WEBINAR Review- “Advanced Threat Protection – Can Technology alone deliver what’s needed?” Patrick Grillo, Senior Director, Security Strategy 1.From my.

Slides:



Advertisements
Similar presentations
1 SANS Technology Institute - Candidate for Master of Science Degree 1 Automating Crosswalk between SP 800, 20 Critical Controls, and Australian Government.
Advertisements

Cyber Security and Data Protection Presented by Mrs Drudeisha Madhub (Data Protection Commissioner ) Tel: Helpdesk:+230.
Addressing Terrorist Use of the Internet, Cyber Crime and Other Threats: National Expert Workshop Forging a Comprehensive Approach to Cyber Security Richard.
SC2 meeting 24 November 2014 Security Measures and Resources Toolbox
PPA 573 – Emergency Management and Homeland Security Lecture 9b - Department of Homeland Security Strategic Plan.
Audits & Assessments: What are the Differences and How Do We Learn from the Results? Brown Bag March 12, 2009 Sal Rubano – Director, Office of the Vice.
Presentation title SUB TITLE HERE Intelligent 21st Century Strategies for Broadband and Cyber Infrastructures Security By Dr. Emmanuel Hooper, PhD, PhD,
Homeland Security. Learning Topics Purpose Introduction History Homeland Security Act Homeland Defense Terrorism Advisory System Keeping yourself safe.
BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT
Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.
Nexthink V5 Demo Security – Malicious Anomaly. Situation › Avoid damage resulting from the incident itself and the cost of the unplanned response › Protection.
CYBER CRIMES PREVENTIONS AND PROTECTIONS Presenters: Masroor Manzoor Chandio Hira Farooq Qureshi Submitted to SIR ABDUL MALIK ABBASI SINDH MADRESA TUL.
Weaving Security Blankets Make your own bespoke defensive toolkit Presentation by Max Cizauskas For BSides Toronto 2015.
Governor’s Office of Homeland Security and Emergency Response State Directors Meeting February 24, 2014 Bruce A. Davis, Ph.D. Senior Program Manager Resilient.
Introduction to Security Dr. John P. Abraham Professor UTPA.
A global nonprofit: Focusing on IP Protection and Anti-Corruption Sharing leading practices based on insights from global companies, academics, organizations.
Friday 22nd April 2016 DS Chris Greatorex SEROCU
CLOSE THE SECURITY GAP WITH IT SOLUTIONS FROM COMPUTACENTER AND CISCO AUGUST 2014.
Cyber Security – Client View Peter Gibbons | Head of Cyber Security, Group Business Services Suppliers’ Summer Conference 15/07/2015.
CASE STUDY DPS NEWTOWN. Diversity of Operations.
1 Chapter 9 Implementing Six Sigma. Top 8 Reasons for Six Sigma Project Failure 8. The training was not practical. 7. The project was too small for DMAIC.
Surveillance and Security Systems Cyber Security Integration.
SAFE toward a WORLD for children Five-Year Strategic Plan
Law Firm Data Security: What In-house Counsel Need to Know
BAE systems Research results October 2016
OIT Security Operations
CYBERSECURITY INCIDENCE IN THE FINANCIAL SERVICES SECTOR March 28, 2017 Presented by Osato Omogiafo Head IT Audit.
Information Security Program
3 Do you monitor for unauthorized intrusion activity?
An Overview on Risk Management
Comprehensive Security and Compliance at an Affordable Price.
Data Minimization Framework
Cyber Security Enterprise Risk Management: Key to an Organization’s Resilience Richard A. Spires CEO, Learning Tree International Former CIO, IRS and.
Cybercrime: Mitigation Challenges
Cyber Security: State of the Nation
Introduction to a Security Intelligence Maturity Model
Cyber Protections: First Step, Risk Assessment
Ulrich’s model of HR.
Explaining Bitcoins will be the easy part: Borne Attacks and How You Can Defend Against Them David Hood Director of Technology Marketing.
Explaining Bitcoins will be the easy part: Borne Attacks and How You Can Defend Against Them Michael Bird Team Lead, Account Executive.
ESSENTIALS OF A PHYSICAL SECURITY SYSTEMS RISK ASSESSMENT
Preferred Care Cloud Edition
Information is at the heart of any University, and Harvard is no exception. We create it, analyze it, share it, and apply it. As you would imagine, we.
I have many checklists: how do I get started with cyber security?
Making Information Security Manageable with GRC
SAM GDPR Assessment <Insert partner logo here>
Security Agility: Creating a Multi-Disciplinary Framework
Explaining Bitcoins will be the easy part: Borne Attacks and How You Can Defend Against Them Matthew Gardiner Product Marketing.
SMB practice development: Security play
Securing the Threats of Tomorrow, Today.
The Financial Impact of Cyber Risk 50 Questions Every CFO Should Ask
ITP Maturity Model Survey 2018
SMB practice development: Security play
Windows 10 Enterprise E3 for Small and Medium Business
Windows 10 Enterprise subscriptions in CSP – Messaging Summary
1 Advanced Cyber Security Forensics Training for Law Enforcement Building Advanced Forensics & Digital Evidence Human Resource in the Law Enforcement sector.
Maintaining order and safety in a city is no small task
Presented By: Erez Hevroni
Final Conference 18 Set 2018.
Cyber Security in a Risk Management Framework
Information Protection
3 Do you monitor for unauthorized intrusion activity?
DATA BREACHES 6 4 , 9 3 There were…
Protect data in core business applications
CYBER RISKS IN SECURITIES SERVICES
Cyber Threat Vigilance An Organizational Imperative
Information Protection
3 Do you monitor for unauthorized intrusion activity?
Jeremy Grant Coordinator Better Identity Coalition
Discussion Government Private Business Tools for prevention Congress
Presentation transcript:

WEBINAR Review- “Advanced Threat Protection – Can Technology alone deliver what’s needed?” Patrick Grillo, Senior Director, Security Strategy 1.From my understanding, the objectives of the Webinar is to address the question – “Are the current advanced threat protection solutions technologically suitable to safeguard our online data or they would just wake people up in the middle of night to be shocked by their financial and reputation damages?” To provide a clear answer to the question, the webinar focuses on three main aspects – Technology, Awareness and Advanced Threat Protection. Some real life examples depicting a target’s persona reveal how innocent people are made victims of online breaches. The very beginning of the webinar takes you through the statistics (from ID Theft Resource Center) on the number of breaches in 2015 and 2016 and analyses the probable causes. For example, the year 2015 recorded 781 data breaches and with not even half of the year gone, figures already touched 454 in In fact, the number of data breaches per day in 2016 is greater than what they were in An example of a recorded call from DHL which ended with a massive transfer of $250k to the criminals account is a real time proof of how bad the situation is. The webinar analyzes why aren’t the threat protections that we use today no longer effective and why aren’t the threat protection strategies working anymore? Other than technology, the webinar posits a three pointer reasoning to the existing problem: 1.Too much focus on compliance 2.Too risk based 3. Too many point solutions To overcome the issue, webinar suggests the introduction of a multi-layer, multi-technology solution that features a robust prevention layer and is capable of detecting the illegal activity and can instigate necessary steps to respond to the activity. Such a framework covers three diverse areas namely, Prevention, Detection and Mitigation and when all three areas interconnect to work collaboratively, eliminating the gaps between a security platform becomes easy. Melisa Hathaway (2010), Senior advisor, Cyber security project also recommends that technology and information security must walk together within an enterprise to ensure protection of our most critical asset i.e. information. While improved technology is only part of the solution, enhanced protection needs awareness plus technology. As also proposed by SANS Institute (2012), to enhance awareness in an organization, it is imperative that employees are trained well to detect and deal with such attacks at corporate level. To accomplish this, the webinar proposes a 7-step phishing campaign and recommends threat intelligence to be a top priority for organizations. Here are the seven steps in the same order as in the webinar presentation: 1. Executive support 2. Determine your test platform/vehicle 3. Embrace your inner cybercriminal 4. Set your trap 5. Attack and track 6. Share details of exercise and results 7. Clean the slate and repeat Further, towards the end, the webinar presents a 3-part dissection of the cyber-criminal ecosystem. On top sit the Crime ware Producers, a group of senior developers who do the major source coding followed by packers to evade detection and Junior developers who would just create variants by simple copy pasting. With advanced technology, better awareness and an actionable intelligence plan, we can better position ourselves to overcome data threats in the globalized world. References SANS Institute, (2012). Twenty Critical Security Controls for Effective Cyber Defense, version 4.1. Viewed at 29th October 2013, Hathaway, M. E., (2010). Beyond Availability: Melissa Hathaway on the Cloud. Belfer Center for Science and International Affairs, Harvard Kennedy School. Viewed at 18 November 2013, Technology Alone Cannot Protect Against Cyber-threatshttp:// Technology Alone Cannot Protect Against Cyber-threats August 18, 2015 Cyber Security, Global Focus, TECHNOLOGY & INNOVATION, WORLDCyber SecurityGlobal FocusTECHNOLOGY & INNOVATIONWORLD Book: Foolproof: Why Safety Can Be Dangerous and How Danger Makes Us Safe, October 13, 2015https:// Link to the Webinar: Audio

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.