SlideShare una empresa de Scribd logo

Insider Threat Solution from GTRI

Zivaro Inc
Zivaro Inc

Insider threats come in a variety of forms and may be malicious or simply the result of negligence. Insider attacks can cause more damage than outsider threats, so it is important that organizations understand how to protect against and remedy insider threats. Learn more about insider threats and GTRI's Insider Threat Security Solution in this presentation. (Source: GTRI) This presentation includes information about Cisco Stealthwatch, which goes beyond conventional threat detection and harnesses the power of NetFlow. With it, you get advanced network visibility, analytics, and protection. You see everything happening across your network and data center. And you can uncover attacks that bypass the perimeter and infiltrate your internal environment. (Source: Cisco)

Tecnología
1 de 38
WWW.GTRI.COM © 2016 Global Technology Resources, Inc. All rights reserved. Insider Threat Solution Understanding Prevalence and Preventative Measures
© 2016 Global Technology Resources, Inc. All Rights Reserved. 2 What Are Insider Threats? • Insider access: Employees, contractors • Exploits/exceeds authorized access • Affects security, systems, daily operations • Not all “malicious” or intentional • Negligence can result in a damaging attack
© 2016 Global Technology Resources, Inc. All Rights Reserved. 3 53% 34% 34% 30% Unintentional Exposure Intellectual Property Theft Unauthorized Access Insider Threat Incidents Are Pervasive Source: 2013 US State of Cybercrime Survey, CSO Magazine, U.S. Secret Service, Software Engineering Institute CERT Program at Carnegie Mellon University, and Price Waterhouse Cooper, June 2013 31% Theft of Other Assets/Data Experienced Insider Attack With Damage Greater Than Outside Attack
© 2016 Global Technology Resources, Inc. All Rights Reserved. 4 Insider Threats Impact Everyone Retail Media and Entertainment Government Industry Healthcare Energy and Utilities Small Business More…
© 2016 Global Technology Resources, Inc. All Rights Reserved. 5 Insider Threat Damage Leaked Unreleased Films 70 Million Customers PII Breach Attacked, Breached Substation 4 Million Personal Records Proprietary Formula Stolen, Sold PIN Pads in 63 Stores Hacked Sensitive Information, Salaries $10M Lawsuit Settlement $100M Security Program “Crown Jewel” Intelligence to China Chinese Competitor Bought Large, Class Action Law Suit
© 2016 Global Technology Resources, Inc. All Rights Reserved. 6 Insider Threat Protection • Best-of-breed solutions are important, but not fool proof • Vigilance is necessary to protect against insider threats that affect data, reputation, safety and the bottom line
© 2016 Global Technology Resources, Inc. All Rights Reserved. 7 Insider Threats: Where Exposure Occurs • Device Level Threats • Network Level Threats • User Proficiency Threats • User Behavior Threats • Social Media Threats
© 2016 Global Technology Resources, Inc. All Rights Reserved. 8 Network Level Threats Combating Threats: Critical Capabilities Profile Non- Standard Network Communication Detect Slow, Stealthy User Device Threats Identify Suspect Network Activity
© 2016 Global Technology Resources, Inc. All Rights Reserved. 9 Network Level Threat Protection • In-depth Security Context • Complete Picture of Network Activity • Actionable Security Intelligence • Faster Threat Detection • Advanced Forensic Tools • Improved Incident Response STEALTHWATCH BY LANCOPE
© 2016 Global Technology Resources, Inc. All Rights Reserved. 10 Summary • Insider Threats o Pervasive o Not limited to high-profile targets o Big business: Losses of $2.9 trillion annually1 • Insider Threat Protection o Starts with C-Level commitment o More than screening, perimeter security o Best accomplished with experienced partner/services provider 1. 2013 US State of Cybercrime Survey, CSO Magazine, U.S. Secret Service, Software Engineering Institute CERT Program at Carnegie Mellon University, and Price Waterhouse Cooper, June 2013
WWW.GTRI.COM © 2016 Global Technology Resources, Inc. All rights reserved. sales@gtri.com | 877.603.1984 | @gtri_global Thank You
Mark Belcher Ken Daniels Bart Gates Stealthwatch-Cisco Stealthwatch-CiscoStealthwatch-Cisco PAM CSE SAM Cisco Stealthwatch
IOT and what does it mean?
Shrinking the Attack Surface?????
Pace of Disruption 124 years 25 years 12 years
Scale of Disruption $300B $40B 1 Million Rooms
Cisco Security – Simple will get you breached but complex will get you beat! AnyConnect Threatgrid ISE AMP Talos TrustSec Firepower ASA ESA WSACisco StealthWatch OpenDNS
AnyConnect
Open DNS
ISE
ESA/WSA
ASA
FirePower/AMP
Talos
ThreatGrid
TrustSec
StealthWatch
Signature Anomaly Behavior Advanced Detection Methods Signature = Object against blacklist • IPS, Antivirus, Content Filter Behavior = Inspect Victim behavior against blacklist • Malware Sandbox, NBAD, HIPS, SIEM Anomaly = Inspect Victim behavior against whitelist • NBAD, Quantity/Metric based—not Signature based Signature Behavior Anomaly Known Exploits BEST Good Limited 0-day Exploits Limited BEST Good Insider Abuse Limited Limited BEST
enterprise network Attacker Perimeter (Inbound) Perimeter (Outbound) Infiltration and Backdoor establishment 1 C2 Server Admin Node Reconnaissance and Network Traversal 2 Exploitation and Privilege Elevation 3 Staging and Persistence (Repeat 2,3,4) 4 Data Exfiltration 5 Anatomy of a Data Breach
What does Stealthwatch do? Network Segmentation Internal Threat Visibility Incident Response
© 2014 Lancope, Inc. All rights reserved. Ideal Visibility Solution? 32 Full packet capture everywhere…? InternetAmador Delta Solano Edge Routing DMZ Switching Datacenter Switches Perimeter Security Core SwitchingHub Router WAN Routers Access Switching IDF Datacenter WAN DMZ Access 32
© 2014 Lancope, Inc. All rights reserved. Ubiquitous visibility via Telemetry 33 … your infrastructure is the source: InternetAmador Delta Solano Border DMZ Virtual Hosts Perimeter Datacenter WAN Hub WAN Access IDF Datacenter WAN DMZ Access Flow Flow Flow Flow Flow Flow Flow Flow Flow Flow Flow Flow Flow Flow Flow Flow 33 * For every 1MB of External (N/S) traffic 5MB of Internal (E/W) traffic is created
© 2014 Lancope, Inc. All rights reserved. Visibility via Flow Metadata 34 Telephone bill Flow
Host Groups – The Secret Sauce! 35 • Location – site – branch • Datacenter • Function – application • Business unit • Sensitivity – compliance • New malware families • Point-of-sale malware • Banking malware • Keylogger, exfil data • DDoS Outside – Internet • Geo-location • Business partners • Cloud providers • Social media Inside – Internal Command & Control Apply Network Segmentation Build Logical Boundaries
Profile Business Critical Processes
StealthWatch Enables Network Visibility EVERYTHING must touch the network KNOW every host Know what is NORMAL What else can the network tell me? RECORD every conversation Gain Context-Aware Security Company Network Assess Audit Posture Response Context Detect Alert to CHANGE Store for MONTHS
www.cs.co/sellingstealthwatch

Recomendados

5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider Threat
Lancope, Inc.
 
Insider threat v3
Insider threat v3Insider threat v3
Insider threat v3
Lancope, Inc.
 
Identify and Stop Insider Threats
Identify and Stop Insider ThreatsIdentify and Stop Insider Threats
Identify and Stop Insider Threats
Lancope, Inc.
 
Insider threat kill chain
Insider threat kill chainInsider threat kill chain
Insider threat kill chain
Tarun Gupta,CRISC CISSP CISM CISA BCCE
 
Detecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatDetecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-Threat
Mike Saunders
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider Threat
PECB
 
Insider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziInsider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint Prezi
Kashif Semple
 
Insider threats and countermeasures
Insider threats and countermeasuresInsider threats and countermeasures
Insider threats and countermeasures
KAMRAN KHALID
 

Recomendados

5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider Threat
Lancope, Inc.
 
Insider threat v3
Insider threat v3Insider threat v3
Insider threat v3
Lancope, Inc.
 
Identify and Stop Insider Threats
Identify and Stop Insider ThreatsIdentify and Stop Insider Threats
Identify and Stop Insider Threats
Lancope, Inc.
 
Insider threat kill chain
Insider threat kill chainInsider threat kill chain
Insider threat kill chain
Tarun Gupta,CRISC CISSP CISM CISA BCCE
 
Detecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-ThreatDetecting-Preventing-Insider-Threat
Detecting-Preventing-Insider-Threat
Mike Saunders
 
The Insider Threat
The Insider ThreatThe Insider Threat
The Insider Threat
PECB
 
Insider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziInsider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint Prezi
Kashif Semple
 
Insider threats and countermeasures
Insider threats and countermeasuresInsider threats and countermeasures
Insider threats and countermeasures
KAMRAN KHALID
 
Ht t17
Ht t17Ht t17
Ht t17
SelectedPresentations
 
Insider Threat Summit - The Future of Insider Threat Detection
Insider Threat Summit - The Future of Insider Threat DetectionInsider Threat Summit - The Future of Insider Threat Detection
Insider Threat Summit - The Future of Insider Threat Detection
ObserveIT
 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes
ObserveIT
 
The Accidental Insider Threat
The Accidental Insider ThreatThe Accidental Insider Threat
The Accidental Insider Threat
Murray Security Services
 
Proactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider ThreatProactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider Threat
Andrew Case
 
Why Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityWhy Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level Priority
David Mai, MBA
 
Insider Threat
Insider ThreatInsider Threat
Insider Threat
Andy Thompson
 
Internal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackInternal Threats: The New Sources of Attack
Internal Threats: The New Sources of Attack
Mekhi Da ‘Quay Daniels
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
Netpluz Asia Pte Ltd
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threat
zhihaochen
 
Unintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeUnintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric Cole
David Mai, MBA
 
Insider threat
Insider threatInsider threat
Insider threat
ARCON TECHSOLUTIONS
 
Expert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessExpert FSO Insider Threat Awareness
Expert FSO Insider Threat Awareness
Eric Schiowitz
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection Recommendations
AlienVault
 
Hunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsHunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systems
Fidelis Cybersecurity
 
Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)
Resilient Systems
 
Data Security in Healthcare
Data Security in HealthcareData Security in Healthcare
Data Security in Healthcare
Quick Heal Technologies Ltd.
 
Insider Threats: Out of Sight, Out of Mind?
Insider Threats: Out of Sight, Out of Mind?Insider Threats: Out of Sight, Out of Mind?
Insider Threats: Out of Sight, Out of Mind?
ObserveIT
 
VAPT Infomagnum
VAPT InfomagnumVAPT Infomagnum
VAPT Infomagnum
ARUN REDDY M
 
Cisa ransomware guide
Cisa ransomware guideCisa ransomware guide
Cisa ransomware guide
anpapathanasiou
 
The Insider's Guide to the Insider Threat
The Insider's Guide to the Insider ThreatThe Insider's Guide to the Insider Threat
The Insider's Guide to the Insider Threat
Imperva
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside Out
Lancope, Inc.
 

Más contenido relacionado

La actualidad más candente

How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes
ObserveIT
 
Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)
Resilient Systems
 
Insider Threats: Out of Sight, Out of Mind?
Insider Threats: Out of Sight, Out of Mind?Insider Threats: Out of Sight, Out of Mind?
Insider Threats: Out of Sight, Out of Mind?
ObserveIT
 

La actualidad más candente (20)

Ht t17
Ht t17Ht t17
Ht t17
 
Insider Threat Summit - The Future of Insider Threat Detection
Insider Threat Summit - The Future of Insider Threat DetectionInsider Threat Summit - The Future of Insider Threat Detection
Insider Threat Summit - The Future of Insider Threat Detection
 
How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes How to Build an Insider Threat Program in 30 Minutes
How to Build an Insider Threat Program in 30 Minutes
 
The Accidental Insider Threat
The Accidental Insider ThreatThe Accidental Insider Threat
The Accidental Insider Threat
 
Proactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider ThreatProactive Measures to Defeat Insider Threat
Proactive Measures to Defeat Insider Threat
 
Why Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityWhy Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level Priority
 
Insider Threat
Insider ThreatInsider Threat
Insider Threat
 
Internal Threats: The New Sources of Attack
Internal Threats: The New Sources of AttackInternal Threats: The New Sources of Attack
Internal Threats: The New Sources of Attack
 
VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing VAPT - Vulnerability Assessment & Penetration Testing
VAPT - Vulnerability Assessment & Penetration Testing
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threat
 
Unintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric ColeUnintentional Insider Threat featuring Dr. Eric Cole
Unintentional Insider Threat featuring Dr. Eric Cole
 
Insider threat
Insider threatInsider threat
Insider threat
 
Expert FSO Insider Threat Awareness
Expert FSO Insider Threat AwarenessExpert FSO Insider Threat Awareness
Expert FSO Insider Threat Awareness
 
Insider Threat Detection Recommendations
Insider Threat Detection RecommendationsInsider Threat Detection Recommendations
Insider Threat Detection Recommendations
 
Hunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systemsHunting for cyber threats targeting weapon systems
Hunting for cyber threats targeting weapon systems
 
Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)Craft Your Cyber Incident Response Plan (Before It's Too Late)
Craft Your Cyber Incident Response Plan (Before It's Too Late)
 
Data Security in Healthcare
Data Security in HealthcareData Security in Healthcare
Data Security in Healthcare
 
Insider Threats: Out of Sight, Out of Mind?
Insider Threats: Out of Sight, Out of Mind?Insider Threats: Out of Sight, Out of Mind?
Insider Threats: Out of Sight, Out of Mind?
 
VAPT Infomagnum
VAPT InfomagnumVAPT Infomagnum
VAPT Infomagnum
 
Cisa ransomware guide
Cisa ransomware guideCisa ransomware guide
Cisa ransomware guide
 

Destacado

Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside Out
Lancope, Inc.
 
Insider Threat Kill Chain: Detecting Human Indicators of Compromise
Insider Threat Kill Chain: Detecting Human Indicators of CompromiseInsider Threat Kill Chain: Detecting Human Indicators of Compromise
Insider Threat Kill Chain: Detecting Human Indicators of Compromise
Tripwire
 
Insider Threat_BAH_Turner
Insider Threat_BAH_TurnerInsider Threat_BAH_Turner
Insider Threat_BAH_Turner
Bob Turner
 

Destacado (18)

The Insider's Guide to the Insider Threat
The Insider's Guide to the Insider ThreatThe Insider's Guide to the Insider Threat
The Insider's Guide to the Insider Threat
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside Out
 
ObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric ColeObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
 
Insider Threat Kill Chain: Detecting Human Indicators of Compromise
Insider Threat Kill Chain: Detecting Human Indicators of CompromiseInsider Threat Kill Chain: Detecting Human Indicators of Compromise
Insider Threat Kill Chain: Detecting Human Indicators of Compromise
 
IQ4 Final Presentation (1)
IQ4 Final Presentation (1)IQ4 Final Presentation (1)
IQ4 Final Presentation (1)
 
Insider Threat_BAH_Turner
Insider Threat_BAH_TurnerInsider Threat_BAH_Turner
Insider Threat_BAH_Turner
 
The insider versus external threat
The insider versus external threatThe insider versus external threat
The insider versus external threat
 
Why Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level PriorityWhy Insider Threat is a C-Level Priority
Why Insider Threat is a C-Level Priority
 
SolarWinds Federal Cybersecurity Survey 2015
SolarWinds Federal Cybersecurity Survey 2015SolarWinds Federal Cybersecurity Survey 2015
SolarWinds Federal Cybersecurity Survey 2015
 
Gov Day Sacramento 2015 - User Behavior Analytics
Gov Day Sacramento 2015 - User Behavior AnalyticsGov Day Sacramento 2015 - User Behavior Analytics
Gov Day Sacramento 2015 - User Behavior Analytics
 
Insider Threat – The Visual Conviction - FIRST 2007 - Sevilla
Insider Threat – The Visual Conviction - FIRST 2007 - SevillaInsider Threat – The Visual Conviction - FIRST 2007 - Sevilla
Insider Threat – The Visual Conviction - FIRST 2007 - Sevilla
 
Insider Threat Experiences
Insider Threat ExperiencesInsider Threat Experiences
Insider Threat Experiences
 
You've caught an Insider Threat, now what? The Human Side of Insider Threat I...
You've caught an Insider Threat, now what? The Human Side of Insider Threat I...You've caught an Insider Threat, now what? The Human Side of Insider Threat I...
You've caught an Insider Threat, now what? The Human Side of Insider Threat I...
 
Countering insider threat attacks - CDE themed call launch 14 May 2013
Countering insider threat attacks - CDE themed call launch 14 May 2013Countering insider threat attacks - CDE themed call launch 14 May 2013
Countering insider threat attacks - CDE themed call launch 14 May 2013
 
Visualizing the Insider Threat: Challenges and tools for identifying maliciou...
Visualizing the Insider Threat: Challenges and tools for identifying maliciou...Visualizing the Insider Threat: Challenges and tools for identifying maliciou...
Visualizing the Insider Threat: Challenges and tools for identifying maliciou...
 
NIST - Cybersecurity Framework mindmap
NIST - Cybersecurity Framework mindmapNIST - Cybersecurity Framework mindmap
NIST - Cybersecurity Framework mindmap
 
007 tubing andpipe
007 tubing andpipe007 tubing andpipe
007 tubing andpipe
 
Robotics classes in mumbai
Robotics classes in mumbaiRobotics classes in mumbai
Robotics classes in mumbai
 

Similar a Insider Threat Solution from GTRI

SOD-Presentation-Des-Moines-10.19.21-v2.pptx
SOD-Presentation-Des-Moines-10.19.21-v2.pptxSOD-Presentation-Des-Moines-10.19.21-v2.pptx
SOD-Presentation-Des-Moines-10.19.21-v2.pptx
TamaOlan1
 
Cyber Threat Hunting Workshop.pdf
Cyber Threat Hunting Workshop.pdfCyber Threat Hunting Workshop.pdf
Cyber Threat Hunting Workshop.pdf
ssuser4237d4
 
Cyber Threat Hunting Workshop.pdf
Cyber Threat Hunting Workshop.pdfCyber Threat Hunting Workshop.pdf
Cyber Threat Hunting Workshop.pdf
ssuser4237d4
 
Data erasure's role in limiting cyber attacks
Data erasure's role in limiting cyber attacksData erasure's role in limiting cyber attacks
Data erasure's role in limiting cyber attacks
Blancco
 
How To Turbo-Charge Incident Response With Threat Intelligence
How To Turbo-Charge Incident Response With Threat IntelligenceHow To Turbo-Charge Incident Response With Threat Intelligence
How To Turbo-Charge Incident Response With Threat Intelligence
Resilient Systems
 

Similar a Insider Threat Solution from GTRI (20)

eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
eSentinel webinar with Netpluz & Straits Interactive on Cyber Security & PDPA...
 
Enhancing Your Security Infrastructure with Infoblox Threat Intelligence Webinar
Enhancing Your Security Infrastructure with Infoblox Threat Intelligence WebinarEnhancing Your Security Infrastructure with Infoblox Threat Intelligence Webinar
Enhancing Your Security Infrastructure with Infoblox Threat Intelligence Webinar
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscape
 
Info Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsInfo Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study Jams
 
Threat Detection as presented at the 2016 DGI Cyber security Conference
Threat Detection as presented at the 2016 DGI Cyber security ConferenceThreat Detection as presented at the 2016 DGI Cyber security Conference
Threat Detection as presented at the 2016 DGI Cyber security Conference
 
Securing the Enterprise with Application Aware Acceptable Use Policy
Securing the Enterprise with Application Aware Acceptable Use PolicySecuring the Enterprise with Application Aware Acceptable Use Policy
Securing the Enterprise with Application Aware Acceptable Use Policy
 
Cloud Security.pptx
Cloud Security.pptxCloud Security.pptx
Cloud Security.pptx
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security Basics
 
Cybersecurity - Sam Maccherola
Cybersecurity - Sam MaccherolaCybersecurity - Sam Maccherola
Cybersecurity - Sam Maccherola
 
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskThe Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
 
Aon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation StrategiesAon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation Strategies
 
SOD-Presentation-Des-Moines-10.19.21-v2.pptx
SOD-Presentation-Des-Moines-10.19.21-v2.pptxSOD-Presentation-Des-Moines-10.19.21-v2.pptx
SOD-Presentation-Des-Moines-10.19.21-v2.pptx
 
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
Mobile Threat Protection: A Holistic Approach to Securing Mobile Data and Dev...
 
Insider threats
Insider threatsInsider threats
Insider threats
 
Why_TG
Why_TGWhy_TG
Why_TG
 
Cyber Threat Hunting Workshop.pdf
Cyber Threat Hunting Workshop.pdfCyber Threat Hunting Workshop.pdf
Cyber Threat Hunting Workshop.pdf
 
Cyber Threat Hunting Workshop.pdf
Cyber Threat Hunting Workshop.pdfCyber Threat Hunting Workshop.pdf
Cyber Threat Hunting Workshop.pdf
 
Cyber Threat Hunting Workshop
Cyber Threat Hunting WorkshopCyber Threat Hunting Workshop
Cyber Threat Hunting Workshop
 
Data erasure's role in limiting cyber attacks
Data erasure's role in limiting cyber attacksData erasure's role in limiting cyber attacks
Data erasure's role in limiting cyber attacks
 
How To Turbo-Charge Incident Response With Threat Intelligence
How To Turbo-Charge Incident Response With Threat IntelligenceHow To Turbo-Charge Incident Response With Threat Intelligence
How To Turbo-Charge Incident Response With Threat Intelligence
 

Más de Zivaro Inc

Support Software Defined Networking with Dynamic Network Architecture
Support Software Defined Networking with Dynamic Network ArchitectureSupport Software Defined Networking with Dynamic Network Architecture
Support Software Defined Networking with Dynamic Network Architecture
Zivaro Inc
 
Software Defined Networking (SDN) with VMware NSX
Software Defined Networking (SDN) with VMware NSXSoftware Defined Networking (SDN) with VMware NSX
Software Defined Networking (SDN) with VMware NSX
Zivaro Inc
 
Single Glass of Pain: See Your World, Maybe You Wish You Hadn't
Single Glass of Pain: See Your World, Maybe You Wish You Hadn'tSingle Glass of Pain: See Your World, Maybe You Wish You Hadn't
Single Glass of Pain: See Your World, Maybe You Wish You Hadn't
Zivaro Inc
 

Más de Zivaro Inc (20)

How to Rightsize Your Citrix Investment
How to Rightsize Your Citrix InvestmentHow to Rightsize Your Citrix Investment
How to Rightsize Your Citrix Investment
 
On-Prem vs. Cloud Collaboration Showdown
On-Prem vs. Cloud Collaboration ShowdownOn-Prem vs. Cloud Collaboration Showdown
On-Prem vs. Cloud Collaboration Showdown
 
Beyond the Phish with GTRI and Wombat Security Technologies
Beyond the Phish with GTRI and Wombat Security TechnologiesBeyond the Phish with GTRI and Wombat Security Technologies
Beyond the Phish with GTRI and Wombat Security Technologies
 
Big Data Workshop: Splunk and Dell EMC...Better Together
Big Data Workshop: Splunk and Dell EMC...Better TogetherBig Data Workshop: Splunk and Dell EMC...Better Together
Big Data Workshop: Splunk and Dell EMC...Better Together
 
Organizational Change Management
Organizational Change ManagementOrganizational Change Management
Organizational Change Management
 
Software-Defined WAN 101
Software-Defined WAN 101Software-Defined WAN 101
Software-Defined WAN 101
 
SDN Security: Two Sides of the Same Coin
SDN Security: Two Sides of the Same CoinSDN Security: Two Sides of the Same Coin
SDN Security: Two Sides of the Same Coin
 
Denver Big Data Analytics Day
Denver Big Data Analytics DayDenver Big Data Analytics Day
Denver Big Data Analytics Day
 
Support Software Defined Networking with Dynamic Network Architecture
Support Software Defined Networking with Dynamic Network ArchitectureSupport Software Defined Networking with Dynamic Network Architecture
Support Software Defined Networking with Dynamic Network Architecture
 
Cisco ACI: A New Approach to Software Defined Networking
Cisco ACI: A New Approach to Software Defined NetworkingCisco ACI: A New Approach to Software Defined Networking
Cisco ACI: A New Approach to Software Defined Networking
 
Software Defined Networking (SDN) Technology Brief
Software Defined Networking (SDN) Technology BriefSoftware Defined Networking (SDN) Technology Brief
Software Defined Networking (SDN) Technology Brief
 
Software Defined Networking (SDN) with VMware NSX
Software Defined Networking (SDN) with VMware NSXSoftware Defined Networking (SDN) with VMware NSX
Software Defined Networking (SDN) with VMware NSX
 
Splunk Enterprise 6.3 - Splunk Tech Day
Splunk Enterprise 6.3 - Splunk Tech DaySplunk Enterprise 6.3 - Splunk Tech Day
Splunk Enterprise 6.3 - Splunk Tech Day
 
Splunk Fundamentals: Investigations with Core Splunk - Splunk Tech Day
Splunk Fundamentals: Investigations with Core Splunk - Splunk Tech DaySplunk Fundamentals: Investigations with Core Splunk - Splunk Tech Day
Splunk Fundamentals: Investigations with Core Splunk - Splunk Tech Day
 
GTRI Splunk Case Studies - Splunk Tech Day
GTRI Splunk Case Studies - Splunk Tech DayGTRI Splunk Case Studies - Splunk Tech Day
GTRI Splunk Case Studies - Splunk Tech Day
 
GTRI Splunk Overview - Splunk Tech Day
GTRI Splunk Overview - Splunk Tech DayGTRI Splunk Overview - Splunk Tech Day
GTRI Splunk Overview - Splunk Tech Day
 
Successfully Deploying IPv6
Successfully Deploying IPv6Successfully Deploying IPv6
Successfully Deploying IPv6
 
Single Glass of Pain: See Your World, Maybe You Wish You Hadn't
Single Glass of Pain: See Your World, Maybe You Wish You Hadn'tSingle Glass of Pain: See Your World, Maybe You Wish You Hadn't
Single Glass of Pain: See Your World, Maybe You Wish You Hadn't
 
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced ThreatsGood Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
 
Successfully Deploying IPv6
Successfully Deploying IPv6Successfully Deploying IPv6
Successfully Deploying IPv6
 

Último

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 

Último (20)

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 

Insider Threat Solution from GTRI

  • 1. WWW.GTRI.COM © 2016 Global Technology Resources, Inc. All rights reserved. Insider Threat Solution Understanding Prevalence and Preventative Measures
  • 2. © 2016 Global Technology Resources, Inc. All Rights Reserved. 2 What Are Insider Threats? • Insider access: Employees, contractors • Exploits/exceeds authorized access • Affects security, systems, daily operations • Not all “malicious” or intentional • Negligence can result in a damaging attack
  • 3. © 2016 Global Technology Resources, Inc. All Rights Reserved. 3 53% 34% 34% 30% Unintentional Exposure Intellectual Property Theft Unauthorized Access Insider Threat Incidents Are Pervasive Source: 2013 US State of Cybercrime Survey, CSO Magazine, U.S. Secret Service, Software Engineering Institute CERT Program at Carnegie Mellon University, and Price Waterhouse Cooper, June 2013 31% Theft of Other Assets/Data Experienced Insider Attack With Damage Greater Than Outside Attack
  • 4. © 2016 Global Technology Resources, Inc. All Rights Reserved. 4 Insider Threats Impact Everyone Retail Media and Entertainment Government Industry Healthcare Energy and Utilities Small Business More…
  • 5. © 2016 Global Technology Resources, Inc. All Rights Reserved. 5 Insider Threat Damage Leaked Unreleased Films 70 Million Customers PII Breach Attacked, Breached Substation 4 Million Personal Records Proprietary Formula Stolen, Sold PIN Pads in 63 Stores Hacked Sensitive Information, Salaries $10M Lawsuit Settlement $100M Security Program “Crown Jewel” Intelligence to China Chinese Competitor Bought Large, Class Action Law Suit
  • 6. © 2016 Global Technology Resources, Inc. All Rights Reserved. 6 Insider Threat Protection • Best-of-breed solutions are important, but not fool proof • Vigilance is necessary to protect against insider threats that affect data, reputation, safety and the bottom line
  • 7. © 2016 Global Technology Resources, Inc. All Rights Reserved. 7 Insider Threats: Where Exposure Occurs • Device Level Threats • Network Level Threats • User Proficiency Threats • User Behavior Threats • Social Media Threats
  • 8. © 2016 Global Technology Resources, Inc. All Rights Reserved. 8 Network Level Threats Combating Threats: Critical Capabilities Profile Non- Standard Network Communication Detect Slow, Stealthy User Device Threats Identify Suspect Network Activity
  • 9. © 2016 Global Technology Resources, Inc. All Rights Reserved. 9 Network Level Threat Protection • In-depth Security Context • Complete Picture of Network Activity • Actionable Security Intelligence • Faster Threat Detection • Advanced Forensic Tools • Improved Incident Response STEALTHWATCH BY LANCOPE
  • 10. © 2016 Global Technology Resources, Inc. All Rights Reserved. 10 Summary • Insider Threats o Pervasive o Not limited to high-profile targets o Big business: Losses of $2.9 trillion annually1 • Insider Threat Protection o Starts with C-Level commitment o More than screening, perimeter security o Best accomplished with experienced partner/services provider 1. 2013 US State of Cybercrime Survey, CSO Magazine, U.S. Secret Service, Software Engineering Institute CERT Program at Carnegie Mellon University, and Price Waterhouse Cooper, June 2013
  • 11. WWW.GTRI.COM © 2016 Global Technology Resources, Inc. All rights reserved. sales@gtri.com | 877.603.1984 | @gtri_global Thank You
  • 12. Mark Belcher Ken Daniels Bart Gates Stealthwatch-Cisco Stealthwatch-CiscoStealthwatch-Cisco PAM CSE SAM Cisco Stealthwatch
  • 13. IOT and what does it mean?
  • 14. Shrinking the Attack Surface?????
  • 15. Pace of Disruption 124 years 25 years 12 years
  • 17.
  • 18. Cisco Security – Simple will get you breached but complex will get you beat! AnyConnect Threatgrid ISE AMP Talos TrustSec Firepower ASA ESA WSACisco StealthWatch OpenDNS
  • 21. ISE
  • 23. ASA
  • 25. Talos
  • 29. Signature Anomaly Behavior Advanced Detection Methods Signature = Object against blacklist • IPS, Antivirus, Content Filter Behavior = Inspect Victim behavior against blacklist • Malware Sandbox, NBAD, HIPS, SIEM Anomaly = Inspect Victim behavior against whitelist • NBAD, Quantity/Metric based—not Signature based Signature Behavior Anomaly Known Exploits BEST Good Limited 0-day Exploits Limited BEST Good Insider Abuse Limited Limited BEST
  • 30. enterprise network Attacker Perimeter (Inbound) Perimeter (Outbound) Infiltration and Backdoor establishment 1 C2 Server Admin Node Reconnaissance and Network Traversal 2 Exploitation and Privilege Elevation 3 Staging and Persistence (Repeat 2,3,4) 4 Data Exfiltration 5 Anatomy of a Data Breach
  • 31. What does Stealthwatch do? Network Segmentation Internal Threat Visibility Incident Response
  • 32. © 2014 Lancope, Inc. All rights reserved. Ideal Visibility Solution? 32 Full packet capture everywhere…? InternetAmador Delta Solano Edge Routing DMZ Switching Datacenter Switches Perimeter Security Core SwitchingHub Router WAN Routers Access Switching IDF Datacenter WAN DMZ Access 32
  • 33. © 2014 Lancope, Inc. All rights reserved. Ubiquitous visibility via Telemetry 33 … your infrastructure is the source: InternetAmador Delta Solano Border DMZ Virtual Hosts Perimeter Datacenter WAN Hub WAN Access IDF Datacenter WAN DMZ Access Flow Flow Flow Flow Flow Flow Flow Flow Flow Flow Flow Flow Flow Flow Flow Flow 33 * For every 1MB of External (N/S) traffic 5MB of Internal (E/W) traffic is created
  • 34. © 2014 Lancope, Inc. All rights reserved. Visibility via Flow Metadata 34 Telephone bill Flow
  • 35. Host Groups – The Secret Sauce! 35 • Location – site – branch • Datacenter • Function – application • Business unit • Sensitivity – compliance • New malware families • Point-of-sale malware • Banking malware • Keylogger, exfil data • DDoS Outside – Internet • Geo-location • Business partners • Cloud providers • Social media Inside – Internal Command & Control Apply Network Segmentation Build Logical Boundaries
  • 37. StealthWatch Enables Network Visibility EVERYTHING must touch the network KNOW every host Know what is NORMAL What else can the network tell me? RECORD every conversation Gain Context-Aware Security Company Network Assess Audit Posture Response Context Detect Alert to CHANGE Store for MONTHS

Notas del editor

  1. Insider threats come in a variety of types but can best be defined at the highest level as: A current or former employee or contractor who exploits or exceeds his or her authorized level of network, system or data access in a manner that affects the security of the organizations data, systems or daily operations Not all of these threats are due to a maliciously intended insider, in fact the majority start as simple negligence whereby an otherwise non-threatening individual behaves in a manner not reflective of best practice and as a result opens the door for a malicious third party. The result is a damaging attack facilitated by the often simple act of negligence.
  2. Critical capabilities in combating network level threats Determine whether a device or set of devices is being accessed or utilized in a manner indicating that the host is communicating in non-standard ways across different end points both within and outside of the network Detect slow and stealthy threats that may leverage user devices Identify network activity suggestive of data exfiltration Can your organization make use of your infrastructure as a sensor for threats and then guard against them?
  3. Monitor Lancope's StealthWatch System leverages existing resources to deliver pervasive network visibility and continuously monitor for advanced threats. In-depth security context creates a complete picture of network activity. Detect The StealthWatch System transforms network data into actionable security intelligence for faster threat detection. Identify suspicious behaviors that could signify APTs, insider threats, DDoS attempts or malware. Analyze The StealthWatch System provides advanced forensic tools to help you understand the who, what, when, where, why and how of security breaches for improved incident response. Respond Continuously collect, analyze and store large amounts of valuable network data to effectively respond to threats before, during and after a security incident.
  4. While it is easy to rationalize that insider threats won’t happen to your organization it has become clear that this breed of threat is pervasive. Not limited to the obvious targets of government, financial and healthcare every organization type and size has a need to address this. As an example, real estate has a reported rate of 37% of attacks being insider in type. Losses of $2.9 trillion annually in employee fraud are reported globally and the US alone suffered $40 billion in losses during the most recently reported year. Dedicating resources to addressing this potential exposure should be a concern at the highest level in your organization. Screening employees and contractors and maintaining strong perimeter security is not enough to guard against insider threats. Partnering with a trusted service provider that can work with you to identify your needs and work through the implementation of the best suited solutions for your organization is the most effective approach to avoiding the pitfalls of this class of threat.