We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byAdolfo Curl
Modified over 2 years ago
1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike Huckaby Senior Director, Global PreSales RSA, The Security Division of EMC
2© Copyright 2011 EMC Corporation. All rights reserved. Traditional Security is Not Working Source: Verizon 2012 Data Breach Investigations Report 99% of breaches led to compromise within days or less with 85% leading to data exfiltration in the same time 85% of breaches took weeks or more to discover
3© Copyright 2011 EMC Corporation. All rights reserved. Advanced Security Transforming Security address the pervasiveness of dynamic, focused adversaries Traditional Security Signature-based Perimeter oriented Compliance Driven Traditional Security Signature-based Perimeter oriented Compliance Driven Advanced Threat AgileDefinitiveIntelligent AgileDefinitiveIntelligent
4© Copyright 2011 EMC Corporation. All rights reserved. Minimum Requirements of Security Management and Compliance Comprehensive VisibilityActionable IntelligenceGovernance
5© Copyright 2011 EMC Corporation. All rights reserved. Critical Questions that need to be Addressed Comprehensive Visibility Actionable Intelligence Governance What Matters? What is going on? How do I address it?
6© Copyright 2011 EMC Corporation. All rights reserved. Security Management Compliance Vision Delivering Visibility, Intelligence and Governance
7© Copyright 2011 EMC Corporation. All rights reserved. Attack Begins System Intrusion Attacker Surveillance Cover-up Complete Access Probe Leap Frog Attacks Complete Target Analysis TIME Attack Set-up Discovery/ Persistence Maintain foothold Cover-up Starts Anatomy of an attack Source: NERC HILF Report, June 2010 (http://www.nerc.com/files/HILF.pdf)
8© Copyright 2011 EMC Corporation. All rights reserved. TIME Attack Forecast Physical Security Containment & Eradication System Reaction Damage Identification Recovery Defender Discovery Monitoring & Controls Impact Analysis Response Threat Analysis Attack Identified Incident Reporting Anatomy of a response Source: NERC HILF Report, June 2010 (http://www.nerc.com/files/HILF.pdf)
9© Copyright 2011 EMC Corporation. All rights reserved. Attack Begins System Intrusion Attacker Surveillance Cover-up Complete Access Probe Leap Frog Attacks Complete Target Analysis TIME Attack Set-up Discovery/ Persistence Maintain foothold Cover-up Starts Attack Forecast Physical Security Containment & Eradication System Reaction Damage Identification Recovery Defender Discovery Monitoring & Controls Impact Analysis Response Threat Analysis Attack Identified Incident Reporting Reducing Attacker Free Time ATTACKER FREE TIME TIME Source: NERC HILF Report, June 2010 (http://www.nerc.com/files/HILF.pdf)
10© Copyright 2011 EMC Corporation. All rights reserved. Comprehensive Visibility Collection without limitations –Ability to collect all types of security data, at scale and from all types of data sources Unified visibility into the network, logs and threat intelligence –View data about advanced threats from data gathered directly from the network or from affected systems Security Analytics –Infrastructure to support collection without limitations Data Loss Prevention –Visibility into the location and use of the most critical information assets Capture and view everything thats happening in my infrastructure
11© Copyright 2011 EMC Corporation. All rights reserved. Agile Analytics Prioritization of threats based upon business impact –Ability to analyze business context of affected systems to identify critical issues Interactive data-driven investigative analysis –Intuitive tools for investigation presented for rapid analysis. Real-time detection of zero day threats –Analysis of collected data for characteristics of malicious activity Advanced Threat Analysis –Reporting and alerting of activity data –Alerting and visualization of activity data Investigation Platform –Platform for performing rapid investigations –Session reconstruction and replay –Reduces Window of Vulnerability Security Analytics Workbench –Automates malware analysis techniques –Identify the widest spectrum of malware- based attacks Enable me to efficiently analyze and investigate potential threats
12© Copyright 2011 EMC Corporation. All rights reserved. Actionable Intelligence Correlate data with current threat intelligence –Intelligence from a community of security experts, built into our tools through rules, reports and watch lists Operationalize threat intelligence for use across the network –Continual updates of the latest threat intelligence Customizable dashboards with threat, vulnerability and event information Threat Intelligence –Leverages global security community to correlate and illuminate the most pertinent information –Fuses intelligence with your network data in real-time Advanced Threat Management –Business context around organizational assets and criticality –Workflow around assessing threats and tracking follow up actions Help me identify targets, threats & incidents 3 rd party Threat Intell Custom research RulesReports Flex Parsers
13© Copyright 2011 EMC Corporation. All rights reserved. Optimized Incident Management Closed-loop incident management process –Workflow system to define and activate response processes, plus tools to track open issues, trends and lessons learned Business context to better determine impact –Incorporation of business information showing relationship with systems and support of business functions. Automated Incident Management –Business context around organizational assets and criticality –Case management workflow, Executive level dashboard, Key metrics Enable me to prioritize and manage these incidents
14© Copyright 2011 EMC Corporation. All rights reserved. THANK YOU
©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Mary Ann Fitzsimmons Regional.
IBM Software Group Tivoli Software from IBM Storage Resource Management Webcast Tele-Rep Training Manual Prepared by: Wunderman Customer Dialogue Group.
Adding Value to Your e-business with IBM Tivoli Performance & Availability Solutions Manage Your Technology Master Your Business Customer Name Speaker.
CA Infrastructure Management Solving IT’s Most Complex Problems.
Compliance Technology Solutions NASACT Presentation Material Robert Garagiola – AERS National Technology Practice January 31 st, 2007.
Draft – Preliminary Work Product Click to edit Master text styles Second level Third level Fourth level Fifth level Telstra Enterprise and Government [Insert.
Adapting Incident Response to Meet the Threat Jeff Schilling Director, Global Incident Response and Digital Forensics SecureWorks.
© 2011 Verdasys, Inc. All Rights Reserved. CONFIDENTIAL AND PROPRIETARY - DO NOT REPRODUCE. Enterprise Information Protection When DLP is Not Enough? Graham.
Enterprise Threat Management (ETM): Bringing Security Together Through Intelligence David Thomason Director of Security Engineering.
Carnegie Mellon University CMUWorks - Staff Council Update March 15, 2012.
1 27-Dec-13 © Intellinx Ltd. All Rights Reserved.Intellinx Ltd. All Rights Reserved Intellinx Ltd. Intellinx The Enterprise Fraud and Monitoring Solution.
1 Symantec Endpoint Protection 12.1 Unrivaled Security. Blazing Performance. Built for Virtual Environments. May 2011.
Bridging the Gap Optimizing Data Center Infrastructure Management Tilo Kaschubek Territory Manager – East/South Europe
Copyright © 2005 SOA Software, Inc. All Rights Reserved. Specifications Subject to Change Without Notice. Overcoming the SOA Network Fallacy Roberto Medrano.
Presented to: By: Date: Federal Aviation Administration System Wide Information Management (SWIM) Operational Responsiveness: An Emerging Trend - Intelligent.
NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY 1 Dr. Ron Ross Computer Security Division Information Technology Laboratory Defending the United States.
1 Unified Communications and Collaboration Campaign MM TI-BDM Deck User Guidance Purpose of this deck: –Show how Microsoft ® Unified Communications and.
MDM Strategies for the Global 10,000 Atul Patel Director MDM SAP Asia Pacific & Japan
Is technology ubiquity a chance to re-connect security? Greg Day Director of Security Strategy.
Performance Management Overview Mike Salisbury BPRA Product Manager SunGard Higher Education Pennsylvania Banner Users Group.
© Telelogic AB 1 Managing Change From Customer Request to Implementation Jean-Louis Vignaud & Dominic Tavassoli.
© 2004 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice The Business Case for Configuration.
Websense Confidential web security | data security | security © 2009 Websense, Inc. All rights reserved. Websense Confidential Websense Hosted Web.
National Cyber Security Division (NCSD): Approved Overview Briefing Wednesday, July 1, 2003.
© 2013 Infoblox Inc. All Rights Reserved. Tim Connelly, Manager, Systems Engineering Tim Connelly, Manager, Systems Engineering.
© 2016 SlidePlayer.com Inc. All rights reserved.