Trending it security threats in the public sector

•

0 recomendaciones•317 vistas

State and local information security leaders continue to be challenged with the “new norm,” to do more with less, while remaining on top of technology trends driving the marketplace. Traditional information security approaches often have limited impact and require more attention and resources. Please join Grayson Walters, Information Security Officer of Virginia Department of Taxation, and Eric Cowperthwaite, Vice President of Advanced Security and Strategy at Core Security as they discuss some of the top IT security trends and developments in the public sector, more specifically, within state and local governments.

Software

The “New Norm” in Cyber Security:
What’s Trending Now in Public Sector

“…we should always be
evaluating how we can
work smarter...”
ERIC COWPERTHWAITE
VP Advanced Security and Strategy
Core Security
GRAYSON WALTERS
Information Security Officer
Virginia Department of Taxation

AGENDA
IT security threats plaguing the public sector
What you can do about them
Q&A

1. Access to targets
• Beware of “low-value targets” connected to larger,
more interesting entities
• Lower budgets and small staffs make evading
security a bit easier
How many vulnerabilities? How many applications? How many possible attack paths?
Are the vulnerabilities exploitable?
Does the attack path lead to sensitive data?

2. Where are your network boundaries?
• Commercial tech has always outpaced
business…and in government it is twice as bad
• BYOD – Connected personal device overload
• How many of your users are using web apps
that you don’t know about?
The Zero-Trust Model

3. Remember password theft
Password theft is real
• Phishing attacks work, they are easy to set up and
have very low risk - 12% will click!
• Users fail to report when they do something wrong
• Users have access to things they should not

4. Enforcing controls. Always.
Balancing policies and controls
• You don’t necessarily want to be the “enforcer,”
but it’s our role as security professionals

5. Overload…oh my!
Security teams are overloaded:
• Data – vulnerabilities, networks, viruses, SIEM, IoT, etc.
• Regulations – Required security, reports, mandatory activity
Security teams are, generally, too small, have the wrong skills
Many different regulations and security frameworks to satisfy

So, what can we do to mitigate some of these
#“new_norm”_threat_trends?

Penetration
Testing
Vulnerability
Management
Point Solution
Enterprise
Platform
1996 Core Security
Founded
2001 Core
Impact Pro
Released
2011 Core
Insight
Released
Core Security…evolution

Cut through the noise…
• Engage new and different security skills, outsource critical skills
• Success is going to require innovation
• Must understand what the bad guy will do
• Must know where to expend resources
• Implement new technologies
o Analytics
o Automation
o Integration
Change the game to intelligent defense

RemediateCollect
Remediation
IT/Network Ops
GRC
SIEM
Forensics
Anti-Virus
Logging
Scanning
Tools
Application
Security
Scanning
Web App
Security
DATA
The Problem:
• Mountains of Data
• 1000’s of Vulnerabilities
• No Relevance to Business
The traditional solution:
• Try to patch everything
• Priority based on arbitrary scores
• No business context

Collect Remediate
Nessus
MVM
IP360
Qualys
Nexpose
Etc.
Trustwave
AppSpider
App Scan
Qualys
Web Inspect
Etc.
DATA
Attack Intelligence Platform
Consolidate security data
Simulate attack paths
Prioritize business risk
Validate vulnerabilities
Remediation
IT/Network Ops
Actionable
Information
Analyze

Core Security Attack Intelligence Platform

@coresecurity I blog.coresecurity.com I
www.coresecurity.com
ERIC COWPERTHWAITE. @e_cowperthwaite
GRAYSON WALTERS. @grandomthoughts

Más contenido relacionado

La actualidad más candente

Rothke Sia 2006

Ben Rothke

Cyber Security and Cyber Awareness

Jay Nagar

Cyber security

ZwebaButt

Cyber security awareness for students

Akhil Nadh PC

Computer & internet Security

Gerard Lamusse

Cyber privacy and password protection

sajeena81

Cyber Security Awareness (Reduce Personal & Business Risk)

Gian Gentile

Online safety

MARCPELAYO1

Cyber Security Workshop @SPIT- 3rd October 2015

Nilesh Sapariya

CYBER ETHICS, CRIMES AND SAFTY

FaMulan2

Cyber security & awareness

Rishab garg

Cyber-savvy Cyber-safety

Tawose Olamide Timothy

Cyber security

Debaroy1995

Cyber Security Awareness Session for Executives and Non-IT professionals

Krishna Srikanth Manda

Cybersecurity

Helen Dixon

Cyber security awareness for end users

NetWatcher

Cyber security awareness for students

Kandarp Shah

What is Phishing - Kloudlearn

KloudLearn

Cyber security

Sabir Raja

La actualidad más candente (19)

Rothke Sia 2006

Cyber Security and Cyber Awareness

Cyber security

Cyber security awareness for students

Computer & internet Security

Cyber privacy and password protection

Cyber Security Awareness (Reduce Personal & Business Risk)

Online safety

Cyber Security Workshop @SPIT- 3rd October 2015

CYBER ETHICS, CRIMES AND SAFTY

Cyber security & awareness

Cyber-savvy Cyber-safety

Cyber security

Cyber Security Awareness Session for Executives and Non-IT professionals

Cybersecurity

Cyber security awareness for end users

Cyber security awareness for students

What is Phishing - Kloudlearn

Cyber security

Similar a Trending it security threats in the public sector

What your scanner isn't telling you

Core Security

Presentacion realizada en Argentina y Paraguay Durante Marzo 2014. En Argentina por Faustino Sanchez. En Paraguay por Santiago Cavanna. Trata sobre el problema de la presencia de vulnerabilidades en aplicaciones, el impacto que tiene en las organizaciones y la forma que se encuentra disponible para descubrirlas en forma temprana y facilitar su remediacion Links disponibles en http://www.santiagocavanna.com/segurinfo-2014-el-costo-oculto-de-las-aplicaciones-vulnerables/

Segurinfo2014 Santiago Cavanna

Santiago Cavanna

Law Firm Cybersecurity: Practical Tips for Protecting Your Data

Accellis Technology Group

Information Technology Security Basics

Mohan Jadhav

According to the latest research from cyber security firm, Kamino, 45% of financial advisers had experienced a cyber incident last year. Julian Plummer, founder of Kamino, delves into why cyber security is a very real issue for financial advisers and their clients, and the types of cyber incidents that are impacting the financial planning industry. He also provides easy to implement measures to help you improve the cyber security of your practice.

Netwealth educational webinar: Peace of mind in a digital world

netwealthInvest

Gene Scriven, Chief Information Security Officer at Sabre Corporation, discussed the biggest threats to today’s enterprises during his presentation at the 2015 Chief Information Officer Leadership Forum in Dallas on March 11. In his presentation, “Top 12 Threats to Enterprise – aka ‘Gene’s Dirty Dozen,’” Scriven pointed out that information security is a major problem for many organizations, but there are several ways that organizations can protect themselves against myriad cyber threats.

Top 12 Threats to Enterprise

Argyle Executive Forum

The significance of the 7 Colors of Information Security

learntransformation0

2015 Cyber Security

Allen Zhang

Event Presentation: Cyber Security for Industrial Control Systems

Infonaligy

Join us on our upcoming BYOP (Bring Your Own Pizza) "Application Security Meetup" to hear about the latest cyber security breaches, trends and technologies in modern application development. Agenda: 17:00 - 17:10 - Opening words - by Lior Mazor (Organizer) 17:10 - 17:35 - 'Recent cyber security attacks in Israel' - by Lior Mazor (Organizer) 17:35 - 18:00 - ‘How to deliver a secure product’ - by Michael Furman (Tufin) 18:00 - 18:30 - 'Hacking serverless - Introduction to Serverless Application Security' - by Yossi Shenhav (Komodo) 18:30-19:00 - ‘Post Apocalypse: Exploiting web messaging implementations’ - by Chen Gour-Arie (enso security)

Application security meetup 27012021

lior mazor

Security economics

Yansi Keim

Cyber security and AI

DexterJanPineda

13734729.ppt

AmitPandey388410

In a changing world of threads and thread actors we find ourselves bombarded with new technology hypes and toolsets. Security tooling is like emotional eating you feel good for a while but at the end you are not in a better position. This presentation addresses common questions such as how to differentiate between hype and reality, how to keep up with a limited budget, what is your security maturity level and how to fit this in a regulatory and compliance context. In the board room these questions pop up on a regular basis lets bring you through the journey of how to answer and make it work presenting a customer success story.

Cyber innovation without a new product to buy-Michael Boeckx - cybersec europ...

NRBsanv

20101012 isa larry_clinton

CIONET

Triggered by the corona virus lock down, the abrupt transition to a work from home ( W F H) venue forced organizations to scramble to support a larger remote workforce. Such a quick shift means that certain security measures and requirements inevitably fell by the wayside. At the same time, cybercriminals found a new opportunity for attack with remote workers and improperly secured connections and technologies. Together, these trends have created a more vulnerable environment affecting the cyber security defenses of many organizations.

IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS

PreetiDevidas

Nonprofit IT Trends 2018

Community IT Innovators

Cyber attackers are better funded, more focused, and more successful than ever. Making matters worse, defenders have more IT territory to protect, including public cloud, virtual infrastructure, mobile, Internet of Things, and an expanding list of users, applications, and data. An evolution in security strategies is underway; shifting from a preventive approach to one that is more balanced across prevention, monitoring, and response. In this session, we delve into key innovations that enable a more effective defense and how RSA’s NetWitness suite is delivering many of these innovations.

MT 117 Key Innovations in Cybersecurity

Dell EMC World

Ijnsa050215

IJNSA Journal

NZISF Talk: Six essential security services

Hinne Hettema

Similar a Trending it security threats in the public sector (20)

What your scanner isn't telling you

Segurinfo2014 Santiago Cavanna

Law Firm Cybersecurity: Practical Tips for Protecting Your Data

Information Technology Security Basics

Netwealth educational webinar: Peace of mind in a digital world

Top 12 Threats to Enterprise

The significance of the 7 Colors of Information Security

2015 Cyber Security

Event Presentation: Cyber Security for Industrial Control Systems

Application security meetup 27012021

Security economics

Cyber security and AI

13734729.ppt

Cyber innovation without a new product to buy-Michael Boeckx - cybersec europ...

20101012 isa larry_clinton

IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS

Nonprofit IT Trends 2018

MT 117 Key Innovations in Cybersecurity

Ijnsa050215

NZISF Talk: Six essential security services

Más de Core Security

Identity Governance and Administration solutions are more than the newest security buzzword, they are integral solutions that work with your Identity and Access Management solutions to keep your network safe. In this webinar, our product solutions team will talk about, and explain how to solve, the three biggest struggles they see with IGA programs such as: - Dealing with Third Party Contractors - Struggling with finding time to do more reviews - Keeping up with compounding access

How to Solve the Top 3 Struggles with Identity Governance and Administration ...

Core Security

Lazy Penetration Tester Tricks

Core Security

Thanks for All the Phish: Introducing Core Impact 18.1

Core Security

Identity + Security: Welcome to Your New Career

Core Security

Joseph Blankenship is a leading security industry veteran and currently a senior analyst at Forrester serving security and risk professionals. This session examined how analytics and automation are combining to transform security operations. Specifically, he will address how combating threats and keeping pace with change requires security technologies to work together and security leaders to embrace automation.

Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...

Core Security

In 2016 alone, over 4000 cyber attacks were reported globally – with many more never reported or even detected. Enterprises deploy security point solutions in the hopes of stopping a data breach, while savvy attackers work to exploit the whitespace between them. This session will explore how a connected approach to security, one where vendors are joining forces to specifically address the data breach problem, will eliminate the silos that make it possible for breaches to happen.

No More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe

Core Security

Passwords, multi-factor authentication, knowledge-based questions/answers, and hard tokens are based on technologies that are now 20 years old. With organizations losing the battle against cyber attacks, it’s clearly time to move beyond these legacy technologies and adopt a modern approach in which awareness and flexibility are king. Authentication must adapt based on the level of risk, so that it can deliver strong security yet be invisible to users most of the time. Achieving that balance of strong security and appropriate user friction is the basis for modern authentication. This session will explore what modern authentication is and why using it across all users, devices, and services is vital to turning a losing battle into a winning strategy to stop cyber attacks.

Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...

Core Security

Vulnerability Assessments, Penetration Tests and Red Teaming – Do you know what these tactics are all about? In this session, we will present our understanding of these practices in terms of when to apply them and what to expect. Nowadays, organizations run on top of hundreds, if not thousands, of Information Technology assets with some of them on premise and others cloud based. Having control over all of this is a challenging task. Based on our extensive experience with securing our customers, I will show what real findings and attack trends look like while hopefully, shedding some light on how to be prepared to resist current attacks.

Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...

Core Security

Threat Dissection - Alberto Soliño Testa Research Director, Core Security

Core Security

Vulnerability Management is like a Hydra, chop off one head and two more grow back. It is impossible to keep up. How do you prioritize? How can you get ahead? Maybe “ahead” is too ambitious - but what about drastically reducing risk? One way to make an impact is with attack path mapping. Allowing VM teams to quickly identify the weak device in the chain on how an attacker could move laterally to the so-called “Crown Jewels.” In this session, users will learn the best practices on how to ingest router and firewall data for better attack path mapping and how to quickly break the chain in the attack path, allowing you to sever the head of the Hydra.

How to Defeat the Vulnerability Hydra - Andy Nickel Sales Engineer, Core Secu...

Core Security

Whether it’s the revered single plane of glass view in a SIEM or building an auto containment workflow for compromised devices, Network Insight admins can use built-in integrators to take action quickly or build their own with the API. With SIEM for instance, what if the view is wrong or incomplete? This can cause the response teams to spend invaluable time looking and or chasing the wrong things. It’s critical to understand how to ingest the NI outputs into your SIEM to keep things flowing smoothly. In this session we will cover the two different types of feeds and ideas on how to best incorporate them into your SIEM workflow. This session will help responders understand the Network Insight SIEM output so they can quickly understand the output and how to build SIEM workflows and dashboards to get optimal results. Also covered will be use cases for Next Generation Firewall (NGFW), Network Access Control (NAC) and Proxy integrations.

Understanding Network Insight Integrations to Automate Containment and Kick S...

Core Security

It’s the Epic battle between business enablement and data protection. In the past, there was no winner. If business enablement wins, your attack surface is broad. If locking down your data wins, your business can’t thrive. No matter how you stack the sides, they both hinge on IDENTITY. In this presentation, Stephen Newman shares the combined product vision of SecureAuth and Core Security and introduces Identity Security Automation: where the worlds of identity management and security operations meet.

Product Vision - Stephen Newman – SecureAuth+Core Security

Core Security

How do you separate the good from the bad actors? Put on your white hat as we go on an adventure to separate the wheat from the chaff; or the good from the bad and not so bad. Join us for a chance to learn from our Threat Research team and how they track and expose threat operators and build that intelligence into Network Insight. Not only that, but discover the different ways our Threat Research team is able to apply their findings. This will be an insightful session for anyone interested in learning more about a day in the life of a threat researcher.

The Good, the Bad, and The Not So Bad: Tracking Threat Operators with Our Thr...

Core Security

Come meet the newest member of the Core Security product family – Core Role Designer. Our visual-first, analytics driven approach to designing roles will help you understand the relationship between people and what they have access to. You’ll not only be able to create the best roles possible, you’ll also discover rogue access and underprovisioned accounts in your organization. Step up your role game with Core Role Designer.

Introducing Core Role Designer - Michael Marks Product Manager - Identity, Co...

Core Security

Core Connector API Demo - Michael Marks Product Manager - Identity, Core Secu...

Core Security

Access Assurance Suite Tips & Tricks - Lisa Lombardo Principal Architect Iden...

Core Security

The Why - Keith Graham, CTO – SecureAuth+Core Security

Core Security

Everyone loves a good tip, like using a stick of spaghetti to light a hard to reach candle wick or using Doritos to start a fire. In this session VI users will learn the top tips and tricks for both the GUI and configurations. Along with ingesting router data and using it for attack path identification, users will learn how to quickly use the existing Attack Strategy to first prioritize any immediate critical vulnerabilities, how to setup campaigns for critical assets and tips for report usage and customization. There will also be time for users to share their favorite tips with other attendees. The more we all share, the more value everyone can get from the tool.

Vulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core Security

Core Security

Speed to respond is critical in fighting cyber threats and cyberattacks. Learning how to quickly assess findings leads to faster response and containment. As users get familiar with the Network Insight, formerly Failsafe, user console and how to read results, quick decisions can be made as to next steps to response. In this session, we will cover how to quickly assess findings in the GUI directly or when pivoting from a SIEM or ITSM in response to a case – including top dashboard widgets for quickly drilling down on pre-filtered lists of assets. This session will cover asset filtering methods to highlight what things are important to each organization. Most importantly you will learn how to drill down on individual assets, what to look for and which sections can quickly decide on next steps.

Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,T...

Core Security

10 IT Security Trends to Watch for in 2016

Core Security

Más de Core Security (20)

How to Solve the Top 3 Struggles with Identity Governance and Administration ...

Lazy Penetration Tester Tricks

Thanks for All the Phish: Introducing Core Impact 18.1

Identity + Security: Welcome to Your New Career

Put Analytics And Automation At The Core Of Security – Joseph Blankenship – S...

No More SIlos: Connected Security - Mike Desai and Ryan Rowcliffe

Modern Authentication – Turn a Losing Battle into a Winning Strategy, Robert ...

Security Consulting Services - Which Is The Best Option For Me? - Diego Sor, ...

Threat Dissection - Alberto Soliño Testa Research Director, Core Security

How to Defeat the Vulnerability Hydra - Andy Nickel Sales Engineer, Core Secu...

Understanding Network Insight Integrations to Automate Containment and Kick S...

Product Vision - Stephen Newman – SecureAuth+Core Security

The Good, the Bad, and The Not So Bad: Tracking Threat Operators with Our Thr...

Introducing Core Role Designer - Michael Marks Product Manager - Identity, Co...

Core Connector API Demo - Michael Marks Product Manager - Identity, Core Secu...

Access Assurance Suite Tips & Tricks - Lisa Lombardo Principal Architect Iden...

The Why - Keith Graham, CTO – SecureAuth+Core Security

Vulnerability Insight Tips & Tricks - Magno Gomes SE Manager, Core Security

Network Insight: How To Assess Findings - Tier 1 SOC Triage - Mark Gilbert ,T...

10 IT Security Trends to Watch for in 2016

Último

%in tembisa+277-882-255-28 abortion pills for sale in tembisa

masabamasaba

Craft an AI & Machine Learning Pitch with our Editable Professional PowerPoint Template. Ignite your AI & Machine Learning pitch with our cutting-edge PowerPoint template tailored for the industry. Perfect for AI conferences, investor presentations, sales pitches to tech-focused companies, training sessions, and educational programs. - 20+ editable slides: Get a variety of options to choose from for your presentation. - Time-saving solution: Download, replace text/images with a few clicks. - User-friendly customization: Easy to use and personalize. - Modern and attractive design: Captivating visuals, sleek layout. - Tailored to your requirements: Fully alterable for customization. - Well-organized slides: Complete control over content. - Thematic specificity: Reflects healthcare industry with relevant graphics. - Showcase your business idea: Communicate value proposition effectively.

AI & Machine Learning Presentation Template

Presentation.STUDIO

MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...

Jittipong Loespradit

HR Software Buyers Guide in 2024 - HRSoftware.com

Fatema Valibhai

Pharm-D Biostatistics and Research methodology

Anusha Are

8257 interfacing 2 in microprocessor for btech students

HimanshiGarg82

A great deal of attention in medical devices has shifted towards cybersecurity with the ratification of section 524B of the FD&C act. This new law enables the FDA to enforce cybersecurity controls in any medical device that is capable of networked communications or that has software. In this webinar we will recap the process for managing vulnerabilities, identify categories of vulnerabilities and solutions and more.

The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...

ICS

(Vivek)Call Us, 8448380779,Call girls in Delhi NCr – We Offer best in class call girls. escort Service At Affordable Price At low Rate with Space Night 8000 We Are One Of The Oldest Escort and Call girls Agencies in Delhi. You Will Find That Our Female Escorts Are Full Of Fun, Sexy And They Would Love Enjoy Your Company. We Have A Fantastic Selection Of Escort Ladies Available For In-Calls As Well As Out-Calls. Our Escorts Are Not Only Beautiful But All Have Great Personalities Making Them The Perfect Companion For Any Occasion. In-Call:- You Can Come At Our Place in Delhi Our place Which Is Very Clean Hygienic 100% safe Accommodation. Out-Call:- You have To Come Pick The Girl From My Place We Are Also Provide Door Step Services (Delhi Ncr, Noida, Gurgaon, Faridabad, Ghaziabad Note:- Pic Collectors Time Passers Bargainers Stay Away As We Respect The Value For Your Money Time And Expect The Same From You Hygienic:- Full Ac room And Clean Rooms Available In Hotel 24 * 7 Hourly In Delhi NCR More Details, With WhatsApp Number, +91-8448380779

Sector 18, Noida Call girls :8448380779 Model Escorts | 100% verified

Delhi Call girls

The title is not connected to what is inside

shinachiaurasa2

Technology has taken up space all over the world. From generating content with a single command on ChatGPT to getting your food served by Robots at your favorite restaurant, artificial advancements have ruled every space. Every industry is set to develop top-notch technology in every sector; finance, IT, healthcare, gaming, and banking, with competitive market standards. One of these rapidly growing industries is Mobile App Development. According to the Straits Research report, it is expected to reach USD 583.03 billion at a CAGR OF 12.8% between (2022 and 2030). It clearly shows how mobile app development has become an integral part of the digital landscape and revolutionized technology.

The Top App Development Trends Shaping the Industry in 2024-25 .pdf

ayushiqss

10 Trends Likely to Shape Enterprise Technology in 2024

Mind IT Systems

%in Midrand+277-882-255-28 abortion pills for sale in midrand

masabamasaba

%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain

masabamasaba

Test automation is a cornerstone of software development and quality assurance in today's rapidly evolving digital landscape. Its significance cannot be overstated. Businesses can enhance efficiency, productivity, and accelerate software delivery to market through automation, streamlining testing processes effectively. This comprehensive guide addresses the best practices for test automation in 2024. It offers a detailed checklist to empower you to optimize your automation efforts and maintain a competitive edge.

The Ultimate Test Automation Guide_ Best Practices and Tips.pdf

kalichargn70th171

In an era where security concerns are paramount, the integration of artificial intelligence (AI) into CCTV cameras has revolutionized surveillance capabilities. One of the most significant advancements is the ability to achieve real-time threat detection, enabling immediate responses to potential security breaches. This blog explores how AI is reshaping surveillance through real-time threat detection and the implications of this technology.

Optimizing AI for immediate response in Smart CCTV

shikhaohhpro

Looking for an efficient way to manage your finances? Look no further than our money management app. With easy-to-use features, you can track your expenses, create budgets, and monitor your savings goals all in one place. Our app provides real-time updates on your spending habits and helps you make smarter financial decisions. Take control of your finances today with our user-friendly money management app.

Right Money Management App For Your Financial Goals

Jhone kinadey

Investing in AI transformation today The modern business advantage: Uncovering deep insights with AI Organizations around the world have come to recognize AI as the transformative technology that enables them to gain real business advantage. AI’s ability to organize vast quantities of data allows those who implement it to uncover deep business insights, augment human expertise, drive operational efficiency, transform their products, and better serve their customers

Microsoft AI Transformation Partner Playbook.pdf

Willy Marroquin (WillyDevNET)

introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf

VishalKumarJha10

Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...

SelfMade bd

ManageIQ - Sprint 236 Review - Slide Deck

ManageIQ

Trending it security threats in the public sector

1. The “New Norm” in Cyber Security: What’s Trending Now in Public Sector

2. “…we should always be evaluating how we can work smarter...” ERIC COWPERTHWAITE VP Advanced Security and Strategy Core Security GRAYSON WALTERS Information Security Officer Virginia Department of Taxation

3. AGENDA IT security threats plaguing the public sector What you can do about them Q&A

4. 1. Access to targets • Beware of “low-value targets” connected to larger, more interesting entities • Lower budgets and small staffs make evading security a bit easier How many vulnerabilities? How many applications? How many possible attack paths? Are the vulnerabilities exploitable? Does the attack path lead to sensitive data?

5. 2. Where are your network boundaries? • Commercial tech has always outpaced business…and in government it is twice as bad • BYOD – Connected personal device overload • How many of your users are using web apps that you don’t know about? The Zero-Trust Model

6. 3. Remember password theft Password theft is real • Phishing attacks work, they are easy to set up and have very low risk - 12% will click! • Users fail to report when they do something wrong • Users have access to things they should not

7. 4. Enforcing controls. Always. Balancing policies and controls • You don’t necessarily want to be the “enforcer,” but it’s our role as security professionals

8. 5. Overload…oh my! Security teams are overloaded: • Data – vulnerabilities, networks, viruses, SIEM, IoT, etc. • Regulations – Required security, reports, mandatory activity Security teams are, generally, too small, have the wrong skills Many different regulations and security frameworks to satisfy

9. So, what can we do to mitigate some of these #“new_norm”_threat_trends?

10. Penetration Testing Vulnerability Management Point Solution Enterprise Platform 1996 Core Security Founded 2001 Core Impact Pro Released 2011 Core Insight Released Core Security…evolution

11. Cut through the noise… • Engage new and different security skills, outsource critical skills • Success is going to require innovation • Must understand what the bad guy will do • Must know where to expend resources • Implement new technologies o Analytics o Automation o Integration Change the game to intelligent defense

12. RemediateCollect Remediation IT/Network Ops GRC SIEM Forensics Anti-Virus Logging Scanning Tools Application Security Scanning Web App Security DATA The Problem: • Mountains of Data • 1000’s of Vulnerabilities • No Relevance to Business The traditional solution: • Try to patch everything • Priority based on arbitrary scores • No business context

13. Collect Remediate Nessus MVM IP360 Qualys Nexpose Etc. Trustwave AppSpider App Scan Qualys Web Inspect Etc. DATA Attack Intelligence Platform Consolidate security data Simulate attack paths Prioritize business risk Validate vulnerabilities Remediation IT/Network Ops Actionable Information Analyze

14. Core Security Attack Intelligence Platform

15. Thank you! Now, it’s time for Q&A.

16. @coresecurity I blog.coresecurity.com I www.coresecurity.com ERIC COWPERTHWAITE. @e_cowperthwaite GRAYSON WALTERS. @grandomthoughts

Trending it security threats in the public sector

Recomendados

Recomendados

Más contenido relacionado

La actualidad más candente

La actualidad más candente (19)

Similar a Trending it security threats in the public sector

Similar a Trending it security threats in the public sector (20)

Más de Core Security

Más de Core Security (20)

Último

Último (20)

Trending it security threats in the public sector