Brandon Traffanstedt Systems Engineer - Southeast

Slides:

Advertisements

Similar presentations

BalaBit Shell Control Box

Advertisements

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

Presentation by: Peter Thomas Blue Lance, Inc Using SIEM Solutions Effectively to meet Security, Audit, and Compliance Requirements.

COPYRIGHT © 2010 TECTIA CORPORATION. ALL RIGHTS RESERVED. Proactive Measures to Prevent Data Theft Securing, Auditing and Controlling remote.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.

1 The New Cyber Battleground: Inside Your Network Chad Froomkin Major Account Executive Southeast.

1 Telstra in Confidence Managing Security for our Mobile Technology.

Information Security Policies and Standards

 Controls that provide security against internal and external threats  2 Types of access controls: › Physical controls › Logical controls.

Network Security Peter Behrens Seth Elschlager. Computer Security Preventing unauthorized use of your network and information within that network. Preventing.

Stephen S. Yau CSE , Fall Security Strategies.

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.

VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Website Hardening HUIT IT Security | Sep

Cyber Security Audit and Network Monitoring P.D. Mynatt Doug Brown March 19 th 2015.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.

1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.

Unify and Simplify: Security Management

Thursday, January 23, :00 am – 11:30 am. Agenda  Cyber Security Center of Excellence  Project Phase  Implementation  Next Steps 2.

What is FORENSICS? Why do we need Network Forensics?

Asset & Security Management Chapter 9. IT Asset Management (ITAM) Is the process of tracking information about technology assets through the entire asset.

Dell Connected Security Solutions Simplify & unify.

Common Cyber Defenses Tom Chothia Computer Security, Lecture 18.

Asif Jinnah Microsoft IT – United Kingdom. Security Challenges in an ever changing landscape Evolution of Security Controls: Microsoft’s Secure Anywhere.

Lecture Materials for the John Wiley & Sons book: Cyber Security: Managing Networks, Conducting Tests, and Investigating Intrusions October 7, 2015 DRAFT1.

H UMAN R ESOURCES M ANAGEMENT Beki Webster Director, HR, Intelligence Systems Division Northrop Grumman Information Systems July 31, 2009.

Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.

GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.

SOA-39: Securing Your SOA Francois Martel Principal Solution Engineer Mitigating Security Risks of a De-coupled Infrastructure.

Small Business Security Keith Slagle April 24, 2007.

Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?

IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.

MANAGED SECURITY TESTING PROACTIVELY MANAGING VULNERABILITIES.

The Importance of Proper Controls. 5 Network Controls Developing a secure network means developing mechanisms that reduce or eliminate the threats.

Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Identity is the new Perimeter of Security Wade Tongen NA Enterprise SE Manager

CyberArk Security for the Heart of the Enterprise

Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.

Russell Rice Senior Director, Product Management Skyport Systems

Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Company Overview & Strategy Lance McAndrew Product Line Sales Engineer.

Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.

Information Security tools for records managers Frank Rankin.

Managing End Point Security Starts at the Perimeter DIR ISF April 14&15, 2016 Randy Guin, CISSP, CGEIT.

©2012 Bit9. All Rights Reserved Peter Llorens, PERegional Sales Manager, FL, Caribbean & Latin America Julio GutierrezSales Engineer, FL, Caribbean & Latin.

BizSmart Lunch & Learn Webinar Information Security and Protecting your business With the increased risk of some sort of cyber- attack over the past few.

Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Securing Enterprise Identities Against Cyberthreats Brian Krause Manager of North America.

Surveillance and Security Systems Cyber Security Integration.

Defining your requirements for a successful security (and compliance

Stopping Attacks Before They Stop Business

Six Steps to Secure Access for Privileged Insiders and Vendors

Cybersecurity - What’s Next? June 2017

Comprehensive Security and Compliance at an Affordable Price.

Team 1 – Incident Response

Microsoft /20/2018 9:26 AM BRK1037 Win the IT security battle: automate password changes, privileged access & Minimize Cyber Losses Christopher.

Leverage What’s Out There

Six Steps to Secure Access for Privileged Insiders and Vendors

Privileged Accounts: Discover / Protect / Monitor

Call AVG Antivirus Support | Fix Your PC

Company Overview & Strategy

Advanced Services Cyber Security 101 © ABB February, | Slide 1.

cyberopsalliance.com |

PRIVILEGED ACCOUNT ABUSE

Brandon Traffanstedt Systems Engineer - Southeast

Security week 1 Introductions Class website Syllabus review

Security intelligence: solving the puzzle for actionable insight

Privileged Access Management

AIR-T11 What We’ve Learned Building a Cyber Security Operation Center: du Case Study Tamer El Refaey Senior Director, Security Monitoring and Operations.

Presentation transcript:

Brandon Traffanstedt Systems Engineer - Southeast The Privileged Pathway: Securing and Auditing Privileged Accounts Using CyberArk Brandon Traffanstedt Systems Engineer - Southeast

The New Cyber Battleground: Inside Your Network Over 90% of organizations have been breached Strategic shift from “I can stop everything at the perimeter.” to “I can’t stop anything at the perimeter.” Over 38% of breaches are internal – and the most costly Need to protect against malicious and accidental insiders Ponemon – Cost of Cyber Breaches 2012 – “The most costly breaches, including denial of service, malicious insiders and web-based attacks, account for 58% of overall cost of data breaches…Insider attacks can take an average of more than 50 days to contain…. 38% of benchmark organizations suffered attack by malicious insiders 38% of breaches are insiders; accidental insiders another 35%.... Wow – that’s huge – 38% of breaches are insides…accidental is another 35%....so 83% of breaches are from the inside According to a 2012 Ponemon institute study…Insider breaches can take more 50 days to contain!!!! Information security focus shifts to inside the network Proactive protection of critical assets Real-time detection of in-progress attacks

Cyber Attacks Are a Daily Event Web Articles Not a day goes by when we don’t read about another serious breach. And in almost every single instance, privileged accounts are exploited by the attacker… The list from 2012 alone includes…. Flame Saudi Aramco University of Georgia Toyota Subway US Chamber of Commerce State of South Carolina Red October ….I could go on…

Privileged Accounts: Pathway to Cyber Attacks “…once they have privileged credentials, they are pretty much home free.” Deloitte, 2014

Privileged Accounts - “Keys to the IT Kingdom” Malicious Insiders External Attackers CyberArk Provides Proactive Protection and Detection

Privileged Credentials are Everywhere Privileged Accounts Routers, Firewalls, Hypervisors, Databases, Applications Routers, Firewalls, Servers, Databases, Applications Laptops, Tablets, Smartphones Power Plants, Factory Floors WiFi Routers, Smart TVs Where are your privileged accounts? They are everywhere – in every piece of hardware and software. They exist across the entire IT stack including data, applications, endpoints and the network. A privileged user is any user that has the capability to change, alter or impact the operational service of a business process. So, in any organization, this includes not only system administrators, but some people you may not consider privileged users today. Think about some of your business users and even social networking account managers. Do they have access privileges to impact important business processes?

Privilege is At The Center of the Attack Lifecycle Typical Lifecycle of a Cyber Attack Privilege is At The Center of the Attack Lifecycle

CyberArk Breaks the Attack Chain

Solving The Privileged Account Security Problem Enterprise Cloud SCADA/ICS Advanced, External Threats Insider Threats Securing Application Credentials Securing Shared Admin Accounts Threats Control & Accountability for Privileged Users Monitor & Record Privileged Activity Compliance Reporting Remote User Access Control Audit & Compliance We’ve talked a lot about how critical privileged account security is to address advanced threats and malicious insiders. But it’s important to know that industry and government compliance standards and regulations require the protection and monitoring of privileged accounts. We address these issues in your physical on-premises environment, across private, hybrid and public cloud environments as well as in SCADA and industrial control environments where we already have over 100 deployments.

10 slides is enough– show us the demo!

DNA - Discovery & Audit Discover where your privileged accounts exist Clearly assess privileged account security risks Identify all privileged passwords, SSH keys, and password hashes Collect reliable and comprehensive audit information

Thank you! Brandon Traffanstedt – Systems Engineer Southeast (404) 594-2331 Brandon.Traffanstedt@cyberark.com