SlideShare una empresa de Scribd logo

Cisco 2015 Midyear Security Report & Security Transitions Insights

Cisco do Brasil
Cisco do Brasil

Consultoria e integração em segurança

Tecnología
1 de 33
Descargar para leer sin conexión
1© 2015 Cisco and/or its affiliates. All rights reserved. 16SEP15 Principal & Director, Cisco Security Advisory Cisco 2015 Midyear Security Report & Security Transitions… Cisco Brazil Security Week 2015 Brian J. Tillett, CCSK, CISSP
2© 2015 Cisco and/or its affiliates. All rights reserved. •  State of Cybersecurity (abridged) -2015 Cisco Midyear Security Report •  Transitions across the Cybersecurity Industry •  Transitions within Cisco Topics:
3© 2015 Cisco and/or its affiliates. All rights reserved. Changes in Attack Behavior Speed Agility Adaptability Destruction
4© 2015 Cisco and/or its affiliates. All rights reserved. Adversaries’ Agility is Their Strength Constant upgrades increased Angler penetration rate to 40% Twice as effective than other exploit kits in 2014 Compromised System Flash Vulnerabilities Retargeting Ransomware Angler Continually throwing different ‘hooks’ in the water to increase the chances of compromise EncryptedMalicious Payload Macros Social Engineering IP Changing Domain Shadowing More Being Developed Daily TTD Security Measures Web Blocking IP Blocking Retrospective Analysis Antivirus Endpoint SolutionsEmail Scanning
5© 2015 Cisco and/or its affiliates. All rights reserved. Rombertik Malware evolves to not only steal data—if detected, it can destroy the targeted system. Destructive if Modified •  Destroy master boot record •  Render computer inoperable on restart Gain Access •  Spam •  Phishing •  Social engineering Evade Detection •  Write random data to memory 960 million times Extract User Data •  Deliver user information back to adversaries Anti-Analysis Persistence Malicious Behavior
6© 2015 Cisco and/or its affiliates. All rights reserved. Countries with higher block ratios have many Web servers and compromised hosts on networks within their borders. Russia 0.936 Japan 1.134 China 4.126 Hong Kong 6.255 France 4.197 Germany 1.277 Poland 1.421 Canada 0.863 U.S. 0.760 Brazil 1.135 Malware on a Global Scale Malicious actors do not respect country boundaries. Malware Traffic Expected Traffic
7© 2015 Cisco and/or its affiliates. All rights reserved. Reducing Attack Surface & Window of Exposure
8© 2015 Cisco and/or its affiliates. All rights reserved. The Dilemma Build Buy Be Left Behind
9© 2015 Cisco and/or its affiliates. All rights reserved. Attackers Are Exploiting Point Solutions with Increasing Speed NGIPS Malware Sandbox IAM Antivirus IDS Firewall VPN Email NGFW Data
10© 2015 Cisco and/or its affiliates. All rights reserved. Data Attackers Are Exploiting Point Solutions with Increasing Speed NGIPS Malware Sandbox IAM Antivirus IDS Firewall VPN Email NGFW Time to detection: 200 Days Ransomware Now targeting data Domain Shadowing On the rise Dridex 850 unique mutations identified first half 2015 SPAM Rombertik Evolves to evade and destroy Angler Constantly upgrading and innovating Malvertising Mutating to avoid detection
11© 2015 Cisco and/or its affiliates. All rights reserved. Only an Integrated Threat Defense Can Keep Pace Data Systemic Response Control Visibility Context Intelligence Reduce time to detection to under 1 Hour
2015 Midyear Security Report cisco.com/go/msr2015
•  How does an enterprise measure security? •  How to make security a competitive advantage; mission/ business enabler; and not stifle innovation/progress? •  How do we get ahead of our adversaries? Ongoing Transitions within Cybersecurity:
Seatbelts Airbags Antivirus Firewalls Internet Volkswagen Intrusion Detection Antispyware Intrusion Prevention Heuristic Analysis Behavior Analysis System Integrity Access Control Data Loss Prevention Identity Control Sandboxing defense offense Traction Control Stability Control Antilock Braking System Back-up Camera Collision Avoidance Onboard Diagnostics GPS Lane Departure Warning Driving Assistant Connected Highways
15© 2015 Cisco and/or its affiliates. All rights reserved. Ongoing Transitions within Cisco:
Momentum in Sourcefire Acquisition Security Cognitive Acquisition Cisco Security Advisory AMP Everywhere & FirePOWER ThreatGRID Acquisition Active Threat Analytics OpenDNS
Cisco Confidential 17© 2014 Cisco and/or its affiliates. All rights reserved. Internet of Everything Security •  IoE Value Chain Assessment •  IoE Application Assessment •  IoE Device Assessment Application Security •  Secure Application Design •  Application Assessment •  Enterprise SDLC Mobile & Cloud Security •  Mobile App & Device Assessment •  Cloud Strategy & Architecture •  Cloud Application Assessment Strategy, Risk, & Programs •  IT Governance •  Security Strategy & Policy •  IT Risk Assessment •  3rd Party Risk Program •  Security Program Development •  Identity & Access Management •  Incident Readiness & Response Compliance •  PCI DSS & PA DSS Assessment •  ISO 27001 / 27002 •  HIPAA Infrastructure Security •  Network Architecture Assessment •  Red Team Exercises •  Penetration Testing •  Social Engineering •  SOC Enablement Integration •  Cisco Build Services •  Security Readiness •  Design, Development, Implementation •  SOC Build & Integration Assessment •  Test Plan Development & Execution •  Device Assessment •  Validation and Testing •  Kick Start Deployment Optimization •  Custom Reporting •  Cross Integration •  Performance Tuning •  Optimization Service Remote Managed •  Device Health & Welfare •  Security Control Management •  Security Event Monitoring •  Collective Security Intelligence Active Threat Analytics •  Advanced Threat Detection & Triage •  Anomaly Detection •  Customer-Specific Mitigation •  Collective Security Intelligence Cisco Security Services Portfolio Optimization Migration Integration Program Strategy Architecture & Design Assessments Product Support Hosted Security Managed Security Managed Services Advisory Integration
Cisco Confidential 18© 2014 Cisco and/or its affiliates. All rights reserved. Core Security Service Areas Advisory Integration Managed Custom Threat Intelligence Strategy, Assessments, Incident Response Integration Services Security Optimization Services Active Threat Analytics Remote Managed Services & Operations
Cisco Confidential 19© 2014 Cisco and/or its affiliates. All rights reserved. Core Security Service Areas Advisory Integration Managed Custom Threat Intelligence Strategy, Assessments, Incident Response Integration Services Security Optimization Services Active Threat Analytics Remote Managed Services & Operations
Cisco Confidential 20© 2014 Cisco and/or its affiliates. All rights reserved. Integration Services Cisco delivers: Plan, Design, Implement Subject Matter Expertise Migration Optimization Services: •  Cisco Build Services •  Security Readiness •  Security Design, Development, Implementation •  Security Test Plan and Execution •  Security Knowledge Transfer •  Security Device Assessment •  Security Validation and Testing •  Security Kickstart Deployment •  Security Custom Reporting •  Security Cross Integration Implementation •  Security Performance Tuning •  Security Optimization Service
Cisco Confidential 21© 2014 Cisco and/or its affiliates. All rights reserved. Core Security Service Areas Advisory Integration Managed Custom Threat Intelligence Strategy, Assessments, Incident Response Integration Services Security Optimization Services Active Threat Analytics Remote Managed Services & Operations
Cisco Confidential 22© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Security Program Areas of Analysis
Cisco Confidential 23© 2014 Cisco and/or its affiliates. All rights reserved. 1 Initial 2 Repeatable 3 Defined 4 Managed 5 Optimized Level 1 – Initial (ad hoc processes)   Level 2 – Repeatable (formal processes)   Level 3 – Defined (pervasive processes)   Level 4 – Managed (effective processes)   Level 5 – Optimized (refined processes)   •  Immature or inconsistent policies and procedures •  Various degrees of defined processes •  Unpredictable or unstable environment •  Inconsistent buy-in across the enterprise •  Processes abandoned at time of crisis •  Projects frequently exceed budget or are not fully completed •  Insufficient measurement of risk •  Business objective alignment is not established •  Inconsistent use of technology •  Undefined enterprise architecture model •  Lack of strategic planning •  Undefined roles and responsibilities •  Minimal senior management involvement in IT risk management   •  Policies and procedures have been implemented •  Project-specific processes are documented, practiced, and enforced •  Unique reporting and measurement at project level •  Processes followed during crisis •  Compliance program being established •  Adoption of technology standards •  Target enterprise architecture model is defined •  Enterprise architecture is being implemented at the component level •  Governance approach is being formalized •  Procurement based on specific requirements •  Varied adherence to architecture standards •  Defined roles and responsibilities for IT risk management organization •  Senior management is educated on IT risk management   •  Responsibilities defined enterprise- wide •  Enterprise-wide implementation of defined processes •  Consistent reporting and defined measurement •  Crisis predictable and minimized •  Proactive exception management •  Compliance program is effective •  Enterprise standards leveraged for all projects •  Target enterprise architecture model is implemented •  Initial alignment with business processes •  Acquisitions and purchases governed by enterprise architecture model •  Qualitative measurement of performance •  Senior management commitment   •  Measured effectiveness of IT risk organization •  Processes are adaptable based on scope/risk •  Defined metrics and measurement •  Quantitative predictability of performance •  Explicit adherence to standards across the enterprise •  Pervasive deployment and integration of enterprise architecture model •  Benefits of target architecture model are realized •  Alignment with business objectives •  Risk management used as an enabler to business processes •  Planned IT acquisition and investment •  Senior management involvement   •  Accountability for IT risk organization •  Processes are continually improved •  Measured and increased ROI •  Decreased operating expenses •  Process feedback incorporated •  Business processes reengineered for efficiency and savings •  Ability to perform risk modeling •  Established business linkage •  Risk management enablers provide an increase in top line revenue •  No unplanned IT investment •  Alignment with corporate strategic plan   Cisco Security Capability Maturity Model
Cisco Confidential 24© 2014 Cisco and/or its affiliates. All rights reserved. Deliverable Graphic Examples: Current State vs. Target State (+full description report on gaps, deficiencies, and paths to overcome) Management Controls Operational Controls Technical Controls Security Governance Policy Management Compliance Management Risk Management Security Strategy Security Architecture Metrics and Measurement Patch Management Vulnerability Management Asset Management Security Monitoring Incident Management Continuity of Operations Identity and Access Management 3rd Party Management Systems Development Lifecycle Information Management Change Management Network Security Wireless Security Host Security Endpoint Security Application Security Data Security Database Security Management Controls Operational Controls Technical Controls Security Governance Policy Management Compliance Management Risk Management Security Strategy Security Architecture Metrics and Measurement Patch Management Vulnerability Management Asset Management Security Monitoring Incident Management Continuity of Operations Identity and Access Management 3rd Party Management Systems Development Lifecycle Information Management Change Management Network Security Wireless Security Host Security Endpoint Security Application Security Data Security Database Security Current  State  -­‐  Example   Target  State  -­‐  Example  
Cisco Confidential 25© 2013-2014 Cisco and/or its affiliates. All rights reserved. Joint SPA & NDSA Recommendation Prioritization Prioritization helps the Security Ops management to address the recommendations based on Criticality and Ease of implementation.
Cisco Confidential 26© 2013-2014 Cisco and/or its affiliates. All rights reserved. Intel Driven Incident Response Intelligence Powered by TalosTM Response Custom Tiers Remediation Post Breach 100 TB Intelligence 1.6M sensors 150 million+ endpoints 35% of email world wide FireAMP™, 3+ million 13B web requests Open Source Communities 180,000+ Files per Day 1B SBRS Queries per Day TALOS Research and Outreach Kill Chain Review Attack Vector Evaluation Threat Actor Landscaping Policy Review & Overhaul Application Penetration Testing Direct Access to Cisco’s Elite CCIEs Future Partnerships for Remediation - Microsoft - Red Hat - More… Rapid Response Incident Coordination & Investigation Breach Containment & Recovery Emergency Established IR Engagement Process Threat & Incident Reviews Rate Relief Readiness Proactive Threat Hunting Intel / IR / SOC Build-outs Custom Training Custom
Cisco Confidential 27© 2014 Cisco and/or its affiliates. All rights reserved. Custom Threat Intelligence Network Traffic Analysis (CTI) & Traditional Perimeter Protection •  Know the “blind spots” •  Utilize “zero day” attacks •  Test against their copies of the latest detection/prevention technology to ensure not detected •  Hardware modifications & firmware injection – visible only to traffic flows •  Strive to make their exfiltration look like normal traffic •  Use different exfiltration networks for each major target •  Make compromises persistent •  Implement “self delete” when discovered Need for comprehensive threat visibility 27 INSTRUMENT IDENTIFY REMEDIATE MEASURE
Cisco Confidential 28© 2014 Cisco and/or its affiliates. All rights reserved. Core Security Service Areas Advisory Integration Managed Custom Threat Intelligence Strategy, Assessments, Incident Response Integration Services Security Optimization Services Active Threat Analytics Remote Managed Services & Operations
Cisco Confidential 29© 2014 Cisco and/or its affiliates. All rights reserved. DMZUsers Malware Analysis Netflow Collector Identity Mgmt. Data Center Netflow Collector Identity Mgmt. Web Security Email Security Malware Analysis Netflow Collector Identity Mgmt. Talos ATA: A Comprehensive Threat Solution ASA with FIREPOWER Cisco Cloud Security Internet Mobile Endpoints Anywhere / Anytime Cisco Active Threat Analytics ThreatGRIDFirePower Full Packet Cognitive Malware Analysis Application Exhaust
Cisco Confidential 30© 2014 Cisco and/or its affiliates. All rights reserved. Use Case: Customer Statistics for Two-Week Timeframe Post-investigation incidents/tickets71 269,808 Security Events Unique events113,713 High fidelity events1710 207,99261,816Threat intel sourced Telemetry generated Roughly 20,000 Events/ day to 5 ranked & prioritized Incidents/day
Cisco Confidential 31© 2014 Cisco and/or its affiliates. All rights reserved. OpenSOC Framework Sources Data Collection Messaging Broker Real-Time Processing Storage Access Analytic Tools Tableau R / Python Power Pivot Web Services Search PCAP Reconstruction Telemetry Sources NetFlow Machine Exhaust HTTP Other Flume Agent B Agent N Agent A Kafka B Topic N Topic PCAP Topic DPI Topic A Topic Storm B Topology N Topology A Topology PCAP Topology DPI Topology Hive Raw Data ORC Elasticsearch Index HBase Packet Table PCAP Passive Tap Traffic Replicator
Cisco Confidential 32© 2014 Cisco and/or its affiliates. All rights reserved. https://github.com/OpenSOC
Thank you!

Recomendados

The RIPE Experience
The RIPE ExperienceThe RIPE Experience
The RIPE ExperienceDigital Bond
 
Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021lior mazor
 
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...Digital Bond
 
Data Consult - Managed Security Services
Data Consult - Managed Security ServicesData Consult - Managed Security Services
Data Consult - Managed Security ServicesJad Bejjani
 
Assessing the Security of Cloud SaaS Solutions
Assessing the Security of Cloud SaaS SolutionsAssessing the Security of Cloud SaaS Solutions
Assessing the Security of Cloud SaaS SolutionsDigital Bond
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldDigital Bond
 
Protecting Critical Infastrucutre: Zero Tolerance
Protecting Critical Infastrucutre: Zero ToleranceProtecting Critical Infastrucutre: Zero Tolerance
Protecting Critical Infastrucutre: Zero ToleranceCheck Point Software Technologies
 
What's Wrong with Vulnerability Management & How Can We Fix It
What's Wrong with Vulnerability Management & How Can We Fix ItWhat's Wrong with Vulnerability Management & How Can We Fix It
What's Wrong with Vulnerability Management & How Can We Fix ItSkybox Security
 

Recomendados

The RIPE Experience
The RIPE ExperienceThe RIPE Experience
The RIPE ExperienceDigital Bond
 
Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021lior mazor
 
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...Digital Bond
 
Data Consult - Managed Security Services
Data Consult - Managed Security ServicesData Consult - Managed Security Services
Data Consult - Managed Security ServicesJad Bejjani
 
Assessing the Security of Cloud SaaS Solutions
Assessing the Security of Cloud SaaS SolutionsAssessing the Security of Cloud SaaS Solutions
Assessing the Security of Cloud SaaS SolutionsDigital Bond
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldDigital Bond
 
Protecting Critical Infastrucutre: Zero Tolerance
Protecting Critical Infastrucutre: Zero ToleranceProtecting Critical Infastrucutre: Zero Tolerance
Protecting Critical Infastrucutre: Zero ToleranceCheck Point Software Technologies
 
What's Wrong with Vulnerability Management & How Can We Fix It
What's Wrong with Vulnerability Management & How Can We Fix ItWhat's Wrong with Vulnerability Management & How Can We Fix It
What's Wrong with Vulnerability Management & How Can We Fix ItSkybox Security
 
Container Security: What Enterprises Need to Know
Container Security: What Enterprises Need to KnowContainer Security: What Enterprises Need to Know
Container Security: What Enterprises Need to KnowDevOps.com
 
Frontline solutions For Security Practitioners 1008
Frontline solutions For Security Practitioners 1008Frontline solutions For Security Practitioners 1008
Frontline solutions For Security Practitioners 1008Rick Wanner
 
Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11Skybox Security
 
Information Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementInformation Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementEnclaveSecurity
 
Managing Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust PrinciplesManaging Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust PrinciplesControlCase
 
Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...LabSharegroup
 
Managing risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextManaging risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextAlgoSec
 
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...Synopsys Software Integrity Group
 
SandBlast Agent
SandBlast AgentSandBlast Agent
SandBlast AgentMarketingArrowECS_CZ
 
The What, Why, and How of DevSecOps
The What, Why, and How of DevSecOpsThe What, Why, and How of DevSecOps
The What, Why, and How of DevSecOpsCprime
 
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarDon’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarIBM Security
 
Secure DevOPS Implementation Guidance
Secure DevOPS Implementation GuidanceSecure DevOPS Implementation Guidance
Secure DevOPS Implementation GuidanceTej Luthra
 
Symposium AFAI Cybersecurity CSX ISACA
Symposium AFAI Cybersecurity CSX ISACASymposium AFAI Cybersecurity CSX ISACA
Symposium AFAI Cybersecurity CSX ISACAAntoine Vigneron
 
OSS has taken over the enterprise: The top five OSS trends of 2015
OSS has taken over the enterprise: The top five OSS trends of 2015OSS has taken over the enterprise: The top five OSS trends of 2015
OSS has taken over the enterprise: The top five OSS trends of 2015Rogue Wave Software
 
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...EnergySec
 
Effective Cyber Defense Using CIS Critical Security Controls
Effective Cyber Defense Using CIS Critical Security ControlsEffective Cyber Defense Using CIS Critical Security Controls
Effective Cyber Defense Using CIS Critical Security ControlsBSides Delhi
 
Ofer Maor - Security Automation in the SDLC - Real World Cases
Ofer Maor - Security Automation in the SDLC - Real World CasesOfer Maor - Security Automation in the SDLC - Real World Cases
Ofer Maor - Security Automation in the SDLC - Real World Casescentralohioissa
 
MDM is not Enough - Parmelee
MDM is not Enough - Parmelee MDM is not Enough - Parmelee
MDM is not Enough - Parmelee Prolifics
 
Building an AppSec Team Extended Cut
Building an AppSec Team Extended CutBuilding an AppSec Team Extended Cut
Building an AppSec Team Extended CutMike Spaulding
 
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSAIDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSAJorge Sebastiao
 
Starting your Career in Information Security
Starting your Career in Information SecurityStarting your Career in Information Security
Starting your Career in Information SecurityAhmed Sayed-
 
Security-Invest Where it Matters Most
Security-Invest Where it Matters MostSecurity-Invest Where it Matters Most
Security-Invest Where it Matters MostInnoTech
 

Más contenido relacionado

La actualidad más candente

Container Security: What Enterprises Need to Know
Container Security: What Enterprises Need to KnowContainer Security: What Enterprises Need to Know
Container Security: What Enterprises Need to KnowDevOps.com
 
Frontline solutions For Security Practitioners 1008
Frontline solutions For Security Practitioners 1008Frontline solutions For Security Practitioners 1008
Frontline solutions For Security Practitioners 1008Rick Wanner
 
Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11Skybox Security
 
Information Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementInformation Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementEnclaveSecurity
 
Managing Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust PrinciplesManaging Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust PrinciplesControlCase
 
Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...LabSharegroup
 
Managing risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextManaging risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextAlgoSec
 
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...Synopsys Software Integrity Group
 
The What, Why, and How of DevSecOps
The What, Why, and How of DevSecOpsThe What, Why, and How of DevSecOps
The What, Why, and How of DevSecOpsCprime
 
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarDon’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarIBM Security
 
Secure DevOPS Implementation Guidance
Secure DevOPS Implementation GuidanceSecure DevOPS Implementation Guidance
Secure DevOPS Implementation GuidanceTej Luthra
 
Symposium AFAI Cybersecurity CSX ISACA
Symposium AFAI Cybersecurity CSX ISACASymposium AFAI Cybersecurity CSX ISACA
Symposium AFAI Cybersecurity CSX ISACAAntoine Vigneron
 
OSS has taken over the enterprise: The top five OSS trends of 2015
OSS has taken over the enterprise: The top five OSS trends of 2015OSS has taken over the enterprise: The top five OSS trends of 2015
OSS has taken over the enterprise: The top five OSS trends of 2015Rogue Wave Software
 
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...EnergySec
 
Effective Cyber Defense Using CIS Critical Security Controls
Effective Cyber Defense Using CIS Critical Security ControlsEffective Cyber Defense Using CIS Critical Security Controls
Effective Cyber Defense Using CIS Critical Security ControlsBSides Delhi
 
Ofer Maor - Security Automation in the SDLC - Real World Cases
Ofer Maor - Security Automation in the SDLC - Real World CasesOfer Maor - Security Automation in the SDLC - Real World Cases
Ofer Maor - Security Automation in the SDLC - Real World Casescentralohioissa
 
MDM is not Enough - Parmelee
MDM is not Enough - Parmelee MDM is not Enough - Parmelee
MDM is not Enough - Parmelee Prolifics
 
Building an AppSec Team Extended Cut
Building an AppSec Team Extended CutBuilding an AppSec Team Extended Cut
Building an AppSec Team Extended CutMike Spaulding
 
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSAIDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSAJorge Sebastiao
 

La actualidad más candente (20)

Container Security: What Enterprises Need to Know
Container Security: What Enterprises Need to KnowContainer Security: What Enterprises Need to Know
Container Security: What Enterprises Need to Know
 
Frontline solutions For Security Practitioners 1008
Frontline solutions For Security Practitioners 1008Frontline solutions For Security Practitioners 1008
Frontline solutions For Security Practitioners 1008
 
Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11
 
Information Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to MeasurementInformation Assurance Metrics: Practical Steps to Measurement
Information Assurance Metrics: Practical Steps to Measurement
 
Managing Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust PrinciplesManaging Multiple Assessments Using Zero Trust Principles
Managing Multiple Assessments Using Zero Trust Principles
 
Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...
 
Managing risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextManaging risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business context
 
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
RSA Conference Presentation–Creating a Modern AppSec Toolchain to Quantify Se...
 
SandBlast Agent
SandBlast AgentSandBlast Agent
SandBlast Agent
 
The What, Why, and How of DevSecOps
The What, Why, and How of DevSecOpsThe What, Why, and How of DevSecOps
The What, Why, and How of DevSecOps
 
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadarDon’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar
 
Secure DevOPS Implementation Guidance
Secure DevOPS Implementation GuidanceSecure DevOPS Implementation Guidance
Secure DevOPS Implementation Guidance
 
Symposium AFAI Cybersecurity CSX ISACA
Symposium AFAI Cybersecurity CSX ISACASymposium AFAI Cybersecurity CSX ISACA
Symposium AFAI Cybersecurity CSX ISACA
 
OSS has taken over the enterprise: The top five OSS trends of 2015
OSS has taken over the enterprise: The top five OSS trends of 2015OSS has taken over the enterprise: The top five OSS trends of 2015
OSS has taken over the enterprise: The top five OSS trends of 2015
 
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
 
Effective Cyber Defense Using CIS Critical Security Controls
Effective Cyber Defense Using CIS Critical Security ControlsEffective Cyber Defense Using CIS Critical Security Controls
Effective Cyber Defense Using CIS Critical Security Controls
 
Ofer Maor - Security Automation in the SDLC - Real World Cases
Ofer Maor - Security Automation in the SDLC - Real World CasesOfer Maor - Security Automation in the SDLC - Real World Cases
Ofer Maor - Security Automation in the SDLC - Real World Cases
 
MDM is not Enough - Parmelee
MDM is not Enough - Parmelee MDM is not Enough - Parmelee
MDM is not Enough - Parmelee
 
Building an AppSec Team Extended Cut
Building an AppSec Team Extended CutBuilding an AppSec Team Extended Cut
Building an AppSec Team Extended Cut
 
IDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSAIDC Cloud Security and Managed Services Conference Riyadh KSA
IDC Cloud Security and Managed Services Conference Riyadh KSA
 

Similar a Cisco 2015 Midyear Security Report & Security Transitions Insights

Starting your Career in Information Security
Starting your Career in Information SecurityStarting your Career in Information Security
Starting your Career in Information SecurityAhmed Sayed-
 
Security-Invest Where it Matters Most
Security-Invest Where it Matters MostSecurity-Invest Where it Matters Most
Security-Invest Where it Matters MostInnoTech
 
Achieving Visible Security at Scale with the NIST Cybersecurity Framework
Achieving Visible Security at Scale with the NIST Cybersecurity FrameworkAchieving Visible Security at Scale with the NIST Cybersecurity Framework
Achieving Visible Security at Scale with the NIST Cybersecurity FrameworkKevin Fealey
 
ICS Cyber Security Effectiveness Measurement
ICS Cyber Security Effectiveness MeasurementICS Cyber Security Effectiveness Measurement
ICS Cyber Security Effectiveness MeasurementAleksey Lukatskiy
 
10 Security Essentials Every CxO Should Know
10 Security Essentials Every CxO Should Know10 Security Essentials Every CxO Should Know
10 Security Essentials Every CxO Should KnowIBM Security
 
Product security program slideshare
Product security program slideshareProduct security program slideshare
Product security program slideshareAmir Einav
 
Hackers, Cyber Crime and Espionage
Hackers, Cyber Crime and EspionageHackers, Cyber Crime and Espionage
Hackers, Cyber Crime and EspionageImperva
 
Protecting endpoints from targeted attacks
Protecting endpoints from targeted attacksProtecting endpoints from targeted attacks
Protecting endpoints from targeted attacksAppSense
 
Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Cisco Canada
 
Venkatesh M S - Security Audit and Compliance
Venkatesh M S - Security Audit and ComplianceVenkatesh M S - Security Audit and Compliance
Venkatesh M S - Security Audit and ComplianceVenkatesh M S
 
Risk Based Security and Self Protection Powerpoint
Risk Based Security and Self Protection PowerpointRisk Based Security and Self Protection Powerpoint
Risk Based Security and Self Protection Powerpointrandalje86
 
MCGlobalTech Service Presentation
MCGlobalTech Service PresentationMCGlobalTech Service Presentation
MCGlobalTech Service PresentationWilliam McBorrough
 
Nist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quanticoNist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quanticoTuan Phan
 
Security Transformation Services
Security Transformation ServicesSecurity Transformation Services
Security Transformation Servicesxband
 
The savvy security leader final dg ppt issa_la
The savvy security leader final dg ppt issa_laThe savvy security leader final dg ppt issa_la
The savvy security leader final dg ppt issa_laISSA LA
 
Applicaiton Security - Building The Audit Program
Applicaiton Security - Building The Audit ProgramApplicaiton Security - Building The Audit Program
Applicaiton Security - Building The Audit ProgramMichael Davis
 
Scot Secure 2019 Edinburgh (Day 2)
Scot Secure 2019 Edinburgh (Day 2)Scot Secure 2019 Edinburgh (Day 2)
Scot Secure 2019 Edinburgh (Day 2)Ray Bugg
 
5 Steps to Reduce Your Window of Vulnerability
5 Steps to Reduce Your Window of Vulnerability5 Steps to Reduce Your Window of Vulnerability
5 Steps to Reduce Your Window of VulnerabilitySkybox Security
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewShankar Subramaniyan
 

Similar a Cisco 2015 Midyear Security Report & Security Transitions Insights (20)

Starting your Career in Information Security
Starting your Career in Information SecurityStarting your Career in Information Security
Starting your Career in Information Security
 
Security-Invest Where it Matters Most
Security-Invest Where it Matters MostSecurity-Invest Where it Matters Most
Security-Invest Where it Matters Most
 
Achieving Visible Security at Scale with the NIST Cybersecurity Framework
Achieving Visible Security at Scale with the NIST Cybersecurity FrameworkAchieving Visible Security at Scale with the NIST Cybersecurity Framework
Achieving Visible Security at Scale with the NIST Cybersecurity Framework
 
ICS Cyber Security Effectiveness Measurement
ICS Cyber Security Effectiveness MeasurementICS Cyber Security Effectiveness Measurement
ICS Cyber Security Effectiveness Measurement
 
10 Security Essentials Every CxO Should Know
10 Security Essentials Every CxO Should Know10 Security Essentials Every CxO Should Know
10 Security Essentials Every CxO Should Know
 
Product security program slideshare
Product security program slideshareProduct security program slideshare
Product security program slideshare
 
Hackers, Cyber Crime and Espionage
Hackers, Cyber Crime and EspionageHackers, Cyber Crime and Espionage
Hackers, Cyber Crime and Espionage
 
Protecting endpoints from targeted attacks
Protecting endpoints from targeted attacksProtecting endpoints from targeted attacks
Protecting endpoints from targeted attacks
 
Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere Tomorrow Starts Here - Security Everywhere
Tomorrow Starts Here - Security Everywhere
 
Application Hackers Have A Handbook. Why Shouldn't You?
Application Hackers Have A Handbook. Why Shouldn't You?Application Hackers Have A Handbook. Why Shouldn't You?
Application Hackers Have A Handbook. Why Shouldn't You?
 
Venkatesh M S - Security Audit and Compliance
Venkatesh M S - Security Audit and ComplianceVenkatesh M S - Security Audit and Compliance
Venkatesh M S - Security Audit and Compliance
 
Risk Based Security and Self Protection Powerpoint
Risk Based Security and Self Protection PowerpointRisk Based Security and Self Protection Powerpoint
Risk Based Security and Self Protection Powerpoint
 
MCGlobalTech Service Presentation
MCGlobalTech Service PresentationMCGlobalTech Service Presentation
MCGlobalTech Service Presentation
 
Nist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quanticoNist cybersecurity framework isc2 quantico
Nist cybersecurity framework isc2 quantico
 
Security Transformation Services
Security Transformation ServicesSecurity Transformation Services
Security Transformation Services
 
The savvy security leader final dg ppt issa_la
The savvy security leader final dg ppt issa_laThe savvy security leader final dg ppt issa_la
The savvy security leader final dg ppt issa_la
 
Applicaiton Security - Building The Audit Program
Applicaiton Security - Building The Audit ProgramApplicaiton Security - Building The Audit Program
Applicaiton Security - Building The Audit Program
 
Scot Secure 2019 Edinburgh (Day 2)
Scot Secure 2019 Edinburgh (Day 2)Scot Secure 2019 Edinburgh (Day 2)
Scot Secure 2019 Edinburgh (Day 2)
 
5 Steps to Reduce Your Window of Vulnerability
5 Steps to Reduce Your Window of Vulnerability5 Steps to Reduce Your Window of Vulnerability
5 Steps to Reduce Your Window of Vulnerability
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process Overview
 

Más de Cisco do Brasil

Revista Cisco Live ed 25 oficial
Revista Cisco Live ed 25 oficialRevista Cisco Live ed 25 oficial
Revista Cisco Live ed 25 oficialCisco do Brasil
 
Revista Cisco Live Ed 24
Revista Cisco Live Ed 24Revista Cisco Live Ed 24
Revista Cisco Live Ed 24Cisco do Brasil
 
Revista Cisco Live Ed 23
Revista Cisco Live Ed 23Revista Cisco Live Ed 23
Revista Cisco Live Ed 23Cisco do Brasil
 
Revista Cisco Live Ed 22
Revista Cisco Live Ed 22Revista Cisco Live Ed 22
Revista Cisco Live Ed 22Cisco do Brasil
 
Revista Cisco Live Ed 21
Revista Cisco Live Ed 21Revista Cisco Live Ed 21
Revista Cisco Live Ed 21Cisco do Brasil
 
Revista cisco live ed 20
Revista cisco live ed 20Revista cisco live ed 20
Revista cisco live ed 20Cisco do Brasil
 
O seu DNS está protegido
O seu DNS está protegidoO seu DNS está protegido
O seu DNS está protegidoCisco do Brasil
 
Cisco Live Magazine ed 19
Cisco Live Magazine ed 19Cisco Live Magazine ed 19
Cisco Live Magazine ed 19Cisco do Brasil
 
Rio 2016 em Números - Cisco
Rio 2016 em Números - CiscoRio 2016 em Números - Cisco
Rio 2016 em Números - CiscoCisco do Brasil
 
Cisco Tetration Analytics
Cisco Tetration AnalyticsCisco Tetration Analytics
Cisco Tetration AnalyticsCisco do Brasil
 
Revista Cisco Live ed 18
Revista Cisco Live ed 18Revista Cisco Live ed 18
Revista Cisco Live ed 18Cisco do Brasil
 
Brazilian Scenario - Trends and Challenges to keep IT investments
Brazilian Scenario - Trends and Challenges to keep IT investmentsBrazilian Scenario - Trends and Challenges to keep IT investments
Brazilian Scenario - Trends and Challenges to keep IT investmentsCisco do Brasil
 
Cloud Computing: a chave para inovar durante a crise
Cloud Computing: a chave para inovar durante a criseCloud Computing: a chave para inovar durante a crise
Cloud Computing: a chave para inovar durante a criseCisco do Brasil
 
Transforme sua rede em um mecanismo de inovação
Transforme sua rede em um mecanismo de inovaçãoTransforme sua rede em um mecanismo de inovação
Transforme sua rede em um mecanismo de inovaçãoCisco do Brasil
 
5 perguntas para ajudar você a escolher uma rede na nuvem ou no local
5 perguntas para ajudar você a escolher uma rede na nuvem ou no local5 perguntas para ajudar você a escolher uma rede na nuvem ou no local
5 perguntas para ajudar você a escolher uma rede na nuvem ou no localCisco do Brasil
 
5 principais maneiras de extrair informações da sua rede
5 principais maneiras de extrair informações da sua rede5 principais maneiras de extrair informações da sua rede
5 principais maneiras de extrair informações da sua redeCisco do Brasil
 
5 motivos para atualizar sua rede
5 motivos para atualizar sua rede5 motivos para atualizar sua rede
5 motivos para atualizar sua redeCisco do Brasil
 
5 formas de simplificar as operações e economizar seu orçamento
5 formas de simplificar as operações e economizar seu orçamento5 formas de simplificar as operações e economizar seu orçamento
5 formas de simplificar as operações e economizar seu orçamentoCisco do Brasil
 
A transformação digital com a internet de todas as coisas
A transformação digital com a internet de todas as coisasA transformação digital com a internet de todas as coisas
A transformação digital com a internet de todas as coisasCisco do Brasil
 

Más de Cisco do Brasil (20)

Revista Cisco Live ed 25 oficial
Revista Cisco Live ed 25 oficialRevista Cisco Live ed 25 oficial
Revista Cisco Live ed 25 oficial
 
Revista Cisco Live Ed 24
Revista Cisco Live Ed 24Revista Cisco Live Ed 24
Revista Cisco Live Ed 24
 
Revista Cisco Live Ed 23
Revista Cisco Live Ed 23Revista Cisco Live Ed 23
Revista Cisco Live Ed 23
 
Revista Cisco Live Ed 22
Revista Cisco Live Ed 22Revista Cisco Live Ed 22
Revista Cisco Live Ed 22
 
Revista Cisco Live Ed 21
Revista Cisco Live Ed 21Revista Cisco Live Ed 21
Revista Cisco Live Ed 21
 
Revista cisco live ed 20
Revista cisco live ed 20Revista cisco live ed 20
Revista cisco live ed 20
 
O seu DNS está protegido
O seu DNS está protegidoO seu DNS está protegido
O seu DNS está protegido
 
Cisco Live Magazine ed 19
Cisco Live Magazine ed 19Cisco Live Magazine ed 19
Cisco Live Magazine ed 19
 
Rio 2016 em Números - Cisco
Rio 2016 em Números - CiscoRio 2016 em Números - Cisco
Rio 2016 em Números - Cisco
 
Cisco Tetration Analytics
Cisco Tetration AnalyticsCisco Tetration Analytics
Cisco Tetration Analytics
 
Revista Cisco Live ed 18
Revista Cisco Live ed 18Revista Cisco Live ed 18
Revista Cisco Live ed 18
 
Brazilian Scenario - Trends and Challenges to keep IT investments
Brazilian Scenario - Trends and Challenges to keep IT investmentsBrazilian Scenario - Trends and Challenges to keep IT investments
Brazilian Scenario - Trends and Challenges to keep IT investments
 
Cloud Computing: a chave para inovar durante a crise
Cloud Computing: a chave para inovar durante a criseCloud Computing: a chave para inovar durante a crise
Cloud Computing: a chave para inovar durante a crise
 
Vença o jogo da rede
Vença o jogo da redeVença o jogo da rede
Vença o jogo da rede
 
Transforme sua rede em um mecanismo de inovação
Transforme sua rede em um mecanismo de inovaçãoTransforme sua rede em um mecanismo de inovação
Transforme sua rede em um mecanismo de inovação
 
5 perguntas para ajudar você a escolher uma rede na nuvem ou no local
5 perguntas para ajudar você a escolher uma rede na nuvem ou no local5 perguntas para ajudar você a escolher uma rede na nuvem ou no local
5 perguntas para ajudar você a escolher uma rede na nuvem ou no local
 
5 principais maneiras de extrair informações da sua rede
5 principais maneiras de extrair informações da sua rede5 principais maneiras de extrair informações da sua rede
5 principais maneiras de extrair informações da sua rede
 
5 motivos para atualizar sua rede
5 motivos para atualizar sua rede5 motivos para atualizar sua rede
5 motivos para atualizar sua rede
 
5 formas de simplificar as operações e economizar seu orçamento
5 formas de simplificar as operações e economizar seu orçamento5 formas de simplificar as operações e economizar seu orçamento
5 formas de simplificar as operações e economizar seu orçamento
 
A transformação digital com a internet de todas as coisas
A transformação digital com a internet de todas as coisasA transformação digital com a internet de todas as coisas
A transformação digital com a internet de todas as coisas
 

Último

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 

Último (20)

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 

Cisco 2015 Midyear Security Report & Security Transitions Insights

  • 1. 1© 2015 Cisco and/or its affiliates. All rights reserved. 16SEP15 Principal & Director, Cisco Security Advisory Cisco 2015 Midyear Security Report & Security Transitions… Cisco Brazil Security Week 2015 Brian J. Tillett, CCSK, CISSP
  • 2. 2© 2015 Cisco and/or its affiliates. All rights reserved. •  State of Cybersecurity (abridged) -2015 Cisco Midyear Security Report •  Transitions across the Cybersecurity Industry •  Transitions within Cisco Topics:
  • 3. 3© 2015 Cisco and/or its affiliates. All rights reserved. Changes in Attack Behavior Speed Agility Adaptability Destruction
  • 4. 4© 2015 Cisco and/or its affiliates. All rights reserved. Adversaries’ Agility is Their Strength Constant upgrades increased Angler penetration rate to 40% Twice as effective than other exploit kits in 2014 Compromised System Flash Vulnerabilities Retargeting Ransomware Angler Continually throwing different ‘hooks’ in the water to increase the chances of compromise EncryptedMalicious Payload Macros Social Engineering IP Changing Domain Shadowing More Being Developed Daily TTD Security Measures Web Blocking IP Blocking Retrospective Analysis Antivirus Endpoint SolutionsEmail Scanning
  • 5. 5© 2015 Cisco and/or its affiliates. All rights reserved. Rombertik Malware evolves to not only steal data—if detected, it can destroy the targeted system. Destructive if Modified •  Destroy master boot record •  Render computer inoperable on restart Gain Access •  Spam •  Phishing •  Social engineering Evade Detection •  Write random data to memory 960 million times Extract User Data •  Deliver user information back to adversaries Anti-Analysis Persistence Malicious Behavior
  • 6. 6© 2015 Cisco and/or its affiliates. All rights reserved. Countries with higher block ratios have many Web servers and compromised hosts on networks within their borders. Russia 0.936 Japan 1.134 China 4.126 Hong Kong 6.255 France 4.197 Germany 1.277 Poland 1.421 Canada 0.863 U.S. 0.760 Brazil 1.135 Malware on a Global Scale Malicious actors do not respect country boundaries. Malware Traffic Expected Traffic
  • 7. 7© 2015 Cisco and/or its affiliates. All rights reserved. Reducing Attack Surface & Window of Exposure
  • 8. 8© 2015 Cisco and/or its affiliates. All rights reserved. The Dilemma Build Buy Be Left Behind
  • 9. 9© 2015 Cisco and/or its affiliates. All rights reserved. Attackers Are Exploiting Point Solutions with Increasing Speed NGIPS Malware Sandbox IAM Antivirus IDS Firewall VPN Email NGFW Data
  • 10. 10© 2015 Cisco and/or its affiliates. All rights reserved. Data Attackers Are Exploiting Point Solutions with Increasing Speed NGIPS Malware Sandbox IAM Antivirus IDS Firewall VPN Email NGFW Time to detection: 200 Days Ransomware Now targeting data Domain Shadowing On the rise Dridex 850 unique mutations identified first half 2015 SPAM Rombertik Evolves to evade and destroy Angler Constantly upgrading and innovating Malvertising Mutating to avoid detection
  • 11. 11© 2015 Cisco and/or its affiliates. All rights reserved. Only an Integrated Threat Defense Can Keep Pace Data Systemic Response Control Visibility Context Intelligence Reduce time to detection to under 1 Hour
  • 12. 2015 Midyear Security Report cisco.com/go/msr2015
  • 13. •  How does an enterprise measure security? •  How to make security a competitive advantage; mission/ business enabler; and not stifle innovation/progress? •  How do we get ahead of our adversaries? Ongoing Transitions within Cybersecurity:
  • 14. Seatbelts Airbags Antivirus Firewalls Internet Volkswagen Intrusion Detection Antispyware Intrusion Prevention Heuristic Analysis Behavior Analysis System Integrity Access Control Data Loss Prevention Identity Control Sandboxing defense offense Traction Control Stability Control Antilock Braking System Back-up Camera Collision Avoidance Onboard Diagnostics GPS Lane Departure Warning Driving Assistant Connected Highways
  • 15. 15© 2015 Cisco and/or its affiliates. All rights reserved. Ongoing Transitions within Cisco:
  • 17. Cisco Confidential 17© 2014 Cisco and/or its affiliates. All rights reserved. Internet of Everything Security •  IoE Value Chain Assessment •  IoE Application Assessment •  IoE Device Assessment Application Security •  Secure Application Design •  Application Assessment •  Enterprise SDLC Mobile & Cloud Security •  Mobile App & Device Assessment •  Cloud Strategy & Architecture •  Cloud Application Assessment Strategy, Risk, & Programs •  IT Governance •  Security Strategy & Policy •  IT Risk Assessment •  3rd Party Risk Program •  Security Program Development •  Identity & Access Management •  Incident Readiness & Response Compliance •  PCI DSS & PA DSS Assessment •  ISO 27001 / 27002 •  HIPAA Infrastructure Security •  Network Architecture Assessment •  Red Team Exercises •  Penetration Testing •  Social Engineering •  SOC Enablement Integration •  Cisco Build Services •  Security Readiness •  Design, Development, Implementation •  SOC Build & Integration Assessment •  Test Plan Development & Execution •  Device Assessment •  Validation and Testing •  Kick Start Deployment Optimization •  Custom Reporting •  Cross Integration •  Performance Tuning •  Optimization Service Remote Managed •  Device Health & Welfare •  Security Control Management •  Security Event Monitoring •  Collective Security Intelligence Active Threat Analytics •  Advanced Threat Detection & Triage •  Anomaly Detection •  Customer-Specific Mitigation •  Collective Security Intelligence Cisco Security Services Portfolio Optimization Migration Integration Program Strategy Architecture & Design Assessments Product Support Hosted Security Managed Security Managed Services Advisory Integration
  • 18. Cisco Confidential 18© 2014 Cisco and/or its affiliates. All rights reserved. Core Security Service Areas Advisory Integration Managed Custom Threat Intelligence Strategy, Assessments, Incident Response Integration Services Security Optimization Services Active Threat Analytics Remote Managed Services & Operations
  • 19. Cisco Confidential 19© 2014 Cisco and/or its affiliates. All rights reserved. Core Security Service Areas Advisory Integration Managed Custom Threat Intelligence Strategy, Assessments, Incident Response Integration Services Security Optimization Services Active Threat Analytics Remote Managed Services & Operations
  • 20. Cisco Confidential 20© 2014 Cisco and/or its affiliates. All rights reserved. Integration Services Cisco delivers: Plan, Design, Implement Subject Matter Expertise Migration Optimization Services: •  Cisco Build Services •  Security Readiness •  Security Design, Development, Implementation •  Security Test Plan and Execution •  Security Knowledge Transfer •  Security Device Assessment •  Security Validation and Testing •  Security Kickstart Deployment •  Security Custom Reporting •  Security Cross Integration Implementation •  Security Performance Tuning •  Security Optimization Service
  • 21. Cisco Confidential 21© 2014 Cisco and/or its affiliates. All rights reserved. Core Security Service Areas Advisory Integration Managed Custom Threat Intelligence Strategy, Assessments, Incident Response Integration Services Security Optimization Services Active Threat Analytics Remote Managed Services & Operations
  • 22. Cisco Confidential 22© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Security Program Areas of Analysis
  • 23. Cisco Confidential 23© 2014 Cisco and/or its affiliates. All rights reserved. 1 Initial 2 Repeatable 3 Defined 4 Managed 5 Optimized Level 1 – Initial (ad hoc processes)   Level 2 – Repeatable (formal processes)   Level 3 – Defined (pervasive processes)   Level 4 – Managed (effective processes)   Level 5 – Optimized (refined processes)   •  Immature or inconsistent policies and procedures •  Various degrees of defined processes •  Unpredictable or unstable environment •  Inconsistent buy-in across the enterprise •  Processes abandoned at time of crisis •  Projects frequently exceed budget or are not fully completed •  Insufficient measurement of risk •  Business objective alignment is not established •  Inconsistent use of technology •  Undefined enterprise architecture model •  Lack of strategic planning •  Undefined roles and responsibilities •  Minimal senior management involvement in IT risk management   •  Policies and procedures have been implemented •  Project-specific processes are documented, practiced, and enforced •  Unique reporting and measurement at project level •  Processes followed during crisis •  Compliance program being established •  Adoption of technology standards •  Target enterprise architecture model is defined •  Enterprise architecture is being implemented at the component level •  Governance approach is being formalized •  Procurement based on specific requirements •  Varied adherence to architecture standards •  Defined roles and responsibilities for IT risk management organization •  Senior management is educated on IT risk management   •  Responsibilities defined enterprise- wide •  Enterprise-wide implementation of defined processes •  Consistent reporting and defined measurement •  Crisis predictable and minimized •  Proactive exception management •  Compliance program is effective •  Enterprise standards leveraged for all projects •  Target enterprise architecture model is implemented •  Initial alignment with business processes •  Acquisitions and purchases governed by enterprise architecture model •  Qualitative measurement of performance •  Senior management commitment   •  Measured effectiveness of IT risk organization •  Processes are adaptable based on scope/risk •  Defined metrics and measurement •  Quantitative predictability of performance •  Explicit adherence to standards across the enterprise •  Pervasive deployment and integration of enterprise architecture model •  Benefits of target architecture model are realized •  Alignment with business objectives •  Risk management used as an enabler to business processes •  Planned IT acquisition and investment •  Senior management involvement   •  Accountability for IT risk organization •  Processes are continually improved •  Measured and increased ROI •  Decreased operating expenses •  Process feedback incorporated •  Business processes reengineered for efficiency and savings •  Ability to perform risk modeling •  Established business linkage •  Risk management enablers provide an increase in top line revenue •  No unplanned IT investment •  Alignment with corporate strategic plan   Cisco Security Capability Maturity Model
  • 24. Cisco Confidential 24© 2014 Cisco and/or its affiliates. All rights reserved. Deliverable Graphic Examples: Current State vs. Target State (+full description report on gaps, deficiencies, and paths to overcome) Management Controls Operational Controls Technical Controls Security Governance Policy Management Compliance Management Risk Management Security Strategy Security Architecture Metrics and Measurement Patch Management Vulnerability Management Asset Management Security Monitoring Incident Management Continuity of Operations Identity and Access Management 3rd Party Management Systems Development Lifecycle Information Management Change Management Network Security Wireless Security Host Security Endpoint Security Application Security Data Security Database Security Management Controls Operational Controls Technical Controls Security Governance Policy Management Compliance Management Risk Management Security Strategy Security Architecture Metrics and Measurement Patch Management Vulnerability Management Asset Management Security Monitoring Incident Management Continuity of Operations Identity and Access Management 3rd Party Management Systems Development Lifecycle Information Management Change Management Network Security Wireless Security Host Security Endpoint Security Application Security Data Security Database Security Current  State  -­‐  Example   Target  State  -­‐  Example  
  • 25. Cisco Confidential 25© 2013-2014 Cisco and/or its affiliates. All rights reserved. Joint SPA & NDSA Recommendation Prioritization Prioritization helps the Security Ops management to address the recommendations based on Criticality and Ease of implementation.
  • 26. Cisco Confidential 26© 2013-2014 Cisco and/or its affiliates. All rights reserved. Intel Driven Incident Response Intelligence Powered by TalosTM Response Custom Tiers Remediation Post Breach 100 TB Intelligence 1.6M sensors 150 million+ endpoints 35% of email world wide FireAMP™, 3+ million 13B web requests Open Source Communities 180,000+ Files per Day 1B SBRS Queries per Day TALOS Research and Outreach Kill Chain Review Attack Vector Evaluation Threat Actor Landscaping Policy Review & Overhaul Application Penetration Testing Direct Access to Cisco’s Elite CCIEs Future Partnerships for Remediation - Microsoft - Red Hat - More… Rapid Response Incident Coordination & Investigation Breach Containment & Recovery Emergency Established IR Engagement Process Threat & Incident Reviews Rate Relief Readiness Proactive Threat Hunting Intel / IR / SOC Build-outs Custom Training Custom
  • 27. Cisco Confidential 27© 2014 Cisco and/or its affiliates. All rights reserved. Custom Threat Intelligence Network Traffic Analysis (CTI) & Traditional Perimeter Protection •  Know the “blind spots” •  Utilize “zero day” attacks •  Test against their copies of the latest detection/prevention technology to ensure not detected •  Hardware modifications & firmware injection – visible only to traffic flows •  Strive to make their exfiltration look like normal traffic •  Use different exfiltration networks for each major target •  Make compromises persistent •  Implement “self delete” when discovered Need for comprehensive threat visibility 27 INSTRUMENT IDENTIFY REMEDIATE MEASURE
  • 28. Cisco Confidential 28© 2014 Cisco and/or its affiliates. All rights reserved. Core Security Service Areas Advisory Integration Managed Custom Threat Intelligence Strategy, Assessments, Incident Response Integration Services Security Optimization Services Active Threat Analytics Remote Managed Services & Operations
  • 29. Cisco Confidential 29© 2014 Cisco and/or its affiliates. All rights reserved. DMZUsers Malware Analysis Netflow Collector Identity Mgmt. Data Center Netflow Collector Identity Mgmt. Web Security Email Security Malware Analysis Netflow Collector Identity Mgmt. Talos ATA: A Comprehensive Threat Solution ASA with FIREPOWER Cisco Cloud Security Internet Mobile Endpoints Anywhere / Anytime Cisco Active Threat Analytics ThreatGRIDFirePower Full Packet Cognitive Malware Analysis Application Exhaust
  • 30. Cisco Confidential 30© 2014 Cisco and/or its affiliates. All rights reserved. Use Case: Customer Statistics for Two-Week Timeframe Post-investigation incidents/tickets71 269,808 Security Events Unique events113,713 High fidelity events1710 207,99261,816Threat intel sourced Telemetry generated Roughly 20,000 Events/ day to 5 ranked & prioritized Incidents/day
  • 31. Cisco Confidential 31© 2014 Cisco and/or its affiliates. All rights reserved. OpenSOC Framework Sources Data Collection Messaging Broker Real-Time Processing Storage Access Analytic Tools Tableau R / Python Power Pivot Web Services Search PCAP Reconstruction Telemetry Sources NetFlow Machine Exhaust HTTP Other Flume Agent B Agent N Agent A Kafka B Topic N Topic PCAP Topic DPI Topic A Topic Storm B Topology N Topology A Topology PCAP Topology DPI Topology Hive Raw Data ORC Elasticsearch Index HBase Packet Table PCAP Passive Tap Traffic Replicator
  • 32. Cisco Confidential 32© 2014 Cisco and/or its affiliates. All rights reserved. https://github.com/OpenSOC