SlideShare ist ein Scribd-Unternehmen logo

Shift Toward Dynamic Cyber Resilience

Darren Argyle
Darren Argyle
1 von 28
Downloaden Sie, um offline zu lesen
Shi$  Toward  Dynamic  Cyber  Resilience     Security  in  the  Post-­‐AV  Era   Darren  Argyle  CISSP  CISM   Senior  Director,  EMEA  Security  CTO  @  Symantec   Cyber  Security  in  the  Post-­‐AV  Era   1  
So$ware  and  Data  powers  the  world   Cyber  Security  in  the  Post-­‐AV  Era   2  
2020   40ZB   2015   7.9ZB   2010   1.2ZB   Informa?on   is  exploding  
Cyber  Security  in  the  Post-­‐AV  Era   4   Coffee  Shop   Office  Home   Industrial     Devices   Government   Data   Web   Transac?ons   From  a  security  perspecFve  there’s  more  and   more  to  protect  in  more  and  more  places   Airport   …   Corporate   Assets  
Cyber  Security  in  the  Post-­‐AV  Era   We’re  also  moving  toward  an  inherently     insecure  ecosystem  where…         OK     • • • • • •   OK   •  Low  power,  mobile,  non-­‐sophis?cated     devices  are  common   •  Everything  needs  authen?ca?on  –  and  passwords   are  a  really  poor  way  to  protect  your  iden?ty   Ø  The  only  thing  between  an  aPacker  and  your   bank  account  is  a  weak  password   5  
Cyber  Security  in  the  Post-­‐AV  Era   7   We’re  not  succeeding  in  solving  this  today…   >500M  idenFFes  were  exposed  last  year  
Cyber  Security  in  the  Post-­‐AV  Era   8   Why?    There’s  an  asymmetry  between     aTackers  and  defenders   ATTACKERS   DEFENDERS   Can  focus  on  one  target   Only  need  to  be  right  once   Hack  can  be  worth  millions  of  dollars   Focus  only  on  geZng  in   ATackers  can  buy     and  test  security  products   Must  defend  everything   Need  to  be  right  every  Fme   Blocks  are  expected  &  maintain  status  quo   Must  balance  defense  with  business  impact   Defenders  can’t  pre-­‐test     targeted  malware    
If  only  we  could   use  our  collecFve   defense  technologies   to  watch  acFviFes,     determine  paTerns,   and  find  anomalies.   Cyber  Security  in  the  Post-­‐AV  Era   9   To  balance  this,  we  need  an  asymmetric   advantage  of  our  own  
Cyber  Security  in  the  Post-­‐AV  Era   10   To  balance  this,  we  need  an  asymmetric   advantage  of  our  own   !   We  can  …   Big  Data     AnalyFcs  
It’s  impossible  to  implement  an  aTack     without  leaving  a  trace   Cyber  Security  in  the  Post-­‐AV  Era   11   Big  Data  Approach   Network   Server   Endpoint  
C L O U D   Cyber  Security  in  the  Post-­‐AV  Era   12   What  if  …   Apply     Context   Correlate     &  Priori?ze   •  We  could  collect  info  from     every  endpoint,  network     device,  and  server   •  We  could  watch  this  data     at  the  enterprise  level  –   looking  for  paPerns  and   anomalies   •  We  could  apply  knowledge   and  learning  from  across   many  customers   Indicators     of   Breach   Knowledge     about  URLs,     file  hashes   APack     paPerns  &   actors   Correla?on   across     ecosystem   E N T E R P R I S E   D E V I C E S  
Cyber  Security  in  the  Post-­‐AV  Era   13   We  can  do  those  things   •  Data  analysis  value   comes  from  ability  to   apply  intelligence  on   premise  &  in  cloud     •  Data  value  comes  from   volume  &  variety   13   E N T E R P R I S E   C L O U D   D E V I C E S  
Cyber  Security  in  the  Post-­‐AV  Era   14   •  Trace   •  Correlate     &  Priori?ze   •  Connect  to     ac?ons  at  other   Enterprises   14  14   E N T E R P R I S E   C L O U D   D E V I C E S   Apply     Context   Correlate     &  Priori?ze   This  allows  us  to  …   Unknown     source  email   received  by     XXX   IoCs  detected   on  device   Connected   to  remote   server   ConnecFon   aTempted  to  other   higher  value  targets  on     enterprise  network   Link  clicked,   connecFon   established   Files   downloaded  
Cyber  Security  in  the  Post-­‐AV  Era   15   Result     We  can  apply  our  asymmetric   advantage  against  theirs   We  ALSO  need  an  approach  to   protec?ng  the  insecure  ecosystem:     Need  to  make  it  easier  to  be  secure    
PROBLEM:     Devices  don’t  allow  visibility  &  control   SOLUTION:  App-­‐Centric  Protec?on   PROTECT  APPS/DATA   –  App:  Before  installing,  understand  what     behaviors  the  app  will  perform   Manage  the  apps  in  the  device  with  containers   –  Data:  Seal  apps  in  a  container  that  ensures  sensi?ve   data  is  managed  and  encrypted   PROTECT  CONNECTIONS   –  Wifi  hotspot  reputa?on  (use  big  data  to  collect  data)   –  VPNs   Cyber  Security  in  the  Post-­‐AV  Era   16   Lock  down  the  insecure  system  and  connecFons  
Cyber  Security  in  the  Post-­‐AV  Era   17   Move  past  idenFty  through  passwords   YESTERDAY’S     NEEDS   TOMORROW’S   NEEDS   STATIC     devices,  users  &  servers   MOVING  AND  CHANGING     devices,  users  &  servers   SEPARATE  PASSWORDS     for  everything   SINGLE  BIOMETRIC  AUTHENTICATION     BROKERED  TRUST   with  certs  &     federated  roots  of  trust  
Cyber  Security  in  the  Post-­‐AV  Era   18   Self  Driving  Cars   Medical  Devices   “Internet  of  Things”   We’re  reaching  a  criFcal  point  –  New  technologies   willl  require  people  to  feel  more  secure   Photo  by:  Steve  Jurvetson/Wikipedia  Crea?ve  Commons  
SILVER  
   Tradi&onal   Security  Approach   –  80%   External   Threat   Intelligence   and  Trending   Enhanced   Intelligence   Exchange  &   Sharing   Incident   Response,   Malware   Analysis  &   Forensics   Cyber  Risk   Assessment   Business   Awareness  &   Involvement   Informa?on   Governance   Advanced   Threat   Protec?on   So  what  Do  I  Need  to  Do  Differently?   20  
A  definiFon…..     Cyber-­‐resilience  is  the  organiza?on's  capability  to  withstand   nega?ve  impacts  due  to  known,  predictable,  unknown,   unpredictable,  uncertain  and  unexpected  threats  from  ac?vi?es   in  cyberspace.     (Informa>on  Security  Forum)   ……it’s  now  a  business  conversa>on?   From  cyber-­‐security  to  cyber-­‐resilience  
Welcome  to  a  new  era  of  Cyber-­‐Resilience             •  It’s  the  acknowledgement  that  something  bad  will  happen,  or  has   happened  alreday,  and  you  don’t  even  know  it  yet   •  From  known  risks  to  unknown  threats   •  Requirement  to  extend  controls  beyond  just  your  enterprise     •  Look  beyond  your  own  back  yard,  collabora?on  more,  gather  and   share  Cyber-­‐intelligence  (internal  &  external)   •  Different  audiences  will  now  care  that  didn’t  before.  New  language     =  more  engagement  from  the  business  
TIMELINE   Recognise  breach  is  inevitable  and  become  resilient   OF  ORGANIZATIONS  HAVE  >25  INCIDENTS  EACH  MONTH1   AVERAGE  NUMBER  OF  DAYS  TO  DISCOVER  A  BREACH     60%   243   PREPARE   PREVENT   DETECT  &  RESPOND   RECOVER  
TIMELINE   PROTECT  COMPANY   INFORMATION  FROM   MALICIOUS  ATTACK   AND  MISUSE   REDUCE  TIME  TO   RECOVERY  TO   MAINTAIN  BUSINESS   CONTINUITY   WHERE  IS  MY   SENSITIVE  DATA  -­‐   UNDERSTAND  MY   SECURITY  &  RISK   POSTURE   PROVIDE  RAPID   DETECTION  AND   RESPONSE  TO   SECURITY  INCIDENTS   RISK  MANAGEMENT   RESPONSE  PLANNING   TRANSFORM   PREPARE   PREVENT   DETECT  &  RESPOND   RECOVER  
Our  Vision  –  InformaFon  Governance  and  Cyber  Resilience  
What’s  your  –  InformaFon  Governance  and  Cyber  Resilience   posture?  
Resources   www.emea.symantec.com/cyber-­‐resilience/   FINTEL  
Thank  you!   Copyright  ©  2014  Symantec  CorporaFon.  All  rights  reserved.  Symantec  and  the  Symantec  Logo  are  trademarks  or  registered  trademarks  of  Symantec  Corpora?on  or  its  affiliates  in   the  U.S.  and  other  countries.    Other  names  may  be  trademarks  of  their  respec?ve  owners.     This  document  is  provided  for  informa?onal  purposes  only  and  is  not  intended  as  adver?sing.    All  warran?es  rela?ng  to  the  informa?on  in  this  document,  either  express  or  implied,   are  disclaimed  to  the  maximum  extent  allowed  by  law.    The  informa?on  in  this  document  is  subject  to  change  without  no?ce.   28   Thank  You  !     Darren  Argyle  CISM  CISSP   Darren_argyle@symantec.com   0774  0830210   TwiPer  D_Argyle   “Google  Car”  Photo  Credit:    "Jurvetson  Google  driverless  car  trimmed"  by   Flckr  user  jurvetson  (Steve  Jurvetson).   Trimmed  and  retouched  with  PS9  by  Mariordo   -­‐  hPp://commons.wikimedia.org/wiki/ File:Jurvetson_Google_driverless_car.jpg.   Licensed  under  Crea?ve  Commons  APribu?on-­‐ Share  Alike  2.0  via  Wikimedia  Commons  -­‐   hPp://commons.wikimedia.org/wiki/ File:Jurvetson_Google_driverless_car_trimmed .jpg#mediaviewer/ File:Jurvetson_Google_driverless_car_trimmed .jpg.  

Empfohlen

A Manifesto for Cyber Resilience
A Manifesto for Cyber ResilienceA Manifesto for Cyber Resilience
A Manifesto for Cyber Resilience
Symantec
 
Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016
Niran Seriki, CCISO, CISM
 
Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015
ITSM Academy, Inc.
 
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and DoubtThe Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
John D. Johnson
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber Resilience
Ian-Edward Stafrace
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber Resilience
Donald Tabone
 
Think Cyber Think Resilience | William Barker | March 2016
Think Cyber Think Resilience | William Barker | March 2016Think Cyber Think Resilience | William Barker | March 2016
Think Cyber Think Resilience | William Barker | March 2016
Anna Fenston
 
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Matthew Rosenquist
 

Empfohlen

A Manifesto for Cyber Resilience
A Manifesto for Cyber ResilienceA Manifesto for Cyber Resilience
A Manifesto for Cyber Resilience
Symantec
 
Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016Cyber security resilience ESRM Conference Amsterdam 2016
Cyber security resilience ESRM Conference Amsterdam 2016
Niran Seriki, CCISO, CISM
 
Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015Cyber resilience itsm academy_april2015
Cyber resilience itsm academy_april2015
ITSM Academy, Inc.
 
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and DoubtThe Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
The Journey to Cyber Resilience in a World of Fear, Uncertainty and Doubt
John D. Johnson
 
Cyber Resilience
Cyber ResilienceCyber Resilience
Cyber Resilience
Ian-Edward Stafrace
 
Dealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber ResilienceDealing with Information Security, Risk Management & Cyber Resilience
Dealing with Information Security, Risk Management & Cyber Resilience
Donald Tabone
 
Think Cyber Think Resilience | William Barker | March 2016
Think Cyber Think Resilience | William Barker | March 2016Think Cyber Think Resilience | William Barker | March 2016
Think Cyber Think Resilience | William Barker | March 2016
Anna Fenston
 
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Challenges for the Next Generation of Cybersecurity Professionals - Matthew R...
Matthew Rosenquist
 
Cyber Secuirty Visualization
Cyber Secuirty VisualizationCyber Secuirty Visualization
Cyber Secuirty Visualization
Doug Cogswell
 
Cybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesCybersecurity Risks for Businesses
Cybersecurity Risks for Businesses
Alex Rudie
 
Building Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyBuilding Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital Economy
Agus Wicaksono
 
Strategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksStrategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity Risks
Matthew Rosenquist
 
Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & Recommendations
Ulf Mattsson
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
Ulf Mattsson
 
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationTop 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
PECB
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
PECB
 
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...
BCM Institute
 
Future of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistFuture of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.Rosenquist
Matthew Rosenquist
 
A Strategy for Addressing Cyber Security Challenges
A Strategy for Addressing Cyber Security Challenges A Strategy for Addressing Cyber Security Challenges
A Strategy for Addressing Cyber Security Challenges
Cybersecurity Education and Research Centre
 
Cyber Security Strategies and Approaches
Cyber Security Strategies and ApproachesCyber Security Strategies and Approaches
Cyber Security Strategies and Approaches
vngundi
 
Key Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexKey Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence Index
IBM Security
 
The Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber SecurityThe Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber Security
Kevin Duffey
 
cybersecurity strategy planning in the banking sector
cybersecurity strategy planning in the banking sectorcybersecurity strategy planning in the banking sector
cybersecurity strategy planning in the banking sector
Olivier Busolini
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?
PECB
 
Cyber security
Cyber securityCyber security
Cyber security
Vaibhav Jain
 
Case Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information SecurityCase Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information Security
PECB
 
IT Security for Nonprofits
IT Security for NonprofitsIT Security for Nonprofits
IT Security for Nonprofits
Community IT Innovators
 
Must Know Cyber Security Stats of 2016
Must Know Cyber Security Stats of 2016Must Know Cyber Security Stats of 2016
Must Know Cyber Security Stats of 2016
DWP Information Architects Inc.
 
Cyber Resilience Summit Briefing
Cyber Resilience Summit Briefing Cyber Resilience Summit Briefing
Cyber Resilience Summit Briefing
John Weiler
 
Cyber Resilience @ Dundee & Angus College
Cyber Resilience @ Dundee & Angus CollegeCyber Resilience @ Dundee & Angus College
Cyber Resilience @ Dundee & Angus College
College Development Network
 

Weitere ähnliche Inhalte

Was ist angesagt?

Strategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksStrategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity Risks
Matthew Rosenquist
 
Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & Recommendations
Ulf Mattsson
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
Ulf Mattsson
 
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationTop 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
PECB
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
PECB
 
Future of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistFuture of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.Rosenquist
Matthew Rosenquist
 
Key Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexKey Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence Index
IBM Security
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?
PECB
 
Case Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information SecurityCase Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information Security
PECB
 

Was ist angesagt? (20)

Cyber Secuirty Visualization
Cyber Secuirty VisualizationCyber Secuirty Visualization
Cyber Secuirty Visualization
 
Cybersecurity Risks for Businesses
Cybersecurity Risks for BusinessesCybersecurity Risks for Businesses
Cybersecurity Risks for Businesses
 
Building Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital EconomyBuilding Cyber Resilience in the Digital Economy
Building Cyber Resilience in the Digital Economy
 
Strategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksStrategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity Risks
 
Cyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & RecommendationsCyber Risk Management in 2017 - Challenges & Recommendations
Cyber Risk Management in 2017 - Challenges & Recommendations
 
Cyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & RecommendationsCyber Risk Management in 2017: Challenges & Recommendations
Cyber Risk Management in 2017: Challenges & Recommendations
 
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationTop 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA Regulation
 
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
Advanced Cybersecurity Risk Management: How to successfully address your Cybe...
 
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...
 
Future of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.RosenquistFuture of Cybersecurity 2016 - M.Rosenquist
Future of Cybersecurity 2016 - M.Rosenquist
 
A Strategy for Addressing Cyber Security Challenges
A Strategy for Addressing Cyber Security Challenges A Strategy for Addressing Cyber Security Challenges
A Strategy for Addressing Cyber Security Challenges
 
Cyber Security Strategies and Approaches
Cyber Security Strategies and ApproachesCyber Security Strategies and Approaches
Cyber Security Strategies and Approaches
 
Key Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexKey Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence Index
 
The Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber SecurityThe Security Director's Practical Guide to Cyber Security
The Security Director's Practical Guide to Cyber Security
 
cybersecurity strategy planning in the banking sector
cybersecurity strategy planning in the banking sectorcybersecurity strategy planning in the banking sector
cybersecurity strategy planning in the banking sector
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?
 
Cyber security
Cyber securityCyber security
Cyber security
 
Case Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information SecurityCase Study: The Role of Human Error in Information Security
Case Study: The Role of Human Error in Information Security
 
IT Security for Nonprofits
IT Security for NonprofitsIT Security for Nonprofits
IT Security for Nonprofits
 
Must Know Cyber Security Stats of 2016
Must Know Cyber Security Stats of 2016Must Know Cyber Security Stats of 2016
Must Know Cyber Security Stats of 2016
 

Andere mochten auch

Cyber Resilience: A New Perspective on Security
Cyber Resilience: A New Perspective on SecurityCyber Resilience: A New Perspective on Security
Cyber Resilience: A New Perspective on Security
Ina Luft
 
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Government Technology and Services Coalition
 

Andere mochten auch (9)

Cyber Resilience Summit Briefing
Cyber Resilience Summit Briefing Cyber Resilience Summit Briefing
Cyber Resilience Summit Briefing
 
Cyber Resilience @ Dundee & Angus College
Cyber Resilience @ Dundee & Angus CollegeCyber Resilience @ Dundee & Angus College
Cyber Resilience @ Dundee & Angus College
 
Cyber Resilience: A New Perspective on Security
Cyber Resilience: A New Perspective on SecurityCyber Resilience: A New Perspective on Security
Cyber Resilience: A New Perspective on Security
 
Journey to cyber resilience
Journey to cyber resilienceJourney to cyber resilience
Journey to cyber resilience
 
The cyber resilient enterprise
The cyber resilient enterpriseThe cyber resilient enterprise
The cyber resilient enterprise
 
Balancing speed & agility with security & governance (July 2016)
Balancing speed & agility with security & governance (July 2016)Balancing speed & agility with security & governance (July 2016)
Balancing speed & agility with security & governance (July 2016)
 
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
Sean McCloskey: How do we Strengthen the Public-Private Partnership to Mitiga...
 
The Measure of Success: Security Metrics to Tell Your Story
The Measure of Success: Security Metrics to Tell Your StoryThe Measure of Success: Security Metrics to Tell Your Story
The Measure of Success: Security Metrics to Tell Your Story
 
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk ResilienceHow to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
How to Steer Cyber Security with Only One KPI: The Cyber Risk Resilience
 

Ähnlich wie Shift Toward Dynamic Cyber Resilience

The Cloud Beckons, But is it Safe?
The Cloud Beckons, But is it Safe?The Cloud Beckons, But is it Safe?
The Cloud Beckons, But is it Safe?
NTEN
 
Behind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced ThreatsBehind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced Threats
Cisco Canada
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside Out
Lancope, Inc.
 
Splunk EMEA Webinar: Scoping infections and disrupting breaches
Splunk EMEA Webinar: Scoping infections and disrupting breachesSplunk EMEA Webinar: Scoping infections and disrupting breaches
Splunk EMEA Webinar: Scoping infections and disrupting breaches
Splunk
 
Introduction to the Current Threat Landscape
Introduction to the Current Threat LandscapeIntroduction to the Current Threat Landscape
Introduction to the Current Threat Landscape
Melbourne IT
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)
Norm Barber
 
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Amazon Web Services
 

Ähnlich wie Shift Toward Dynamic Cyber Resilience (20)

MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?MYTHBUSTERS: Can You Secure Payments in the Cloud?
MYTHBUSTERS: Can You Secure Payments in the Cloud?
 
Cloud Security - Idealware
Cloud Security - IdealwareCloud Security - Idealware
Cloud Security - Idealware
 
The Cloud Beckons, But is it Safe?
The Cloud Beckons, But is it Safe?The Cloud Beckons, But is it Safe?
The Cloud Beckons, But is it Safe?
 
Re-Thinking BYOD Policy.pptx
Re-Thinking BYOD Policy.pptxRe-Thinking BYOD Policy.pptx
Re-Thinking BYOD Policy.pptx
 
Behind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced ThreatsBehind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced Threats
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside Out
 
Splunk EMEA Webinar: Scoping infections and disrupting breaches
Splunk EMEA Webinar: Scoping infections and disrupting breachesSplunk EMEA Webinar: Scoping infections and disrupting breaches
Splunk EMEA Webinar: Scoping infections and disrupting breaches
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security Basics
 
Introduction to the Current Threat Landscape
Introduction to the Current Threat LandscapeIntroduction to the Current Threat Landscape
Introduction to the Current Threat Landscape
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)
 
FINE-TUNE IPS TO DIAL UP SECURITY
FINE-TUNE IPS TO DIAL UP SECURITYFINE-TUNE IPS TO DIAL UP SECURITY
FINE-TUNE IPS TO DIAL UP SECURITY
 
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
 
AWS Summit Auckland Platinum Sponsor presentation - Trend Micro
AWS Summit Auckland Platinum Sponsor presentation - Trend MicroAWS Summit Auckland Platinum Sponsor presentation - Trend Micro
AWS Summit Auckland Platinum Sponsor presentation - Trend Micro
 
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
 
2015 Cyber Security
2015 Cyber Security2015 Cyber Security
2015 Cyber Security
 
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionGISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
 
The Cloud Beckons, But is it Safe?
The Cloud Beckons, But is it Safe?The Cloud Beckons, But is it Safe?
The Cloud Beckons, But is it Safe?
 
No More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan RowcliffeNo More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
No More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe
 
Cyberlink Deck
Cyberlink DeckCyberlink Deck
Cyberlink Deck
 

Shift Toward Dynamic Cyber Resilience

  • 1. Shi$  Toward  Dynamic  Cyber  Resilience     Security  in  the  Post-­‐AV  Era   Darren  Argyle  CISSP  CISM   Senior  Director,  EMEA  Security  CTO  @  Symantec   Cyber  Security  in  the  Post-­‐AV  Era   1  
  • 2. So$ware  and  Data  powers  the  world   Cyber  Security  in  the  Post-­‐AV  Era   2  
  • 3. 2020   40ZB   2015   7.9ZB   2010   1.2ZB   Informa?on   is  exploding  
  • 4. Cyber  Security  in  the  Post-­‐AV  Era   4   Coffee  Shop   Office  Home   Industrial     Devices   Government   Data   Web   Transac?ons   From  a  security  perspecFve  there’s  more  and   more  to  protect  in  more  and  more  places   Airport   …   Corporate   Assets  
  • 5. Cyber  Security  in  the  Post-­‐AV  Era   We’re  also  moving  toward  an  inherently     insecure  ecosystem  where…         OK     • • • • • •   OK   •  Low  power,  mobile,  non-­‐sophis?cated     devices  are  common   •  Everything  needs  authen?ca?on  –  and  passwords   are  a  really  poor  way  to  protect  your  iden?ty   Ø  The  only  thing  between  an  aPacker  and  your   bank  account  is  a  weak  password   5  
  • 6.
  • 7. Cyber  Security  in  the  Post-­‐AV  Era   7   We’re  not  succeeding  in  solving  this  today…   >500M  idenFFes  were  exposed  last  year  
  • 8. Cyber  Security  in  the  Post-­‐AV  Era   8   Why?    There’s  an  asymmetry  between     aTackers  and  defenders   ATTACKERS   DEFENDERS   Can  focus  on  one  target   Only  need  to  be  right  once   Hack  can  be  worth  millions  of  dollars   Focus  only  on  geZng  in   ATackers  can  buy     and  test  security  products   Must  defend  everything   Need  to  be  right  every  Fme   Blocks  are  expected  &  maintain  status  quo   Must  balance  defense  with  business  impact   Defenders  can’t  pre-­‐test     targeted  malware    
  • 9. If  only  we  could   use  our  collecFve   defense  technologies   to  watch  acFviFes,     determine  paTerns,   and  find  anomalies.   Cyber  Security  in  the  Post-­‐AV  Era   9   To  balance  this,  we  need  an  asymmetric   advantage  of  our  own  
  • 10. Cyber  Security  in  the  Post-­‐AV  Era   10   To  balance  this,  we  need  an  asymmetric   advantage  of  our  own   !   We  can  …   Big  Data     AnalyFcs  
  • 11. It’s  impossible  to  implement  an  aTack     without  leaving  a  trace   Cyber  Security  in  the  Post-­‐AV  Era   11   Big  Data  Approach   Network   Server   Endpoint  
  • 12. C L O U D   Cyber  Security  in  the  Post-­‐AV  Era   12   What  if  …   Apply     Context   Correlate     &  Priori?ze   •  We  could  collect  info  from     every  endpoint,  network     device,  and  server   •  We  could  watch  this  data     at  the  enterprise  level  –   looking  for  paPerns  and   anomalies   •  We  could  apply  knowledge   and  learning  from  across   many  customers   Indicators     of   Breach   Knowledge     about  URLs,     file  hashes   APack     paPerns  &   actors   Correla?on   across     ecosystem   E N T E R P R I S E   D E V I C E S  
  • 13. Cyber  Security  in  the  Post-­‐AV  Era   13   We  can  do  those  things   •  Data  analysis  value   comes  from  ability  to   apply  intelligence  on   premise  &  in  cloud     •  Data  value  comes  from   volume  &  variety   13   E N T E R P R I S E   C L O U D   D E V I C E S  
  • 14. Cyber  Security  in  the  Post-­‐AV  Era   14   •  Trace   •  Correlate     &  Priori?ze   •  Connect  to     ac?ons  at  other   Enterprises   14  14   E N T E R P R I S E   C L O U D   D E V I C E S   Apply     Context   Correlate     &  Priori?ze   This  allows  us  to  …   Unknown     source  email   received  by     XXX   IoCs  detected   on  device   Connected   to  remote   server   ConnecFon   aTempted  to  other   higher  value  targets  on     enterprise  network   Link  clicked,   connecFon   established   Files   downloaded  
  • 15. Cyber  Security  in  the  Post-­‐AV  Era   15   Result     We  can  apply  our  asymmetric   advantage  against  theirs   We  ALSO  need  an  approach  to   protec?ng  the  insecure  ecosystem:     Need  to  make  it  easier  to  be  secure    
  • 16. PROBLEM:     Devices  don’t  allow  visibility  &  control   SOLUTION:  App-­‐Centric  Protec?on   PROTECT  APPS/DATA   –  App:  Before  installing,  understand  what     behaviors  the  app  will  perform   Manage  the  apps  in  the  device  with  containers   –  Data:  Seal  apps  in  a  container  that  ensures  sensi?ve   data  is  managed  and  encrypted   PROTECT  CONNECTIONS   –  Wifi  hotspot  reputa?on  (use  big  data  to  collect  data)   –  VPNs   Cyber  Security  in  the  Post-­‐AV  Era   16   Lock  down  the  insecure  system  and  connecFons  
  • 17. Cyber  Security  in  the  Post-­‐AV  Era   17   Move  past  idenFty  through  passwords   YESTERDAY’S     NEEDS   TOMORROW’S   NEEDS   STATIC     devices,  users  &  servers   MOVING  AND  CHANGING     devices,  users  &  servers   SEPARATE  PASSWORDS     for  everything   SINGLE  BIOMETRIC  AUTHENTICATION     BROKERED  TRUST   with  certs  &     federated  roots  of  trust  
  • 18. Cyber  Security  in  the  Post-­‐AV  Era   18   Self  Driving  Cars   Medical  Devices   “Internet  of  Things”   We’re  reaching  a  criFcal  point  –  New  technologies   willl  require  people  to  feel  more  secure   Photo  by:  Steve  Jurvetson/Wikipedia  Crea?ve  Commons  
  • 20.    Tradi&onal   Security  Approach   –  80%   External   Threat   Intelligence   and  Trending   Enhanced   Intelligence   Exchange  &   Sharing   Incident   Response,   Malware   Analysis  &   Forensics   Cyber  Risk   Assessment   Business   Awareness  &   Involvement   Informa?on   Governance   Advanced   Threat   Protec?on   So  what  Do  I  Need  to  Do  Differently?   20  
  • 21. A  definiFon…..     Cyber-­‐resilience  is  the  organiza?on's  capability  to  withstand   nega?ve  impacts  due  to  known,  predictable,  unknown,   unpredictable,  uncertain  and  unexpected  threats  from  ac?vi?es   in  cyberspace.     (Informa>on  Security  Forum)   ……it’s  now  a  business  conversa>on?   From  cyber-­‐security  to  cyber-­‐resilience  
  • 22. Welcome  to  a  new  era  of  Cyber-­‐Resilience             •  It’s  the  acknowledgement  that  something  bad  will  happen,  or  has   happened  alreday,  and  you  don’t  even  know  it  yet   •  From  known  risks  to  unknown  threats   •  Requirement  to  extend  controls  beyond  just  your  enterprise     •  Look  beyond  your  own  back  yard,  collabora?on  more,  gather  and   share  Cyber-­‐intelligence  (internal  &  external)   •  Different  audiences  will  now  care  that  didn’t  before.  New  language     =  more  engagement  from  the  business  
  • 23. TIMELINE   Recognise  breach  is  inevitable  and  become  resilient   OF  ORGANIZATIONS  HAVE  >25  INCIDENTS  EACH  MONTH1   AVERAGE  NUMBER  OF  DAYS  TO  DISCOVER  A  BREACH     60%   243   PREPARE   PREVENT   DETECT  &  RESPOND   RECOVER  
  • 24. TIMELINE   PROTECT  COMPANY   INFORMATION  FROM   MALICIOUS  ATTACK   AND  MISUSE   REDUCE  TIME  TO   RECOVERY  TO   MAINTAIN  BUSINESS   CONTINUITY   WHERE  IS  MY   SENSITIVE  DATA  -­‐   UNDERSTAND  MY   SECURITY  &  RISK   POSTURE   PROVIDE  RAPID   DETECTION  AND   RESPONSE  TO   SECURITY  INCIDENTS   RISK  MANAGEMENT   RESPONSE  PLANNING   TRANSFORM   PREPARE   PREVENT   DETECT  &  RESPOND   RECOVER  
  • 25. Our  Vision  –  InformaFon  Governance  and  Cyber  Resilience  
  • 26. What’s  your  –  InformaFon  Governance  and  Cyber  Resilience   posture?  
  • 28. Thank  you!   Copyright  ©  2014  Symantec  CorporaFon.  All  rights  reserved.  Symantec  and  the  Symantec  Logo  are  trademarks  or  registered  trademarks  of  Symantec  Corpora?on  or  its  affiliates  in   the  U.S.  and  other  countries.    Other  names  may  be  trademarks  of  their  respec?ve  owners.     This  document  is  provided  for  informa?onal  purposes  only  and  is  not  intended  as  adver?sing.    All  warran?es  rela?ng  to  the  informa?on  in  this  document,  either  express  or  implied,   are  disclaimed  to  the  maximum  extent  allowed  by  law.    The  informa?on  in  this  document  is  subject  to  change  without  no?ce.   28   Thank  You  !     Darren  Argyle  CISM  CISSP   Darren_argyle@symantec.com   0774  0830210   TwiPer  D_Argyle   “Google  Car”  Photo  Credit:    "Jurvetson  Google  driverless  car  trimmed"  by   Flckr  user  jurvetson  (Steve  Jurvetson).   Trimmed  and  retouched  with  PS9  by  Mariordo   -­‐  hPp://commons.wikimedia.org/wiki/ File:Jurvetson_Google_driverless_car.jpg.   Licensed  under  Crea?ve  Commons  APribu?on-­‐ Share  Alike  2.0  via  Wikimedia  Commons  -­‐   hPp://commons.wikimedia.org/wiki/ File:Jurvetson_Google_driverless_car_trimmed .jpg#mediaviewer/ File:Jurvetson_Google_driverless_car_trimmed .jpg.