© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

Slides:



Advertisements
Similar presentations
2012 Taking Complexity out of Information Security …allowing you to focus on your business.
Advertisements

1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.
Incident Response Managing Security at Microsoft Published: April 2004.
©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Mary Ann Fitzsimmons Regional.
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
Threat Intelligence Use in Information Security: History, Theory and Practice Tim Gallo Cyber Security Field Engineering 1.
GAMMA Overview. Key Data Grant Agreement n° Starting date: 1 st September 2013 Duration: 48 months (end date 31 st August 2017) Total Budget:
1© Copyright 2011 EMC Corporation. All rights reserved. Advanced Persistent Threat Sachin Deshmanya & Srinivas Matta.
Lloyds 360 Risk Insight Dec 2010 Malcolm Harkins Malcolm Harkins Chief Information and Security Officer General Manager Intel Information Risk and Security.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
1 Telstra in Confidence Managing Security for our Mobile Technology.
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
© 2014 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
© 2012 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
Introduction to Network Defense
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Threat Modeling for Cloud Computing (some slides are borrowed from Dr. Ragib Hasan) Keke Chen 1.
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
 Jonathan Trull, Deputy State Auditor, Colorado Office of the State Auditor  Travis Schack, Colorado’s Information Security Officer  Chris Ingram,
SEC835 Database and Web application security Information Security Architecture.
Did You Hear That Alarm? The impacts of hitting the information security snooze button.
1© Copyright 2012 EMC Corporation. All rights reserved. Getting Ahead of Advanced Threats Advanced Security Solutions for Trusted IT Chezki Gil – Territory.
Study Results Advanced Persistent Threat Awareness.
SIM 302. Unprepared UninformedUnaware Untrained Unused.
Operations Security (OPSEC) Introduction  Standard  Application  Objectives  Regulations and Guidance  OPSEC Definition  Indicators.
Slide 1 Using Models Introduced in ISA-d Standard: Security of Industrial Automation and Control Systems (IACS) Rahul Bhojani ISA SP99 WG4 Meeting.
©2014 Bit9. All Rights Reserved Endpoint Threat Prevention Charles Roussey | Sr. Sales Engineer Detection and Response in Seconds.
1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.
Symantec Targeted Attack Protection 1 Stopping Tomorrow’s Targeted Attacks Today iPuzzlebiz
© 2009 Level 3 Communications, LLC. All Rights Reserved. Level 3 Communications, Level 3, the red 3D brackets, the (3) mark and the Level 3 Communications.
Managing Data Against Insider Threats Dr. John D. Johnson, CISSP.
© 2010 Verizon. All Rights Reserved. PTE / DBIR.
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
PAGE Intelligence Meets Vulnerability Management NYC ISSA January 24, 2013.
Advanced Persistent Threats (APT) Sasha Browning.
Jennifer Terry-Tharp – Director, AT&T Talent Attraction Leveraging Technology to showcase Diversity © 2015 AT&T Intellectual Property. All rights reserved.
© 2008 AT&T Intellectual Property. All rights reserved. AT&T and the AT&T logo are trademarks of AT&T Intellectual Property. Cyber Security and the National.
SecSDLC Chapter 2.
MANAGED SECURITY TESTING PROACTIVELY MANAGING VULNERABILITIES.
© 2010 AT&T Intellectual Property. All rights reserved. AT&T, AT&T logo and all other marks contained herein are trademarks of AT&T Intellectual Property.
Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.
A global nonprofit: Focusing on IP Protection and Anti-Corruption Sharing leading practices based on insights from global companies, academics, organizations.
Cyber Risk Management Solutions Fall 2015 Thomas Compliance Associates, Inc
Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.
Security and Resilience Pat Looney Brookhaven National Laboratory April 2016.
External Threats Internal Threats Nation States Cyber Terrorists Hacktivists Organised criminal networks Independent insider Insider planted by external.
Why SIEM – Why Security Intelligence??
Secure Critical Systems and Intellectual Property Against APT
Proactive Incident Response
Deployment Planning Services
Team 1 – Incident Response
Public Facilities and Cyber Security
Real-time protection for web sites and web apps against ATTACKS
Responding to Intrusions
Determined Human Adversaries: Mitigations
Combining the best of Audit and Penetration Testing
Cyber Security in Ports Business as Usual?
11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Cybersecurity at PJM Jonathon Monken
What are the Resilience Mechanisms? Hugo Pereira Evoleo Technologies
Business Continuity Program Overview
Strategic threat assessment
Determined Human Adversaries: Mitigations
Information Protection
Cybersecurity at PJM Jonathon Monken
Microsoft Data Insights Summit
Counter APT Counter APT HUNT operations combine best of breed endpoint detection response technology with an experienced cadre of cybersecurity experts.
Information Protection
Anatomy of a Common Cyber Attack
Presentation transcript:

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. Advanced Persistent Threat Assessment Services AT&T Security Solutions

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. APT Attacks on the Rise 2 2/103/104/105/106/107/108/109/1010/1011/1012/101/112/113/114/115/116/117/118/11 Stolen search source code (Operation Aurora – APT) Stuxnet disables Iranian nuclear power plant (APT) Major data breach Anonymous attacks (DDOS) Stolen records (APT) APT event Major Breach Major Breaches (DDOS/APT) LulzSec Posting Egypt Breach WikiLeaks revenge (DDOS) Russian APT (Lurid/APT) Google Citi Visa PayPal MasterCard RSA Lockhead Martin SONY Oak Ridge National Laboratory PBS

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. Advanced Persistent Threat -Definition Advanced Taking advantage of latest techniques Leverages Open Source Intelligence and Social Networks Usually involves knowledge of specific operating system or application compromises Code Reversing and Fuzzing techniques can help locate unique weaknesses in specific targeted systems Persistent Intent dedication –resilience even after system reboot Almost always has a (C&C) Command and Control capability Patient / Latent ability … can go to sleep for months Threat Signatures / Vectors 3

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. Reconnaissance Initial Intrusion into the Network Establish a Backdoor into the Network Obtain User Credentials Install Various Utilities Privilege Escalation / Lateral Movement / Data Exfiltration Maintain Persistence APT Attack and Exploitation Lifecycle 4 Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Step 7

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. 5 Key Targets and Threats

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. Valid, high impact risk Targets your core valuables, your security Persistent, stealthy, controlled, exfiltration Needs focused, ongoing action Step Up Your Game Take actions that Prevent, Detect and Respond Reduce the attack surface and inevitable response time Focus on your key targets Incremental, actionable approaches (existing, new) 6 Advanced Persistent Threat What you should know

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. Features and Potential Benefits The review covers three main areas of interest: Operational Readiness Review Network Architecture Assessment Social Engineering Review This assessment helps you: Assess how prepared your organization is to detect and respond to a targeted or advanced threat Identify vulnerabilities in your security which could be used by a sophisticated actor to gain access Heighten the capabilities of your team to respond to a targeted cyber attack 7

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. How can you prepare? Monitor and address Advanced Persistent Threats in real-time 24/7/365 Get visibility into threats beyond the edge of your network Get visibility and analysis into what’s happening inside your network 123 8

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. APT Preparedness Assessment Evaluates your organization’s ability to detect, resist and respond to a targeted or advanced threat. Helps organizations understand their exposure to targeted threats, including Advanced Persistent Threats (APT), and take action to reduce their risk of compromise. Assessment Components – Target Definition – Operational Readiness Review – Network Architecture Review – Social Engineering Assessment 9

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. 10 Identify and classify business assets and data stores Conduct vulnerability assessment across critical infrastructure Quantify risk with highest value assets and highest vulnerabilities atop the list Review security measures protecting critical business assets APT Preparedness Assessment Steps Identify incident response team (including legal and business owners) Communication plan, including law enforcement if necessary Schedule/conduct incident response dry run Identify key individuals most likely to be the target of social engineering attacks (due to high levels of access) Implement aggressive access control by restricting network access of key individuals to ‘business need to know’ Employee training- Prioritize high-risk individuals and work groups

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. Elevator Pitch 11 Correlate your current state to the risk from Advanced Persistent Threat (APT) actors Questions on your Business Client’s mind How do I protect my organization and its assets? What organized elements may be targeting our organization? How can we detect Advanced Persistent Threats when they strike? How do we determine if our organization has already been compromised? How vigilant are our employees to the types of methods APT actors may use? What would motivate an adversary to target your organization Assess your current state and assets 1 Identify risk from Advanced Threats 2

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies. All other marks contained herein are the property of their respective owners. 12

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.