Is Endpoint security dead?

Slides:



Advertisements
Similar presentations
The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
Advertisements

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.
Information System Audit : © South-Asian Management Technologies Foundation Chapter 4: Information System Audit Requirements.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Website Hardening HUIT IT Security | Sep
Chapter 2 Information Security Overview The Executive Guide to Information Security manual.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Information Security Issues at Casinos and eGaming
Dell Connected Security Solutions Simplify & unify.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.
Asif Jinnah Microsoft IT – United Kingdom. Security Challenges in an ever changing landscape Evolution of Security Controls: Microsoft’s Secure Anywhere.
Center of Excellence for IT at Bellevue College. Cyber security and information assurance refer to measures for protecting computer systems, networks,
Sample Security Model. Security Model Secure: Identity management & Authentication Filtering and Stateful Inspection Encryption and VPN’s Monitor: Intrusion.
Data Security: Steps to Improved Information Security September 22, 2015 Presented by: Alex Henderson General Counsel and Chief Administrative Officer.
SAM for Virtualizatio n Presenter Name. Virtualization: a key priority for business decision makers Technavio forecasts that the global virtualization.
KTAC Security Task Force Superintendents Update April 23, 2015.
Slide 1 Security Engineering. Slide 2 Objectives l To introduce issues that must be considered in the specification and design of secure software l To.
Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Cyber Security in the Mobile Era KEEPING ENTERPRISE DATA SAFE IN THE BYOD ERA.
IS3220 Information Technology Infrastructure Security
© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 10 Network Security Management.
INFORMATION ASSURANCE POLICY. Information Assurance Information operations that protect and defend information and information systems by ensuring their.
ISO17799 / BS ISO / BS Introduction Information security has always been a major challenge to most organizations. Computer infections.
Despite of spending high on digital information security, organizations still remain exposed to external threats. However, data center providers are helping.
SELF-DEFENDING NETWORK. CONTENTS Introduction What is Self Defending Network? Types of Network Attacks Structure of Self Defending Network Conclusion.
SYMANTEC ENDPOINT SECURITY SERVICE PROVIDERS | ALLIANCE PRO IT HYDERABAD (CORPORATE OFFICE) ALLIANCE PRO IT PRIVATE LIMITED, 3A, HYNDAVA TECHNO PARK, TECHNO.
SYMANTEC ENDPOINT SECURITY SERVICE PROVIDERS | ALLIANCE PRO IT HYDERABAD (CORPORATE OFFICE) ALLIANCE PRO IT PRIVATE LIMITED, 3A, HYNDAVA TECHNO PARK, TECHNO.
Securing Information Systems
Security Issues in Information Technology
Securing Information Systems
Your Partner for Superior Cybersecurity
OIT Security Operations
Firmware threat Dhaval Chauhan MIS 534.
Cybersecurity - What’s Next? June 2017
AT&T Premises-Based Firewall Enhanced SBS Solution
Data and database administration
Security Standard: “reasonable security”
Configuring Windows Firewall with Advanced Security
Compliance with hardening standards
Active Cyber Security, OnDemand
(1888 PressRelease) Staying Ahead of Today’s Rapidly Evolving Security Landscape
BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT
Security Engineering.
Securing Information Systems
SECURITY INFORMATION AND EVENT MANAGEMENT
Security in Networking
Cloud Testing Shilpi Chugh.
Call AVG Antivirus Support | Fix Your PC
5G Security Training
Secure Browsing Because malware usually doesn’t identify itself.
CONFIDENTIALITY, INTEGRITY, LEGAL INTERCEPTION
Check Point Connectra NGX R60
Cybersecurity Special Public Meeting/Commission Workshop for Natural Gas Utilities September 27, 2018.
National Cyber Security
Securing the Threats of Tomorrow, Today.
INFORMATION SYSTEMS SECURITY and CONTROL
Building an Integrated Security System Microsoft Forefront code name “Stirling” Ravi Sankar Technology Evangelist | Microsoft
How to Mitigate the Consequences What are the Countermeasures?
Cyber security Policy development and implementation
Module 2 OBJECTIVE 14: Compare various security mechanisms.
Counter APT Counter APT HUNT operations combine best of breed endpoint detection response technology with an experienced cadre of cybersecurity experts.
Fy ‘08 NETWORK PLANNING TASK FORCE
Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham
Cloud Computing for Wireless Networks
Presentation transcript:

Is Endpoint security dead? The future of corporate security

Introduction Computer Forensics Consult/Specialists is an Cyber security consultancy firm founded in 2004. Areas of focus include Digital Forensics Security Audits Compliance, Policy and Risk Advisory Cyber Intelligence, Defense and Offense Cyber Security R&D

Cyber Security vs Information Security Our approach to security is greatly influenced by how perceive use and engage with these two terms Information Security (INFOSEC):ISO/IEC 27000:2009 2.33 Information security - preservation of confidentiality, integrity and availability of information. Cyber security (CYBERSEC): ITU-T X.1205 Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets.

What is Endpoint Security Endpoint security or Endpoint Protection is a technology that takes an extra step to protect computer networks that are remotely bridged to users' devices. The use of laptops, tablets, mobile devices and other wireless gadgets connected with corporate networks creates vulnerability paths for security threats. Endpoint security attempts to ensure that such devices follow a definite level of compliance and standards

Endpoint protection approach to Security Endpoint security systems operate on a client–server model with the security program controlled by a centrally managed host server pinned with a client program which is installed on all the network drives. There is the software-as-a-service (SaaS) model, the security programs and the host server are maintained remotely by the merchant. The contribution from both the delivery & model is that the server program verifies and authenticates the user login credentials and performs a device scan to check if it complies with a designated corporate security standards prior to permit network access.

Common Endpoint Security Techniques Organizations can leverage a number of techniques and technologies as part of their endpoint security, including: Personal firewalls Individual credential management Two-factor authentication Device and network-level anti-virus software. These can include the use of behavior-block and monitoring components that examine devices for actions typically carried out by rootkits to pinpoint an infection. However, the backbone of these processes is the central server that controls access to the network and the sensitive content present there.

People, Processes & Technology

People, Processes & Technology People. A strong people strategy is the heart of an effective change- management initiative. Start with setting a consistent vision for the security and operations teams. Process. Processes need to be reviewed in light of the shared goals and objectives. Technology. It’s vital that a technology be selected only after the people and process issues have been solved, and only after a comprehensive evaluation of the needs of all stakeholders.

Challenges facing an Endpoint Security approach False sense of security Believing that endpoint security products can keep endpoints secure with technology, and therefore skimping on actual security policies, procedures, and training. “No technology can deliver security if people undermine it” – Joseph Steinberg Complex endpoints Endpoint protection is becoming more complex in its application due to the broadening of many company BYOD policies and the increasing number of employees and authorized users being allowed to log in remotely to corporate networks Resources being accessed are also increasingly more complex. The driving force for this is to keep the worker/employee most productive thus availing any and all resources needed for them to succeed in that.

Challenges Connectivity Blind to fraud Blind to complex threats Endpoint security solutions demand continuous or frequent connectivity for update, upgrade and maintenance cycles. Thus makes lack of connectivity a risk which, depending on the market may be a big issue. Blind to fraud Because of the Technology centric approach of Endpoint Security, this makes the system blind to risks emanating from the other areas such as people and processes. Blind to complex threats More and more it is being found that antivirus products can take months before adding the algorithms to recognize the more complex threats, leaving endpoints unprotected. Technology centric as opposed to people &/or process centric Good security is a balance of People, processes and technology, focusing on one at the expense of the others is a mistake

So, is Endpoint Security dead? The ‘antivirus’ is a very basic defense with limited ability to handle sophisticated cyber-attacks and advanced persistent threats.  This also underscores why Endpoint Management has become a specialized discipline, and needs to be integral to a company’s overall security infrastructure. The ‘antivirus’ is particularly adept at handling known threats, but endpoint security is needed for post-incident detection and remediation with the understanding that problems, i.e. hackers, viruses, malware, etc., will eventually find their way into a network

Intelligence based security Incorporating Big Data into Cyber security Threat Intelligence not Information INFORMATION INTELLIGENCE Raw, unfiltered data Processed, sorted, and distilled information Unevaluated when delivered Evaluated and interpreted by trained expert analysts Aggregated from virtually every source Aggregated from reliable sources and cross correlated for accuracy May be true, false, misleading, incomplete, relevant, or irrelevant Accurate, timely, complete (as possible), assessed for relevancy

Endpoint Security evolution Defense in depth - The principle of defense-in-depth is that layered security mechanisms increase security of the system as a whole. If an attack causes one security mechanism to fail, other mechanisms may still provide the necessary security to protect the system. Endpoint Security still has its place however because if its risk to give a false sense of security make it a less than ideal solution to take up ALONE in cyberspace today. Endpoint security in itself is in a transition incorporating the other dimensions like processes and people making newer solutions that take an approach from these angles more viable

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.