Presentation is loading. Please wait.

Presentation is loading. Please wait.

FROM SECURITY DATA TO SECURITY INTELLIGENCE ZULFIKAR RAMZAN, CTO, RSA.

Published byWinfred Evans Modified over 8 years ago

Similar presentations

Presentation on theme: "FROM SECURITY DATA TO SECURITY INTELLIGENCE ZULFIKAR RAMZAN, CTO, RSA."— Presentation transcript:

1 FROM SECURITY DATA TO SECURITY INTELLIGENCE ZULFIKAR RAMZAN, CTO, RSA

2 2 Paper Towns and Cybersecurity @zulfikar_ramzan

3 3 What Came First: the Map or the Town? @zulfikar_ramzan

4 4

5 0 010110100 101100111010011 110100110 11 0 010110100 101100111010011 110100110 11 0 010110100 101100111010011 110100110 11WALLS TALLER WON’T SOLVE OUR PROBLEM

6 6 Attacks are targeted (e.g., via repeated use of polymorphism and metamorphism); Macro-distribution supplanted by micro-distribution. Powerful attack toolkits available w/ tiered pricing, 24x7 customer support. Ecosystem for buying and selling tools and cybercriminal services democratizes advanced attacks Why Intrusions Are Successful Why are intrusions successful? @zulfikar_ramzan

7 7 1 23 Visibility Identity Risk Three Strategic Pillars @zulfikar_ramzan

8 8 is the foundation for mitigating the risk of advanced threats visibility If you really want to protect your network, you really have to know your network. You have to know the devices, the security technologies, and the things inside it. -Rob Joyce, NSA TAO Chief, Usenix Enigma 2016 @zulfikar_ramzan

9 9 Cloud Key Visibility Points Logs NetflowPackets Endpoints Identities @zulfikar_ramzan

10 10 12 TIME Attack Identified Response Advanced Attacks: Where to Focus 1 TARGETED SPECIFIC OBJECTIVE STEALTHY LOW AND SLOW 23 INTERACTIVE HUMAN INVOLVEMENT @zulfikar_ramzan

11 11 identity is foundational and will matter even more as the threat landscape evolves @zulfikar_ramzan

12 12 Advanced breaches don’t have to involve malware: SQL Injection -> Web Shell -> RDP Advanced breaches can be very simple – e.g., credential theft Every breach involves co-opting of identity (authentication isn’t the same as identity assurance) Malware Reality Check @zulfikar_ramzan

13 13 Identity is More Than Authentication Governance Access / Auth Lifecycle Assurance @zulfikar_ramzan

14 14 embrace and own your risk Supply chain risk Financial risk Operational risk IT Security risk Physical risk Currency fluctuation risk Regulatory risk @zulfikar_ramzan

15 15 How we spend Prevention 80% Monitoring 15% Response 5% Prevention 80% Monitoring 15% Response 5% Prevention 33% How we should spend Monitoring 33% Response 33% Shift Priorities and Capabilities @zulfikar_ramzan

16 16 Takeaways We need pervasive and true visibility Identity and authentication matter even more Embrace and own your risk 1 1 2 2 3 3 @zulfikar_ramzan

17 17 Thank You

Download ppt "FROM SECURITY DATA TO SECURITY INTELLIGENCE ZULFIKAR RAMZAN, CTO, RSA."

Similar presentations

2012 Taking Complexity out of Information Security …allowing you to focus on your business.

2012 Taking Complexity out of Information Security …allowing you to focus on your business.
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC

1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC
Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
© 2012 Solera Networks. Contains confidential, proprietary, and trade secret information of Solera Networks. Any use of this work without express written.

© 2012 Solera Networks. Contains confidential, proprietary, and trade secret information of Solera Networks. Any use of this work without express written.
Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.

Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.
1© Copyright 2012 EMC Corporation. All rights reserved. Getting Ahead of Advanced Threats Advanced Security Solutions for Trusted IT Chezki Gil – Territory.

1© Copyright 2012 EMC Corporation. All rights reserved. Getting Ahead of Advanced Threats Advanced Security Solutions for Trusted IT Chezki Gil – Territory.
FIVE STEPS TO REDUCE THE RISK OF CYBERCRIME TO YOUR BUSINESS.

FIVE STEPS TO REDUCE THE RISK OF CYBERCRIME TO YOUR BUSINESS.
1 Panda Malware Radar Discovering hidden threats Channel Presentation Name Date.

1 Panda Malware Radar Discovering hidden threats Channel Presentation Name Date.
Dell Connected Security Solutions Simplify & unify.

Dell Connected Security Solutions Simplify & unify.
The Changing World of Endpoint Protection

The Changing World of Endpoint Protection
Future ICT Landscapes – Security and Privacy Challenges & Requirements Simone Fischer-Hübner IVA Workshop, Stockholm 24th May 2012.

Future ICT Landscapes – Security and Privacy Challenges & Requirements Simone Fischer-Hübner IVA Workshop, Stockholm 24th May 2012.
CIO Perspectives on Security Fabrício Brasileiro Regional Sales Manager.

CIO Perspectives on Security Fabrício Brasileiro Regional Sales Manager.
Nexthink V5 Demo Security – Malicious Anomaly. Situation › Avoid damage resulting from the incident itself and the cost of the unplanned response › Protection.

Nexthink V5 Demo Security – Malicious Anomaly. Situation › Avoid damage resulting from the incident itself and the cost of the unplanned response › Protection.
Take back control: taming rogue device, user and application exposures Mark Blake, Capita Secure Managed Services Chris Gothard, Colt Technology Services.

Take back control: taming rogue device, user and application exposures Mark Blake, Capita Secure Managed Services Chris Gothard, Colt Technology Services.
Free, online, technical courses Take a free online course. Microsoft Virtual Academy.

Free, online, technical courses Take a free online course. Microsoft Virtual Academy.
Strong Security for Your Weak Link: Implementing People-Centric Security Jennifer Cheng, Director of Product Marketing.

Strong Security for Your Weak Link: Implementing People-Centric Security Jennifer Cheng, Director of Product Marketing.
NADAV PELEG HEAD OF MOBILE SECURITY The Mobile Threat: Consumer Devices Business Risks David Parkinson MOBILE SECURITY SPECIALIST, NER.

NADAV PELEG HEAD OF MOBILE SECURITY The Mobile Threat: Consumer Devices Business Risks David Parkinson MOBILE SECURITY SPECIALIST, NER.
Rapid Detection & Incident Response What, Why and How March 2016 Ft Gordon.

Rapid Detection & Incident Response What, Why and How March 2016 Ft Gordon.
ARAMA TECH D A T A P R O T E C T I O N P R O F E S S I O N A L S VISION & STRATEGY.

ARAMA TECH D A T A P R O T E C T I O N P R O F E S S I O N A L S VISION & STRATEGY.

Similar presentations

Ads by Google