Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Game has Changed… Ready or Not! Andrew Willetts Technologies, Inc.

Published byElvin McBride Modified over 6 years ago

Similar presentations

Presentation on theme: "The Game has Changed… Ready or Not! Andrew Willetts Technologies, Inc."— Presentation transcript:

1 The Game has Changed… Ready or Not! Andrew Willetts Technologies, Inc.

2 Threat Landscape (you knew that was coming!)
1 “Survey Says” 2 Change the Rules 3

3 The Threat Landscape: 5 Major Trends
80% Global 2000 hit by targeted attacks 1. Highly Targeted Attacks 2.5x Increase in losses from targeted attacks yoy PwC Information Security Breach Study and Symantec Internet Security Threat Report

4 The Threat Landscape: 5 Major Trends
60% Can’t catch credential thieves today Highly Targeted Attacks 2. Credential Theft 40% Windows hosts with high-risk credentials for pivot points Rapid7- IDR Survey Report CyberArk – What percentage of your Windows network is exposed to credential theft attacks

5 The Threat Landscape: 5 Major Trends
41% Breaches caused by trusted partners Highly Targeted Attacks Credential Theft 3. Insider Element 33% Enterprises that give partners privileged network access Protiviti - IT Security and Privacy Survey PwC - Information Security Breach Study

6 The Threat Landscape: 5 Major Trends
26k Netscreen Firewalls with malicious backdoor Highly Targeted Attacks Credential Theft Insider Element 4. Hijacked Security Layers 70% Cloud applications impacted by Heartbleed SSL flaw Security Week, CSO Online: Juniper firewall backdoor password disclosed

7 The Threat Landscape: 5 Major Trends
5 out of 6 large companies is hit with targeted attacks today 17% Android apps that are malware Highly Targeted Attacks Credential Theft Insider Element Hijacked Security Layers 5. New Threat Vectors 70% IoT devices shipping with known vulnerabilities Symantec – Internet Threat Report HP – IoT Device Vulnerability Study

8 The Threat Landscape: What about IoT/OT
Network connectivity enables these objects to collect and exchange data: Video cameras Healthcare equipment Safety equipment Climate control Environmental sensors Vehicles Asset tracking devices Refrigerators Smart homes Trash cans

9 The Threat Landscape: Ready or not!
20+ Billion Prediction: By 2020, Less than 10% of new devices connecting to the corporate environment will be manageable through traditional methods 5 Billion PC BYOD IoT 1990 2015 2020 Source: Gartner, BI Intelligence, Verizon, ForeScout

10 The Threat Landscape: I already have agents!
Frost & Sullivan - Continuous Monitoring and Threat Mitigation with Next-generation NAC

11 The Threat Landscape: IT Security Challenges
IBM IBM Firewall SIEM ATD VA Endpoint Patch EMM Security products in silos. Human beings are needed to compensate for lack of automation. SecOps teams are overwhelmed and cannot respond in a timely fashion.

12 Threat Landscape 1 “Survey Says” 2 Change the Rules 3

13 Got Blind Spots? Does your network suffer
from blind spots from specific security platforms? Continuous Monitoring and Threat Mitigation with Next-generation NAC - Frost & Sullivan

14 How Many Network Security Incidents?
72% Percentage of networks that had 5 or more security incidents within the past 12 months. Continuous Monitoring and Threat Mitigation with Next-generation NAC - Frost & Sullivan

15 Which Devices are Secure?
What category of devices had 5 or more security incidents in the last 12 months? Continuous Monitoring and Threat Mitigation with Next-generation NAC - Frost & Sullivan

16 Do Agents Provide the Security You Need?
What is your confidence level that agents are installed and working properly on your computers? Continuous Monitoring and Threat Mitigation with Next-generation NAC - Frost & Sullivan

17 Ready for Automation? Would your security program benefit if it could automatically invoke a set of predetermined security controls? Continuous Monitoring and Threat Mitigation with Next-generation NAC - Frost & Sullivan

18 Threat Landscape 1 “Survey Says” 2 Change the Rules 3

19 See Classify 001101 Discover

20 Less Privileged Access
Control Less Privileged Access Quarantine Assign Restrict Alert Data Center Guest Network Corporate Network

21 Orchestrate ATD SIEM VA EMM Custom

22 IoT Use Case IOC Scanner 1 Device connects to the network 2 Device is detected and classified as a printer 3 Compromised printer communicates with the corporate file server 4 ATD detects an anomaly and forwards the event to SIEM, which alerts NAC solution Firewall ATD SIEM Endpoint Patch EMM 5 Compromised printer is blocked from accessing the network Corporate File Server Network Internet ) ) ) ) ) ) ) ) ) BYOD Devices IoT Devices Corporate Devices Rogue Devices

23 Advanced Threat Detection Use Case
1 1 ATD system notifies NAC of an infected endpoint and threat profile 2 2 NAC policy based on threat classification restricts network access of endpoint ATD 3 1 3 3 NAC initiates managed endpoint remediation actions using details from the ATD system and removes network access restrictions on endpoint Internet 3 4 1 5 2 ForeScout CounterACT® 4 4 NAC scans other managed endpoints on the network for the IOC and initiates remediation actions Switch Wireless LAN Controller 5 5 NAC scans endpoints for IOCs as new endpoints attempt to connect to the network 1 4 2 3 5 BYOD Devices Managed Devices IoT Devices Rogue Devices Reference Acronym Glossary at the end of presentation

24 Vulnerability Assessment Use Case
1 1 NAC detects an endpoint connecting to the network NAC requests the VA System initiate a real-time scan of the endpoint 2 2 VA Patch 3 2 5 3 3 VA system sends scan results to ForeScout 4 4 NAC places endpoint in remediation VLAN based on VA scan results and policies Internet 5 6 4 1 3 2 ForeScout CounterACT® 5 5 NAC requests patch management system to apply correct patches Switch Wireless LAN Controller 6 6 NAC provides endpoint with appropriate network access once remediated 6 4 2 1 BYOD Devices Managed Devices IoT Devices Rogue Devices Reference Acronym Glossary at the end of presentation

25 Enterprise Mobility Management Use Case
1 1 NAC discovers endpoint connecting to network 2 2 NAC queries EMM server to see if endpoint is managed by EMM, if so, network access continues EMM 3 4 2 3 3 NAC moves endpoint to restricted access if not currently EMM managed, does http redirect and prompts user to install EMM agent Internet 1 4 2 3 ForeScout CounterACT® 4 4 NAC moves endpoint back to appropriate network access once EMM confirms endpoint is EMM managed and meeting EMM policy Switch Wireless LAN Controller 4 1 3 2 BYOD Devices Managed Devices IoT Devices Rogue Devices Reference Acronym Glossary at the end of presentation

26 THANK YOU!

Download ppt "The Game has Changed… Ready or Not! Andrew Willetts Technologies, Inc."

Similar presentations

© 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds.

© 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds.
Managed Security Monitoring. 2 ©2015 EarthLink. All rights reserved. Today’s top IT concerns — sound familiar? Source: IT Security Risks 2014: A Business.

Managed Security Monitoring. 2 ©2015 EarthLink. All rights reserved. Today’s top IT concerns — sound familiar? Source: IT Security Risks 2014: A Business.
Security for Today’s Threat Landscape Kat Pelak 1.

Security for Today’s Threat Landscape Kat Pelak 1.
©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.

©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.
© 2015 Cisco and/or its affiliates. All rights reserved. 1 The Importance of Threat-Centric Security William Young Security Solutions Architect It’s Our.

© 2015 Cisco and/or its affiliates. All rights reserved. 1 The Importance of Threat-Centric Security William Young Security Solutions Architect It’s Our.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions 631-692-5175 Steve Katz, CISSP Security.

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.
It’s Not Your Father’s NAC: Next-generation NAC

It’s Not Your Father’s NAC: Next-generation NAC
IT-Partners Limited © 2011 IT Partners Limited Y OUR IT SOLUTION P ARTNERS Managing Director Confidential Data Loss Prevention Sunny Ho 1.

IT-Partners Limited © 2011 IT Partners Limited Y OUR IT SOLUTION P ARTNERS Managing Director Confidential Data Loss Prevention Sunny Ho 1.
1 Network Admission Control to WLAN at WIT Presented by: Aidan McGrath B.Sc. M.A.

1 Network Admission Control to WLAN at WIT Presented by: Aidan McGrath B.Sc. M.A.
May 2015 Toni Buhrke, Director Systems Engineering.

May 2015 Toni Buhrke, Director Systems Engineering.
©2004 Check Point Software Technologies Ltd. Proprietary & Confidential Policy and Configuration Compliance for Devices Connecting to the Wireless Network.

©2004 Check Point Software Technologies Ltd. Proprietary & Confidential Policy and Configuration Compliance for Devices Connecting to the Wireless Network.
Dell Connected Security Solutions Simplify & unify.

Dell Connected Security Solutions Simplify & unify.
©2014 Bit9. All Rights Reserved Endpoint Threat Prevention Charles Roussey | Sr. Sales Engineer Detection and Response in Seconds.

©2014 Bit9. All Rights Reserved Endpoint Threat Prevention Charles Roussey | Sr. Sales Engineer Detection and Response in Seconds.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
© 2015 ForeScout Technologies, Page 2 Source: Identity Theft Resource Center Annual number of data breaches Breaches reported Average annual cost of security.

© 2015 ForeScout Technologies, Page 2 Source: Identity Theft Resource Center Annual number of data breaches Breaches reported Average annual cost of security.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Synchronized Security Revolutionizing Advanced Threat Protection

Synchronized Security Revolutionizing Advanced Threat Protection
Sky Advanced Threat Prevention

Sky Advanced Threat Prevention

Similar presentations

Ads by Google