Defense in Depth - MEECmeec-edu.org/files/2015/10/SLAIT-Defense-in-Depth_MEEC_April-21-… ·...
Transcript of Defense in Depth - MEECmeec-edu.org/files/2015/10/SLAIT-Defense-in-Depth_MEEC_April-21-… ·...
![Page 1: Defense in Depth - MEECmeec-edu.org/files/2015/10/SLAIT-Defense-in-Depth_MEEC_April-21-… · 2016-04-21 · Defense in Depth Defense in Depth • Coordinated use of multiple security](https://reader034.fdocuments.net/reader034/viewer/2022042713/5fa6e53303f06e79ac42f572/html5/thumbnails/1.jpg)
Defense in Depth
Constructing Your Walls for Your Enterprise
Mike D’ArezzoDirector of Security
April 21, 2016
![Page 2: Defense in Depth - MEECmeec-edu.org/files/2015/10/SLAIT-Defense-in-Depth_MEEC_April-21-… · 2016-04-21 · Defense in Depth Defense in Depth • Coordinated use of multiple security](https://reader034.fdocuments.net/reader034/viewer/2022042713/5fa6e53303f06e79ac42f572/html5/thumbnails/2.jpg)
Defense in Depth
Defense in Depth• Coordinated use of multiple security
countermeasures • Protect the integrity of the information
assets • Based on the military principle that a
complex and multi-layered defense is easier to defend a single barrier
![Page 3: Defense in Depth - MEECmeec-edu.org/files/2015/10/SLAIT-Defense-in-Depth_MEEC_April-21-… · 2016-04-21 · Defense in Depth Defense in Depth • Coordinated use of multiple security](https://reader034.fdocuments.net/reader034/viewer/2022042713/5fa6e53303f06e79ac42f572/html5/thumbnails/3.jpg)
Defense in Depth
Defense in Depth• Also known as Castle Approach• Information assurance (IA) concept in
which multiple layers of security controls (defense) are placed throughout an information technology (IT) system.
![Page 4: Defense in Depth - MEECmeec-edu.org/files/2015/10/SLAIT-Defense-in-Depth_MEEC_April-21-… · 2016-04-21 · Defense in Depth Defense in Depth • Coordinated use of multiple security](https://reader034.fdocuments.net/reader034/viewer/2022042713/5fa6e53303f06e79ac42f572/html5/thumbnails/4.jpg)
When is enough actually enough?
• Risk Based Approach
• How much is your data/reputation/revenue actually worth?
• How much is enough “defense”?
• When does it become just “noise”?
• Regulatory Compliance
• What is Required?
![Page 5: Defense in Depth - MEECmeec-edu.org/files/2015/10/SLAIT-Defense-in-Depth_MEEC_April-21-… · 2016-04-21 · Defense in Depth Defense in Depth • Coordinated use of multiple security](https://reader034.fdocuments.net/reader034/viewer/2022042713/5fa6e53303f06e79ac42f572/html5/thumbnails/5.jpg)
Data
Reputation
Encryption
Data Loss Prevention
End point protection
Revenue
Defense in Depth
People
• Data• People• Revenue
• Reputation• Data
• Data at Rest • Databases• Files and Directories
• Data in Motion• Internal• External
• Data in Use • “People interaction”• Processes
![Page 6: Defense in Depth - MEECmeec-edu.org/files/2015/10/SLAIT-Defense-in-Depth_MEEC_April-21-… · 2016-04-21 · Defense in Depth Defense in Depth • Coordinated use of multiple security](https://reader034.fdocuments.net/reader034/viewer/2022042713/5fa6e53303f06e79ac42f572/html5/thumbnails/6.jpg)
External Threats
• Are you protecting your perimeter?
• Can you verify you are protecting?
• Are you learning as you find threats?
• Are you learning from other’s threats?
![Page 7: Defense in Depth - MEECmeec-edu.org/files/2015/10/SLAIT-Defense-in-Depth_MEEC_April-21-… · 2016-04-21 · Defense in Depth Defense in Depth • Coordinated use of multiple security](https://reader034.fdocuments.net/reader034/viewer/2022042713/5fa6e53303f06e79ac42f572/html5/thumbnails/7.jpg)
Insider Threat
• “Snowden” – does not have to be government secrets
• Would you know if data was lost, copied, or destroyed?
• Sometimes insider threats do not start from the inside….
• Are you testing phishing campaigns?
• Are you watching your Highly Privileged Accounts?
![Page 8: Defense in Depth - MEECmeec-edu.org/files/2015/10/SLAIT-Defense-in-Depth_MEEC_April-21-… · 2016-04-21 · Defense in Depth Defense in Depth • Coordinated use of multiple security](https://reader034.fdocuments.net/reader034/viewer/2022042713/5fa6e53303f06e79ac42f572/html5/thumbnails/8.jpg)
Other Threat Vectors
• What are you doing about Cloud Services?
• Are you containing mobile data movement?
• Do you have a Software Governance and Third Party Risk plan?
![Page 9: Defense in Depth - MEECmeec-edu.org/files/2015/10/SLAIT-Defense-in-Depth_MEEC_April-21-… · 2016-04-21 · Defense in Depth Defense in Depth • Coordinated use of multiple security](https://reader034.fdocuments.net/reader034/viewer/2022042713/5fa6e53303f06e79ac42f572/html5/thumbnails/9.jpg)
Cloud Enterprise Security
Enterprise Network
Public Cloud
Private
Cloud
SAAS Apps
Mobile / Remote Users
Main Location Remote Locations
DR Facility
Data Center
Centralized Mgmt.THREAT
INTELLIGENCE
CLOUD
![Page 10: Defense in Depth - MEECmeec-edu.org/files/2015/10/SLAIT-Defense-in-Depth_MEEC_April-21-… · 2016-04-21 · Defense in Depth Defense in Depth • Coordinated use of multiple security](https://reader034.fdocuments.net/reader034/viewer/2022042713/5fa6e53303f06e79ac42f572/html5/thumbnails/10.jpg)
Delayed Threats
• If you found a threat today would you know it was a threat?
• Are you only looking at the new files?
• Are you tenacious and unrelenting?
![Page 11: Defense in Depth - MEECmeec-edu.org/files/2015/10/SLAIT-Defense-in-Depth_MEEC_April-21-… · 2016-04-21 · Defense in Depth Defense in Depth • Coordinated use of multiple security](https://reader034.fdocuments.net/reader034/viewer/2022042713/5fa6e53303f06e79ac42f572/html5/thumbnails/11.jpg)
Q & A
![Page 12: Defense in Depth - MEECmeec-edu.org/files/2015/10/SLAIT-Defense-in-Depth_MEEC_April-21-… · 2016-04-21 · Defense in Depth Defense in Depth • Coordinated use of multiple security](https://reader034.fdocuments.net/reader034/viewer/2022042713/5fa6e53303f06e79ac42f572/html5/thumbnails/12.jpg)
Security Webinars at SLAIT
An advanced persistent threat (APT) is a set of stealthy and continuous computer hackingprocesses, often orchestrated by human(s) targeting a specific entity, typically for businessor political motives. According to the InfoSec Institute, 2016 will be a year where the mostserious threats for government and private businesses will come from cyber espionage.Nation state actors (APTs) - are well funded, increasingly sophisticated and extremelysneaky.
In this webinar, SLAIT's CISO, Arnold Bell, will address the current state of APT's and thetechniques used by the more prolific actors and their shift in motivation. Attend to learn thebest ways to defend your environment to prevent and/or minimize the damage that couldbe caused by APT actors.
http://www.slaitconsulting.com/events
![Page 13: Defense in Depth - MEECmeec-edu.org/files/2015/10/SLAIT-Defense-in-Depth_MEEC_April-21-… · 2016-04-21 · Defense in Depth Defense in Depth • Coordinated use of multiple security](https://reader034.fdocuments.net/reader034/viewer/2022042713/5fa6e53303f06e79ac42f572/html5/thumbnails/13.jpg)
slaitconsulting.com
SLAIT Security SolutionsGovernance Prevention Response
Risk Assessment Policy and Procedure PCI Prep HIPAA Gap Analysis Audit Preparation
Assistance Security Organization
Review Security Checkup
Managed Firewall and Endpoint
Secure Infrastructure Design & Review
vISO Program Awareness Training Assessment
Vulnerability Scanning Penetration Testing Phishing Exercises
ThreatRecon Pre-breach
Preparation ThreatManage Breach Response Cyber Forensics
Technology Partners
![Page 14: Defense in Depth - MEECmeec-edu.org/files/2015/10/SLAIT-Defense-in-Depth_MEEC_April-21-… · 2016-04-21 · Defense in Depth Defense in Depth • Coordinated use of multiple security](https://reader034.fdocuments.net/reader034/viewer/2022042713/5fa6e53303f06e79ac42f572/html5/thumbnails/14.jpg)
Thank you for coming
Interested in seeing how SLAIT can help you?
Please come talk to me at the end or take a business card
![Page 15: Defense in Depth - MEECmeec-edu.org/files/2015/10/SLAIT-Defense-in-Depth_MEEC_April-21-… · 2016-04-21 · Defense in Depth Defense in Depth • Coordinated use of multiple security](https://reader034.fdocuments.net/reader034/viewer/2022042713/5fa6e53303f06e79ac42f572/html5/thumbnails/15.jpg)
References
• https://en.wikipedia.org/wiki/Defence-in-depth_(Roman_military)• Yeah, I know – its Wikipedia!
• http://searchsecurity.techtarget.com/definition/defense-in-depth