1. Understanding your enemy!

2. Jump Start Agenda Module 1: Today’s Threat Landscape
Module 2: Key Principles of Security
Module 3: Understanding your enemy!
Module 4: Phases of Hackers
Lunch Break
Module 5: What motivates hackers?
Module 6: Pass the Hash
Module 7: Windows Security Capabilities and Tools

3. Keep In Mind! There is no way to STOP a Hacker, you can only make their job HARDER !

4. How do we get tricked?

5. The Art of War
“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” – Sun Tzu

6. Knowing Yourself Accurately assess your own skills.
Possess detailed documentation of your network.
Understand the level of organizational support you receive.

7. Microsoft Security Compliance Manager

8. Identifying Your Attacker
Understanding Internal Attackers
Higher levels of trust
Physical access to network resources
Human resources protections

9. Hackers Beware Understanding External Attackers Novice Attackers
Intermediate Attackers
Advanced Attackers

10. Why do we get attacked? Top reasons you need to know…
Notoriety, acceptance, and ego
Financial gain
Challenge
Activism
Revenge
Espionage
Information warfare

11. Industry-wide vulnerability disclosures
By severity
OS, browser, and application vulnerabilities

12. Malware encounter rate trends by location
11/21/2018
Malware encounter rate trends by location
Country/region
3Q12
4Q12
1Q13
2Q13
Chg. 2H–1H 1
United States
13.8%
13.4%
14.1%
11.5%
-5.7% 2
Brazil
28.8%
26.3%
25.6%
26.8%
-5.0% 3
Russia
26.6%
27.3%
28.6%
29.7%
8.2% 4
Turkey
39.3%
38.9%
41.3%
47.4%
13.2% 5
India
32.6%
29.3%
29.4% 6
Mexico
28.2%
26.4%
24.5%
29.2%
-1.6% 7
Germany
14.0%
12.5%
11.1%
-8.4% 8
France
14.2%
14.9%
14.5%
15.6%
3.5% 9
China
35.8%
31.8%
25.9%
-19.1% 10
United Kingdom
13.5%
12.3%
-6.5%
© 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

13. About SIRv16 “Exploitation trends” Worldwide threat assessment
Vulnerability trends
Exploit trends
O/S, browser, and applications
Malware
threats
Malicious websites
Regional threat assessment
100+ countries/regions

14. Staying ahead of exploits
Stay current on security updates
Use the newest versions of applications
Use the Enhanced Mitigation Experience Toolkit (EMET)

15. Defending Networks Is Difficult but WHY?
Attackers have unlimited resources.
Attackers need to master only one attack.
Defenders cannot take the offensive.
Defenders must serve business goals.
Defenders must win all the time.
Defending Networks Is Difficult but WHY?

16. Defence Skill: Defend Like a IT Pro!
Hide Tracks
Implement Secure Auditing Procedures
Implement Forensics Auditing
Limit & Monitor number of Administrators
Exploitation
Keep Systems Patched inc 3rd Party Software
Restrict Access to PII and Sensitive Information / Consider Encryption
Disaster Recovery Planning / RISK Management
Get a Foothold
Use Multi Factor Authentication
Plan Remote Access around Security
Train Staff on Social Engineering Dangers
Knock on the Door
Ensure Firewalls are Secure
Install IPS, Anti Virus, Anti Malware
Strong Security Policies & Procedures

17. Key Takeaways

18. Connect with the speakers!
@ErdalOzkaya
@MiladPFE

19. TechNet Virtual Labs
Deep technical content and free product evaluations
Hands-on deep technical labs
Free, online, technical courses
At the TechNet Evaluation Center you can download free, trial versions of Microsoft software, with no feature limits. Dozens of trials are available – all at no cost.
Try Windows Server 2012 for up to 180 days. Download the Windows 8 Enterprise 90-day evaluation. Or try Windows Azure at no-cost for up to 90 days.
Microsoft Hands On Labs offer virtual environments that will take you through guided, technically deep product learning experience.
Learn at your own pace in labs that you can complete in 90 minutes or less. There is no complex setup or installation is required to use TechNet Virtual Labs.
Microsoft Virtual Academy provides free online training on the IT scenarios that are important to your company and your career.
Learn at your own pace and boost your IT skills with over 100 courses across more than 15 Microsoft technologies including Windows Server, Windows 8, Windows Azure, Office 365, virtualization, Windows Phone, and more.
Download Microsoft software trials today.
Find Hand On Labs.
Take a free online course.
Technet.microsoft.com/evalcenter
Technet.microsoft.com/virtuallabs
microsoftvirtualacademy.com