SlideShare a Scribd company logo

How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authentication

Brian Kelly
Brian Kelly

Rick Holland of Forrester Research shares the results of his investigation into why targeted attacks on employees of businesses are increasing despite there being more information security products than ever. Presented by Duo Security
 with guests Forrester Research and University of Tennessee, Knoxville Agenda and Presenters * How To Stop Targeted Attacks and Avoid “Expense In Depth” with Strong Authentication Rick Holland, Principal Analyst,
 Forrester Research * How Duo Helps You Avoid “Expense In Depth” Brian Kelly, Principal Product Marketing Manager
, Duo Security * A Case for Multi-factor Authentication Bob Hillhouse, Associate CIO and CISO
 University of Tennessee, Knoxville

Technology
1 of 51
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authentication Presented by Duo Security with guests Forrester Research and University of Tennessee, Knoxville September 25, 2014 #duowebinar
Agenda Rick Holland, Forrester Research How To Stop Targeted Attacks and Avoid “Expense In Depth” with Strong Authentication Brian Kelly, Duo Security How Duo Helps You Avoid “Expense In Depth” Bob Hillhouse, University of Tennessee, Knoxville A Case for Multi-factor Authentication #duowebinar
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authentication Rick Holland, Principal Analyst Forrester Research #duowebinar
Agenda › Targeted attacks! › Targeted-Attack Hierarchy Of Needs › Recommendations © 2014 Forrester Research, Inc. Reproduction Prohibited
APT! © 2014 Forrester Research, Inc. Reproduction Prohibited
Heartbleed OpenSSL vulnerability exploited to compromise SSL VPN © 2014 Forrester Research, Inc. Reproduction Prohibited
Adversaries are on shopping sprees © 2014 Forrester Research, Inc. Reproduction Prohibited
Except the adversary isn’t being timed © 2014 Forrester Research, Inc. Reproduction Prohibited
We are hyper focused on the © 2014 Forrester Research, Inc. Reproduction Prohibited WRONG things
Anything but the data © 2014 Forrester Research, Inc. Reproduction Prohibited Malware sandboxes Alert driven security Perimeter security controls
Agenda › Targeted attacks! › Targeted-Attack Hierarchy Of Needs › Recommendations © 2014 Forrester Research, Inc. Reproduction Prohibited
Targeted-Attack Hierarchy Of Needs © 2014 Forrester Research, Inc. Reproduction Prohibited
Targeted-Attack Hierarchy Of Needs © 2014 Forrester Research, Inc. Reproduction Prohibited
Targeted-Attack Hierarchy Of Needs Need No. 1: An Actual Security Strategy © 2014 Forrester Research, Inc. Reproduction Prohibited
Silver bullets, for investment not defense © 2014 Forrester Research, Inc. Reproduction Prohibited
Expense in Depth © 2014 Forrester Research, Inc. Reproduction Prohibited
Targeted-Attack Hierarchy Of Needs Need No. 2: A Dedication To Recruiting And Retaining Staff © 2014 Forrester Research, Inc. Reproduction Prohibited
Lack of staff is a problem © 2014 Forrester Research, Inc. Reproduction Prohibited
Targeted-Attack Hierarchy Of Needs Need No. 3: A Focus On The Fundamentals © 2014 Forrester Research, Inc. Reproduction Prohibited
A Focus On The Fundamentals © 2014 Forrester Research, Inc. Reproduction Prohibited
Forrester’s Zero Trust model © 2014 Forrester Research, Inc. Reproduction Prohibited
Forrester’s Zero Trust model © 2014 Forrester Research, Inc. Reproduction Prohibited
Zero Trust is fundamental © 2014 Forrester Research, Inc. Reproduction Prohibited
Strong Authentication › Strong authentication is critical for disrupting attackers © 2014 Forrester Research, Inc. Reproduction Prohibited
Strong Authentication › Strong auth is critical for disrupting attackers › Protect your VPNs and Citrix but don’t forget about SaaS applications › Consider step up authentication for admins © 2014 Forrester Research, Inc. Reproduction Prohibited
Least privilege › Privileged accounts need to be monitored and audited › Don’t share local admin passwords across all hosts › Work towards a data classification program © 2014 Forrester Research, Inc. Reproduction Prohibited
Detecting lateral movement › Segment your network › Deploy visibility to key ingress/egress chokepoints › NETFLOW can be used for lateral movement detection © 2014 Forrester Research, Inc. Reproduction Prohibited
Agenda › Targeted attacks! › Targeted-Attack Hierarchy Of Needs › Recommendations © 2014 Forrester Research, Inc. Reproduction Prohibited
Return on Expense in Depth? © 2014 Forrester Research, Inc. Reproduction Prohibited
Recommendations › Evaluate your potential investments › What provides greatest marginal return on your investment? › What technology reduces the greatest attack surface? © 2014 Forrester Research, Inc. Reproduction Prohibited
Thank you Rick Holland rholland@forrester.com Twitter: @rickhholland
How Duo Helps You Avoid “Expense In Depth” Brian Kelly, Principal Product Marketing Manager Duo Security #duowebinar
Adoption of cloud, mobile, and BYOD is accelerating dramatically    # #  &  ☁#☁# IT 1.0: Mainframe IT 2.0: Client/Server IT 3.0: Cloud/Mobile
   # #  &   &   &  ☁#☁# 1995 2000 2005 2010  &  Data Breaches Along this same timeline we’ve also seen dramatic growth in user-targeted attacks
   # #  &   &   &  ☁#☁# 1995 2000 2005 2010  &  Data Breaches Why?
What’s new in IT 3.0? ‣ Users ‣ Access from anywhere ‣ “Zero Trust” environment ‣ Devices ‣ Mobile proliferation ‣ BYOD acceptance ‣ Services ‣ Diminishing perimeter ‣ Platform and Software -as-a-Service  &  ☁#☁#
What’s new in Security 3.0? ‣ Users ‣ Access from anywhere ‣ “Zero Trust” environment ‣ Devices ‣ Mobile proliferation ‣ BYOD acceptance ‣ Services ‣ Diminishing perimeter ‣ Platform and Software -as-a-Service Better OS and app security …but, limited endpoint control Better service security …but, limited network visibility
What’s new in Security 3.0? ‣ Users ‣ Access from anywhere ‣ “Zero Trust” environment ‣ Devices ‣ Mobile proliferation ‣ BYOD acceptance ‣ Services ‣ Diminishing perimeter ‣ Platform and Software -as-a-Service User-targeted attacks Credentials are easily stolen • Phished • Guessed • Keylogged • Sniffed • Cracked • Reused • Bypassed
100% OF BREACHES involve stolen credentials — Mandiant Source: mandiant.com/threat-landscape and M-Trends annual reports
advanced adversary will compromise your environment and accomplish their goal. The Targeted Attack Figure 2 The Hierarchy Targeted-Attack Hierarchy Of Of Needs Needs Detection and response Prevention An integrated portfolio that enables orchestration A focus on the fundamentals A dedication to recruiting and retaining staff An actual security strategy 107121 Source: Forrester Research,
advanced adversary will compromise your environment and accomplish their goal. The Targeted Attack Figure 2 The Hierarchy Targeted-Attack Hierarchy Of Of Needs Needs Detection and response Prevention An integrated portfolio that enables orchestration A focus on the fundamentals A dedication to recruiting and retaining staff An actual security strategy 107121 Source: Forrester Research, Back to Basics ‣ Patch, harden, update (everything) ‣ Segment data, services, networks ‣ Review access controls (often) ‣ Inspect endpoints, enforce policy ‣ Require strong authentication
Legacy two-factor authentication solutions overlook TCO On boarding Deployment $  #  ✉ $ $ $ Management Login  ⚠  ⏲
Duo Security minimizes cost throughout 2FA lifecycle On boarding Deployment ☁ . Management Login / 
Thousands Getting Better Security, Not Just More duosecurity.com/success-stories
A Case For Multi-Factor Authentication Bob Hillhouse, Associate CIO and CISO University of Tennessee, Knoxville #duowebinar
Cast ▪ The University of Tennessee, Knoxville ▪ 57 merchants across campus ▪ 130 Users; 150 Devices ▪ The UT Office of the Treasurer ▪ The Office of Information Technology (OIT)
Act I - Prelude ▪ PCI-DSS Requirement 8.3 – Incorporate two-factor authentication for remote access to the network by employees, administrators, and third parties… ▪ 150 devices in the PCI-Subnet require Remote Desktop Services (RDP)
Act II – The Timeline ▪ 8:00 AM ▪ 8:15 AM ▪ 8:30 AM ▪ 9:00 AM
Act III – Prologue ▪ 2013 – The end of strong password-only security. – http://duo.sc/utk-vid
Epilogue ▪ Compliance Goal was met ▪ Next: Two-Factor Authentication for all central IT staff using the VPN – 200 additional users ▪ Next: Two-Factor Authentication for all VPN Users – Usage Patterns – Establish scope (Campus-wide? Privileged Users Only?)
Questions + Answers #duowebinar Rick Holland, Forrester Research rholland@forrester.com @rickhholland Brian Kelly, Duo Security bkelly@duosecurity.com @resetbrian Bob Hillhouse, University of Tennessee, Knoxville bob@utk.edu @ut_oit

Recommended

PROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITYPROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITYSylvain Martinez
 
VIRTUAL CISO AND OTHER KEY CYBER ROLES
VIRTUAL CISO AND OTHER KEY CYBER ROLESVIRTUAL CISO AND OTHER KEY CYBER ROLES
VIRTUAL CISO AND OTHER KEY CYBER ROLESSylvain Martinez
 
INCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTSINCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTSSylvain Martinez
 
Advanced persistent threats(APT)
Advanced persistent threats(APT)Advanced persistent threats(APT)
Advanced persistent threats(APT)Network Intelligence India
 
Birds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - Howard
Birds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - HowardBirds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - Howard
Birds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - HowardHITCON GIRLS
 
Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018African Cyber Security Summit
 
Introduction to Advanced Persistent Threats (APT) for Non-Security Engineers
Introduction to Advanced Persistent Threats (APT) for Non-Security EngineersIntroduction to Advanced Persistent Threats (APT) for Non-Security Engineers
Introduction to Advanced Persistent Threats (APT) for Non-Security EngineersOllie Whitehouse
 
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingProactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingCrowdStrike
 

Recommended

PROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITYPROGRAMMING AND CYBER SECURITY
PROGRAMMING AND CYBER SECURITYSylvain Martinez
 
VIRTUAL CISO AND OTHER KEY CYBER ROLES
VIRTUAL CISO AND OTHER KEY CYBER ROLESVIRTUAL CISO AND OTHER KEY CYBER ROLES
VIRTUAL CISO AND OTHER KEY CYBER ROLESSylvain Martinez
 
INCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTSINCIDENT RESPONSE CONCEPTS
INCIDENT RESPONSE CONCEPTSSylvain Martinez
 
Advanced persistent threats(APT)
Advanced persistent threats(APT)Advanced persistent threats(APT)
Advanced persistent threats(APT)Network Intelligence India
 
Birds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - Howard
Birds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - HowardBirds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - Howard
Birds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - HowardHITCON GIRLS
 
Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018Atelier Technique CISCO ACSS 2018
Atelier Technique CISCO ACSS 2018African Cyber Security Summit
 
Introduction to Advanced Persistent Threats (APT) for Non-Security Engineers
Introduction to Advanced Persistent Threats (APT) for Non-Security EngineersIntroduction to Advanced Persistent Threats (APT) for Non-Security Engineers
Introduction to Advanced Persistent Threats (APT) for Non-Security EngineersOllie Whitehouse
 
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingProactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond AlertingCrowdStrike
 
Ransomware: Why Are Backup Vendors Trying To Scare You?
Ransomware: Why Are Backup Vendors Trying To Scare You?Ransomware: Why Are Backup Vendors Trying To Scare You?
Ransomware: Why Are Backup Vendors Trying To Scare You?marketingunitrends
 
The Best Just Got Better, Intercept X Now With EDR
The Best Just Got Better, Intercept X Now With EDRThe Best Just Got Better, Intercept X Now With EDR
The Best Just Got Better, Intercept X Now With EDRNetpluz Asia Pte Ltd
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
 
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal AuditorsION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal Auditorsmdagrossa
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3Shawn Croswell
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chainSymantec Brasil
 
Threat Hunting 102: Beyond the Basics
Threat Hunting 102: Beyond the BasicsThreat Hunting 102: Beyond the Basics
Threat Hunting 102: Beyond the BasicsCybereason
 
Understanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopUnderstanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopDavid Sweigert
 
Security Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsSecurity Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsPeter Wood
 
Common Techniques To Identify Advanced Persistent Threat (APT)
Common Techniques To Identify Advanced Persistent Threat (APT)Common Techniques To Identify Advanced Persistent Threat (APT)
Common Techniques To Identify Advanced Persistent Threat (APT)Yuval Sinay, CISSP, C|CISO
 
Combating Advanced Persistent Threats with Flow-based Security Monitoring
Combating Advanced Persistent Threats with Flow-based Security MonitoringCombating Advanced Persistent Threats with Flow-based Security Monitoring
Combating Advanced Persistent Threats with Flow-based Security MonitoringLancope, Inc.
 
OFFENSIVE IDS
OFFENSIVE IDSOFFENSIVE IDS
OFFENSIVE IDSSylvain Martinez
 
Cyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber CriminalsCyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber CriminalsDavid Sweigert
 
Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...
Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...
Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...CODE BLUE
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscapeyohansurya2
 
ICS Cyber Security Effectiveness Measurement
ICS Cyber Security Effectiveness MeasurementICS Cyber Security Effectiveness Measurement
ICS Cyber Security Effectiveness MeasurementAleksey Lukatskiy
 
Advanced Persistent Threat
Advanced Persistent ThreatAdvanced Persistent Threat
Advanced Persistent ThreatAmmar WK
 
The Internal Signs of Compromise
The Internal Signs of CompromiseThe Internal Signs of Compromise
The Internal Signs of CompromiseFireEye, Inc.
 
InfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarInfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarRadware
 
Threat Hunting
Threat HuntingThreat Hunting
Threat HuntingSplunk
 
Protecting endpoints from targeted attacks
Protecting endpoints from targeted attacksProtecting endpoints from targeted attacks
Protecting endpoints from targeted attacksAppSense
 
Intelligent Authentication
Intelligent AuthenticationIntelligent Authentication
Intelligent AuthenticationCA Technologies
 

More Related Content

What's hot

Ransomware: Why Are Backup Vendors Trying To Scare You?
Ransomware: Why Are Backup Vendors Trying To Scare You?Ransomware: Why Are Backup Vendors Trying To Scare You?
Ransomware: Why Are Backup Vendors Trying To Scare You?marketingunitrends
 
The Best Just Got Better, Intercept X Now With EDR
The Best Just Got Better, Intercept X Now With EDRThe Best Just Got Better, Intercept X Now With EDR
The Best Just Got Better, Intercept X Now With EDRNetpluz Asia Pte Ltd
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
 
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal AuditorsION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal Auditorsmdagrossa
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3Shawn Croswell
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chainSymantec Brasil
 
Threat Hunting 102: Beyond the Basics
Threat Hunting 102: Beyond the BasicsThreat Hunting 102: Beyond the Basics
Threat Hunting 102: Beyond the BasicsCybereason
 
Understanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopUnderstanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopDavid Sweigert
 
Security Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsSecurity Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsPeter Wood
 
Common Techniques To Identify Advanced Persistent Threat (APT)
Common Techniques To Identify Advanced Persistent Threat (APT)Common Techniques To Identify Advanced Persistent Threat (APT)
Common Techniques To Identify Advanced Persistent Threat (APT)Yuval Sinay, CISSP, C|CISO
 
Combating Advanced Persistent Threats with Flow-based Security Monitoring
Combating Advanced Persistent Threats with Flow-based Security MonitoringCombating Advanced Persistent Threats with Flow-based Security Monitoring
Combating Advanced Persistent Threats with Flow-based Security MonitoringLancope, Inc.
 
Cyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber CriminalsCyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber CriminalsDavid Sweigert
 
Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...
Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...
Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...CODE BLUE
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscapeyohansurya2
 
ICS Cyber Security Effectiveness Measurement
ICS Cyber Security Effectiveness MeasurementICS Cyber Security Effectiveness Measurement
ICS Cyber Security Effectiveness MeasurementAleksey Lukatskiy
 
Advanced Persistent Threat
Advanced Persistent ThreatAdvanced Persistent Threat
Advanced Persistent ThreatAmmar WK
 
The Internal Signs of Compromise
The Internal Signs of CompromiseThe Internal Signs of Compromise
The Internal Signs of CompromiseFireEye, Inc.
 
InfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarInfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarRadware
 
Threat Hunting
Threat HuntingThreat Hunting
Threat HuntingSplunk
 

What's hot (20)

Ransomware: Why Are Backup Vendors Trying To Scare You?
Ransomware: Why Are Backup Vendors Trying To Scare You?Ransomware: Why Are Backup Vendors Trying To Scare You?
Ransomware: Why Are Backup Vendors Trying To Scare You?
 
The Best Just Got Better, Intercept X Now With EDR
The Best Just Got Better, Intercept X Now With EDRThe Best Just Got Better, Intercept X Now With EDR
The Best Just Got Better, Intercept X Now With EDR
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]
 
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal AuditorsION-E Defense In Depth Presentation for The Institiute of Internal Auditors
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3
 
Addressing the cyber kill chain
Addressing the cyber kill chainAddressing the cyber kill chain
Addressing the cyber kill chain
 
Threat Hunting 102: Beyond the Basics
Threat Hunting 102: Beyond the BasicsThreat Hunting 102: Beyond the Basics
Threat Hunting 102: Beyond the Basics
 
Understanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loopUnderstanding Cyber Kill Chain and OODA loop
Understanding Cyber Kill Chain and OODA loop
 
Security Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsSecurity Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent Threats
 
Common Techniques To Identify Advanced Persistent Threat (APT)
Common Techniques To Identify Advanced Persistent Threat (APT)Common Techniques To Identify Advanced Persistent Threat (APT)
Common Techniques To Identify Advanced Persistent Threat (APT)
 
Combating Advanced Persistent Threats with Flow-based Security Monitoring
Combating Advanced Persistent Threats with Flow-based Security MonitoringCombating Advanced Persistent Threats with Flow-based Security Monitoring
Combating Advanced Persistent Threats with Flow-based Security Monitoring
 
OFFENSIVE IDS
OFFENSIVE IDSOFFENSIVE IDS
OFFENSIVE IDS
 
Cyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber CriminalsCyber Kill Chain vs. Cyber Criminals
Cyber Kill Chain vs. Cyber Criminals
 
Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...
Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...
Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscape
 
ICS Cyber Security Effectiveness Measurement
ICS Cyber Security Effectiveness MeasurementICS Cyber Security Effectiveness Measurement
ICS Cyber Security Effectiveness Measurement
 
Advanced Persistent Threat
Advanced Persistent ThreatAdvanced Persistent Threat
Advanced Persistent Threat
 
The Internal Signs of Compromise
The Internal Signs of CompromiseThe Internal Signs of Compromise
The Internal Signs of Compromise
 
InfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarInfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber War
 
Threat Hunting
Threat HuntingThreat Hunting
Threat Hunting
 

Similar to How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authentication

Protecting endpoints from targeted attacks
Protecting endpoints from targeted attacksProtecting endpoints from targeted attacks
Protecting endpoints from targeted attacksAppSense
 
Intelligent Authentication
Intelligent AuthenticationIntelligent Authentication
Intelligent AuthenticationCA Technologies
 
Save Your Network – Protecting Healthcare Data from Deadly Breaches
Save Your Network – Protecting Healthcare Data from Deadly BreachesSave Your Network – Protecting Healthcare Data from Deadly Breaches
Save Your Network – Protecting Healthcare Data from Deadly BreachesLancope, Inc.
 
Cyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldCyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldSafeNet
 
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced ThreatsGood Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced ThreatsZivaro Inc
 
Forrester and Duo Security Webinar - 5 Signs You're Doing Authentication Wrong
Forrester and Duo Security Webinar - 5 Signs You're Doing Authentication WrongForrester and Duo Security Webinar - 5 Signs You're Doing Authentication Wrong
Forrester and Duo Security Webinar - 5 Signs You're Doing Authentication WrongDuo Security
 
Introduction to the Current Threat Landscape
Introduction to the Current Threat LandscapeIntroduction to the Current Threat Landscape
Introduction to the Current Threat LandscapeMelbourne IT
 
You Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And DetectionYou Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And DetectionCrowdStrike
 
The Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence WebinarThe Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence WebinarThreatConnect
 
Insider threats webinar 01.28.15
Insider threats webinar 01.28.15Insider threats webinar 01.28.15
Insider threats webinar 01.28.15Lancope, Inc.
 
Retail security-services--client-presentation
Retail security-services--client-presentationRetail security-services--client-presentation
Retail security-services--client-presentationJoseph Schorr
 
CONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin NystromCONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin NystromPROIDEA
 
Best practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSBest practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSAmazon Web Services
 
Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David...
Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David...Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David...
Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David...North Texas Chapter of the ISSA
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalPriyanka Aash
 
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...XEventsHospitality
 
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDCDefending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDCCloudflare
 
Carbon Black: 32 Security Experts on Changing Endpoint Security
Carbon Black: 32 Security Experts on Changing Endpoint SecurityCarbon Black: 32 Security Experts on Changing Endpoint Security
Carbon Black: 32 Security Experts on Changing Endpoint SecurityMighty Guides, Inc.
 

Similar to How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authentication (20)

Protecting endpoints from targeted attacks
Protecting endpoints from targeted attacksProtecting endpoints from targeted attacks
Protecting endpoints from targeted attacks
 
Intelligent Authentication
Intelligent AuthenticationIntelligent Authentication
Intelligent Authentication
 
Zero Trust : How to Get Started
Zero Trust : How to Get StartedZero Trust : How to Get Started
Zero Trust : How to Get Started
 
Save Your Network – Protecting Healthcare Data from Deadly Breaches
Save Your Network – Protecting Healthcare Data from Deadly BreachesSave Your Network – Protecting Healthcare Data from Deadly Breaches
Save Your Network – Protecting Healthcare Data from Deadly Breaches
 
Cyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative WorldCyber Security Management in a Highly Innovative World
Cyber Security Management in a Highly Innovative World
 
5 Ways To Fight A DDoS Attack
5 Ways To Fight A DDoS Attack5 Ways To Fight A DDoS Attack
5 Ways To Fight A DDoS Attack
 
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced ThreatsGood Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
 
Forrester and Duo Security Webinar - 5 Signs You're Doing Authentication Wrong
Forrester and Duo Security Webinar - 5 Signs You're Doing Authentication WrongForrester and Duo Security Webinar - 5 Signs You're Doing Authentication Wrong
Forrester and Duo Security Webinar - 5 Signs You're Doing Authentication Wrong
 
Introduction to the Current Threat Landscape
Introduction to the Current Threat LandscapeIntroduction to the Current Threat Landscape
Introduction to the Current Threat Landscape
 
You Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And DetectionYou Can't Stop The Breach Without Prevention And Detection
You Can't Stop The Breach Without Prevention And Detection
 
The Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence WebinarThe Business Benefits of Threat Intelligence Webinar
The Business Benefits of Threat Intelligence Webinar
 
Insider threats webinar 01.28.15
Insider threats webinar 01.28.15Insider threats webinar 01.28.15
Insider threats webinar 01.28.15
 
Retail security-services--client-presentation
Retail security-services--client-presentationRetail security-services--client-presentation
Retail security-services--client-presentation
 
CONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin NystromCONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin Nystrom
 
Best practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWSBest practices for automating cloud security processes with Evident.io and AWS
Best practices for automating cloud security processes with Evident.io and AWS
 
Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David...
Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David...Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David...
Luncheon 2015-06-18 Security Industry 2.0: Survival in the Boardroom by David...
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
 
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
Global Cyber Security Outlook - Deloitte (Hotel_Digital_Security_Seminar_Sept...
 
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDCDefending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC
 
Carbon Black: 32 Security Experts on Changing Endpoint Security
Carbon Black: 32 Security Experts on Changing Endpoint SecurityCarbon Black: 32 Security Experts on Changing Endpoint Security
Carbon Black: 32 Security Experts on Changing Endpoint Security
 

More from Brian Kelly

Avoiding the Passion Pit: How to stumble through startups to find your career
Avoiding the Passion Pit: How to stumble through startups to find your careerAvoiding the Passion Pit: How to stumble through startups to find your career
Avoiding the Passion Pit: How to stumble through startups to find your careerBrian Kelly
 
Launching A Startup in 2017: A Founder's Pocket Guide
Launching A Startup in 2017: A Founder's Pocket GuideLaunching A Startup in 2017: A Founder's Pocket Guide
Launching A Startup in 2017: A Founder's Pocket GuideBrian Kelly
 
Now is the best time to start a company… Now what?
Now is the best time to start a company… Now what?Now is the best time to start a company… Now what?
Now is the best time to start a company… Now what?Brian Kelly
 
Churn and what it says about product/market fit
Churn and what it says about product/market fitChurn and what it says about product/market fit
Churn and what it says about product/market fitBrian Kelly
 
Pragmatic Marketing recap by Brian Kelly
Pragmatic Marketing recap by Brian KellyPragmatic Marketing recap by Brian Kelly
Pragmatic Marketing recap by Brian KellyBrian Kelly
 
A look back bkelly duo farewell - june 2015
A look back bkelly duo farewell - june 2015A look back bkelly duo farewell - june 2015
A look back bkelly duo farewell - june 2015Brian Kelly
 

More from Brian Kelly (6)

Avoiding the Passion Pit: How to stumble through startups to find your career
Avoiding the Passion Pit: How to stumble through startups to find your careerAvoiding the Passion Pit: How to stumble through startups to find your career
Avoiding the Passion Pit: How to stumble through startups to find your career
 
Launching A Startup in 2017: A Founder's Pocket Guide
Launching A Startup in 2017: A Founder's Pocket GuideLaunching A Startup in 2017: A Founder's Pocket Guide
Launching A Startup in 2017: A Founder's Pocket Guide
 
Now is the best time to start a company… Now what?
Now is the best time to start a company… Now what?Now is the best time to start a company… Now what?
Now is the best time to start a company… Now what?
 
Churn and what it says about product/market fit
Churn and what it says about product/market fitChurn and what it says about product/market fit
Churn and what it says about product/market fit
 
Pragmatic Marketing recap by Brian Kelly
Pragmatic Marketing recap by Brian KellyPragmatic Marketing recap by Brian Kelly
Pragmatic Marketing recap by Brian Kelly
 
A look back bkelly duo farewell - june 2015
A look back bkelly duo farewell - june 2015A look back bkelly duo farewell - june 2015
A look back bkelly duo farewell - june 2015
 

Recently uploaded

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 

Recently uploaded (20)

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 

How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authentication

  • 1. How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authentication Presented by Duo Security with guests Forrester Research and University of Tennessee, Knoxville September 25, 2014 #duowebinar
  • 2. Agenda Rick Holland, Forrester Research How To Stop Targeted Attacks and Avoid “Expense In Depth” with Strong Authentication Brian Kelly, Duo Security How Duo Helps You Avoid “Expense In Depth” Bob Hillhouse, University of Tennessee, Knoxville A Case for Multi-factor Authentication #duowebinar
  • 3. How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authentication Rick Holland, Principal Analyst Forrester Research #duowebinar
  • 4. Agenda › Targeted attacks! › Targeted-Attack Hierarchy Of Needs › Recommendations © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 5. APT! © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 6. Heartbleed OpenSSL vulnerability exploited to compromise SSL VPN © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 7. Adversaries are on shopping sprees © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 8. Except the adversary isn’t being timed © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 9. We are hyper focused on the © 2014 Forrester Research, Inc. Reproduction Prohibited WRONG things
  • 10. Anything but the data © 2014 Forrester Research, Inc. Reproduction Prohibited Malware sandboxes Alert driven security Perimeter security controls
  • 11. Agenda › Targeted attacks! › Targeted-Attack Hierarchy Of Needs › Recommendations © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 12. Targeted-Attack Hierarchy Of Needs © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 13. Targeted-Attack Hierarchy Of Needs © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 14. Targeted-Attack Hierarchy Of Needs Need No. 1: An Actual Security Strategy © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 15. Silver bullets, for investment not defense © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 16. Expense in Depth © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 17. Targeted-Attack Hierarchy Of Needs Need No. 2: A Dedication To Recruiting And Retaining Staff © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 18. Lack of staff is a problem © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 19. Targeted-Attack Hierarchy Of Needs Need No. 3: A Focus On The Fundamentals © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 20. A Focus On The Fundamentals © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 21. Forrester’s Zero Trust model © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 22. Forrester’s Zero Trust model © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 23. Zero Trust is fundamental © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 24. Strong Authentication › Strong authentication is critical for disrupting attackers © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 25. Strong Authentication › Strong auth is critical for disrupting attackers › Protect your VPNs and Citrix but don’t forget about SaaS applications › Consider step up authentication for admins © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 26. Least privilege › Privileged accounts need to be monitored and audited › Don’t share local admin passwords across all hosts › Work towards a data classification program © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 27. Detecting lateral movement › Segment your network › Deploy visibility to key ingress/egress chokepoints › NETFLOW can be used for lateral movement detection © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 28. Agenda › Targeted attacks! › Targeted-Attack Hierarchy Of Needs › Recommendations © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 29. Return on Expense in Depth? © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 30. Recommendations › Evaluate your potential investments › What provides greatest marginal return on your investment? › What technology reduces the greatest attack surface? © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 31. Thank you Rick Holland rholland@forrester.com Twitter: @rickhholland
  • 32. How Duo Helps You Avoid “Expense In Depth” Brian Kelly, Principal Product Marketing Manager Duo Security #duowebinar
  • 33. Adoption of cloud, mobile, and BYOD is accelerating dramatically    # #  &  ☁#☁# IT 1.0: Mainframe IT 2.0: Client/Server IT 3.0: Cloud/Mobile
  • 34.    # #  &   &   &  ☁#☁# 1995 2000 2005 2010  &  Data Breaches Along this same timeline we’ve also seen dramatic growth in user-targeted attacks
  • 35.    # #  &   &   &  ☁#☁# 1995 2000 2005 2010  &  Data Breaches Why?
  • 36. What’s new in IT 3.0? ‣ Users ‣ Access from anywhere ‣ “Zero Trust” environment ‣ Devices ‣ Mobile proliferation ‣ BYOD acceptance ‣ Services ‣ Diminishing perimeter ‣ Platform and Software -as-a-Service  &  ☁#☁#
  • 37. What’s new in Security 3.0? ‣ Users ‣ Access from anywhere ‣ “Zero Trust” environment ‣ Devices ‣ Mobile proliferation ‣ BYOD acceptance ‣ Services ‣ Diminishing perimeter ‣ Platform and Software -as-a-Service Better OS and app security …but, limited endpoint control Better service security …but, limited network visibility
  • 38. What’s new in Security 3.0? ‣ Users ‣ Access from anywhere ‣ “Zero Trust” environment ‣ Devices ‣ Mobile proliferation ‣ BYOD acceptance ‣ Services ‣ Diminishing perimeter ‣ Platform and Software -as-a-Service User-targeted attacks Credentials are easily stolen • Phished • Guessed • Keylogged • Sniffed • Cracked • Reused • Bypassed
  • 39. 100% OF BREACHES involve stolen credentials — Mandiant Source: mandiant.com/threat-landscape and M-Trends annual reports
  • 40. advanced adversary will compromise your environment and accomplish their goal. The Targeted Attack Figure 2 The Hierarchy Targeted-Attack Hierarchy Of Of Needs Needs Detection and response Prevention An integrated portfolio that enables orchestration A focus on the fundamentals A dedication to recruiting and retaining staff An actual security strategy 107121 Source: Forrester Research,
  • 41. advanced adversary will compromise your environment and accomplish their goal. The Targeted Attack Figure 2 The Hierarchy Targeted-Attack Hierarchy Of Of Needs Needs Detection and response Prevention An integrated portfolio that enables orchestration A focus on the fundamentals A dedication to recruiting and retaining staff An actual security strategy 107121 Source: Forrester Research, Back to Basics ‣ Patch, harden, update (everything) ‣ Segment data, services, networks ‣ Review access controls (often) ‣ Inspect endpoints, enforce policy ‣ Require strong authentication
  • 42. Legacy two-factor authentication solutions overlook TCO On boarding Deployment $  #  ✉ $ $ $ Management Login  ⚠  ⏲
  • 43. Duo Security minimizes cost throughout 2FA lifecycle On boarding Deployment ☁ . Management Login / 
  • 44. Thousands Getting Better Security, Not Just More duosecurity.com/success-stories
  • 45. A Case For Multi-Factor Authentication Bob Hillhouse, Associate CIO and CISO University of Tennessee, Knoxville #duowebinar
  • 46. Cast ▪ The University of Tennessee, Knoxville ▪ 57 merchants across campus ▪ 130 Users; 150 Devices ▪ The UT Office of the Treasurer ▪ The Office of Information Technology (OIT)
  • 47. Act I - Prelude ▪ PCI-DSS Requirement 8.3 – Incorporate two-factor authentication for remote access to the network by employees, administrators, and third parties… ▪ 150 devices in the PCI-Subnet require Remote Desktop Services (RDP)
  • 48. Act II – The Timeline ▪ 8:00 AM ▪ 8:15 AM ▪ 8:30 AM ▪ 9:00 AM
  • 49. Act III – Prologue ▪ 2013 – The end of strong password-only security. – http://duo.sc/utk-vid
  • 50. Epilogue ▪ Compliance Goal was met ▪ Next: Two-Factor Authentication for all central IT staff using the VPN – 200 additional users ▪ Next: Two-Factor Authentication for all VPN Users – Usage Patterns – Establish scope (Campus-wide? Privileged Users Only?)
  • 51. Questions + Answers #duowebinar Rick Holland, Forrester Research rholland@forrester.com @rickhholland Brian Kelly, Duo Security bkelly@duosecurity.com @resetbrian Bob Hillhouse, University of Tennessee, Knoxville bob@utk.edu @ut_oit