Scribd Logo
Upload

Welcome to Scribd!

  • Global Ponemon

    Uploaded by

    nicolepetrescu
    10 views23 pages
    Global Ponemon

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Global Ponemon

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    10 views23 pages

    Global Ponemon

    Uploaded by

    nicolepetrescu
    Global Ponemon

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 23

    The Naked Network:

    Why Network Security Has Never


    Been More Important
    July 10, 2014
    Speaking Today

    Joshua Daggs
    Technical Sales Engineer
    GFI

    2
    The Naked Network: Why Network Security Has Never
    Been More Important

    Threat Threat Actors, Motivations


    Landscape
    Shapes
    Security
    Market
    Breaches Illustrate Basic Failures

    Security Market Trends

    3
    The Naked Network: Why Network Security Has Never
    Been More Important

    Financially Motivated
    Well Organized
    Sophistication on back-end
    Cyberespionage
    Well Funded
    Targeted Attacks
    Hacktivism
    Political Motivation
    Costly Disruption

    4
    The Naked Network: Why Network Security Has Never
    Been More Important

    2014 2011 2011

    HBGary Federal
    Haysite Plastics

    RSA SecurID
    Gameover Intellectual Anonymous
    Zeus Victim Property Theft Website SQL
    Phishing Spearphishing Injection
    Account Zero-Day Attack
    Credential Exploit Password
    Theft Advanced Theft
    $374K In Persistent Social
    Fraudulent Threats Engineering
    Transfers

    5
    The Naked Network: Why Network Security Has Never
    Been More Important

    Common Stolen Credentials


    Attack
    Techniques Brute Force Attacks
    Configuration Errors
    Software Vulnerabilities
    Phishing
    Malware
    Automated Attack Tools
    DDoS Services

    6
    The Naked Network: Why Network Security Has Never
    Been More Important
    Risk Assessment
    Identify Vulnerability, Configuration Management

    Continuous Monitoring
    Detect Log Management, SIEM

    Data Security
    Protect Access Control

    Mitigation
    Respond Response Planning

    Backup & Recovery


    Recover Resume Normal Operations

    7
    The Naked Network: Why Network Security Has Never
    Been More Important

    Managed Security Network Monitoring


    Services 10.4% Incident Response

    Next Generation Application Control, IPS Features


    Firewalls, UTM 41% Increasing Endpoint Visibility

    Predictive Analytics
    SIEM, Threat Intel 21.9% Hadoop Big Data Security Projects

    GRC Platforms, Frameworks


    Policy, Compliance 20% Critical Infrastructure Protection

    Identity, Access SaaS-Based Platforms, 2FA, SSO


    Management 20.9% SMB Cloud Services Adoption

    Incident Response Automation


    Forensics 67% Breach Detection Platforms

    8
    The Naked Network: Why Network Security Has Never
    Been More Important

    If your position in an organization includes responsibility for


    security, but does not include corresponding authority, then your
    role in the organization is to take the blame when something
    happens. You should make sure your resume is up-to-date.
    -Eugene Spafford, Purdue University | Spafs First Law of System Administration

    9
    The Naked Network:
    Why Network Security Has Never
    Been
    More Important
    Overview:
    Why network security is important
    What to look for
    How you can secure your network
    Why Network Security is Important

    The Montana Department of Public Health and Human


    Services announced a data breach that occurred when hackers
    had access to the server for nearly a year. The server contains
    names, addresses, dates of birth, Social Security numbers and
    clinical information of customers along with the Social Security
    numbers and bank account information of employees. Breach
    report from privacyrights.org May 2014
    What to Look for
    Attacks against a network may come as:

    Direct attacks (system penetration)


    Viruses, worms, or spyware
    Frauds and scams via phishing and web exploits

    The breach at Target Corp. that exposed credit card


    data on more than 110 million consumers had begun
    with a malware-laced email phishing attack...

    privacyrights.org February 2014


    Are you the weakest link in
    someone elses chain?

    The breach at Target Corp. that exposed credit


    card data on more than 110 million consumers
    had begun with a malware-laced email phishing
    attack sent to employees at an HVAC
    contractor in Sharpsburg Pennsylvania.
    privacyrights.org February 2014
    Information Vulnerability
    Direct attack types:
    Viruses
    Insider abuse of network and internet access
    Unauthorized access
    Denial-of-service attacks
    System penetration via Trojans and open ports
    Secure your
    network

    Network security involves:


    Assessing vulnerabilities accurately
    Confidentiality is key: authorized access only when
    and where it is needed
    Proactively managing patch deployments and
    resolving identified weaknesses
    Responsibly maintaining an assessment routine
    Security methods
    Most common solutions

    Firewall
    Anti-virus
    Basic access control
    Security methods
    Additional layers of security
    Patch management
    Web filtering
    Event log collection/management

    Regular management & monitoring


    is critical
    Protect Manage Monitor
    Thank YouQuestions?

    www.gfi.com

    Become a GFI Partner:


    www.gfi.com/newpartner

    For more information contact:


    Email: sales@gfi.com Phone: 1(888) 243-4329
    Q&A: Submit Your Questions Now

    Joshua Daggs
    Technical Sales Engineer
    GFI

    21
    Check Out Upcoming and On Demand
    ChannelCasts!

    www.facebook.com/channelcasts

    http://www.crn.com/channel-
    cast/index.htm
    Thank You

    You might also like