Presentation is loading. Please wait.

Presentation is loading. Please wait.

Advanced Threat Protection

Published byBranden Blankenship Modified over 5 years ago

Similar presentations

Presentation on theme: "Advanced Threat Protection"— Presentation transcript:

1 Advanced Threat Protection
Presentation to MTAG January 19, 2016 (GREETING APPROPRIATE FOR THE AUDIENCE)

2 Cybersecurity Landscape
Overview - Cybersecurity is a fast paced evolving area for both volume of threats and industry response for solutions. Progress - UW-Madison has made significant strides over the last 3 years in the areas of Policy, Baselining and Network expansion to successfully protect the campus against cybersecurity attacks. Risk - The fact remains that adversaries are outpacing technology solutions that requires an industry move from reactive to advanced persistent threat protection. Opportunity - UW-Madison has an opportunity to be a cybersecurity leader amongst R1 institutions, providing maximum protection to campus and paving the way for other peers. There is no doubt that the amount and complexity in cybersecurity related activity are increasing. This encourages industry to generate a variety of service and products within the industry but often means the system owner is left to develop more strategic and tactical options to protect their data and maintain availability of information technology assets. Network speed and the amount of data to analyze means we need machines to help identify and control cyber events now and into the future. The ever growing volume of threats and vulnerabilities will remain on the uphill curve which means UW-Madison needs to act soon if we are to maintain the progress made over the last three years. If not addressed, we are at risk for: a major data breach like the University of Maryland and Penn State experienced; significant denial of service like Rutgers recently encountered; or significantly degraded network or application performance caused by insertion of malicious code into our systems which is an ever present threat on our campus. This is in addition to the ever present threat of identity theft, financial crimes or web defacements caused by technical failures or human error. What are we doing? The Office of Cybersecurity is leading the charge in developing plans to deploy an Advanced Threat Protection capability to UW-Madison and currently equipped UW-System campuses. This is part of the Cybersecurity Strategy which seeks to improve research and education related cybersecurity. Why are we doing it? With the end of life and contracts expiring for a number of security tools, there is a strong need to use this opportunity to upgrade cybersecurity surveillance and operations capability to provide greater insight into network health and security of UW-Madison data, networks and systems. We can reduce cybersecurity risk and allow the University to: Prevent advanced cyber attacks and data breach while safely enabling applications and networks supporting teaching and research Gain complete visibility into the network architecture and identify vulnerable end point servers, workstations and peripherals along with monitoring all traffic, identifying indications of compromise, and mitigating the risk of threat activity throughout the entire system. This important cyber defense measure is lacking today. This initiative will reduce cybersecurity risk and enable UW-Madison to become a leader amongst our R1 research university cohorts. Specific benefits include advancing our ability to: support, maintain and defend a secure and interoperable learning and research information systems infrastructure; deter, protect, monitor, analyze, detect, and respond to unauthorized activity within UW-Madison and UW System information systems and computer networks; assist in providing information sharing, situational awareness, speed of command, and mission effectiveness; and provide continuous, active monitoring of UW-Madison and UW System resources

3 Re-visioning the UW-Madison Campus Architecture
DATA CENTERS DATA CENTERS CAMPUS NETWORK WIRELESS VPN DATA CENTERS DATA CENTERS DATA CENTERS Security Monitoring Tool and Dashboard MANAGEMENT REPORTING CAMPUS ENDPOINTS PUBLIC CLOUD UW SYSTEM NETWORK By employing Next Generation Firewall and Advanced Threat Protection capabilities, we can augment the current deployment of these tools in our wireless environment with additional and more robust platforms that allow for complete visibility and evaluation of threat activity. A proposed deployment would allow for immediate blocking of threat actors based on a national library of indicators of compromise with protections easily extended to our full spectrum of computing at Madison, and to the UW System. By placing end point software sensors, we can bring the protections to the host components and prevent lateral movement of threats internal to our network. One potential solution is the use of ATP capabilities like those found in Palo Alto’s product line. This strategy widens our circle of intelligence available as the devices can share threat information with other Palo Alto subscribers using the Panorama Threat Intelligence capability.

4 Cybersecurity Surveillance & Operations Center - CSOC
CSOC Capabilities Cyber intel sharing and support with extended communities Detect and mitigate the cyber threats Develop actionable cyber threat intelligence and integrate into live feeds and detailed reports Create and enhance shared situational awareness CSOC supports all UW-Madison Colleges and Departments + Another part of this initiative is to establish a Cybersecurity Surveillance and Operations Center which can consolidate disparate efforts on campus and throughout the UW System. As currently envisioned, the CSOC would be a fully operational facility capable of maintaining situational awareness by viewing the whole of campus networks and systems looking for unaddressed vulnerabilities, malfunctioning security tools, elevated risk markers associated with system configurations, and threat actor associated indicators of compromise. The capability to share cyber threat intelligence in real time across campus and throughout the UW System further reduces risk and provides a rich database of threat indicators which can easily be shared with the Research and Education Networks Information Sharing and Analysis Center, or REN-ISAC; direct machine controlled sharing with similarly equipped institutions within the Committee on Institutional Cooperation schools, and extend the services to the vast Internet 2 networks. (CLOSING REMARK APPROPRIATE FOR THE AUDIENCE)

Download ppt "Advanced Threat Protection"

Similar presentations

Www.cleo.com Steve Jordan Director. Industry Solutions 05/05/14 Managing Chaos: Data Movement in 2014.

Steve Jordan Director. Industry Solutions 05/05/14 Managing Chaos: Data Movement in 2014.
The U.S. Coast Guard’s Role in Cybersecurity

The U.S. Coast Guard’s Role in Cybersecurity
1 Telstra in Confidence Managing Security for our Mobile Technology.

1 Telstra in Confidence Managing Security for our Mobile Technology.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.

IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.
Cloud Attributes Business Challenges Influence Your IT Solutions Business to IT Conversation Microsoft is Changing too Supporting System Center In House.

Cloud Attributes Business Challenges Influence Your IT Solutions Business to IT Conversation Microsoft is Changing too Supporting System Center In House.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
Information Technology Audit

Information Technology Audit
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.

1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.
Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.

Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.
11 Canal Center Plaza, Alexandria, VA 22314 T 800.663.7138 F 703.684.5189 www.robbinsgioia.com Enterprise Computing Conference (ECC) Workshop Alma R. Cole,

11 Canal Center Plaza, Alexandria, VA T F Enterprise Computing Conference (ECC) Workshop Alma R. Cole,
Dell Connected Security Solutions Simplify & unify.

Dell Connected Security Solutions Simplify & unify.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
STRATEGIC INTELLIGENCE MANAGEMENT Chapter by Paul de Souza Chapter 18 - National Cyber Defense Strategy, Pg. 224.

STRATEGIC INTELLIGENCE MANAGEMENT Chapter by Paul de Souza Chapter 18 - National Cyber Defense Strategy, Pg. 224.
1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.

1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.
Alert Logic Security and Compliance Solutions for vCloud Air High-level Overview.

Alert Logic Security and Compliance Solutions for vCloud Air High-level Overview.
1 Smart Grid Cyber Security Annabelle Lee Senior Cyber Security Strategist Computer Security Division National Institute of Standards and Technology June.

1 Smart Grid Cyber Security Annabelle Lee Senior Cyber Security Strategist Computer Security Division National Institute of Standards and Technology June.
Wrap-up. Goals Have fun! Teach you about Cyber Defense so that you can: –Interest your students in Cyber Defense –Teach your students about Cyber Defense.

Wrap-up. Goals Have fun! Teach you about Cyber Defense so that you can: –Interest your students in Cyber Defense –Teach your students about Cyber Defense.

Similar presentations

Ads by Google