Cyber Security finally reaches #1 in C-level concerns:
Top 5 Business Risks - according to World Economic Forum (US, Japan, Germany, Netherlands & others)
• #1 Cyber attacks
• #2 Data fraud and theft
• #3 Terrorist attack
• #4 Fiscal crisis
• #5 Asset bubble
This underscores the significance of understanding the cyber threat
landscape and associated insights related to intruder detection.
Security Program vs. Compliance checkboxes
• Security/Governance Frameworks
• NIST (Multiple)
• COBIT
• ISO 27000
• ITIL
• SIGMA6
• Compliance
• HIPPA / HITECH
• PCI / DSS
• CIPA / FERPA
• GLBA
• Sarbanes Oxley (SOX)
Security Programs address the 360 degree view
• Controls – Require People, Process, and Technology
• Administrative
• Technical
• Physical
• •ISO 27002 defines information security policy in section 5
• •COBIT defines it in the section "Plan and Organize"
• •Sarbanes Oxley defines it as "Internal Environment"
• •HIPAA defines it as "Assigned Security Responsibility"
• •PCI DSS defines it as "Maintain an Information Security Policy"
Definitions are important
Understanding can only come through common terminology and definitions
• Security Triad
• Roles & Responsibilities
• Data Classification
• Asset Value
• Threat, Threat Agent, Vulnerability, Risk, Counter measure
• Controls
• Residual Risk
Security triad
Like a three legged stool - Possible Fourth = Authenticity
• Confidentiality - Access Control
• Identification, Authentication, Authorization (Authenticity)
• Least Privilege / Need to know
• Integrity
• Assurance, Accuracy, Reliability
• Availability
• Perform in a predictable manor, acceptable level of performance
• Recover securely from disruption so productivity will not be negatively impacted
• Single points of failure ???? (BC/DR)
Roles & Responsibilities
Roles and Responsibilities
Where do you identify? Owner, GM, Coach, Lineman, Linebacker, Safety?
• Data Owner
• Concerned about terms like legal, regulatory, compliance, due care & due diligence,
negligence, reasonable and expected. Generally not IT.
• Data Custodian
• Typically IT. Responsible for implementing the policies and guidelines established
by the Data Owner. include physical data storage, back-up and recovery, and the
operation of security and data management systems.
Data Classification
How do you view and categories your assets?
Public / Private Business & Organizations Military/Government
Restricted/Confidential/Proprietary Top Secret
Private Secret
Sensitive Confidential
Public Sensitive but Unclassified
Unclassified
Asset Value
Quantitative or Qualitative?
• Cost – to Acquire or develop? Maintain & protect? Replace?
• Value – to Adversaries, Intellectual Property
• Operational and productivity loss when unavailable
• Liability if asset is compromised – Compliance, Legal
• Value of knowing your values – cost/benefit analysis, wise selection of
countermeasures, risk awareness, due diligence
Risk Management – What (NIST Cyber Security Framework)
• Risk management is the ongoing process of identifying, assessing, and
responding to risk. To manage risk, organizations should understand the
likelihood that an event will occur and the resulting impact. With this
information, organizations can determine the acceptable level of risk for
delivery of services and can express this as their risk tolerance.
• Organizations may choose to handle risk in different ways, including
mitigating the risk, transferring the risk, avoiding the risk, or accepting
the risk, depending on the potential impact to the delivery of critical
services.
Risk Management – Why (NIST Cyber Security Framework)
• With an understanding of risk tolerance, organizations can prioritize
cybersecurity activities, enabling organizations to make informed decisions
about cybersecurity expenditures.
• Implementation of risk management programs offers organizations the ability to
quantify and communicate adjustments to their cybersecurity programs.
• Organizations may choose to handle risk in different ways, including mitigating
the risk, transferring the risk, avoiding the risk, or accepting the risk, depending
on the potential impact to the delivery of critical services
• Threat, Threat Agent, Vulnerability, Risk, Counter measure
Stay Ahead of Threats with Advanced Security Protection - Fortinet
Stay Ahead of Threats with Advanced Security Protection - Fortinet
Controls – Compensating Controls
• Administrative
• Technical
• Physical
• Preventative / Protective
• Detective
• Corrective / Reactive
Residual risk
• According to ISO 27001,
residual risk is “the risk
remaining after risk
treatment”.
Turning traditional risk analysis upside down
• Threats of today have increased in
frequency and impact
• 75-90% enter via E-mail.
• 10-20% compromised website
• Avoiding the activity is not an option
Did You Know…
79,790
Number of incidents investigated by Verizon in 2015
229
Average number of days attackers were on a network before detection
70-90%
Percent of time unique malware was found
Gartner: All organizations should assume they are in a state of continuous compromise
New world strategies
Breaking the Kill Chain of Advanced Threats
Spam
Malicious
Link
Malware
Bot Commands
& Stolen Data
Spam
Malicious
Email
Malicious
Link
Exploit Malicious
Web Site
Malware
Command &
Control Center
Bot Commands
& Stolen Data
Anti-spam
Web Filtering
Intrusion Prevention
Antivirus
App Control/
IP Reputation
Sandbox
Layered Defense + Shared Intelligence
Web Filter
Web Filter – Known malicious site
IP Reputation
Botnet site
Intrusion Prevention
Anti-Virus/Malware
Intrusion Prevention
Sandbox candidate
Sandbox = Isolation
FortiGuard Labs – Augment your security staff
Nearly 300 threat researchers
FortiGuard Labs Statistics
Shared threat intelligence
Only ATP Solution NSS Recommended Edge to Endpoint
Fortinet Security Fabric – Shared threat intelligence
Questions ??
Thank you
3:00 – 3:45 PM BREAKOUT SESSIONS
KONICA MINOLTA
Breakout Room: Guest Locker Room
“What is your Print Transformation
Strategy?”
Emil Enstrom, Vice President of Enterprise
Accounts
BARRACUDA
Breakout Room: Delta 360 Club
“Protecting Data Everywhere”
Rod Mathews, Senior Vice President and
General Manager
MARCO
Breakout Room: Main Field
“Uncovering the Cloud: Is it Right for You?”
Steve Knutson, Chief Technology Officer
and Vice President of Service
MITEL
Breakout Room: Interview Room
“Deliver a Flexible, Engaging Customer
Contact Center Experience”
Brian Spencer, General Manager – Contact
Center

More Related Content

What's hot

Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...centralohioissa
 
How to Reduce the Attack Surface Created by Your Cyber-Tools
How to Reduce the Attack Surface Created by Your Cyber-ToolsHow to Reduce the Attack Surface Created by Your Cyber-Tools
How to Reduce the Attack Surface Created by Your Cyber-ToolsEnterprise Management Associates
 
Cyber Secuirty Visualization
Cyber Secuirty VisualizationCyber Secuirty Visualization
Cyber Secuirty VisualizationDoug Cogswell
 
Digital Transformation and Security for the Modern Business Part 1 – Finance
Digital Transformation and Security for the Modern Business Part 1 – FinanceDigital Transformation and Security for the Modern Business Part 1 – Finance
Digital Transformation and Security for the Modern Business Part 1 – FinanceXenith Document Systems Ltd
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Cristian Garcia G.
 
Endpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesEndpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesLiberteks
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemIBM Security
 
New CISO - The First 90 Days
New CISO - The First 90 DaysNew CISO - The First 90 Days
New CISO - The First 90 DaysResilient Systems
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNcentralohioissa
 
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19Citrin Cooperman
 
Next generation security analytics
Next generation security analyticsNext generation security analytics
Next generation security analyticsChristian Have
 
The Measure of Success: Security Metrics to Tell Your Story
The Measure of Success: Security Metrics to Tell Your StoryThe Measure of Success: Security Metrics to Tell Your Story
The Measure of Success: Security Metrics to Tell Your StoryPriyanka Aash
 
Security Operations and Response
Security Operations and ResponseSecurity Operations and Response
Security Operations and Responsexband
 
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteThe Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteIBM Security
 
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...Jake Williams - Navigating the FDA Recommendations on Medical Device Security...
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...centralohioissa
 
Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016IBM Security
 
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & InvestmentThe ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & InvestmentIBM Security
 
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence &  Monitoring Microso...IBM Security AppExchange Spotlight: Threat Intelligence &  Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...IBM Security
 
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl PereiraCyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl PereiraKnowledge Group
 

What's hot (20)

Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
Jason Harrell - Compliance and Security: Building a Cybersecurity Risk Manage...
 
How to Reduce the Attack Surface Created by Your Cyber-Tools
How to Reduce the Attack Surface Created by Your Cyber-ToolsHow to Reduce the Attack Surface Created by Your Cyber-Tools
How to Reduce the Attack Surface Created by Your Cyber-Tools
 
Cyber Secuirty Visualization
Cyber Secuirty VisualizationCyber Secuirty Visualization
Cyber Secuirty Visualization
 
Digital Transformation and Security for the Modern Business Part 1 – Finance
Digital Transformation and Security for the Modern Business Part 1 – FinanceDigital Transformation and Security for the Modern Business Part 1 – Finance
Digital Transformation and Security for the Modern Business Part 1 – Finance
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
 
Endpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesEndpoint Detection and Response for Dummies
Endpoint Detection and Response for Dummies
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
 
New CISO - The First 90 Days
New CISO - The First 90 DaysNew CISO - The First 90 Days
New CISO - The First 90 Days
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
 
Information Security Seminar
Information Security SeminarInformation Security Seminar
Information Security Seminar
 
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
Not-For-Profit Cybersecurity and Privacy Disrupters During COVID-19
 
Next generation security analytics
Next generation security analyticsNext generation security analytics
Next generation security analytics
 
The Measure of Success: Security Metrics to Tell Your Story
The Measure of Success: Security Metrics to Tell Your StoryThe Measure of Success: Security Metrics to Tell Your Story
The Measure of Success: Security Metrics to Tell Your Story
 
Security Operations and Response
Security Operations and ResponseSecurity Operations and Response
Security Operations and Response
 
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteThe Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
 
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...Jake Williams - Navigating the FDA Recommendations on Medical Device Security...
Jake Williams - Navigating the FDA Recommendations on Medical Device Security...
 
Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016
 
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & InvestmentThe ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
 
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence &  Monitoring Microso...IBM Security AppExchange Spotlight: Threat Intelligence &  Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
 
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl PereiraCyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
Cyber Security Transformation - A New Approach for 2015 & Beyond - Daryl Pereira
 

Viewers also liked

Security is Just the Start with Intelligent Video - March Networks
Security is Just the Start with Intelligent Video - March NetworksSecurity is Just the Start with Intelligent Video - March Networks
Security is Just the Start with Intelligent Video - March NetworksMarcoTechnologies
 
Deliver a Flexible, Engaging Customer Contact Center Experience - Mitel
Deliver a Flexible, Engaging Customer Contact Center Experience - MitelDeliver a Flexible, Engaging Customer Contact Center Experience - Mitel
Deliver a Flexible, Engaging Customer Contact Center Experience - MitelMarcoTechnologies
 
Mobile Unified Communications - Mitel
Mobile Unified Communications - MitelMobile Unified Communications - Mitel
Mobile Unified Communications - MitelMarcoTechnologies
 
The Next Generation of Hyperconverged Infrastructure - Cisco
The Next Generation of Hyperconverged Infrastructure - CiscoThe Next Generation of Hyperconverged Infrastructure - Cisco
The Next Generation of Hyperconverged Infrastructure - CiscoMarcoTechnologies
 
60 Ways To Grow Your Email List
60 Ways To Grow Your Email List60 Ways To Grow Your Email List
60 Ways To Grow Your Email ListVanessa CEO
 
Learn How to Efficiently Manage Your Print and Scan Environment - Canon
Learn How to Efficiently Manage Your Print and Scan Environment - CanonLearn How to Efficiently Manage Your Print and Scan Environment - Canon
Learn How to Efficiently Manage Your Print and Scan Environment - CanonMarcoTechnologies
 
Highlights of FinanceConnect - FinanceConnect 2015
Highlights of FinanceConnect - FinanceConnect 2015Highlights of FinanceConnect - FinanceConnect 2015
Highlights of FinanceConnect - FinanceConnect 2015LinkedIn India
 
A Quick Guide to Baidu Ad Products
A Quick Guide to Baidu Ad ProductsA Quick Guide to Baidu Ad Products
A Quick Guide to Baidu Ad ProductsGuy Baxter
 
Booz Allen Hamilton Public Health Awareness Infographic
Booz Allen Hamilton Public Health Awareness InfographicBooz Allen Hamilton Public Health Awareness Infographic
Booz Allen Hamilton Public Health Awareness InfographicBooz Allen Hamilton
 
Micro-Interactions in a 2.0 World (v2)
Micro-Interactions in a 2.0 World (v2)Micro-Interactions in a 2.0 World (v2)
Micro-Interactions in a 2.0 World (v2)David Armano
 
Inbound Marketing is the Answer - Leighton Interactive
Inbound Marketing is the Answer - Leighton InteractiveInbound Marketing is the Answer - Leighton Interactive
Inbound Marketing is the Answer - Leighton InteractiveMarcoTechnologies
 
Motivating LinkedIn Members to Engage with Your Content
Motivating LinkedIn Members to Engage with Your Content Motivating LinkedIn Members to Engage with Your Content
Motivating LinkedIn Members to Engage with Your Content LinkedIn India
 
Agile Testing, por Carolina Borim
Agile Testing, por Carolina BorimAgile Testing, por Carolina Borim
Agile Testing, por Carolina BorimThoughtworks
 
QTB Technology Lab - The Travel Domain, Beyond SQL, the Cloud, and more...
QTB Technology Lab - The Travel Domain, Beyond SQL, the Cloud, and more...QTB Technology Lab - The Travel Domain, Beyond SQL, the Cloud, and more...
QTB Technology Lab - The Travel Domain, Beyond SQL, the Cloud, and more...Thoughtworks
 
Agile Turkey summit 2014 - Empirical Management explored
Agile Turkey summit 2014 - Empirical Management exploredAgile Turkey summit 2014 - Empirical Management explored
Agile Turkey summit 2014 - Empirical Management exploredGunther Verheyen
 
E-Marketing Specialist - Seminar
E-Marketing Specialist - SeminarE-Marketing Specialist - Seminar
E-Marketing Specialist - Seminareaac_group
 
Scheduling Speaking Engagements
Scheduling Speaking EngagementsScheduling Speaking Engagements
Scheduling Speaking EngagementsBarbara Giamanco
 
What You Don't Know about Document Management, But Should - M-Files
What You Don't Know about Document Management, But Should - M-FilesWhat You Don't Know about Document Management, But Should - M-Files
What You Don't Know about Document Management, But Should - M-FilesMarcoTechnologies
 

Viewers also liked (20)

Security is Just the Start with Intelligent Video - March Networks
Security is Just the Start with Intelligent Video - March NetworksSecurity is Just the Start with Intelligent Video - March Networks
Security is Just the Start with Intelligent Video - March Networks
 
Deliver a Flexible, Engaging Customer Contact Center Experience - Mitel
Deliver a Flexible, Engaging Customer Contact Center Experience - MitelDeliver a Flexible, Engaging Customer Contact Center Experience - Mitel
Deliver a Flexible, Engaging Customer Contact Center Experience - Mitel
 
Mobile Unified Communications - Mitel
Mobile Unified Communications - MitelMobile Unified Communications - Mitel
Mobile Unified Communications - Mitel
 
The Next Generation of Hyperconverged Infrastructure - Cisco
The Next Generation of Hyperconverged Infrastructure - CiscoThe Next Generation of Hyperconverged Infrastructure - Cisco
The Next Generation of Hyperconverged Infrastructure - Cisco
 
60 Ways To Grow Your Email List
60 Ways To Grow Your Email List60 Ways To Grow Your Email List
60 Ways To Grow Your Email List
 
Learn How to Efficiently Manage Your Print and Scan Environment - Canon
Learn How to Efficiently Manage Your Print and Scan Environment - CanonLearn How to Efficiently Manage Your Print and Scan Environment - Canon
Learn How to Efficiently Manage Your Print and Scan Environment - Canon
 
Highlights of FinanceConnect - FinanceConnect 2015
Highlights of FinanceConnect - FinanceConnect 2015Highlights of FinanceConnect - FinanceConnect 2015
Highlights of FinanceConnect - FinanceConnect 2015
 
A Quick Guide to Baidu Ad Products
A Quick Guide to Baidu Ad ProductsA Quick Guide to Baidu Ad Products
A Quick Guide to Baidu Ad Products
 
2014 Economy of US Infographic
2014 Economy of US Infographic 2014 Economy of US Infographic
2014 Economy of US Infographic
 
Booz Allen Hamilton Public Health Awareness Infographic
Booz Allen Hamilton Public Health Awareness InfographicBooz Allen Hamilton Public Health Awareness Infographic
Booz Allen Hamilton Public Health Awareness Infographic
 
Micro-Interactions in a 2.0 World (v2)
Micro-Interactions in a 2.0 World (v2)Micro-Interactions in a 2.0 World (v2)
Micro-Interactions in a 2.0 World (v2)
 
Inbound Marketing is the Answer - Leighton Interactive
Inbound Marketing is the Answer - Leighton InteractiveInbound Marketing is the Answer - Leighton Interactive
Inbound Marketing is the Answer - Leighton Interactive
 
Motivating LinkedIn Members to Engage with Your Content
Motivating LinkedIn Members to Engage with Your Content Motivating LinkedIn Members to Engage with Your Content
Motivating LinkedIn Members to Engage with Your Content
 
Universal Mc Cann Wave4
Universal Mc Cann Wave4Universal Mc Cann Wave4
Universal Mc Cann Wave4
 
Agile Testing, por Carolina Borim
Agile Testing, por Carolina BorimAgile Testing, por Carolina Borim
Agile Testing, por Carolina Borim
 
QTB Technology Lab - The Travel Domain, Beyond SQL, the Cloud, and more...
QTB Technology Lab - The Travel Domain, Beyond SQL, the Cloud, and more...QTB Technology Lab - The Travel Domain, Beyond SQL, the Cloud, and more...
QTB Technology Lab - The Travel Domain, Beyond SQL, the Cloud, and more...
 
Agile Turkey summit 2014 - Empirical Management explored
Agile Turkey summit 2014 - Empirical Management exploredAgile Turkey summit 2014 - Empirical Management explored
Agile Turkey summit 2014 - Empirical Management explored
 
E-Marketing Specialist - Seminar
E-Marketing Specialist - SeminarE-Marketing Specialist - Seminar
E-Marketing Specialist - Seminar
 
Scheduling Speaking Engagements
Scheduling Speaking EngagementsScheduling Speaking Engagements
Scheduling Speaking Engagements
 
What You Don't Know about Document Management, But Should - M-Files
What You Don't Know about Document Management, But Should - M-FilesWhat You Don't Know about Document Management, But Should - M-Files
What You Don't Know about Document Management, But Should - M-Files
 

Similar to Stay Ahead of Threats with Advanced Security Protection - Fortinet

Threat Based Risk Assessment
Threat Based Risk AssessmentThreat Based Risk Assessment
Threat Based Risk AssessmentMichael Lines
 
Risk Management (1) (1).ppt
Risk Management (1) (1).pptRisk Management (1) (1).ppt
Risk Management (1) (1).pptAjjuSingh2
 
How to assess and manage cyber risk
How to assess and manage cyber riskHow to assess and manage cyber risk
How to assess and manage cyber riskStephen Cobb
 
Strategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksStrategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksMatthew Rosenquist
 
2023 ITM Short Course - Week 1.pdf
2023 ITM Short Course - Week 1.pdf2023 ITM Short Course - Week 1.pdf
2023 ITM Short Course - Week 1.pdfDorcusSitali
 
Step by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohaniStep by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohaniyaseraljohani
 
Step by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohaniStep by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohaniYaser Alrefai
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarIntergen
 
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and DoubtThe Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and DoubtJohn D. Johnson
 
The Rise of Ransomware As a Service
The Rise of Ransomware As a ServiceThe Rise of Ransomware As a Service
The Rise of Ransomware As a ServiceVeriato
 
Cervone uof t - nist framework (1)
Cervone   uof t - nist framework (1)Cervone   uof t - nist framework (1)
Cervone uof t - nist framework (1)Stephen Abram
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinarEmpired
 
MIS: Information Security Management
MIS: Information Security ManagementMIS: Information Security Management
MIS: Information Security ManagementJonathan Coleman
 
Assuring Reliable and Secure IT Services
Assuring Reliable and Secure IT ServicesAssuring Reliable and Secure IT Services
Assuring Reliable and Secure IT Servicestsaiblake
 
Risk Management Approach to Cyber Security
Risk Management  Approach to Cyber Security Risk Management  Approach to Cyber Security
Risk Management Approach to Cyber Security Ernest Staats
 
Risk Based Security and Self Protection Powerpoint
Risk Based Security and Self Protection PowerpointRisk Based Security and Self Protection Powerpoint
Risk Based Security and Self Protection Powerpointrandalje86
 
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity FrameworkAdvantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity FrameworkJack Shaffer
 

Similar to Stay Ahead of Threats with Advanced Security Protection - Fortinet (20)

Cyber Security # Lec 3
Cyber Security # Lec 3 Cyber Security # Lec 3
Cyber Security # Lec 3
 
Threat Based Risk Assessment
Threat Based Risk AssessmentThreat Based Risk Assessment
Threat Based Risk Assessment
 
Risk Management (1) (1).ppt
Risk Management (1) (1).pptRisk Management (1) (1).ppt
Risk Management (1) (1).ppt
 
How to assess and manage cyber risk
How to assess and manage cyber riskHow to assess and manage cyber risk
How to assess and manage cyber risk
 
Introduction to Ethical Hacking
Introduction to Ethical HackingIntroduction to Ethical Hacking
Introduction to Ethical Hacking
 
Strategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksStrategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity Risks
 
2023 ITM Short Course - Week 1.pdf
2023 ITM Short Course - Week 1.pdf2023 ITM Short Course - Week 1.pdf
2023 ITM Short Course - Week 1.pdf
 
Step by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohaniStep by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohani
 
Step by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohaniStep by-step for risk analysis and management-yaser aljohani
Step by-step for risk analysis and management-yaser aljohani
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and DoubtThe Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
 
The Rise of Ransomware As a Service
The Rise of Ransomware As a ServiceThe Rise of Ransomware As a Service
The Rise of Ransomware As a Service
 
Cervone uof t - nist framework (1)
Cervone   uof t - nist framework (1)Cervone   uof t - nist framework (1)
Cervone uof t - nist framework (1)
 
Defense In Depth Using NIST 800-30
Defense In Depth Using NIST 800-30Defense In Depth Using NIST 800-30
Defense In Depth Using NIST 800-30
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
MIS: Information Security Management
MIS: Information Security ManagementMIS: Information Security Management
MIS: Information Security Management
 
Assuring Reliable and Secure IT Services
Assuring Reliable and Secure IT ServicesAssuring Reliable and Secure IT Services
Assuring Reliable and Secure IT Services
 
Risk Management Approach to Cyber Security
Risk Management  Approach to Cyber Security Risk Management  Approach to Cyber Security
Risk Management Approach to Cyber Security
 
Risk Based Security and Self Protection Powerpoint
Risk Based Security and Self Protection PowerpointRisk Based Security and Self Protection Powerpoint
Risk Based Security and Self Protection Powerpoint
 
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity FrameworkAdvantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
 

More from MarcoTechnologies

Protecting Data Everywhere - Barracuda
Protecting Data Everywhere - BarracudaProtecting Data Everywhere - Barracuda
Protecting Data Everywhere - BarracudaMarcoTechnologies
 
When Seconds Count: IP Paging and Emergency Notification - Singlewire Software
When Seconds Count: IP Paging and Emergency Notification - Singlewire SoftwareWhen Seconds Count: IP Paging and Emergency Notification - Singlewire Software
When Seconds Count: IP Paging and Emergency Notification - Singlewire SoftwareMarcoTechnologies
 
Benefits of Transforming to a Hybrid Infrastructure - HPE
Benefits of Transforming to a Hybrid Infrastructure - HPEBenefits of Transforming to a Hybrid Infrastructure - HPE
Benefits of Transforming to a Hybrid Infrastructure - HPEMarcoTechnologies
 
Uncovering the Cloud: Is it Right for You? - Marco
Uncovering the Cloud: Is it Right for You? - MarcoUncovering the Cloud: Is it Right for You? - Marco
Uncovering the Cloud: Is it Right for You? - MarcoMarcoTechnologies
 
Stay One Step Ahead of Cyber Threats - Check Point
Stay One Step Ahead of Cyber Threats - Check PointStay One Step Ahead of Cyber Threats - Check Point
Stay One Step Ahead of Cyber Threats - Check PointMarcoTechnologies
 
Eliminate Data Entry with Document Scanning, Data Capture and Extraction - PS...
Eliminate Data Entry with Document Scanning, Data Capture and Extraction - PS...Eliminate Data Entry with Document Scanning, Data Capture and Extraction - PS...
Eliminate Data Entry with Document Scanning, Data Capture and Extraction - PS...MarcoTechnologies
 
What is your Print Transformation Strategy? - Konica Minolta
What is your Print Transformation Strategy? - Konica MinoltaWhat is your Print Transformation Strategy? - Konica Minolta
What is your Print Transformation Strategy? - Konica MinoltaMarcoTechnologies
 

More from MarcoTechnologies (8)

Protecting Data Everywhere - Barracuda
Protecting Data Everywhere - BarracudaProtecting Data Everywhere - Barracuda
Protecting Data Everywhere - Barracuda
 
When Seconds Count: IP Paging and Emergency Notification - Singlewire Software
When Seconds Count: IP Paging and Emergency Notification - Singlewire SoftwareWhen Seconds Count: IP Paging and Emergency Notification - Singlewire Software
When Seconds Count: IP Paging and Emergency Notification - Singlewire Software
 
Benefits of Transforming to a Hybrid Infrastructure - HPE
Benefits of Transforming to a Hybrid Infrastructure - HPEBenefits of Transforming to a Hybrid Infrastructure - HPE
Benefits of Transforming to a Hybrid Infrastructure - HPE
 
Uncovering the Cloud: Is it Right for You? - Marco
Uncovering the Cloud: Is it Right for You? - MarcoUncovering the Cloud: Is it Right for You? - Marco
Uncovering the Cloud: Is it Right for You? - Marco
 
Stay One Step Ahead of Cyber Threats - Check Point
Stay One Step Ahead of Cyber Threats - Check PointStay One Step Ahead of Cyber Threats - Check Point
Stay One Step Ahead of Cyber Threats - Check Point
 
Eliminate Data Entry with Document Scanning, Data Capture and Extraction - PS...
Eliminate Data Entry with Document Scanning, Data Capture and Extraction - PS...Eliminate Data Entry with Document Scanning, Data Capture and Extraction - PS...
Eliminate Data Entry with Document Scanning, Data Capture and Extraction - PS...
 
What is your Print Transformation Strategy? - Konica Minolta
What is your Print Transformation Strategy? - Konica MinoltaWhat is your Print Transformation Strategy? - Konica Minolta
What is your Print Transformation Strategy? - Konica Minolta
 
Marco Gold Standard
Marco Gold StandardMarco Gold Standard
Marco Gold Standard
 

Recently uploaded

How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?IES VE
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsSafe Software
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXTarek Kalaji
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 

Recently uploaded (20)

How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?
 
20150722 - AGV
20150722 - AGV20150722 - AGV
20150722 - AGV
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
 
20230104 - machine vision
20230104 - machine vision20230104 - machine vision
20230104 - machine vision
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 

Stay Ahead of Threats with Advanced Security Protection - Fortinet

  • 1. Stay Ahead of Threats with Advanced Security Protection John Gleason – CISSP
  • 2. Risk - The common driver Stay ahead…. Have a goal and a plan! • Threat Landscape • Cyber Security finally reaches #1 in C-Level concerns • Security Program vs. Compliance checkboxes • Definitions are important • Security basics – blocking and tackling before technology • The end goal – Lower residual risk = Acceptable level of risk
  • 4. Virus Lifecycle to Scale Virus.A (#1) Virus.B (#2) Virus.AA (#27) Virus.BL (#120) VendorUpdate(Virus.A) +0 +30 Sec +13 Min +1 Hour
  • 5. Cyber Security finally reaches #1 in C-level concerns: Top 5 Business Risks - according to World Economic Forum (US, Japan, Germany, Netherlands & others) • #1 Cyber attacks • #2 Data fraud and theft • #3 Terrorist attack • #4 Fiscal crisis • #5 Asset bubble This underscores the significance of understanding the cyber threat landscape and associated insights related to intruder detection.
  • 6. Security Program vs. Compliance checkboxes • Security/Governance Frameworks • NIST (Multiple) • COBIT • ISO 27000 • ITIL • SIGMA6 • Compliance • HIPPA / HITECH • PCI / DSS • CIPA / FERPA • GLBA • Sarbanes Oxley (SOX)
  • 7. Security Programs address the 360 degree view • Controls – Require People, Process, and Technology • Administrative • Technical • Physical • •ISO 27002 defines information security policy in section 5 • •COBIT defines it in the section "Plan and Organize" • •Sarbanes Oxley defines it as "Internal Environment" • •HIPAA defines it as "Assigned Security Responsibility" • •PCI DSS defines it as "Maintain an Information Security Policy"
  • 8. Definitions are important Understanding can only come through common terminology and definitions • Security Triad • Roles & Responsibilities • Data Classification • Asset Value • Threat, Threat Agent, Vulnerability, Risk, Counter measure • Controls • Residual Risk
  • 9. Security triad Like a three legged stool - Possible Fourth = Authenticity
  • 10. • Confidentiality - Access Control • Identification, Authentication, Authorization (Authenticity) • Least Privilege / Need to know • Integrity • Assurance, Accuracy, Reliability • Availability • Perform in a predictable manor, acceptable level of performance • Recover securely from disruption so productivity will not be negatively impacted • Single points of failure ???? (BC/DR)
  • 12. Roles and Responsibilities Where do you identify? Owner, GM, Coach, Lineman, Linebacker, Safety? • Data Owner • Concerned about terms like legal, regulatory, compliance, due care & due diligence, negligence, reasonable and expected. Generally not IT. • Data Custodian • Typically IT. Responsible for implementing the policies and guidelines established by the Data Owner. include physical data storage, back-up and recovery, and the operation of security and data management systems.
  • 13. Data Classification How do you view and categories your assets? Public / Private Business & Organizations Military/Government Restricted/Confidential/Proprietary Top Secret Private Secret Sensitive Confidential Public Sensitive but Unclassified Unclassified
  • 14. Asset Value Quantitative or Qualitative? • Cost – to Acquire or develop? Maintain & protect? Replace? • Value – to Adversaries, Intellectual Property • Operational and productivity loss when unavailable • Liability if asset is compromised – Compliance, Legal • Value of knowing your values – cost/benefit analysis, wise selection of countermeasures, risk awareness, due diligence
  • 15. Risk Management – What (NIST Cyber Security Framework) • Risk management is the ongoing process of identifying, assessing, and responding to risk. To manage risk, organizations should understand the likelihood that an event will occur and the resulting impact. With this information, organizations can determine the acceptable level of risk for delivery of services and can express this as their risk tolerance. • Organizations may choose to handle risk in different ways, including mitigating the risk, transferring the risk, avoiding the risk, or accepting the risk, depending on the potential impact to the delivery of critical services.
  • 16. Risk Management – Why (NIST Cyber Security Framework) • With an understanding of risk tolerance, organizations can prioritize cybersecurity activities, enabling organizations to make informed decisions about cybersecurity expenditures. • Implementation of risk management programs offers organizations the ability to quantify and communicate adjustments to their cybersecurity programs. • Organizations may choose to handle risk in different ways, including mitigating the risk, transferring the risk, avoiding the risk, or accepting the risk, depending on the potential impact to the delivery of critical services
  • 17. • Threat, Threat Agent, Vulnerability, Risk, Counter measure
  • 20. Controls – Compensating Controls • Administrative • Technical • Physical • Preventative / Protective • Detective • Corrective / Reactive
  • 21. Residual risk • According to ISO 27001, residual risk is “the risk remaining after risk treatment”.
  • 22. Turning traditional risk analysis upside down • Threats of today have increased in frequency and impact • 75-90% enter via E-mail. • 10-20% compromised website • Avoiding the activity is not an option
  • 23. Did You Know… 79,790 Number of incidents investigated by Verizon in 2015 229 Average number of days attackers were on a network before detection 70-90% Percent of time unique malware was found Gartner: All organizations should assume they are in a state of continuous compromise
  • 25. Breaking the Kill Chain of Advanced Threats Spam Malicious Link Malware Bot Commands & Stolen Data Spam Malicious Email Malicious Link Exploit Malicious Web Site Malware Command & Control Center Bot Commands & Stolen Data Anti-spam Web Filtering Intrusion Prevention Antivirus App Control/ IP Reputation Sandbox
  • 26. Layered Defense + Shared Intelligence Web Filter Web Filter – Known malicious site IP Reputation Botnet site Intrusion Prevention Anti-Virus/Malware Intrusion Prevention Sandbox candidate
  • 28. FortiGuard Labs – Augment your security staff Nearly 300 threat researchers
  • 31. Only ATP Solution NSS Recommended Edge to Endpoint
  • 32. Fortinet Security Fabric – Shared threat intelligence
  • 34. 3:00 – 3:45 PM BREAKOUT SESSIONS KONICA MINOLTA Breakout Room: Guest Locker Room “What is your Print Transformation Strategy?” Emil Enstrom, Vice President of Enterprise Accounts BARRACUDA Breakout Room: Delta 360 Club “Protecting Data Everywhere” Rod Mathews, Senior Vice President and General Manager MARCO Breakout Room: Main Field “Uncovering the Cloud: Is it Right for You?” Steve Knutson, Chief Technology Officer and Vice President of Service MITEL Breakout Room: Interview Room “Deliver a Flexible, Engaging Customer Contact Center Experience” Brian Spencer, General Manager – Contact Center

Editor's Notes

  1. CISSP – back story and reason for publicly speaking – Advance the cause/awareness of security – Commercial… I mean visibility for Fortinet Questions to the Audience – get idea of demographics: Size or organization? How many Network Admins? Department heads? Security or compliance leaders, C-Level = President, owner? Stay Ahead – Simple Version – Define your Assets, Threats, Vulnerabilities and Risks – Implement a counter measure which best fits into your overall strategy, and provides the highest levels of protection where appropriate.
  2. Risk directly relates to advanced threats - Identifying assets and making decisions to protect according to your risk tolerance. Having thorough & informed input is critical to the equation.
  3. Entry points to the network have exploded. Boarders have extended far beyond the data center and internet edge. Data Center, branch office, remote client, Cell phones & tablets – BYOD, Private cloud, Public Cloud – AWS & Azure. IoT – HVAC, CC readers, Thermostats, printer/MFP Healthcare – Blood pump, IV drip, heart monitor, etc.
  4. Example: Continuing on the reactive and volume problem Rapid Spread: We live in such a connected world and with advancements in technology the Internet is becoming faster and faster. This enables the rapid spread of viruses/malware around the Globe. Morphing Malware: When a new virus/malware is released into the wild it will continuously change or morph its appearance making it very difficult to for AV/Malware vendors to detect. * Within 1 hour of a new virus/malware being released into the wild we could have 120 different variants/versions of that virus/malware. And again vendors just can’t react fast enough. At the end of that hour vendors are still building protection for the first variant.
  5. Why? Why is this new found level of concern the case for only a subset of countries? The answer to this question lies in being able to understand the dependencies and interconnections of the physical and digital world.
  6. Compliance is more about security for specific risk - Business Model. Can be short sighted on NIST – again bigger overall umbrella view.
  7. Examples of people processes and technology – emphasize the importance of process – not can we make the change, but SHOULD we make the change. NIST Cyber Security - created for Critical Infrastructure, but I love it because it combines creation of a security program and a game plan for starting and tracking progress in the program creation itself and success milestones and maturity.
  8. Validation
  9. Team needed
  10. Knowing your role – and gathering & providing information to proper channels. Admins – Inventory, diagrams, identification of virtual vs. physical assets. Document single points of failure. Document & validate back-up process. Communicate with the data owner regularly. Department heads – document and prioritize your resources, or those used most by your team. Identify threats and work with BC/DR
  11. Less about the level and more about identifying data, where it lives and matching for good decision making.
  12. Let them read - Main point Knowing your assets and values will drive solid decision making and awareness.
  13. Follow the links
  14. Advanced threats are not just about entry and prevention. Detective controls and segmented zones allow for the identification upon movement.
  15. Controls in place all to reduce the impact.
  16. Admin- Policy, procedure, guidelines, best practices Technical – Cyber/Data communications – Firewall-App Ctrl/WF/DLP/ IP reputation/Botnet preventative, IPS preventative/detective IDS detective, reloading a system OS as a corrective control Physical include locks, fences, mantraps and even geographic specific controls Compensating controls – in lieu of requested. Alternate controls which address the same risk. Activity phase controls can be either technical or administrative and are classified as follows: • Preventative controls exist to prevent the threat from coming in contact with the weakness. • Detective controls exist to identify that the threat has landed in our systems. • Corrective controls exist to mitigate or lessen the effects of the threat being manifested.
  17. Residual risk needs to equal or exceed acceptable risk – otherwise the control was not worth it. Organization needs to know exactly whether the planned treatment is enough or not.
  18. Normally Risk with high likelihood and high impact were activities to be avoided.
  19. I don’t agree with Gartner on this one, but I do anticipate more internal segmentation inspection will occur.
  20. The technology and power are now available to inspect and the necessary speeds.
  21. Consider the way advanced threats typically operate: they generally start with an email seeking to entice users through social engineering to click on a malicious link. Ideally, your antispam/phishing technology will block the message. But if just one slips through and the recipient is fooled that link will redirect them out to a malicious site. that malicious site will typically try to insert malware by exploiting vulnerabilities. Ideally, your web filter will prevent the site visit, IPS will stop the exploit or antimalware will block the code. But if not, you have active malware in your network that can do many things- usually at the behest of an external command and control. it’s at this stage that having measures in place like IP Reputation or other call back detection methods is critical- to ensure that communication channel is severed and data can’t be exfiltrated. Otherwise you are breached… Unless you have deployed a sandbox as a deeper method of inspection, to do things like- follow URLs, analyze objects and inspect traffic or communications. And to do so based on actual observed activity rather than static attribute or reputation checking. The primary value of a sandbox is to take the time for more advanced analysis that’s generally not possible on production systems and identify those things that have evaded traditional defenses…before the endgame of a breach occurs.
  22. Threat intelligence – Fortiguard Labs one of the largest Threat research groups in the world. Leader of Zero-day discoveries.
  23. Threat intelligence – Fortiguard Labs one of the largest Threat research groups in the world. Leader of Zero-day discoveries.
  24. How the fabric works
  25. In fact, organizations looking to take a coordinate approach to combating advanced threats benefit from NSS Labs Recommended components including: FortiGate as NGFW and NGIPS in the data center and at the edge FortiWeb in front of external-facing web servers that often serve as entry points to the network FortiClient for Enterprise Endpoint Protection covering users on and off the network FortiSandbox for continuous analysis of seemingly benign objects and sites to detect the most sophisticated attacks that might slip through your defenses.
  26. Security Fabric – Peer-to-peer communication between nodes. Sandbox & FortiGuard Labs provide the highest levels of protection possible.