SlideShare une entreprise Scribd logo

Retail Security: Closing the Threat Gap

Télécharger en tant que PPTX, PDF
Tripwire
Tripwire

Retail data breaches can have a serious impact on profitability and the costs of a cybersecurity incident may impact the C-Suite as well as consumer trust. Tripwire’s chief technology officer Dwayne Melançon (@ThatDwayne) and vice president of security products at IDC Charles Kolodgy (@ckolodgy_idc) discuss the current retail cyber threat landscape with a focus on strategies to mitigate the cybersecurity risks and reduce the costs of potential security breaches, including: - How to identify the early stages of a data breach - Why point-of-sale and other business-critical systems require a different approach to data security - How retailers can use the Top 20 Critical Security Controls to make businesses ‘unattractive’ to cybercriminals - Qualified attendees will earn one CPE credit for participation in this webcast A recording of the webcast that accompanies this slide deck can be found here: http://www.tripwire.com/register/retail-security-closing-the-threat-gap/

Technologie
1  sur  55
Retail Security: Closing the Threat Gap WITH CHARLES KOLODGY, RESEARCH VICE PRESIDENT, SECURITY PRODUCTS, IDC AND DWAYNE MELANÇON, CTO, TRIPWIRE
Charles Kolodgy Research VP Security Products
© IDC Visit us at IDC.com and follow us on Twitter: @IDC
© IDC Visit us at IDC.com and follow us on Twitter: @IDC
© IDC Visit us at IDC.com and follow us on Twitter: @IDC
© IDC Visit us at IDC.com and follow us on Twitter: @IDC Source: The Checkout Technology Industry Explored — the United States IDC #RI244627
• PoS systems are a huge investment • Platform to increase store staff efficiency, productivity, and workflow • Modern POS systems will generate customer data for: > Demand intelligence > Merchandising > Pricing > Loyalty processes • Integrated within IT infrastructure to provide cloud resources at the platform, and application levels. © IDC Visit us at IDC.com and follow us on Twitter: @IDC Source: The Checkout Technology Industry Explored — the United States IDC #RI244627 Modern POS systems are complicated, important to business operations, and are tied into the IT environment.
© IDC Visit us at IDC.com and follow us on Twitter: @IDC
© IDC Visit us at IDC.com and follow us on Twitter: @IDC
© IDC Visit us at IDC.com and follow us on Twitter: @IDC
Know your Adversary: “Bad guys can’t be deterred but competitors can” © IDC Visit us at IDC.com and follow us on Twitter: @IDC
© IDC Visit us at IDC.com and follow us on Twitter: @IDC
ftp/443 Patience: Attack Cycle can take weeks or months
© IDC Visit us at IDC.com and follow us on Twitter: @IDC Source: Verizon 2014 Data Breach Investigations Report
© IDC Visit us at IDC.com and follow us on Twitter: @IDC
© IDC Visit us at IDC.com and follow us on Twitter: @IDC Recon Weaponize Deliver Exploit Control Execute Maintain
© IDC Visit us at IDC.com and follow us on Twitter: @IDC Detect Contain Eradicate Recover Network security logs are ignored Alert from IPS that malware being installed is missed Attacker penetrates network from supplier Attacker uses lack of segmentation to traverse the network to sensitive areas Lack of IAM monitoring allows credential escalation Signals of Data Exfiltration are not monitored
© IDC Visit us at IDC.com and follow us on Twitter: @IDC
© IDC Visit us at IDC.com and follow us on Twitter: @IDC
© IDC Visit us at IDC.com and follow us on Twitter: @IDC
© IDC Visit us at IDC.com and follow us on Twitter: @IDC 2 • Draw data-driven conclusions which are defensible • Prioritize remediation based on exploitability and business impact,not just vulnerability • Establish quantifiable measurement with which to remediate risks Prioritization 1 • Inventory all systems and networks • Continuously monitor system state to identify those no longer in a “good state” • Drive awareness, action and accountability with targeted metrics that tie to business goals Visibility 3 • Automate assessment and remediation lifecycle to minimize likelihood of loss • Facilitate continual assessments for better data accuracy • Convey impact of IT risk in business- relevant terms Automation
© IDC Visit us at IDC.com and follow us on Twitter: @IDC
DELIVERING ADVANCED CYBERTHREAT SECURITY
The Retail Security Challenge • Retailers are prime targets for cybercriminals • Defensive measures to stop cyber attacks are not enough • Retailers need the capability to detect attacks early to minimize loss • Customer trust and brand equity is at stake
DETECTION GAP RESPONSE GAP PREVENTION GAP
DETECTION GAP RESPONSE GAP PREVENTION GAP
DETECTION GAP RESPONSE GAP PREVENTION GAP
DETECTION GAP RESPONSE GAP PREVENTION GAP
DETECTION GAP RESPONSE GAP PREVENTION GAP
Threat Detection Gap • Are we prioritizing the high-risk breach alerts for critical assets amongst thousands of them? • Are there other events of interest or risky changes to business critical systems? • Are these actionable high-confidence alerts from my “trusted security source”? • Are we able to drill-down for root-cause analysis and forensics? • Do we have Threat Intelligence to understand the nature and severity of the breach alerts? DETECTION GAP
Threat Response Gap • What are all the affected systems, POS, servers, network devices, operating systems, databases, file systems, desktops etc.? • What changed? • When? • By whom - authorized/unauthorized? • What systems can we trust and what systems are compromised? • Do we have control? Can we revert to the “good” baseline? • Do we have policies, resources and tools to revert to a trusted production state? RESPONSE GAP
Threat Prevention Gap • Do we have full coverage? • Do we know which are our most business-critical assets? • Secure management sponsorship and set key system integrity indicators • Is our continuous monitoring and threat detection process reducing our threat gaps • Finally, evolve to new best security practices for our context – industry, region, size, type, legal requirements, etc. PREVENTION GAP
®
®
Applications Databases
Applications Databases Key Threat Indicators
Cyber Attackers - Activity Threat Indicator Account credentials created outside standard processes Active Directory Changes Local Admin Accounts Malware injected on POS system File System Change Traffic to C&C server Credit card data skimmed from memory and written to a temporary file File System Change Credit card data moved to exfiltration server Unusual network activity Rogue services running on server A unauthorized device accesses the network Rogue device detected Unusual network activity Man In The Middle attack ARP Cache poisoning Hiding tracks / obscuring evidence Logging disabled Log data altered Hiding data from traditional tools Data in alternate data streams Elevation of privileges, obscuring identity Use of su / sudo to change user accounts Inbound exploit destined for a vulnerable system Traffic with known payload Vulnerability present on target system
Cyber Attackers - Activity Threat Indicator Account credentials created outside standard processes Active Directory Changes Local Admin Accounts Malware injected on POS system File System Change Traffic to C&C server Credit card data skimmed from memory and written to a temporary file File System Change Credit card data moved to exfiltration server Unusual network activity Rogue services running on server A unauthorized device accesses the network Rogue device detected Unusual network activity Man In The Middle attack ARP Cache poisoning Hiding tracks / obscuring evidence Logging disabled Log data altered Hiding data from traditional tools Data in alternate data streams Elevation of privileges, obscuring identity Use of su / sudo to change user accounts Inbound exploit destined for a vulnerable system Traffic with known payload Vulnerability present on target system
Tripwire Reporting & Analytics APT / MPS SIEM Big Data/Security Analytics Threat Intelligence
DETECTION GAP RESPONSE GAP PREVENTION GAP DETECTION GAP RESPONSE GAP PREVENTION GAP  Real-time detection of suspicious behavior  Forward events of interest to focus and enrich analysis & correlation
DETECTION GAP RESPONSE GAP PREVENTION GAP DETECTION GAP RESPONSE GAP PREVENTION GAP  Real-time detection of suspicious behavior  Forward events of interest to focus and enrich analysis & correlation  Prioritize based on business context  Identify compromise by comparison against baseline  Support forensic & incident response
DETECTION GAP RESPONSE GAP PREVENTION GAP DETECTION GAP RESPONSE GAP PREVENTION GAP  Discover & profile all IT infrastructure  Minimize vulnerabilities and harden configurations to reduce threat surface  Real-time detection of suspicious behavior  Forward events of interest to focus and enrich analysis & correlation  Prioritize based on business context  Identify compromise by comparison against baseline  Support forensic & incident response
DELIVERING ADVANCED CYBERTHREAT SECURITY FOR CRITICAL SYSTEMS TO DETECT, PREVENT AND RESPOND TO ENTERPRISE THREATS
Retail Security: Closing the Threat Gap

Recommandé

Retail security-services--client-presentation
Retail security-services--client-presentationRetail security-services--client-presentation
Retail security-services--client-presentationJoseph Schorr
 
A case for Managed Detection and Response
A case for Managed Detection and ResponseA case for Managed Detection and Response
A case for Managed Detection and ResponseDigital Transformation EXPO Event Series
 
Data Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify ItData Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify ItMarc Crudgington, MBA
 
Pivotal Data Lake Architecture & its role in security analytics
Pivotal Data Lake Architecture & its role in security analyticsPivotal Data Lake Architecture & its role in security analytics
Pivotal Data Lake Architecture & its role in security analyticsEMC
 
RSA: Security Analytics Architecture for APT
RSA: Security Analytics Architecture for APTRSA: Security Analytics Architecture for APT
RSA: Security Analytics Architecture for APTLee Wei Yeong
 
INFRAGARD 2014: Back to basics security
INFRAGARD 2014: Back to basics securityINFRAGARD 2014: Back to basics security
INFRAGARD 2014: Back to basics securityJoel Cardella
 
Happiest Minds Technologies- ComplianceVigil Solution Overview
Happiest Minds Technologies- ComplianceVigil Solution OverviewHappiest Minds Technologies- ComplianceVigil Solution Overview
Happiest Minds Technologies- ComplianceVigil Solution OverviewHappiest Minds Technologies
 
Next generation security analytics
Next generation security analyticsNext generation security analytics
Next generation security analyticsChristian Have
 

Recommandé

Retail security-services--client-presentation
Retail security-services--client-presentationRetail security-services--client-presentation
Retail security-services--client-presentationJoseph Schorr
 
A case for Managed Detection and Response
A case for Managed Detection and ResponseA case for Managed Detection and Response
A case for Managed Detection and ResponseDigital Transformation EXPO Event Series
 
Data Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify ItData Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify ItMarc Crudgington, MBA
 
Pivotal Data Lake Architecture & its role in security analytics
Pivotal Data Lake Architecture & its role in security analyticsPivotal Data Lake Architecture & its role in security analytics
Pivotal Data Lake Architecture & its role in security analyticsEMC
 
RSA: Security Analytics Architecture for APT
RSA: Security Analytics Architecture for APTRSA: Security Analytics Architecture for APT
RSA: Security Analytics Architecture for APTLee Wei Yeong
 
INFRAGARD 2014: Back to basics security
INFRAGARD 2014: Back to basics securityINFRAGARD 2014: Back to basics security
INFRAGARD 2014: Back to basics securityJoel Cardella
 
Happiest Minds Technologies- ComplianceVigil Solution Overview
Happiest Minds Technologies- ComplianceVigil Solution OverviewHappiest Minds Technologies- ComplianceVigil Solution Overview
Happiest Minds Technologies- ComplianceVigil Solution OverviewHappiest Minds Technologies
 
Next generation security analytics
Next generation security analyticsNext generation security analytics
Next generation security analyticsChristian Have
 
Security assessment with a hint of CISSP Prep
Security assessment with a hint of CISSP PrepSecurity assessment with a hint of CISSP Prep
Security assessment with a hint of CISSP PrepEnterpriseGRC Solutions, Inc.
 
Strategy considerations for building a security operations center
Strategy considerations for building a security operations centerStrategy considerations for building a security operations center
Strategy considerations for building a security operations centerCMR WORLD TECH
 
MT 68 Hunting for the Threat: When You Don’t Know If You’ve Been Breached
MT 68 Hunting for the Threat: When You Don’t Know If You’ve Been Breached MT 68 Hunting for the Threat: When You Don’t Know If You’ve Been Breached
MT 68 Hunting for the Threat: When You Don’t Know If You’ve Been Breached Dell EMC World
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation CenterS.E. CTS CERT-GOV-MD
 
Ht t17
Ht t17Ht t17
Ht t17SelectedPresentations
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRIZivaro Inc
 
Lisa Guess - Embracing the Cloud
Lisa Guess - Embracing the CloudLisa Guess - Embracing the Cloud
Lisa Guess - Embracing the Cloudcentralohioissa
 
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0Happiest Minds Technologies
 
Insider threat kill chain
Insider threat kill chainInsider threat kill chain
Insider threat kill chainTarun Gupta,CRISC CISSP CISM CISA BCCE
 
Endpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesEndpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesLiberteks
 
Vulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyVulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyNandita Nityanandam
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)Ahmad Haghighi
 
MT74 - Is Your Tech Support Keeping Up with Your Instr Tech
MT74 - Is Your Tech Support Keeping Up with Your Instr TechMT74 - Is Your Tech Support Keeping Up with Your Instr Tech
MT74 - Is Your Tech Support Keeping Up with Your Instr TechDell EMC World
 
Incident Response in the age of Nation State Cyber Attacks
Incident Response in the age of Nation State Cyber AttacksIncident Response in the age of Nation State Cyber Attacks
Incident Response in the age of Nation State Cyber AttacksResilient Systems
 
Insider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziInsider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziKashif Semple
 
Security Outsourcing - Couples Counseling - Atif Ghauri
Security Outsourcing - Couples Counseling - Atif GhauriSecurity Outsourcing - Couples Counseling - Atif Ghauri
Security Outsourcing - Couples Counseling - Atif GhauriAtif Ghauri
 
Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Identifying Effective Endpoint Detection and Response Platforms (EDRP)Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Identifying Effective Endpoint Detection and Response Platforms (EDRP)Enterprise Management Associates
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNcentralohioissa
 
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case StudyWhat We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case StudyPriyanka Aash
 
DLP
DLPDLP
DLPsaurabh.sood
 
Federal Webinar: Best Practices and Tools for Reducing Insider Threats
Federal Webinar: Best Practices and Tools for Reducing Insider ThreatsFederal Webinar: Best Practices and Tools for Reducing Insider Threats
Federal Webinar: Best Practices and Tools for Reducing Insider ThreatsSolarWinds
 
Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Decisions
 

Contenu connexe

Tendances

Strategy considerations for building a security operations center
Strategy considerations for building a security operations centerStrategy considerations for building a security operations center
Strategy considerations for building a security operations centerCMR WORLD TECH
 
MT 68 Hunting for the Threat: When You Don’t Know If You’ve Been Breached
MT 68 Hunting for the Threat: When You Don’t Know If You’ve Been Breached MT 68 Hunting for the Threat: When You Don’t Know If You’ve Been Breached
MT 68 Hunting for the Threat: When You Don’t Know If You’ve Been Breached Dell EMC World
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation CenterS.E. CTS CERT-GOV-MD
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRIZivaro Inc
 
Lisa Guess - Embracing the Cloud
Lisa Guess - Embracing the CloudLisa Guess - Embracing the Cloud
Lisa Guess - Embracing the Cloudcentralohioissa
 
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0Happiest Minds Technologies
 
Endpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesEndpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesLiberteks
 
Vulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyVulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyNandita Nityanandam
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)Ahmad Haghighi
 
MT74 - Is Your Tech Support Keeping Up with Your Instr Tech
MT74 - Is Your Tech Support Keeping Up with Your Instr TechMT74 - Is Your Tech Support Keeping Up with Your Instr Tech
MT74 - Is Your Tech Support Keeping Up with Your Instr TechDell EMC World
 
Incident Response in the age of Nation State Cyber Attacks
Incident Response in the age of Nation State Cyber AttacksIncident Response in the age of Nation State Cyber Attacks
Incident Response in the age of Nation State Cyber AttacksResilient Systems
 
Insider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziInsider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziKashif Semple
 
Security Outsourcing - Couples Counseling - Atif Ghauri
Security Outsourcing - Couples Counseling - Atif GhauriSecurity Outsourcing - Couples Counseling - Atif Ghauri
Security Outsourcing - Couples Counseling - Atif GhauriAtif Ghauri
 
Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Identifying Effective Endpoint Detection and Response Platforms (EDRP)Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Identifying Effective Endpoint Detection and Response Platforms (EDRP)Enterprise Management Associates
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNcentralohioissa
 
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case StudyWhat We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case StudyPriyanka Aash
 

Tendances (20)

Security assessment with a hint of CISSP Prep
Security assessment with a hint of CISSP PrepSecurity assessment with a hint of CISSP Prep
Security assessment with a hint of CISSP Prep
 
Strategy considerations for building a security operations center
Strategy considerations for building a security operations centerStrategy considerations for building a security operations center
Strategy considerations for building a security operations center
 
MT 68 Hunting for the Threat: When You Don’t Know If You’ve Been Breached
MT 68 Hunting for the Threat: When You Don’t Know If You’ve Been Breached MT 68 Hunting for the Threat: When You Don’t Know If You’ve Been Breached
MT 68 Hunting for the Threat: When You Don’t Know If You’ve Been Breached
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation Center
 
Ht t17
Ht t17Ht t17
Ht t17
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRI
 
Lisa Guess - Embracing the Cloud
Lisa Guess - Embracing the CloudLisa Guess - Embracing the Cloud
Lisa Guess - Embracing the Cloud
 
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
AUTOMATING CYBER RISK DETECTION AND PROTECTION WITH SOC 2.0
 
Insider threat kill chain
Insider threat kill chainInsider threat kill chain
Insider threat kill chain
 
Endpoint Detection and Response for Dummies
Endpoint Detection and Response for DummiesEndpoint Detection and Response for Dummies
Endpoint Detection and Response for Dummies
 
Vulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyVulnerability Testing Services Case Study
Vulnerability Testing Services Case Study
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
 
MT74 - Is Your Tech Support Keeping Up with Your Instr Tech
MT74 - Is Your Tech Support Keeping Up with Your Instr TechMT74 - Is Your Tech Support Keeping Up with Your Instr Tech
MT74 - Is Your Tech Support Keeping Up with Your Instr Tech
 
Incident Response in the age of Nation State Cyber Attacks
Incident Response in the age of Nation State Cyber AttacksIncident Response in the age of Nation State Cyber Attacks
Incident Response in the age of Nation State Cyber Attacks
 
Insider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint PreziInsider Threat Final Powerpoint Prezi
Insider Threat Final Powerpoint Prezi
 
Security Outsourcing - Couples Counseling - Atif Ghauri
Security Outsourcing - Couples Counseling - Atif GhauriSecurity Outsourcing - Couples Counseling - Atif Ghauri
Security Outsourcing - Couples Counseling - Atif Ghauri
 
Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Identifying Effective Endpoint Detection and Response Platforms (EDRP)Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Identifying Effective Endpoint Detection and Response Platforms (EDRP)
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
 
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case StudyWhat We’ve Learned Building a Cyber Security Operation Center: du Case Study
What We’ve Learned Building a Cyber Security Operation Center: du Case Study
 
DLP
DLPDLP
DLP
 

Similaire à Retail Security: Closing the Threat Gap

Federal Webinar: Best Practices and Tools for Reducing Insider Threats
Federal Webinar: Best Practices and Tools for Reducing Insider ThreatsFederal Webinar: Best Practices and Tools for Reducing Insider Threats
Federal Webinar: Best Practices and Tools for Reducing Insider ThreatsSolarWinds
 
Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Decisions
 
CyberKnight capabilties
CyberKnight capabiltiesCyberKnight capabilties
CyberKnight capabiltiesSneha .
 
Cyberteq - Cyber Security for Telecom.pdf
Cyberteq - Cyber Security for Telecom.pdfCyberteq - Cyber Security for Telecom.pdf
Cyberteq - Cyber Security for Telecom.pdfssuser8717cc
 
Microsoft Avanced Threat Analytics
Microsoft Avanced Threat AnalyticsMicrosoft Avanced Threat Analytics
Microsoft Avanced Threat AnalyticsAdeo Security
 
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...SolarWinds
 
Simplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMSimplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMAlienVault
 
Scalar Security Roadshow: Toronto Presentation - April 15, 2015
Scalar Security Roadshow: Toronto Presentation - April 15, 2015Scalar Security Roadshow: Toronto Presentation - April 15, 2015
Scalar Security Roadshow: Toronto Presentation - April 15, 2015Scalar Decisions
 
Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security Ernest Staats
 
Security & control in mis
Security & control in misSecurity & control in mis
Security & control in misVishal Patyal
 
IM Unit 4 Security and its a control.ppt
IM Unit 4 Security and its a control.pptIM Unit 4 Security and its a control.ppt
IM Unit 4 Security and its a control.pptRAJESH S
 
Digitalstakeout Scout Overview
Digitalstakeout Scout OverviewDigitalstakeout Scout Overview
Digitalstakeout Scout OverviewDigitalStakeout
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)Norm Barber
 
5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management ProgramTripwire
 
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskThe Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskBeyondTrust
 
Using Threat Intelligence to Address Your Growing Digital Risk
Using Threat Intelligence to Address Your Growing Digital RiskUsing Threat Intelligence to Address Your Growing Digital Risk
Using Threat Intelligence to Address Your Growing Digital RiskSurfWatch Labs
 
IBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter MostIBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter MostPrecisely
 

Similaire à Retail Security: Closing the Threat Gap (20)

Federal Webinar: Best Practices and Tools for Reducing Insider Threats
Federal Webinar: Best Practices and Tools for Reducing Insider ThreatsFederal Webinar: Best Practices and Tools for Reducing Insider Threats
Federal Webinar: Best Practices and Tools for Reducing Insider Threats
 
Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015
 
Security and Control.ppt
Security and Control.pptSecurity and Control.ppt
Security and Control.ppt
 
CSO CXO Series Breakfast
CSO CXO Series BreakfastCSO CXO Series Breakfast
CSO CXO Series Breakfast
 
CyberKnight capabilties
CyberKnight capabiltiesCyberKnight capabilties
CyberKnight capabilties
 
Cyberteq - Cyber Security for Telecom.pdf
Cyberteq - Cyber Security for Telecom.pdfCyberteq - Cyber Security for Telecom.pdf
Cyberteq - Cyber Security for Telecom.pdf
 
Microsoft Avanced Threat Analytics
Microsoft Avanced Threat AnalyticsMicrosoft Avanced Threat Analytics
Microsoft Avanced Threat Analytics
 
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
Government and Education Webinar: How to Reduce Vulnerabilities and Harden yo...
 
Simplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USMSimplify PCI DSS Compliance with AlienVault USM
Simplify PCI DSS Compliance with AlienVault USM
 
Scalar Security Roadshow: Toronto Presentation - April 15, 2015
Scalar Security Roadshow: Toronto Presentation - April 15, 2015Scalar Security Roadshow: Toronto Presentation - April 15, 2015
Scalar Security Roadshow: Toronto Presentation - April 15, 2015
 
Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security Risk Management Approach to Cyber Security
Risk Management Approach to Cyber Security
 
Security & control in mis
Security & control in misSecurity & control in mis
Security & control in mis
 
IM Unit 4 Security and its a control.ppt
IM Unit 4 Security and its a control.pptIM Unit 4 Security and its a control.ppt
IM Unit 4 Security and its a control.ppt
 
Digitalstakeout Scout Overview
Digitalstakeout Scout OverviewDigitalstakeout Scout Overview
Digitalstakeout Scout Overview
 
Cyberlink Deck
Cyberlink DeckCyberlink Deck
Cyberlink Deck
 
SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)SAM05_Barber PW (7-9-15)
SAM05_Barber PW (7-9-15)
 
5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program5 Steps to an Effective Vulnerability Management Program
5 Steps to an Effective Vulnerability Management Program
 
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskThe Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
 
Using Threat Intelligence to Address Your Growing Digital Risk
Using Threat Intelligence to Address Your Growing Digital RiskUsing Threat Intelligence to Address Your Growing Digital Risk
Using Threat Intelligence to Address Your Growing Digital Risk
 
IBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter MostIBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter Most
 

Plus de Tripwire

Mind the Cybersecurity Gap - Why Compliance Isn't Enough
Mind the Cybersecurity Gap - Why Compliance Isn't EnoughMind the Cybersecurity Gap - Why Compliance Isn't Enough
Mind the Cybersecurity Gap - Why Compliance Isn't EnoughTripwire
 
Data Privacy Day 2022: Tips to Ensure Data Privacy
Data Privacy Day 2022: Tips to Ensure Data PrivacyData Privacy Day 2022: Tips to Ensure Data Privacy
Data Privacy Day 2022: Tips to Ensure Data PrivacyTripwire
 
Key Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsKey Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsTripwire
 
Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire
 
Tripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire
 
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through Tripwire
 
Tripwire Energy Working Group: Customer Session with Chase Cole
Tripwire Energy Working Group: Customer Session with Chase ColeTripwire Energy Working Group: Customer Session with Chase Cole
Tripwire Energy Working Group: Customer Session with Chase ColeTripwire
 
Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire
 
World Book Day: Cybersecurity’s Quietest Celebration
World Book Day: Cybersecurity’s Quietest CelebrationWorld Book Day: Cybersecurity’s Quietest Celebration
World Book Day: Cybersecurity’s Quietest CelebrationTripwire
 
Tripwire Retail Security 2020 Survey: Key Findings
Tripwire Retail Security 2020 Survey: Key FindingsTripwire Retail Security 2020 Survey: Key Findings
Tripwire Retail Security 2020 Survey: Key FindingsTripwire
 
Key Findings: Tripwire COVID-19 Cybersecurity Impact Report
Key Findings: Tripwire COVID-19 Cybersecurity Impact ReportKey Findings: Tripwire COVID-19 Cybersecurity Impact Report
Key Findings: Tripwire COVID-19 Cybersecurity Impact ReportTripwire
 
The Adventures of Captain Tripwire: Coloring Book!
The Adventures of Captain Tripwire: Coloring Book!The Adventures of Captain Tripwire: Coloring Book!
The Adventures of Captain Tripwire: Coloring Book!Tripwire
 
Industrial Cybersecurity: Practical Tips for IT & OT Collaboration
Industrial Cybersecurity: Practical Tips for IT & OT CollaborationIndustrial Cybersecurity: Practical Tips for IT & OT Collaboration
Industrial Cybersecurity: Practical Tips for IT & OT CollaborationTripwire
 
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...Tripwire
 
Tripwire 2019 Skills Gap Survey: Key Findings
Tripwire 2019 Skills Gap Survey: Key FindingsTripwire 2019 Skills Gap Survey: Key Findings
Tripwire 2019 Skills Gap Survey: Key FindingsTripwire
 
A Look Back at 2018: The Most Memorable Cyber Moments
A Look Back at 2018: The Most Memorable Cyber MomentsA Look Back at 2018: The Most Memorable Cyber Moments
A Look Back at 2018: The Most Memorable Cyber MomentsTripwire
 
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTime for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTripwire
 
Tripwire State of Cyber Hygiene 2018 Report: Key Findings
Tripwire State of Cyber Hygiene 2018 Report: Key FindingsTripwire State of Cyber Hygiene 2018 Report: Key Findings
Tripwire State of Cyber Hygiene 2018 Report: Key FindingsTripwire
 
Defend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK FrameworkDefend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK FrameworkTripwire
 
Defending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksDefending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksTripwire
 

Plus de Tripwire (20)

Mind the Cybersecurity Gap - Why Compliance Isn't Enough
Mind the Cybersecurity Gap - Why Compliance Isn't EnoughMind the Cybersecurity Gap - Why Compliance Isn't Enough
Mind the Cybersecurity Gap - Why Compliance Isn't Enough
 
Data Privacy Day 2022: Tips to Ensure Data Privacy
Data Privacy Day 2022: Tips to Ensure Data PrivacyData Privacy Day 2022: Tips to Ensure Data Privacy
Data Privacy Day 2022: Tips to Ensure Data Privacy
 
Key Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsKey Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The Experts
 
Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo
 
Tripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale Peterson
 
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
 
Tripwire Energy Working Group: Customer Session with Chase Cole
Tripwire Energy Working Group: Customer Session with Chase ColeTripwire Energy Working Group: Customer Session with Chase Cole
Tripwire Energy Working Group: Customer Session with Chase Cole
 
Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller
 
World Book Day: Cybersecurity’s Quietest Celebration
World Book Day: Cybersecurity’s Quietest CelebrationWorld Book Day: Cybersecurity’s Quietest Celebration
World Book Day: Cybersecurity’s Quietest Celebration
 
Tripwire Retail Security 2020 Survey: Key Findings
Tripwire Retail Security 2020 Survey: Key FindingsTripwire Retail Security 2020 Survey: Key Findings
Tripwire Retail Security 2020 Survey: Key Findings
 
Key Findings: Tripwire COVID-19 Cybersecurity Impact Report
Key Findings: Tripwire COVID-19 Cybersecurity Impact ReportKey Findings: Tripwire COVID-19 Cybersecurity Impact Report
Key Findings: Tripwire COVID-19 Cybersecurity Impact Report
 
The Adventures of Captain Tripwire: Coloring Book!
The Adventures of Captain Tripwire: Coloring Book!The Adventures of Captain Tripwire: Coloring Book!
The Adventures of Captain Tripwire: Coloring Book!
 
Industrial Cybersecurity: Practical Tips for IT & OT Collaboration
Industrial Cybersecurity: Practical Tips for IT & OT CollaborationIndustrial Cybersecurity: Practical Tips for IT & OT Collaboration
Industrial Cybersecurity: Practical Tips for IT & OT Collaboration
 
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
 
Tripwire 2019 Skills Gap Survey: Key Findings
Tripwire 2019 Skills Gap Survey: Key FindingsTripwire 2019 Skills Gap Survey: Key Findings
Tripwire 2019 Skills Gap Survey: Key Findings
 
A Look Back at 2018: The Most Memorable Cyber Moments
A Look Back at 2018: The Most Memorable Cyber MomentsA Look Back at 2018: The Most Memorable Cyber Moments
A Look Back at 2018: The Most Memorable Cyber Moments
 
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTime for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
 
Tripwire State of Cyber Hygiene 2018 Report: Key Findings
Tripwire State of Cyber Hygiene 2018 Report: Key FindingsTripwire State of Cyber Hygiene 2018 Report: Key Findings
Tripwire State of Cyber Hygiene 2018 Report: Key Findings
 
Defend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK FrameworkDefend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK Framework
 
Defending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksDefending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber Attacks
 

Dernier

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdfChristopherTHyatt
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 

Dernier (20)

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 

Retail Security: Closing the Threat Gap

  • 1. Retail Security: Closing the Threat Gap WITH CHARLES KOLODGY, RESEARCH VICE PRESIDENT, SECURITY PRODUCTS, IDC AND DWAYNE MELANÇON, CTO, TRIPWIRE
  • 3.
  • 4. © IDC Visit us at IDC.com and follow us on Twitter: @IDC
  • 5. © IDC Visit us at IDC.com and follow us on Twitter: @IDC
  • 6. © IDC Visit us at IDC.com and follow us on Twitter: @IDC
  • 7. © IDC Visit us at IDC.com and follow us on Twitter: @IDC Source: The Checkout Technology Industry Explored — the United States IDC #RI244627
  • 8. • PoS systems are a huge investment • Platform to increase store staff efficiency, productivity, and workflow • Modern POS systems will generate customer data for: > Demand intelligence > Merchandising > Pricing > Loyalty processes • Integrated within IT infrastructure to provide cloud resources at the platform, and application levels. © IDC Visit us at IDC.com and follow us on Twitter: @IDC Source: The Checkout Technology Industry Explored — the United States IDC #RI244627 Modern POS systems are complicated, important to business operations, and are tied into the IT environment.
  • 9. © IDC Visit us at IDC.com and follow us on Twitter: @IDC
  • 10. © IDC Visit us at IDC.com and follow us on Twitter: @IDC
  • 11. © IDC Visit us at IDC.com and follow us on Twitter: @IDC
  • 12. Know your Adversary: “Bad guys can’t be deterred but competitors can” © IDC Visit us at IDC.com and follow us on Twitter: @IDC
  • 13. © IDC Visit us at IDC.com and follow us on Twitter: @IDC
  • 14. ftp/443 Patience: Attack Cycle can take weeks or months
  • 15. © IDC Visit us at IDC.com and follow us on Twitter: @IDC Source: Verizon 2014 Data Breach Investigations Report
  • 16. © IDC Visit us at IDC.com and follow us on Twitter: @IDC
  • 17. © IDC Visit us at IDC.com and follow us on Twitter: @IDC Recon Weaponize Deliver Exploit Control Execute Maintain
  • 18. © IDC Visit us at IDC.com and follow us on Twitter: @IDC Detect Contain Eradicate Recover Network security logs are ignored Alert from IPS that malware being installed is missed Attacker penetrates network from supplier Attacker uses lack of segmentation to traverse the network to sensitive areas Lack of IAM monitoring allows credential escalation Signals of Data Exfiltration are not monitored
  • 19. © IDC Visit us at IDC.com and follow us on Twitter: @IDC
  • 20. © IDC Visit us at IDC.com and follow us on Twitter: @IDC
  • 21. © IDC Visit us at IDC.com and follow us on Twitter: @IDC
  • 22. © IDC Visit us at IDC.com and follow us on Twitter: @IDC 2 • Draw data-driven conclusions which are defensible • Prioritize remediation based on exploitability and business impact,not just vulnerability • Establish quantifiable measurement with which to remediate risks Prioritization 1 • Inventory all systems and networks • Continuously monitor system state to identify those no longer in a “good state” • Drive awareness, action and accountability with targeted metrics that tie to business goals Visibility 3 • Automate assessment and remediation lifecycle to minimize likelihood of loss • Facilitate continual assessments for better data accuracy • Convey impact of IT risk in business- relevant terms Automation
  • 23. © IDC Visit us at IDC.com and follow us on Twitter: @IDC
  • 25. The Retail Security Challenge • Retailers are prime targets for cybercriminals • Defensive measures to stop cyber attacks are not enough • Retailers need the capability to detect attacks early to minimize loss • Customer trust and brand equity is at stake
  • 31. Threat Detection Gap • Are we prioritizing the high-risk breach alerts for critical assets amongst thousands of them? • Are there other events of interest or risky changes to business critical systems? • Are these actionable high-confidence alerts from my “trusted security source”? • Are we able to drill-down for root-cause analysis and forensics? • Do we have Threat Intelligence to understand the nature and severity of the breach alerts? DETECTION GAP
  • 32. Threat Response Gap • What are all the affected systems, POS, servers, network devices, operating systems, databases, file systems, desktops etc.? • What changed? • When? • By whom - authorized/unauthorized? • What systems can we trust and what systems are compromised? • Do we have control? Can we revert to the “good” baseline? • Do we have policies, resources and tools to revert to a trusted production state? RESPONSE GAP
  • 33. Threat Prevention Gap • Do we have full coverage? • Do we know which are our most business-critical assets? • Secure management sponsorship and set key system integrity indicators • Is our continuous monitoring and threat detection process reducing our threat gaps • Finally, evolve to new best security practices for our context – industry, region, size, type, legal requirements, etc. PREVENTION GAP
  • 34. ®
  • 35. ®
  • 38. Cyber Attackers - Activity Threat Indicator Account credentials created outside standard processes Active Directory Changes Local Admin Accounts Malware injected on POS system File System Change Traffic to C&C server Credit card data skimmed from memory and written to a temporary file File System Change Credit card data moved to exfiltration server Unusual network activity Rogue services running on server A unauthorized device accesses the network Rogue device detected Unusual network activity Man In The Middle attack ARP Cache poisoning Hiding tracks / obscuring evidence Logging disabled Log data altered Hiding data from traditional tools Data in alternate data streams Elevation of privileges, obscuring identity Use of su / sudo to change user accounts Inbound exploit destined for a vulnerable system Traffic with known payload Vulnerability present on target system
  • 39. Cyber Attackers - Activity Threat Indicator Account credentials created outside standard processes Active Directory Changes Local Admin Accounts Malware injected on POS system File System Change Traffic to C&C server Credit card data skimmed from memory and written to a temporary file File System Change Credit card data moved to exfiltration server Unusual network activity Rogue services running on server A unauthorized device accesses the network Rogue device detected Unusual network activity Man In The Middle attack ARP Cache poisoning Hiding tracks / obscuring evidence Logging disabled Log data altered Hiding data from traditional tools Data in alternate data streams Elevation of privileges, obscuring identity Use of su / sudo to change user accounts Inbound exploit destined for a vulnerable system Traffic with known payload Vulnerability present on target system
  • 40.
  • 41.
  • 42.
  • 43.
  • 44.
  • 45.
  • 46.
  • 47.
  • 48.
  • 49.
  • 50. Tripwire Reporting & Analytics APT / MPS SIEM Big Data/Security Analytics Threat Intelligence
  • 51. DETECTION GAP RESPONSE GAP PREVENTION GAP DETECTION GAP RESPONSE GAP PREVENTION GAP  Real-time detection of suspicious behavior  Forward events of interest to focus and enrich analysis & correlation
  • 52. DETECTION GAP RESPONSE GAP PREVENTION GAP DETECTION GAP RESPONSE GAP PREVENTION GAP  Real-time detection of suspicious behavior  Forward events of interest to focus and enrich analysis & correlation  Prioritize based on business context  Identify compromise by comparison against baseline  Support forensic & incident response
  • 53. DETECTION GAP RESPONSE GAP PREVENTION GAP DETECTION GAP RESPONSE GAP PREVENTION GAP  Discover & profile all IT infrastructure  Minimize vulnerabilities and harden configurations to reduce threat surface  Real-time detection of suspicious behavior  Forward events of interest to focus and enrich analysis & correlation  Prioritize based on business context  Identify compromise by comparison against baseline  Support forensic & incident response
  • 54. DELIVERING ADVANCED CYBERTHREAT SECURITY FOR CRITICAL SYSTEMS TO DETECT, PREVENT AND RESPOND TO ENTERPRISE THREATS

Notes de l'éditeur

  1. Copyright IDC. Reproduction is forbidden unless authorized. All rights reserved.
  2. Attacks opportunistic
  3. DELIVERING CYBERTHREAT SECURITY FOR CRITICAL SYSTEMS TO DETECT, PREVENT AND RESPOND TO ENTERPRISE THREATS
  4. Retailers are prime targets for cybercriminals because of the opportunity to steal your customers personal and financial data, POS intrustions are the number one type of breach in the past three years Defensive measures to stop cyber attacks from penetrated the network are not enough, the assumption needs to be that you will be breached it is just a matter of when. Retailer must deploy a layered approach to security, including network perimeter based security, anti-malware and endpoint security for business critical endpoint servers, POS endpoints and desktops Focus must be on detective capability early in the attack life cycle
  5. Retailers need answers to these questions……..quickly How do I know if I have been breached? How can I detect a breach before significant loss has occurred? How do I protect myself so that I am not an attractive cybercrime target? How can I protect the customer data on my POS systems? Are we continuously monitoring all our critical endpoints for early indicators of risk and breach activity? How can I quickly contain my exposure in case of a breach? ------------ This is one of the biggest challenges in enterprise security teams face today--Many times you have heard the phrase in security, “it’s not a matter of if you have been breached, but when”. I would like to add to that, it is also important to identify how long you have been exposed, or simply being able to detect if you have been breached in the first place. The enterprise threat gap is a model that helps us illustrate the amount of time that passes through three critical phases. The detection gap indicates the amount of time it takes to discover an actual compromise and identify it’s scope. The remediation gap indicates the time between that detection and the amount of time it takes to limit the damage. Then we have the preventive gap which is the measure of time it takes to avoid repeated or similar attacks. Transition: Lets talk about the challenges in each of these phases in more detail-- This process allows you to answer three key questions to the business: Have we been breached? How bad is it? Can we avoid this from happening again?
  6. This is one of the biggest challenges in enterprise security teams face today--Many times you have heard the phrase in security, “it’s not a matter of if you have been breached, but when”. I would like to add to that, it is also important to identify how long you have been exposed, or simply being able to detect if you have been breached in the first place. The enterprise threat gap is a model that helps us illustrate the amount of time that passes through three critical phases. The detection gap indicates the amount of time it takes to discover an actual compromise and identify it’s scope. The remediation gap indicates the time between that detection and the amount of time it takes to limit the damage. Then we have the preventive gap which is the measure of time it takes to avoid repeated or similar attacks. Transition: Lets talk about the challenges in each of these phases in more detail-- This process allows you to answer three key questions to the business: Have we been breached? How bad is it? Can we avoid this from happening again?
  7. This is one of the biggest challenges in enterprise security teams face today--Many times you have heard the phrase in security, “it’s not a matter of if you have been breached, but when”. I would like to add to that, it is also important to identify how long you have been exposed, or simply being able to detect if you have been breached in the first place. The enterprise threat gap is a model that helps us illustrate the amount of time that passes through three critical phases. The detection gap indicates the amount of time it takes to discover an actual compromise and identify it’s scope. The remediation gap indicates the time between that detection and the amount of time it takes to limit the damage. Then we have the preventive gap which is the measure of time it takes to avoid repeated or similar attacks. Transition: Lets talk about the challenges in each of these phases in more detail-- This process allows you to answer three key questions to the business: Have we been breached? How bad is it? Can we avoid this from happening again?
  8. This is one of the biggest challenges in enterprise security teams face today--Many times you have heard the phrase in security, “it’s not a matter of if you have been breached, but when”. I would like to add to that, it is also important to identify how long you have been exposed, or simply being able to detect if you have been breached in the first place. The enterprise threat gap is a model that helps us illustrate the amount of time that passes through three critical phases. The detection gap indicates the amount of time it takes to discover an actual compromise and identify it’s scope. The remediation gap indicates the time between that detection and the amount of time it takes to limit the damage. Then we have the preventive gap which is the measure of time it takes to avoid repeated or similar attacks. Transition: Lets talk about the challenges in each of these phases in more detail-- This process allows you to answer three key questions to the business: Have we been breached? How bad is it? Can we avoid this from happening again?
  9. This is one of the biggest challenges in enterprise security teams face today--Many times you have heard the phrase in security, “it’s not a matter of if you have been breached, but when”. I would like to add to that, it is also important to identify how long you have been exposed, or simply being able to detect if you have been breached in the first place. The enterprise threat gap is a model that helps us illustrate the amount of time that passes through three critical phases. The detection gap indicates the amount of time it takes to discover an actual compromise and identify it’s scope. The remediation gap indicates the time between that detection and the amount of time it takes to limit the damage. Then we have the preventive gap which is the measure of time it takes to avoid repeated or similar attacks. Transition: Lets talk about the challenges in each of these phases in more detail-- This process allows you to answer three key questions to the business: Have we been breached? How bad is it? Can we avoid this from happening again?
  10. Do we have full coverage? Are we missing any critical events and alerts? Can we directly watch for “risky changes” to critical system configs and files? Are these actionable high-confidence alerts from my “trusted security source” ? ( false positive and unproven technology issue ) Can we compare current system state(s) with what we expect? ( beyond just alerts/logs ) Are we looking at breach info in real-time, without loss?
  11. What systems can we trust and what systems are compromised? Correlate system state information with other sources for greater accuracy Rank findings and difference based on risk and value Do we have policies, resources and tools to revert to a trusted production state? Remove the suspicious or known malicious assets Remove or reduce access to production systems Change all production credentials Freeze changes, except by core-threat team Finally, Revert to a trusted production state Recreate systems from trusted sources Harden the systems to prevent re-infection or repeat compromises
  12. Should we assess our architecture and policies to reduce the opportunity for future compromise? Establish Policies and Processes – security and configurations Establish baseline and “Good Configuration” Establish hardened security configurations Secure Management Sponsorship and key system integrity indicators Establish “security-metrics” that indicates health of the systems and networks... At department, asset class, location level – in words that the C-level understands Is our continuous monitoring and threat detection process effective? Anchor to a known, trusted standard Detect variance early Isolate and mitigate incidents before loss occurs Understand patterns to better detect anomalies Shorten time to detection Diagnose efficiently & effectively
  13. Full text: Detecting an attack in the Recon and W&D phase is very difficult because attackers have become very good at camouflaging themselves as legitimate traffic Various types of anti-malware products maybe able to detect a breach during the Malicious Action phase, but this is most often late in the attack cycle after a loss has occurred The opportunity for detection is highest during the Exploitation phase when the attacker is making repeated changes to the host/endpoint file system
  14. Full text: Detecting an attack in the Recon and W&D phase is very difficult because attackers have become very good at camouflaging themselves as legitimate traffic Various types of anti-malware products maybe able to detect a breach during the Malicious Action phase, but this is most often late in the attack cycle after a loss has occurred The opportunity for detection is highest during the Exploitation phase when the attacker is making repeated changes to the host/endpoint file system
  15. Early breach detection requires continuous monitoring of all business critical systems including; Servers, network devices, POS systems and desktops. Monitoring of just desktops are not sufficient, focus should also be on systems that contain critical assets like customer data , including in the data center. An example of a critical desktop would be all System Administrators who have user admin access
  16. Early breach detection requires continuous monitoring of all business critical systems including; Servers, network devices, POS systems and desktops. Monitoring of just desktops are not sufficient, focus should also be on systems that contain critical assets like customer data , including in the data center. An example of a critical desktop would be all System Administrators who have user admin access
  17. Example - Monitoring User ID/Log in to look for anomalies o   Ex- user logs into a server that they have never accessed, TE & TLC could detect this and then also monitor exactly what that user did to make a diagnosis if this is indeed a breach or needs investigation ·        Tie POS to the bigger threat picture (correlating changes on a POS system with corporate servers)
  18. Example - Monitoring User ID/Log in to look for anomalies o   Ex- user logs into a server that they have never accessed, TE & TLC could detect this and then also monitor exactly what that user did to make a diagnosis if this is indeed a breach or needs investigation ·        Tie POS to the bigger threat picture (correlating changes on a POS system with corporate servers)
  19. Example - Monitoring User ID/Log in to look for anomalies o   Ex- user logs into a server that they have never accessed, TE & TLC could detect this and then also monitor exactly what that user did to make a diagnosis if this is indeed a breach or needs investigation ·        Tie POS to the bigger threat picture (correlating changes on a POS system with corporate servers)
  20. Example - Monitoring User ID/Log in to look for anomalies o   Ex- user logs into a server that they have never accessed, TE & TLC could detect this and then also monitor exactly what that user did to make a diagnosis if this is indeed a breach or needs investigation ·        Tie POS to the bigger threat picture (correlating changes on a POS system with corporate servers)
  21. Example - Monitoring User ID/Log in to look for anomalies o   Ex- user logs into a server that they have never accessed, TE & TLC could detect this and then also monitor exactly what that user did to make a diagnosis if this is indeed a breach or needs investigation ·        Tie POS to the bigger threat picture (correlating changes on a POS system with corporate servers)
  22. Example - Monitoring User ID/Log in to look for anomalies o   Ex- user logs into a server that they have never accessed, TE & TLC could detect this and then also monitor exactly what that user did to make a diagnosis if this is indeed a breach or needs investigation ·        Tie POS to the bigger threat picture (correlating changes on a POS system with corporate servers)
  23. Example - Monitoring User ID/Log in to look for anomalies o   Ex- user logs into a server that they have never accessed, TE & TLC could detect this and then also monitor exactly what that user did to make a diagnosis if this is indeed a breach or needs investigation ·        Tie POS to the bigger threat picture (correlating changes on a POS system with corporate servers)
  24. Example - Monitoring User ID/Log in to look for anomalies o   Ex- user logs into a server that they have never accessed, TE & TLC could detect this and then also monitor exactly what that user did to make a diagnosis if this is indeed a breach or needs investigation ·        Tie POS to the bigger threat picture (correlating changes on a POS system with corporate servers)
  25. Tripwire core competency is collecting data—challlenge is that humans cannot deal with it Driving Effective Security and Compliance—done on top of a bed of real system state intelligence Driven by VM –big change—vm assessment instantly
  26. Tripwire core competency is collecting data—challlenge is that humans cannot deal with it Driving Effective Security and Compliance—done on top of a bed of real system state intelligence Driven by VM –big change—vm assessment instantly
  27. Tripwire core competency is collecting data—challlenge is that humans cannot deal with it Driving Effective Security and Compliance—done on top of a bed of real system state intelligence Driven by VM –big change—vm assessment instantly
  28. 85% of attacks result from known vulnerabilities
  29. 85% of attacks result from known vulnerabilities
  30. 85% of attacks result from known vulnerabilities
  31. DELIVERING CYBERTHREAT SECURITY FOR CRITICAL SYSTEMS TO DETECT, PREVENT AND RESPOND TO ENTERPRISE THREATS