Maintaining Cyber Readiness in an Evolving Threat Landscape...Evolving Threat Landscape Brent Benson...

13
Maintaining Cyber Readiness in an Evolving Threat Landscape Brent Benson [email protected] 320-492-6011

Transcript of Maintaining Cyber Readiness in an Evolving Threat Landscape...Evolving Threat Landscape Brent Benson...

Page 1: Maintaining Cyber Readiness in an Evolving Threat Landscape...Evolving Threat Landscape Brent Benson Brent.benson@logrhythm.com 320-492-6011 The Modern Cyber Threat Pandemic 3,930

MaintainingCyberReadinessinanEvolvingThreatLandscape

[email protected]

Page 2: Maintaining Cyber Readiness in an Evolving Threat Landscape...Evolving Threat Landscape Brent Benson Brent.benson@logrhythm.com 320-492-6011 The Modern Cyber Threat Pandemic 3,930

TheModernCyberThreatPandemic 3,930Breachesin2015

953Breachesin2010

321Breachesin2006

736millionrecordswereexposedin2015,comparedto96millionrecordsin2010

Thesecurityindustryisfacingserioustalentandtechnologyshortages

Selected

DataBreaches

Source:World’sBiggestDataBreaches,InformaKonisBeauKful

Page 3: Maintaining Cyber Readiness in an Evolving Threat Landscape...Evolving Threat Landscape Brent Benson Brent.benson@logrhythm.com 320-492-6011 The Modern Cyber Threat Pandemic 3,930

NoEndInSight

MoKvatedThreatActors

Cyber-crimeSupplyChain

ExpandingAQackSurface

MoIvatedThreatActors

Cyber-crimeSupplyChain

ExpandingANackSurface

Page 4: Maintaining Cyber Readiness in an Evolving Threat Landscape...Evolving Threat Landscape Brent Benson Brent.benson@logrhythm.com 320-492-6011 The Modern Cyber Threat Pandemic 3,930

ModernthreatstaketheirKmeandleveragetheholisKcaQacksurface

TheCyberaNackLifecycle

Recon.&Planning

IniKalCompromise

Command&Control

LateralMovement

TargetAQainment

ExfiltraKon,CorrupKon,DisrupKon

Page 5: Maintaining Cyber Readiness in an Evolving Threat Landscape...Evolving Threat Landscape Brent Benson Brent.benson@logrhythm.com 320-492-6011 The Modern Cyber Threat Pandemic 3,930

ProtecIonThroughFasterDetecIon&Response

HighVulnerability LowVulnerability

Months

Days

Hours

Minutes

Weeks

MTTD&M

TTR

MEANTIMETODETECT(MTTD)TheaverageKmeittakestorecognizeathreatrequiringfurtheranalysisandresponseeffortsMEANTIMETORESPOND(MTTR)TheaverageKmeittakestorespondandulKmatelyresolvetheincident

Asorganiza+onsimprovetheirabilitytoquicklydetectandrespondtothreats,theriskofexperiencingadamagingbreachisgreatlyreduced

ExposedtoThreats ResilienttoThreats

Page 6: Maintaining Cyber Readiness in an Evolving Threat Landscape...Evolving Threat Landscape Brent Benson Brent.benson@logrhythm.com 320-492-6011 The Modern Cyber Threat Pandemic 3,930

ObstaclesToFasterDetecIon&Response

AlarmFaKgue

SwivelChairAnalysis

ForensicDataSilos

FragmentedWorkflow

LackofAutomaKon

Page 7: Maintaining Cyber Readiness in an Evolving Threat Landscape...Evolving Threat Landscape Brent Benson Brent.benson@logrhythm.com 320-492-6011 The Modern Cyber Threat Pandemic 3,930

ObstaclesToFasterDetecIon&Response

AlarmFaKgue

SwivelChairAnalysis

ForensicDataSilos

FragmentedWorkflow

LackofAutomaKon

EffecKveThreatLifecycleManagementü  Addressestheseobstaclesü  EnablesfasterdetecKonand

responsetothreats

Page 8: Maintaining Cyber Readiness in an Evolving Threat Landscape...Evolving Threat Landscape Brent Benson Brent.benson@logrhythm.com 320-492-6011 The Modern Cyber Threat Pandemic 3,930

ThreatLifecycleManagement(TLM)

•  SeriesofalignedsecurityoperaKonscapabiliKes

•  Beginswithabilityto“see”broadlyanddeeplyacrossdistributedITenvironment

•  Finisheswithabilitytoquicklyneutralizeandrecoverfromsecurityincidents

Goal:reducemeanKmetodetect(MTTD)andmeanKmetorespond(MTTR),withoutrequiringincreasedstaffinglevels

Page 9: Maintaining Cyber Readiness in an Evolving Threat Landscape...Evolving Threat Landscape Brent Benson Brent.benson@logrhythm.com 320-492-6011 The Modern Cyber Threat Pandemic 3,930

StepsToFasterDetecIon&Response

UnderstandingWhatYouHave

HolisKcVisibility

DecepKonBasedDefenses

RoundTheClockMonitoring

SecurityAwareness

Page 10: Maintaining Cyber Readiness in an Evolving Threat Landscape...Evolving Threat Landscape Brent Benson Brent.benson@logrhythm.com 320-492-6011 The Modern Cyber Threat Pandemic 3,930

End-to-EndThreatLifecycleManagementWorkflow

TIMETODETECT TIMETORESPOND

ForensicDataCollecIon

InvesIgateQualifyDiscover RecoverNeutralize

Securityeventdata

Log&machinedata

Forensicsensordata

SearchanalyKcs

MachineanalyKcs

Assessthreat

Determinerisk

IsfullinvesKgaKonnecessary?

Analyzethreat

Determinenatureand

extentofincident

Implementcounter-measures

MiKgatethreat&associatedrisk

Cleanup

Report

Review

Adapt

Page 11: Maintaining Cyber Readiness in an Evolving Threat Landscape...Evolving Threat Landscape Brent Benson Brent.benson@logrhythm.com 320-492-6011 The Modern Cyber Threat Pandemic 3,930

ThisApproachIsNotEffecIve

NetworkMonitoring&Forensics LogManagement SIEM User&EnKty

BehavioralAnalyKcs

EndpointMonitoring&Forensics

SecurityAutomaKon&OrchestraKon

NetworkBehavioralAnalyKcs

SecurityAnalyKcs

Page 12: Maintaining Cyber Readiness in an Evolving Threat Landscape...Evolving Threat Landscape Brent Benson Brent.benson@logrhythm.com 320-492-6011 The Modern Cyber Threat Pandemic 3,930

HolisIcApproach

ForensicData

CollecKonDiscover Qualify InvesKgate Neutralize Recover

Page 13: Maintaining Cyber Readiness in an Evolving Threat Landscape...Evolving Threat Landscape Brent Benson Brent.benson@logrhythm.com 320-492-6011 The Modern Cyber Threat Pandemic 3,930

13|©2016LogRhythm

[email protected]


The Evolution of Cyber Attacks and Next Generation Threat ... · and Next Generation Threat Protection ... Organizations face an evolving threat scenario that they are ill-prepared

The Evolution of Cyber Attacks and Next Generation Threat ... · and Next Generation Threat Protection ... Organizations face an evolving threat scenario that they are ill-prepared

Cyber Threat Characterization

Cyber Threat Characterization

Cyber Threat Metrics

Cyber Threat Metrics

What is Cyber Threat Intelligence and how is it used?€¦ · 6 What is Cyber Threat Intelligence and how is it used? What is cyber threat intelligence? Cyber Threat Intelligence

What is Cyber Threat Intelligence and how is it used?€¦ · 6 What is Cyber Threat Intelligence and how is it used? What is cyber threat intelligence? Cyber Threat Intelligence

Cyber Threat Landscape

Cyber Threat Landscape

CYBER THREAT BULLETIN

CYBER THREAT BULLETIN

Southeast Asia: An Evolving Cyber Threat Landscape · 5 SPECIAL REPORT Southeast Asia: An Evolving Cyer Threat Landscape APT AND TARGETED MALWARE DETECTIONS JULY-DECEMBER 2014: GLOBAL

Southeast Asia: An Evolving Cyber Threat Landscape · 5 SPECIAL REPORT Southeast Asia: An Evolving Cyer Threat Landscape APT AND TARGETED MALWARE DETECTIONS JULY-DECEMBER 2014: GLOBAL

Cyber, Physical or Insider Threat? - ASIS Europe 2018 · Cyber, Physical or Insider Threat? ... navigating a complex risk landscape? physical threat cyber threat insider threat ...

Cyber, Physical or Insider Threat? - ASIS Europe 2018 · Cyber, Physical or Insider Threat? ... navigating a complex risk landscape? physical threat cyber threat insider threat ...

Technology Practice Group - Stanton Chase · 2019-03-12 · Cyber Security Organizations of all sizes face a complex, sophisticated, and rapidly evolving new cyber-threat landscape.

Technology Practice Group - Stanton Chase · 2019-03-12 · Cyber Security Organizations of all sizes face a complex, sophisticated, and rapidly evolving new cyber-threat landscape.

How to create a culture of cyber resiliency...cyber resiliency while enabling your organization to adapt systems and evolve cultures as the threat landscape changes. The evolving threat

How to create a culture of cyber resiliency...cyber resiliency while enabling your organization to adapt systems and evolve cultures as the threat landscape changes. The evolving threat

Cyber Threat Intelligence

Cyber Threat Intelligence

Evolving Insider Threat Detection

Evolving Insider Threat Detection

OUTPACING CYBER THREATS - Nuclear Threat Initiative · ahead of this rapidly evolving global threat. There’s no doubt that nuclear facility operators and regulators are aware of

OUTPACING CYBER THREATS - Nuclear Threat Initiative · ahead of this rapidly evolving global threat. There’s no doubt that nuclear facility operators and regulators are aware of

Cyber Threat

Cyber Threat

Responding to the evolving cyber threat landscape in the ... · Responding to the evolving cyber threat landscape in the oil and gas sector October 2018 Cyber Security AI/Cognitive

Responding to the evolving cyber threat landscape in the ... · Responding to the evolving cyber threat landscape in the oil and gas sector October 2018 Cyber Security AI/Cognitive

Cyber threat trends

Cyber threat trends

CYBER THREAT INTELLIGENCE - Microsoft...Cyber threat intelligence supports the following cyber security ... Optiv’s Cyber Threat Intelligence Workshop was developed to advise and

CYBER THREAT INTELLIGENCE - Microsoft...Cyber threat intelligence supports the following cyber security ... Optiv’s Cyber Threat Intelligence Workshop was developed to advise and

How is the cyber threat landscape evolving …...BAE SYSTEMS PROPRIETARY All rights reserved. 2019 © BAE Systems plc. Unpublished work. Joseph Rooke Security Consultant –Threat

How is the cyber threat landscape evolving …...BAE SYSTEMS PROPRIETARY All rights reserved. 2019 © BAE Systems plc. Unpublished work. Joseph Rooke Security Consultant –Threat

Maintaining Cyber Readiness in an Evolving Threat Landscape - Cyber Security … · 2017-11-02 · Maintaining Cyber Readiness in an Evolving Threat Landscape Brent Benson Brent.benson@

Maintaining Cyber Readiness in an Evolving Threat Landscape - Cyber Security … · 2017-11-02 · Maintaining Cyber Readiness in an Evolving Threat Landscape Brent Benson Brent.benson@

Cyber Security Conference - Rethinking cyber-threat

Cyber Security Conference - Rethinking cyber-threat