Every organization is going through a digital transformation journey one way or the other. This transformation process also pops up new vulnerabilities and cyber threats which need to be addressed asap. Let’s discuss the top 5 areas that need urgent attention to stay ahead of the constant evolving cyber threat landscape.
19. User browses to a
website
Phishing
mail
Opens
attachment
Clicks on a URL
+
Exploitation
&
Installation
Command
&
Control
Brute force account or
use stolen account credentials
User account
is compromised
Privileged
account
compromised
Domain
compromised
Attacker accesses
sensitive data
Exfiltrate data
Phishing kill chain -
Attacker
performs
Reconnaissance
28. 3. Cover all bases: Advanced Threat Protection
➢ ‘Defense-in-depth’ versus ‘Cover the kill chain’
➢ Next generation AI & Machine Learning
➢ Contextual Analysis
➢ Behavioural Analytics
➢ …
29. Azure ATPMicrosoft Defender ATP
Identity protectionEnd Point protection
Office 365 ATP
Windows Defender AV
User browses to a
website
Phishing
mail
Opens
attachment
Clicks on a URL
+
Exploitation
&
Installation
Command
&
Control
Brute force account or
use stolen account credentials
User account
is compromised
Attacker
attempts
lateral
movement
Privileged
account
compromised
Domain
compromised
Attacker accesses
sensitive data
Exfiltrate data
Phishing kill chain -
Attacker
performs
Reconnaissance
Next Gen AV
Email protection
Cloud App Security
Extends protection & conditional
access to other cloud apps
Azure AD Identity Protection
Identity protection &
conditional access
30. 4. Disaster Recovery Plan
➢ What if…?
➢ Design & test the disaster recovery plan
➢ Back-up management
➢ Multiple back-up strategy (cloud, on & off site)
32. Accidental Architecture
▪ Routers
▪ Switches
▪ Wireless Access
NETWORK
TEAM
MESSAGING
TEAM
SECURITY
TEAM
OS
TEAM
▪ Firewall
▪ IPS
▪ Web Application
▪ Desktop OS
▪ Antivirus
▪ Mobile Device Mgmt
▪ Email
▪ Instant Messaging
▪ Voice
▪ Unified Communication
Many Isolated teams & shattered knowledge
33. The security resources challenge
Too Few Resources
58% of companies get more than 5,000
alerts per month.
< 500
5%
500 – 1,000 1,001– 5,0005,001– 10,00010,001– 15,000 15,000+
10%
27%
28%
21%
9%
Too Many Alerts
One cyber analyst can handle roughly 10 alerts
per day, on one alert at a time
Security staff spends 80 % of their time in keeping
security tooling up and running, not in analysis…