Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presenter: Nick Cavalancia Auditing Evangelist 3 Ways Auditing Needs to be a Part of Your Security Strategy Brought to You by.

Published byMyra Felicia Charles Modified over 9 years ago

Similar presentations

Presentation on theme: "Presenter: Nick Cavalancia Auditing Evangelist 3 Ways Auditing Needs to be a Part of Your Security Strategy Brought to You by."— Presentation transcript:

1 Presenter: Nick Cavalancia Auditing Evangelist 3 Ways Auditing Needs to be a Part of Your Security Strategy Brought to You by

2 Agenda GA  Security Breaches and Data Leaks in the News & Reality  Where Does Auditing Fit?  Why is Auditing Necessary?  Goals Auditing Helps With  Can Auditing Complement Threat Defense Mechanisms?  A 10K Foot View of a Simple Security Strategy  IT Systems Critical for Auditing  Netwrix Auditor  Conclusion  Questions & Answers

3 Security Breaches and Data Leaks in the News

4 What Typically Hits the Headlines?  General public impacted  Large numbers  High profile companies / state sponsored attacks

5 Malware to Steal Specific Data  Target breach, 2013  The Home Depot breach, 2014

6 Sophisticated Targeted Attacks  JP Morgan Chase breach, 2014  “Stuxnet” worm targeting specific organizations

7 Uncovered Vulnerabilities that may be Exploited by Hackers  Heartbleed  Shellshock

8 The Reality of Data Breaches and Leaks PwC 2014 Information Security Breaches Survey 81% of large and 60% of small firms had a security breach 63% of large organizations had staff related incidents 55% of large organizations suffered from outsider attacks Verizon 2014 Data Breach Investigations Report 88% of insider incidents were due to privilege misuse 22% of organizations detected insider misuse within weeks, 11% within months Thycotic 2014 “Black Hat” Hacker Survey Primary attack targets: IT Admins (30%) and contractors (40%) 99% of hackers believe simple hacking tactics are still effective 88% of hackers believe their own private information is at risk

9 Security Breaches and Data Leaks in Reality

10 PwC “Information Security Breaches” Survey, 2014: 81% of large and 60% of small firms had a security breach 63% of large organizations had staff related incidents 55% of large organizations suffered from outsider attacks

11 Verizon “Data Breach Investigations” Report, 2014: 88% of insider incidents were due to privilege misuse 22% of organizations detected insider misuse within weeks, 11% within months

12 Thycotic “Black Hat” Hacker Survey, 2014: Primary attack targets: Contractors (40%) and IT admins (30%) 99% of hackers believe simple hacking tactics are still effective

13 Where Does Auditing Fit?  For many, auditing is an afterthought  For many, auditing is merely a “once-a-year” part of an overall security strategy  Just documenting changes is not enough  Checking security state at a single point in time doesn’t provide the visibility

14 So Why is Auditing Necessary? IT changes happen… o Undocumented o Unlogged o Unapproved… 57% Make changes without documenting 46% Make changes that impact security 52% Make changes that impact availability 62% Have no ability to audit changes 42% Make changes across multiple systems

15 Goals Auditing Helps With  Security Enhancement  Achieving Regulatory Compliance and Passing Audits  Achieving Operational Efficiency

16 1. Assess 2. Assign 3. Audit A 10,000 Foot View: 3 High-Level Steps How Auditing Can Solidify Your Security Strategy

17 1. Assess 2. Assign 3. Audit A 10,000 Foot View: 3 High-Level Steps How Auditing Can Solidify Your Security Strategy

18 1. Assess 2. Assign 3. Audit A 10,000 Foot View: 3 High-Level Steps How Auditing Can Solidify Your Security Strategy

19 A 10,000 Foot View: 3 High-Level Steps How Auditing Can Solidify Your Security Strategy 1. Assess 2. Assign 3. Audit

20 IT Systems Critical for Auditing Active Directory SharePoint SQL Server VMware Windows Server File Servers Exchange IT-Auditing

21 Exchange File Servers SharePoint SQL Server VMware Windows Server Active Directory IT Systems Critical for Auditing

22 About Netwrix Corporation Year of foundation: 2006 Headquarters location: Irvine, California Global customer base: 6000 Recognition: Among the fastest growing software companies in the US with more than 70 industry awards from Redmond Magazine, SC Magazine, WindowsIT Pro and others Customer support: global 24/5 support with 97% customer satisfaction

23 Netwrix Locations Year of foundation: 2006 Headquarters location: Irvine, California Global customer base: 6000 Corporate Headquarters: 300 Spectrum Center Drive #1100 Irvine, CA 92618 888-638-9749 www.netwrix.com

24 About Netwrix Auditor Netwrix Auditor enables # completevisibility into both security configuration and data access within the IT infrastructure by providing actionable audit data about who changed what, when and where and who has access to what

25 Netwrix Auditor Benefits Eliminates blind spots and makes it easy to identify changes that violate corporate security policies thus helping detect suspicious user activity and prevent breaches. Provides actionable audit data required to prove that the organization’s IT compliance program adheres to PCI DSS, HIPAA, SOX, FISMA/NIST800- 53, COBIT, ISO/IEC 27001 and other audits. Relieves IT departments of manual crawling through disparate array of event logs to get the information about who changed what, when and where and who has access to what. Strengthens Security Streamlines ComplianceOptimizes Operations

26 Netwrix Auditor Applications Scope Active Directory changes; Group Policy changes; State-in-Time information on configurations; real-time alerts; AD change rollback; inactive user tracking and password expiration alerting Changes to Windows-based file servers, EMC Storage and NetApp Filers; State-in-Time information on configurations. SharePoint farm configuration changes, security and content changes Exchange changes and non- owner mailbox access auditing SQL configuration and database content changes Changes to configuration of Windows-based servers; Event Logs, Syslog, Cisco, IIS, DNS; User activity video recording VMware vSphere changes Netwrix Auditor for Active Directory Netwrix Auditor for Exchange Netwrix Auditor for File Servers Netwrix Auditor for SharePoint Netwrix Auditor for SQL Server Netwrix Auditor for VMware Netwrix Auditor for Windows Server

27 Netwrix Auditor Conceptual Model

28 Conclusion  Companies make undocumented changes on a daily basis. Changes coming from outsiders is not mythic either.  Security is never a static thing but is a multi-faceted process.  Change Auditing should be a part of your holistic security strategy and an ongoing exercise mirroring the dynamic nature of your environment.

29 Presenter: Nick Cavalancia Auditing Evangelist Thank you for your attention! Questions? Brought to You by

Download ppt "Presenter: Nick Cavalancia Auditing Evangelist 3 Ways Auditing Needs to be a Part of Your Security Strategy Brought to You by."

Similar presentations

BalaBit Shell Control Box

BalaBit Shell Control Box
Enterprise Reporter 2.0 Customer Presentation. Market Landscape.

Enterprise Reporter 2.0 Customer Presentation. Market Landscape.
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
Www.cleo.com Steve Jordan Director. Industry Solutions 05/05/14 Managing Chaos: Data Movement in 2014.

Steve Jordan Director. Industry Solutions 05/05/14 Managing Chaos: Data Movement in 2014.
Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –

Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –
ISecurity Complete Product Series For System i. About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System.

ISecurity Complete Product Series For System i. About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System.
Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
Security Controls – What Works

Security Controls – What Works
Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.

Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.
RSA Approach for Securing the Cloud Bernard Montel Directeur Technique RSA France Juillet 2010.

RSA Approach for Securing the Cloud Bernard Montel Directeur Technique RSA France Juillet 2010.
Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.
Change Auditing Software

Change Auditing Software
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
Copyright 2009 Trend Micro Inc. Harish Agastya, Director Server Security Product Marketing Server Security Press Presentation.

Copyright 2009 Trend Micro Inc. Harish Agastya, Director Server Security Product Marketing Server Security Press Presentation.
1 Title ECI: Anatomy of a Cyber Investigation Who Are the Actors.

1 Title ECI: Anatomy of a Cyber Investigation Who Are the Actors.
Copyright 2009 Trend Micro Inc. OfficeScan 10.5 VDI-aware endpoint security.

Copyright 2009 Trend Micro Inc. OfficeScan 10.5 VDI-aware endpoint security.
NUAGA May 22, 2014.  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.

NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.
(2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers Image from this Site Presenters: Aron Eisold, Matt Mickelson, Bryce Nelson,

(2011) Security Breach Compromises 75,000 Staff/Student Social Security Numbers Image from this Site Presenters: Aron Eisold, Matt Mickelson, Bryce Nelson,
Www.softwareassist.net Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.

Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.

Similar presentations

Ads by Google