Presentation is loading. Please wait.

Presentation is loading. Please wait.

WEBINAR Review- “Advanced Threat Protection – Can Technology alone deliver what’s needed?” Patrick Grillo, Senior Director, Security Strategy 1.From my.

Published byTerence McKinney Modified over 8 years ago

Similar presentations

Presentation on theme: "WEBINAR Review- “Advanced Threat Protection – Can Technology alone deliver what’s needed?” Patrick Grillo, Senior Director, Security Strategy 1.From my."— Presentation transcript:

1

2 WEBINAR Review- “Advanced Threat Protection – Can Technology alone deliver what’s needed?” Patrick Grillo, Senior Director, Security Strategy 1.From my understanding, the objectives of the Webinar is to address the question – “Are the current advanced threat protection solutions technologically suitable to safeguard our online data or they would just wake people up in the middle of night to be shocked by their financial and reputation damages?” To provide a clear answer to the question, the webinar focuses on three main aspects – Technology, Awareness and Advanced Threat Protection. Some real life examples depicting a target’s persona reveal how innocent people are made victims of online breaches. The very beginning of the webinar takes you through the statistics (from ID Theft Resource Center) on the number of breaches in 2015 and 2016 and analyses the probable causes. For example, the year 2015 recorded 781 data breaches and with not even half of the year gone, figures already touched 454 in 2016. In fact, the number of data breaches per day in 2016 is greater than what they were in 2015. An example of a recorded call from DHL which ended with a massive transfer of $250k to the criminals account is a real time proof of how bad the situation is. The webinar analyzes why aren’t the threat protections that we use today no longer effective and why aren’t the threat protection strategies working anymore? Other than technology, the webinar posits a three pointer reasoning to the existing problem: 1.Too much focus on compliance 2.Too risk based 3. Too many point solutions To overcome the issue, webinar suggests the introduction of a multi-layer, multi-technology solution that features a robust prevention layer and is capable of detecting the illegal activity and can instigate necessary steps to respond to the activity. Such a framework covers three diverse areas namely, Prevention, Detection and Mitigation and when all three areas interconnect to work collaboratively, eliminating the gaps between a security platform becomes easy. Melisa Hathaway (2010), Senior advisor, Cyber security project also recommends that technology and information security must walk together within an enterprise to ensure protection of our most critical asset i.e. information. While improved technology is only part of the solution, enhanced protection needs awareness plus technology. As also proposed by SANS Institute (2012), to enhance awareness in an organization, it is imperative that employees are trained well to detect and deal with such attacks at corporate level. To accomplish this, the webinar proposes a 7-step phishing campaign and recommends threat intelligence to be a top priority for organizations. Here are the seven steps in the same order as in the webinar presentation: 1. Executive support 2. Determine your test platform/vehicle 3. Embrace your inner cybercriminal 4. Set your trap 5. Attack and track 6. Share details of exercise and results 7. Clean the slate and repeat Further, towards the end, the webinar presents a 3-part dissection of the cyber-criminal ecosystem. On top sit the Crime ware Producers, a group of senior developers who do the major source coding followed by packers to evade detection and Junior developers who would just create variants by simple copy pasting. With advanced technology, better awareness and an actionable intelligence plan, we can better position ourselves to overcome data threats in the globalized world. References SANS Institute, (2012). Twenty Critical Security Controls for Effective Cyber Defense, version 4.1. Viewed at 29th October 2013, http://www.sans.org/critical-security-controls Hathaway, M. E., (2010). Beyond Availability: Melissa Hathaway on the Cloud. Belfer Center for Science and International Affairs, Harvard Kennedy School. Viewed at 18 November 2013, http://www.europeanfinancialreview.com/?p=4749, Technology Alone Cannot Protect Against Cyber-threatshttp://www.europeanfinancialreview.com/?p=4749 Technology Alone Cannot Protect Against Cyber-threats August 18, 2015 Cyber Security, Global Focus, TECHNOLOGY & INNOVATION, WORLDCyber SecurityGlobal FocusTECHNOLOGY & INNOVATIONWORLD Book: https://www.amazon.ca/Foolproof-Safety-Dangerous-Danger-Makes/dp/0316286044 Foolproof: Why Safety Can Be Dangerous and How Danger Makes Us Safe, October 13, 2015https://www.amazon.ca/Foolproof-Safety-Dangerous-Danger-Makes/dp/0316286044 Link to the Webinar: https://www.brighttalk.com/webcast/5418/207343/advanced-threat-protection-can-technology-alone-deliver-what-s-needed Audio

Download ppt "WEBINAR Review- “Advanced Threat Protection – Can Technology alone deliver what’s needed?” Patrick Grillo, Senior Director, Security Strategy 1.From my."

Similar presentations

1 SANS Technology Institute - Candidate for Master of Science Degree 1 Automating Crosswalk between SP 800, 20 Critical Controls, and Australian Government.

1 SANS Technology Institute - Candidate for Master of Science Degree 1 Automating Crosswalk between SP 800, 20 Critical Controls, and Australian Government.
Cyber Security and Data Protection Presented by Mrs Drudeisha Madhub (Data Protection Commissioner ) Tel:+230 201 36 04 Helpdesk:+230.

Cyber Security and Data Protection Presented by Mrs Drudeisha Madhub (Data Protection Commissioner ) Tel: Helpdesk:+230.
Addressing Terrorist Use of the Internet, Cyber Crime and Other Threats: National Expert Workshop Forging a Comprehensive Approach to Cyber Security Richard.

Addressing Terrorist Use of the Internet, Cyber Crime and Other Threats: National Expert Workshop Forging a Comprehensive Approach to Cyber Security Richard.
SC2 meeting 24 November 2014 Security Measures and Resources Toolbox

SC2 meeting 24 November 2014 Security Measures and Resources Toolbox
PPA 573 – Emergency Management and Homeland Security Lecture 9b - Department of Homeland Security Strategic Plan.

PPA 573 – Emergency Management and Homeland Security Lecture 9b - Department of Homeland Security Strategic Plan.
Audits & Assessments: What are the Differences and How Do We Learn from the Results? Brown Bag March 12, 2009 Sal Rubano – Director, Office of the Vice.

Audits & Assessments: What are the Differences and How Do We Learn from the Results? Brown Bag March 12, 2009 Sal Rubano – Director, Office of the Vice.
Presentation title SUB TITLE HERE Intelligent 21st Century Strategies for Broadband and Cyber Infrastructures Security By Dr. Emmanuel Hooper, PhD, PhD,

Presentation title SUB TITLE HERE Intelligent 21st Century Strategies for Broadband and Cyber Infrastructures Security By Dr. Emmanuel Hooper, PhD, PhD,
Homeland Security. Learning Topics Purpose Introduction History Homeland Security Act Homeland Defense Terrorism Advisory System Keeping yourself safe.

Homeland Security. Learning Topics Purpose Introduction History Homeland Security Act Homeland Defense Terrorism Advisory System Keeping yourself safe.
BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT

BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT
Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.

Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.
Nexthink V5 Demo Security – Malicious Anomaly. Situation › Avoid damage resulting from the incident itself and the cost of the unplanned response › Protection.

Nexthink V5 Demo Security – Malicious Anomaly. Situation › Avoid damage resulting from the incident itself and the cost of the unplanned response › Protection.
CYBER CRIMES PREVENTIONS AND PROTECTIONS Presenters: Masroor Manzoor Chandio Hira Farooq Qureshi Submitted to SIR ABDUL MALIK ABBASI SINDH MADRESA TUL.

CYBER CRIMES PREVENTIONS AND PROTECTIONS Presenters: Masroor Manzoor Chandio Hira Farooq Qureshi Submitted to SIR ABDUL MALIK ABBASI SINDH MADRESA TUL.
Weaving Security Blankets Make your own bespoke defensive toolkit Presentation by Max Cizauskas For BSides Toronto 2015.

Weaving Security Blankets Make your own bespoke defensive toolkit Presentation by Max Cizauskas For BSides Toronto 2015.
Governor’s Office of Homeland Security and Emergency Response State Directors Meeting February 24, 2014 Bruce A. Davis, Ph.D. Senior Program Manager Resilient.

Governor’s Office of Homeland Security and Emergency Response State Directors Meeting February 24, 2014 Bruce A. Davis, Ph.D. Senior Program Manager Resilient.
Introduction to Security Dr. John P. Abraham Professor UTPA.

Introduction to Security Dr. John P. Abraham Professor UTPA.
A global nonprofit: Focusing on IP Protection and Anti-Corruption Sharing leading practices based on insights from global companies, academics, organizations.

A global nonprofit: Focusing on IP Protection and Anti-Corruption Sharing leading practices based on insights from global companies, academics, organizations.
Friday 22nd April 2016 DS Chris Greatorex SEROCU

Friday 22nd April 2016 DS Chris Greatorex SEROCU
CLOSE THE SECURITY GAP WITH IT SOLUTIONS FROM COMPUTACENTER AND CISCO AUGUST 2014.

CLOSE THE SECURITY GAP WITH IT SOLUTIONS FROM COMPUTACENTER AND CISCO AUGUST 2014.
Cyber Security – Client View Peter Gibbons | Head of Cyber Security, Group Business Services Suppliers’ Summer Conference 15/07/2015.

Cyber Security – Client View Peter Gibbons | Head of Cyber Security, Group Business Services Suppliers’ Summer Conference 15/07/2015.
CASE STUDY DPS NEWTOWN. Diversity of Operations.

CASE STUDY DPS NEWTOWN. Diversity of Operations.

Similar presentations

Ads by Google