Download presentation
Presentation is loading. Please wait.
Published byFrancis Griffin Modified over 9 years ago
5
IaaS PaaS SaaS
8
This is, in fact, the only risk to which we can lose the entire company. Chief Risk Manager
9
Competitors want your Intellectual Property Competitors want your Intellectual Property Organized crime wants your money Organized crime wants your money Intel Agencies want your personal data Intel Agencies want your personal data Terrorists want your life Terrorists want your life
11
There’s a huge gap between the threats and our protective measures to defend against those attacks. Khalid Kark, vice president and research director, Forrester Research Inc. There’s a huge gap between the threats and our protective measures to defend against those attacks. Khalid Kark, vice president and research director, Forrester Research Inc.
13
“If you protect your paper clips and diamonds with equal vigor, you’ll soon have more paper clips and fewer diamonds” -Attributed to Dean Rusk, US Secretary of State, 1961- 1969
14
Detect Current state Cyber Capabilities Desired state Cyber Capabilities Anomaly Detection Attack High Privilege accounts
18
High Risk Data Zone Medium Risk Data Zone High Business Impact Data Medium Business Impact Data $$$$$ $$$ Low Risk Data Zone Low Business Impact Data $
19
GoalBenefit Differentiation of controls per Zone Cost avoidance Reduce risk of attack moving from one Zone to another Risk likelihood and impact reduction Enable secure adoption of Cloud and Consumerization Business enablement
20
One Open Network Contoso.com 1.Move the most valuable assets to a highly secure environment 2.Move the most exposed assets to a separate environment 3.Move the most vulnerable assets out of the Open Network Office Automation Medium/Low Risk Data Office Automation Contoso.com Secure Cell High Risk Data Secure Cell Secure.com Containment W2K, Old Java, Test Contain.com W2K, Old Java, Test Access Services Internet Facing Apps Secure Cell Office Automati on Access Services Internet Facing Apps External Connect External.com
22
Basic Infrastructure Network, Storage, Desktop, Servers, etc. Basic Infrastructure Network, Storage, Desktop, Servers, etc. Management Asset Management (incl AV, patching and configuration) Security Identity and Access management Application Services E.g. LDAP, Search
23
Application Network stack Operating System MBI Data “Bring your own device” or Cloud Application Network stack Other data Operating System MBI Data Application Part of Medium Risk Zone Fully isolated application Internal server application
24
Example Controls Adequate? Start Encryption (e.g. RMS) Adequate? No Yes Done Yes Done Yes Done Sandboxing, Presentation virtualization (e.g. RDS) Health check/contractual, Mobile Device Management Application Protection Network stack Operating System Data Protection Fully managed corporate device
28
Access: Users and Workstations Power: Domain Controllers Data: Servers and Applications DCIM-B213 TWC: Pass-the-Hash and Credential Theft Mitigation Architectures DCIM-B359 TWC: Pass-the-Hash: How Attackers Spread and How to Stop Them
31
Protective Controls By 2020, 60% of enterprise information security budgets will be allocated to rapid detection and response approaches, up from less than 10% in 2013 (Gartner, May 2013)
32
ReconnaissanceWeaponizationDeliveryExploitationInstallation Command and Control Actions on Objective
35
PANIC …
40
Effectiveness Depends on ExecutionInherent Low Effectiveness Low Attacker Skill/Presence 0% chance of persistence High Attacker Skill/Presence 100% chance of persistence $$$$$$$ $$$ $
45
www.microsoft.com/learning http://microsoft.com/msdn http://microsoft.com/technet http://channel9.msdn.com/Events/TechEd
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.