1. THR2099
What to do BEFORE all hell breaks loose: Building a modern cybersecurity strategy

2. What to do BEFORE all hell breaks loose: Building a modern cybersecurity strategy

3. 90+% 30% 12% of security incidents/breaches involve phishing.
of recipients open phishing messages.
click on
attachments.
12%
Verizon 2016 Data Breach Investigations Report Verizon 2017 Data Breach Investigations Report

4. Targeted attacks, global impact
Top 20 countries based on #s of affected organizations a day after the initial attack.
Symantec

5. The future? Weaponized malware.
Sophisticated tools intended for national cyber espionage and warfare are now available to any cyber criminal.  
Pharmaceutical companies
Oil plants
Hospitals
Hospitals
Shipping companies
Banks
Food conglomerates
Logistics companies
Telecom companies
Factories
Government departments
Airlines
Metro systems
Power plants
Supermarkets
Law firms

6. The present? The struggle is already real.
More than 4,000 ransomware attacks per day since Jan. 2016, a 300% increase over 2015 (U.S. Department of Justice)
And in the past year?
49%
72%
of security professionals experienced a WannaCry-like event.
20%
experienced 3 such events.
experienced 6 such events.
Farsight Security

7. Problems we hear from our customers$
RISING COSTS OF OVERSIGHT AND COMPLIANCE
GAPS AND NEW THREATS IMPACT SECURITY RISKS
RESOURCE SHORTAGE IN SECURITY TEAMS
COMPLIANCE ISSUES OR DELAYS DUE TO COMPLEXITY

8. Feedback from a survey of 100 CIO/CSOs
“We have to tear down the traditional view of what an IT operations entity is and what a security entity is.”

9. Bridge the gap between Security and IT Operations

10. “IT wants things to work smoothly, while security wants security.
Feedback from a survey of 100 CIO/CSOs
“IT wants things to work smoothly, while security wants security.
At the endpoint, they have to work together to maintain both.”

11. Focused strategies lead to strategic IT success.
Provide defense in depth.
Integrate the environment to discover the breadth of risk.
Provide tech that reduces the attack surface.
Analyze data for insight into issues.
Take action to solve problems.
Balance security with user needs.
Learn about users and discover their needs.
Provide security without interfering with jobs.
Silently provide service through upgrades and risk evasion.
Increase productivity with the right tools.

12. CIS Critical Security Controls
Prioritized list of actions
Comply with industry and gov’t security requirements
Based on experience with actual attacks
Block initial compromises, detect compromised devices

13. The first 5 controls
CIS, US-CERT, ASD, and other authorities prioritize these five elements of cyber hygiene to significantly reduce security threats.
Inventory of Authorized and Unauthorized Devices
Inventory of Authorized and Unauthorized Software
Secure Configuration
Continuous Vulnerability Assessment and Remediation
Controlled Use of Administrative Privileges

14. 85% Organizations can prevent up to of Windows intrusion threats
by implementing four key disciplines 1 2 3 4
Patch Operating Systems
Patch Applications
Application Control
Privilege Management
Advanced Reporting \ Critical Insights

15. Our defense-in-depth solutions
Patch & Vulnerability Management
Application Control & Privilege Management
Endpoint Security
Secure Program Management
Patch and secure the OSes and 3rd-party apps that you can.
Prevent all other apps from running while practicing the principles of least privilege.
Add advanced anti-malware and AV capabilities, device control, and global policy for all devices.
Marry security capabilities with workflows and asset management processes to complete a secure lifecycle.
Patch management
Vulnerability management
Application control
Privilege management
Device control
Antivirus/antimalware
Threat alerting
Asset management
Service management
Secure configuration management
Discovery

16. with no additional infrastructure or training
3rd PARTY
PATCH
APPS
EASILY IN SCCM
with no additional infrastructure or training

17. Patch Your
Data Center
Without the complexity!

18. TRUSTED
OWNERSHIP
for manageable application control

19. Advanced
Dashboard
Reporting
Get the critical insights that matter!

20. Visit Ivanti at Booth #801

21. Please evaluate this session
Tech Ready 15
6/2/2018
Please evaluate this session
From your
Please expand notes window at bottom of slide and read. Then Delete this text box.
PC or tablet: visit MyIgnite
Phone: download and use the Microsoft Ignite mobile app
Your input is important!
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.