Security Architecture & Network Situational Awareness · Security Architecture & Network ......
Transcript of Security Architecture & Network Situational Awareness · Security Architecture & Network ......
![Page 1: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/1.jpg)
Security Architecture & Network
Situational Awareness
September 27, 2016
09/27/2016Security Architecture & Network Situational
Awareness
![Page 2: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/2.jpg)
Today’s web conference is generously sponsored by:
09/27/2016Security Architecture & Network Situational Awareness
https://redseal.co/
The Measure of Resilience
![Page 3: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/3.jpg)
Security Architecture & Network Situational Awareness
Security Architecture & Network
Situational Awareness
Mark Kadrich• 25 Years in Information
Security
• CISO at SDHC Health
Exchange & CISO at 211
San Diego
09/27/2016
Welcome Conference Moderator
![Page 4: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/4.jpg)
Introduction
09/27/2016
• All sound engineering begins with “principles”• What are you designing?
• What is the expected outcome?
• What are the performance parameters?
• How will it fail?
• Will it fail safely?
• How will you test it to verify your assumptions?
• How long will it be expected to last?
• How will you expand or grow the architecture?
Security Architecture & Network Situational Awareness
![Page 5: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/5.jpg)
Introduction
09/27/2016
• Our present situation….• Most security “architectures” rely on chaos theory for
requirements• What is the threat du jure?
• What can our vendor provide?
• Software has many and unpredicable failure modes
• Budget versus user consensus usually rules the day• Look at BYOD policies!
• How will you incorporate the next user driven technology wave?
Security Architecture & Network Situational Awareness
![Page 6: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/6.jpg)
Introduction
09/27/2016
• We need to move to an engineering driven approach to architecture
• Documented desired behaviors
• Model driven
• Understood failure modes
• Predictable results
• Test, analyze, fix
• Flexible, reliable, and stable
Security Architecture & Network Situational Awareness
![Page 7: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/7.jpg)
Today’s Speakers
09/27/2016
Ben Tomhave, CISSP• Security Architect with New Context
• Master of Science in Engineering Management
Jerry Sto. Tomas, CISSP, CISM• CISO for Apria Healthcare
• Over 20 Years of IT, Privacy and Information Security Experience
Security Architecture & Network Situational Awareness
![Page 8: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/8.jpg)
Speaker Introduction
09/27/2016
Ben Tomhave
• Security Architect with New Context, a Lean Security Firm
• Previously held positions with Garner, AOL, Wells Fargo, ICSA Labs, LockPath and Ernst & Young
• Former co-chair of the American Bar Association Information Security Committee
• Holds a Masters in Science from George Washington University and is a CISSP
Security Architecture & Network Situational Awareness
![Page 9: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/9.jpg)
09/27/2016Security Architecture & Network Situational Awareness
![Page 10: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/10.jpg)
Something Old
Confidentiality
IntegrityAvailability
Protect
Detect
Correct
Prepared for ISSA webinar participants.
![Page 11: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/11.jpg)
Something New
Visibility Control Remediation Response
Endpoint• Server• User• IoT
Network• LAN• WAN• Extranet
Data• DIM• DAR• DIU
Apps
Prepared for ISSA webinar participants.
![Page 12: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/12.jpg)
Something Borrowed
• From Agile/DevOps• Systems Thinking• Amplify Feedback Loops• Culture of Continual Experimentation and Learning• Cooperative / Generative (vs Competitive)• Shared Values, Principles, Objectives, Risks, Tolerances, Language
• From Test-Driven Development• Define a test, THEN make a change, THEN evaluate for success/failure
• From Lean• Efficient• Effective• Knowledge-creating• Respectful & Mindful• Optimized Quality
Prepared for ISSA webinar participants.
![Page 13: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/13.jpg)
Something Blue
• None of what we’ve discussed thus far matters…• ...in the current business environment
• Problem State…
• Where we spend time:• Justifying our
existence
• Fighting a perverse
incentive model
• Fighting against org
culture
Prepared for ISSA webinar participants.
![Page 14: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/14.jpg)
Something Lean
• 5 Principles:AwarenessExecutionMeasurementSimplificationAutomation
• It must start by reforming org culture
• “Security” truly becomes an emergent property
Awareness
Execution
Measurement
Simplification
Automation
The goal of the Lean Security model is to transform how the business functions.
Prepared for ISSA webinar participants.
![Page 15: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/15.jpg)
Awareness
• Communication• Openness
• Clarity
• Integrity
• Collaboration• Shared Tools / Platforms
• Cooperative Spirit
• Generative Culture
• Discoverability• Documentation
• Networking (human, not IT)
• Training Img Src: https://zanl13.files.wordpress.com/2011/10/social-dev1.gif
Prepared for ISSA webinar participants.
![Page 16: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/16.jpg)
Execution
• Lean• Efficient
• Effective
• Knowledge-creating
• Respectful & Mindful
• Optimized Quality
• Test-Driven
• Dev(Sec)Ops• Systems Thinking
• Amplify Feedback Loops
• Culture of Continual Experimentation and Learning
• Cooperative/Generative (vs Competitive)
• Shared Values, Principles, Objectives, Risks, Tolerances
Prepared for ISSA webinar participants.
Img Src: http://pixel.nymag.com/imgs/daily/selectall/2016/08/15/15-ussain-bolt-100-meter-memes.w710.h473.2x.jpg
![Page 17: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/17.jpg)
Measurement
• Means
• Method
• Motivation• Meaningful!
For example…• Mean time to detection• Mean time to response• Mean time to recovery• Mean time to remediation
Prepared for ISSA webinar participants.
![Page 18: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/18.jpg)
Simplification
• Find lowest common denominator
• If too complex, (re)factor, find a better approach
• When all else fails, go back to Awareness and Execution
• Identify and address “undiscussable issues”• Topics that are uncomfortable, embarrassing, or may lead difficult
conversations (e.g., “management is incompetent” or “won’t do any good anyway” or “fear of repercussions”) – people are actively chatting about them everywhere, but not the right people (meaning, not those who can institute changes)
• Engage people at all levels in order to generate energy to promote change
• Key in triggering turning points
• Find ways to break silos, take systemic view
Prepared for ISSA webinar participants.
![Page 19: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/19.jpg)
Automation
• What can be automated?• Builds, Deployments, Maintenance (CI/CD)
• Workflows
• Provisioning
• What can’t be automated?• Why not?
• Human as fail-safe
• Trust issues: real or imagined/manufactured?
• Ops/Tech/Process maturity• e.g., if we move to a cloud-first strategy, can we actually support that and
do it “right” without harming the business?
Prepared for ISSA webinar participants.
![Page 20: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/20.jpg)
Closing Thoughts
• We cannot be successful in the current climate…• …at least, not without cultural change!
• Technology is an answer, but not the answer.
• Security architecture must derive from business needs.
• First solve for communication, collaboration, and cooperation...
• ...then have tool discussions.
• After Awareness: Execution, Measurement, Simplification, Automation
• SecArch derives from all 5 principles of Lean Security
Ben [email protected] for ISSA webinar participants.
![Page 21: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/21.jpg)
Jerry Sto. Tomas• CISO for Apria Healthcare
• Holds a Master’s Degree in Information Assurance from Norwich University
• Formerly held positions with Allergan, The ImpacCompanies and Celestica, Inc.
• Certifications include CISSP and CISM
Speaker Introduction
09/27/2016Security Architecture & Network Situational Awareness
![Page 22: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/22.jpg)
Traditional Security Triad
Security Architecture & Network Situational Awareness 229/27/2016
Confidentiality
AvailabilityIntegrity
![Page 23: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/23.jpg)
Security Quad
Security Architecture & Network Situational Awareness 239/27/2016
Confidentiality Integrity
Availability Safety
!
Confidentiality
AvailabilityIntegrity
![Page 24: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/24.jpg)
Technology Trends
Big Data, Cloud, Mobility, Social, IoT
Does your business think of you as a stop sign?
Change security architecture to business enabler
Agile
Competitive
Compliant
Stop Sign and Security
Security Architecture & Network Situational Awareness 249/27/2016
![Page 25: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/25.jpg)
Traditional “Defense in
Depth”
Security Architecture & Network Situational Awareness 259/27/2016
PreventionTechnologies
• Anti-virus
• Anti-spam
• Endpoint encryption
• Firewalls
• Mobile Device Management
• DLP
• Identity and Access Mgt.
Detection
Technologies
• Intrusion Detection System
• Vulnerability Scanners
• Event Collection & Correlation
Response Technologies
• Forensics & Investigations
• Intelligence
• Patch Management
![Page 26: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/26.jpg)
“Checkbox” Mentality
Anti-virus, NGFW, DLP, etc.
Difficulty to identify root-cause
People, Process, or Technology
Value measurement
Lack of correlated threats across the
organization
Traditional “Defense in
Depth” Approach
Security Architecture & Network Situational Awareness 269/27/2016
![Page 27: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/27.jpg)
Adaptive and Risk-based
Security Architecture & Network Situational Awareness 279/27/2016
Correlate and Predict
Response Technologies
Detection Technologies
Prevention Technologies
Situational Awareness and Sustainable Operations…
![Page 28: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/28.jpg)
Holistic View: Sec Ops
Security Architecture & Network Situational Awareness 289/27/2016
Foundational
Controls
THREAT INTELLIGENCE• Cyber Risk Intelligence
(e.g., Internet, Social Media)• 3rd Party Security Intelligence Feeds
(e.g., CERT, NIST, SANS, NH-ISAC)• Security Product Alerts• Security Analytics
INCIDENT MANAGEMENT• Data Loss/Leakage (DLP)• Advanced Persistent Threats• Virus Attacks• Email Spam Penetrations• Network Intrusions• System Hacking• Web Defacement• Denial-of-Service Attacks
TECHNOLOGY MANAGEMENT• Perimeter Control
(e.g., Firewall, Intrusion Prevention System, Anti-Spam, Web Content Filter)
• Endpoint Security(e.g., Anti-Virus, Mobile Device Mgt., DLP, Encryption)
• Identity and Access• Patch Management• Cloud Security Controls• Vulnerability Scanners
INCIDENT MANAGEMENT• Data Loss/Leakage (DLP)• Advanced Persistent Threats• Virus Attacks• Email Spam Penetrations• Network Intrusions• System Hacking• Web Defacement• Denial-of-Service Attacks
![Page 29: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/29.jpg)
Holistic View: Sec Ops
Security Architecture & Network Situational Awareness 299/27/2016
Foundational
Controls
THREAT INTELLIGENCE• Cyber Risk Intelligence
(e.g., Internet, Social Media)• 3rd Party Security Intelligence Feeds
(e.g., CERT, NIST, SANS, NH-ISAC)• Security Product Alerts• Security Analytics
INCIDENT MANAGEMENT• Data Loss/Leakage (DLP)• Advanced Persistent Threats• Virus Attacks• Email Spam Penetrations• Network Intrusions• System Hacking• Web Defacement• Denial-of-Service Attacks
TECHNOLOGY MANAGEMENT• Perimeter Control
(e.g., Firewall, Intrusion Prevention System, Anti-Spam, Web Content Filter)
• Endpoint Security(e.g., Anti-Virus, Mobile Device Mgt., DLP, Encryption)
• Identity and Access• Patch Management• Cloud Security Controls
• Vulnerability Assessment Scanners
INCIDENT MANAGEMENT• Data Loss/Leakage (DLP)• Advanced Persistent Threats• Virus Attacks• Email Spam Penetrations• Network Intrusions• System Hacking• Web Defacement• Denial-of-Service Attacks
![Page 30: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/30.jpg)
Scanners are managed within a Vulnerability Management program
Security Analytics provide prioritization of remediation
Helps IT to be a threat-aware organization
Situational Awareness:
VA Scanners
Security Architecture & Network Situational Awareness 309/27/2016
![Page 31: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/31.jpg)
Security Architecture & Network Situational
Awareness31
9/27/2016
Firewalls Routers SDN SIEMLoad
BalancersSwitches Scanners Endpoint
Security Analytics
Network Engineers:Access & Policy
UI & API
Vuln Mgt.Exec
Dashboards Patch Mgt.Config Mgt.
CIO/CISOPolicy/Compliance Security Engineers:
Prioritization & Speed
Situational Awareness:
VA Scanners
![Page 32: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/32.jpg)
Network visibility to analyze and monitor threats on
each segment (e.g., Internet/Web DMZ, Application
DMZ, Database zone, Internal server, User zone)
Security Analytics provide a view of all segments
and access path
Helps identify direct attack path
Situational Awareness:
Network Zones
Security Architecture & Network Situational Awareness 329/27/2016
![Page 33: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/33.jpg)
Situational Awareness: Network Zones
Security Architecture & Network Situational
Awareness33
9/27/2016
Data
Center
DMZ
Lab
PartnersCore
Extranet
Remote
Company
Vulnerabilities are accessible from untrusted over unauthorized path.
Approved, planned access
Has access to Critical Assets
CVSS 4
CVSS 6
CVSS 7CVSS 9
No access to Critical Assets or untrusted
![Page 34: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/34.jpg)
Adaptive Model Vision
Security Architecture & Network Situational
Awareness34
9/27/2016
SIEM
HP
ArcSight
Platforms
“I need to prioritize and remediatevulnerabilities with limited resources”Vulnerability Management/Sec Ops
“I need to understand and accurately config my network”Network/Network Sec Engineers
Vulnerability Managers
Holistic View
Network Management& Devices
“I need to identify and quickly respond to Incidents”Sec Ops
“I need to define and enforce access policies”Network/Security Architects
Analytics
Ticketing
Workflow
Inventory
![Page 35: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/35.jpg)
Security Strategy That Is
Benefits of an Adaptive Model
Security Architecture & Network Situational Awareness 359/27/2016
Risk TolerantResilient
Meaningful Metrics
![Page 36: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/36.jpg)
Adaptive and Risk-based
Situational Awareness
Predictability
In summary…
Security Architecture & Network Situational Awareness 369/27/2016
ST PSL WG
![Page 37: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/37.jpg)
Open Discussion & Q&A
To ask a question:
Type in your question in the Questions
area of your screen.
You may need to click on the double
arrows to open this function.
#ISSAWebConf
• Mark Kadrich - Moderator
• Ben Tomhave
• Jerry Sto. Tomas
09/27/2016 Security Architecture & Network Situational Awareness
![Page 38: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/38.jpg)
We thank today’s sponsor:
09/27/2016Security Architecture & Network Situational Awareness
https://redseal.co/
The Measure of Resilience
![Page 39: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/39.jpg)
Upcoming ISSA International Web
Conference
How to Recruit and Retain Cybersecurity Professionals
2-Hour Live Event: Tuesday, October 25, 2016Start Time: 9:00 a.m. US-Pacific/ 12:00 p.m. US-Eastern/ 5:00 p.m. London
09/27/2016 Security Architecture & Network Situational Awareness
![Page 40: Security Architecture & Network Situational Awareness · Security Architecture & Network ... Firewall, Intrusion Prevention System, ... • Patch Management • Cloud Security Controls](https://reader031.fdocuments.net/reader031/viewer/2022020108/5b14c2817f8b9a4e2c8ba82a/html5/thumbnails/40.jpg)
A recording of the conference and a link to the survey to get CPE credit for attending the August ISSA International Web Conference will soon be available at: http://www.issa.org/page/September2016
If you or your company are interested in becoming a sponsor for the monthly ISSA International Web Conferences, please visit: https://www.issa.org/?page=BecomeASponsor
Web Conference Survey
09/27/2016 Security Architecture & Network Situational Awareness