Beyond the Fortress Network

•Télécharger en tant que PPTX, PDF•

0 j'aime•85 vues

Security in a Cloud World. One of the biggest issues with moving to the cloud is the concern for security. How do we protect our information when it leaves the control of our servers and networks? The good news is that Microsoft has been working hard to provide us with tools that allow us to secure our information no matter where it travels, even outside of our network. Find out Microsoft’s approach to security and what tools we have to ensure our information is safe and secure in a cloud first, mobile first world.

Technologie

Beyond the Fortress
Network
David C. Broussard
Principal Consultant
@dbroussa
Blogs.catapultsystems.com/dbroussard

What are we concerned about again?





Malicious INTERNAL Actor

−
−
−
−

−
−

DELIVERY
Employee A opens infected
email on workstation2
A
Malware
EXPLOITATION
Employee B opens infected
email using mobile device2
BMalware
Infected phone disables
Antivirus; and compromised
credentials used to access
Email service
3Control Evasion
Password/Hash Dumping
3
Threat Actor gather
credentials on
compromised machine
COMMAND AND
CONTROL
Credentials harvested after
Employee attempts login
to bogus site
2
4
Threat Actors move
laterally within network
using compromised
credentials
Compromised Credential
ACTIONS ON
OBJECTIVE
5
Threat Actors use compromised
devices/accounts to exfiltrate PII
48 Hours 200+ Days
PII
Leak/Exfiltrate Data
Threat Actor targets employees
via phishing campaign1
Phishing
3
Compromised credentials
used to access service

Data Loss Prevention and Encryption




Threat Detection and Prevention

−
−
−
−

Tools that you didn’t know you had







http://get.catapultsystems.com/0365-business-registration
http://get.catapultsystems.com/0365-bootcamp-registration-it-track/
@CloudWhisperers
Learn More

Contenu connexe

Tendances

Introduction ethical hacking

Vishal Kumar

History & Future of Credentials Theft

Lavi Lazarovitz

Research Review - Cyberark Labs

Lavi Lazarovitz

Ethical hacking

Vishesh Singhal

As organizations in recent years continue to increase their investment into the advancements of technology to upsurge productivity and efficiently, more and more companies begin to realize that protecting of this technology is just as significant (Information Security), if not; even more important in order to protect their reputation and integrity as a company. This paper provides a comprehensive high-level view of ethical hacking, such as what it is, what it entails, and why companies hack into their own technology. Additionally, counter measures including penetration testing and real-world examples will be examined to give the reader a better understanding of ethical hacking and why it’s such an essential element of Information Security in the Information Systems/Technology field.

Ethical Hacking A high-level information security study on protecting a comp...

Quinnipiac University

Vulnerabilities The larger and more complex information systems are, the greater the possibility of error in logic and loopholes in algorithm. These are weak points that could enable hackers to breach a system and compromise the integrity of information stored. Programmers themselves who are not yet adept in writing software code can unknowingly misuse the code and lead to a vulnerability. A classic example of vulnerabilities that can be exploited is a weak password or its repeated use on various services or software. There are also websites containing malware that installs automatically once visited. Even legitimate software could be a venue for an exploit due to unknown errors (bugs) generated by the program. The end-user or the human element in information systems is arguably the weakest point that hackers easily utilize. 0-day exploits 0-hour or 0-day attack is the exploitation by outside parties of a security hole in a computer program which is unknown from its developers. The term comes from the premise that the attack unfolds on the “day 0, meaning no awareness as of yet from the developers so there is no opportunity and time to issue a fix for the threat. Zero-day exploits are usually shared among hackers even before the developer knew. Programmers could use the vulnerabilities via several avenues: on web browsers and email. Web browsers allow for a wider target. Meanwhile, using email, hackers can send a message that includes an executable file on the attachments, set to run once downloaded. Such 0-day threats are in the time frame where a security hole is exploited up to the time that the program developers issued a patch for it.

Hass and associates cyber security

brn8brwn

Cyber security

colebassett

Ethical Hacking

Mukul Agarwal

PowerPoint Presentation On Ethical Hacking in Brief (Simple)

Shivam Sahu

What are cyber attacks? In simple terms, cyber attacks are attempts of disabling or stealing information from other computers, by gaining access to admin privileges to them. Why should businesses be worried? An average ransomware attack costs a company $5 million. Attackers target all types of businesses, small and large, healthcare, banking & finance, manufacturing, education, even government. The internet has made life a lot easier for business owners, at the same time it has made them easier to get hacked.

8 Types of Cyber Attacks That Can Bother CISOs in 2020

SecPod Technologies

Ethical hacking introduction to ethical hacking

MissStevenson1

Types of Malware (CEH v11)

EC-Council

Introduction to Hacking

Rishabha Garg

Network Security Presentation

Allan Pratt MBA

2011 training presentation

kaspersky-lab

Hacking

VipinYadav257

ethical hacking

samprada123

Cyber Crime and Security

Sanguine_Eva

Cyber security

Sakib Sami

Ethical hacking for information security

Jayanth Vinay

Tendances (20)

Introduction ethical hacking

History & Future of Credentials Theft

Research Review - Cyberark Labs

Ethical hacking

Ethical Hacking A high-level information security study on protecting a comp...

Hass and associates cyber security

Cyber security

Ethical Hacking

PowerPoint Presentation On Ethical Hacking in Brief (Simple)

8 Types of Cyber Attacks That Can Bother CISOs in 2020

Ethical hacking introduction to ethical hacking

Types of Malware (CEH v11)

Introduction to Hacking

Network Security Presentation

2011 training presentation

Hacking

ethical hacking

Cyber Crime and Security

Cyber security

Ethical hacking for information security

Similaire à Beyond the Fortress Network

Select ONE of the following security incidents and provide the following information: 1. A SQL Injection was performed by a hacker, resulting in the loss of PII data. 2. You have discovered a covert leak (exfiltration) of sensitive data to China. 3. Malcious code or malware was reported on multiple users' systems. 4. Remote access for an internal user was compromised - resulting in the loss of PII data. 5. Wireless access. You discovered an "evil twin" access point that resulted in many of your users connecting to the hacker's access point while working with sensitive data. 6. Compromised passwords. You discovered that an attacker used rainbow tables to attack your domain's password file in an offline attack. Assume that all of your user's passwords are compromised. 7. A DoS or DDoS was performed against your system, resulting in the loss of 3 hours of downtime and lost revenue. Paragraph 1: IRT Team . What would the IRT team look like for this incident (who would be on the team to be able to effectively handle the event)? Justify your choices. Paragraph 2: Approach. Address HOW you would respond. What logs or tools would you use to identify/analyze the incident? What would alert you to the incident? What tools would you use to contain/recover from the incident? Paragraph 3: Metrics. Who would you measure your team's response effectivenss? What measurements/metrics would you track? Note: Paper should have minimum 250 words, Proper references and inline citations. .

Select ONE of the following security incidents and provide the f.docx

lvernon1

Security

chian417

Computer security and privacy

eiramespi07

Security & Compliance for Startups

Symosis Security (Previously C-Level Security)

Introduction of hacking and cracking

Harshil Barot

Cybersecurity is important because it protects all categories of data from theft and damage. This includes sensitive data, personally identifiable information (PII), protected health information (PHI), personal information, intellectual property, data, and governmental and industry information systems. in the modern day, there are dozens or possibly even hundreds of different interconnected assets, networks, and systems that we rely on every day for the normal functioning of society. Without these various infrastructure components, we wouldn’t be able to enjoy the benefits of living in the 21st century – small-scale disruptions to these components would result in the temporary loss of crucial capabilities. But, if escalated to a larger scale, society would be plunged into a catastrophic black sky event, resulting in cascading failures and a serious threat to human continuity. Examples include conflicts between nations where an aggressor seeks to disable their opponent’s ability to communicate or mobilize. And what better way for a domestic or international terrorist group to sow confusion and fear than to prevent our critical infrastructure from functioning and, in turn, our successful ability to respond and recover? In other words, it is fundamental to the safety and prosperity of a nation to provide reliable critical infrastructure security.

CyberSecurity and Importance of cybersecurity

Home

Refer the attached docs to understand: Min 250 words Select ONE of the following security incidents and provide the following information: 1. A SQL Injection was performed by a hacker, resulting in the loss of PII data. 2. You have discovered a covert leak (exfiltration) of sensitive data to China. 3. Malcious code or malware was reported on multiple users' systems. 4. Remote access for an internal user was compromised - resulting in the loss of PII data. 5. Wireless access. You discovered an "evil twin" access point that resulted in many of your users connecting to the hacker's access point while working with sensitive data. 6. Compromised passwords. You discovered that an attacker used rainbow tables to attack your domain's password file in an offline attack. Assume that all of your user's passwords are compromised. 7. A DoS or DDoS was performed against your system, resulting in the loss of 3 hours of downtime and lost revenue. Paragraph 1: IRT Team . What would the IRT team look like for this incident (who would be on the team to be able to effectively handle the event)? Justify your choices. Paragraph 2: Approach. Address HOW you would respond. What logs or tools would you use to identify/analyze the incident? What would alert you to the incident? What tools would you use to contain/recover from the incident? Paragraph 3: Metrics. Who would you measure your team's response effectivenss? What measurements/metrics would you track? .

Refer the attached docs to understand Min 250 wordsSelect O.docx

lorent8

Network security

mena kaheel

Analysis of RSA Lockheed Martin Attack

Gavin Davey

Web security chapter#2

Ishaq Shinwari

Sheet1Weakness Violates a policy or procedureThreat What is the danger that exploits the weaknessRisk What ASSET could be lost (qualitative/quantitative)Countermeasure How can it be safeguardedRisk Factor & Reason “1” Critical: impacts company viability “2” Major: impacts asset or IT infrastructure “3” Minor: impacts productivity / availability Ex1Client records left out in the office after hours Janitors or others having access to the building after hours can gain access to files in the cabinetsa. Client sensitive information to include social security numbers can be stolen and used to open new accounts. b. Client financial account numbers can be obtained and finances can be stolen. c. Negative publicity can impact company's reputation.1. Enforce policies requiring client records to be stored securely. 2. Discipline employess who left records out."1" (company may have to pay penalities for each incident; negative publicity could destroy company's reputation) "3" (stolen files must be replaced)EX2Office areas unlocked after everyone left for dayVisitors and others can gain access to office areas without being seena. Company assets can be stolen or vandalized b. IT infrastruture can be destoyed c. File cabinets can be broken into and client files can be stolen or destroyed d. Negative publicity can impact company's reputation.1. Enforce policies requiring securing offices. 2. Discipline employess who left offices unlocked. 3. Add contact information to office entryways so janitors or others can call to report unsecured offices."1" (company may have to pay penalities for each incident; negative publicity could destroy company's reputation) "2" (stolen company assets and destroyed IT Infrastructure must be replaced) "3" (stolen files must be replaced)1Employee taped password to screen 2LAN/WAN UPS not operational3Regular Firewall maintenance not conducted4SysAdmin has little-to-no security awareness training5Servers does not contain latest patches6Databases/systems not backed-up7Computer always left logged-in 8Computer login shared by everyone 9Employee uses a very simple password 10InfoSec audits not conducted11Employees using personal laptops to do corporate business12Client files left out on the desk overnight13Client personal data shared with everyone via email14Password hasn't been changed in over a year15Office left unlocked during lunch/breaks and overnight16Retired employee able to login 17Inventory control and access control policies not followed18Record cabinets cannot be locked or are left unlocked19Computers do not have latest software patches20Unauthorized software discovered on corporate computers21Default password still being used22Laptops with sensitive data not encrypted23Master login created by IT and used by offices24Users can download data to USB drives Student Name: ISOL 533 &P of &N .

Sheet1WeaknessViolates a policy or procedureThreatWhat is th.docx

bjohn46

ETHICAL HACKING

miltonnancy

Client server network threat

Raj vardhan

Sophisticated ransomware attacks on healthcare organizations by ruthless cybercriminals are on the rise. Savvy HIT leaders are taking immediate action to protect their IT systems and data. During this webinar you’ll gain insight into the 5 most important precautions that healthcare providers should take and what steps should be followed in event your system is compromised to minimize the impact on patient care and restore your systems as quickly as possible. In this presentation you’ll learn: - 5 most important ways to protect your organizations from a ransomware attack - What steps to take in the event your system is compromised by a ransomware attack Link to On-Demand Webinar: https://www.cleardata.com/knowledge-hub/5-ways-to-protect-your-healthcare-organization-from-a-ransomware-attack/

5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...

ClearDATACloud

Introduction to Ethical Hacking

Kevin Chakre

Final Project – Incident Response Exercise SAMPLE 1. Contact Information for the Incident Reporter and Handler – Mruga Patel – Cyber Incident Response Team Lead – Organizational Information - Sifers-Grayson Corporation (Blue Team), Information Technology Department – [email protected] – 410-923-9221 – Location - 100 Fairway Ave, Suite 101, Catonsville, MD 21228 2. Incident Details – The attack occurred during off-hours at 22:00 EST. Incident was discovered when the system became unusable due to high volume traffic from an unauthorized IP Address. The incident ended at approximately 22:45 EST. – Catonsville, MD – Attack has ended – The attack occurred from an IP address of 11.125.22.198 with no host name. The cause of the incident has yet to be determined. – The attack was discovered when the system became unusable due to high levels of latency. It was detected using logging information from a server from the Task Manager. – The system remains unaffected. Only data was stolen from our company. The server which was extracted from the Employee server. IP address- 192.168.1.0, hotname SifersHouston.com. – N/A – The system resumed to normal function after attacked occurred. – Data stolen was from the server containing employee information. – Network was turned off once attack was discovered. The system logged all necessary information for forensic evidence. – N/A 3. Cause of Incident was from an unsecured network which was uses to steal company information. 4. The cost of the incident has yet to be determined. PII stolen has no calculated price. However, estimated person hours are about 200. It would cost around $100 per hour for IT staff to perform “clean-up” activities. As of now it would cost around $20,000.00. 5. The impact of the incident is significant. The necessary measures to combat this problem has yet to be determined. 6. General Comments- Our network poses a lot of security risks. Going forward, we need to implement certain security measures from further incidents from taking place. Background The Sifers-Grayson company has hired an outside organization to penetrate our network and report on vulnerabilities found within the network. Upon penetration testing and weeks of trying to exploit our system, the red team (testing team) has been successful. Holding a government contract, the Department of Defense (DoD) requires additional security requirements for the R&D and SCADA lab operations. Both of which hold classified and secret information and happen to be where the red team was able to exploit. The company is now required to use the NIST publications for protection controlled unclassified information in Nonfederal information systems and organizations. Failure to comply can result in fines and even contract termination. The (DFARS) Defense Federal Acquisition Regulations also outlines the safeguarding of Cyber Security Incident Reporting. Fortunately, identifying these risks before hacke ...

Final Project – Incident Response Exercise SAMPLE.docx

lmelaine

455845434-Chapter-2-Cyber-Security-pptx.pptx

DrVPadmavathiAssocia

Cyper security & Ethical hacking

Cmano Kar

IRJET- An Overview of Ethical Hacking

IRJET Journal

ThreatModeling.ppt

tashon2

Similaire à Beyond the Fortress Network (20)

Select ONE of the following security incidents and provide the f.docx

Security

Computer security and privacy

Security & Compliance for Startups

Introduction of hacking and cracking

CyberSecurity and Importance of cybersecurity

Refer the attached docs to understand Min 250 wordsSelect O.docx

Network security

Analysis of RSA Lockheed Martin Attack

Web security chapter#2

Sheet1WeaknessViolates a policy or procedureThreatWhat is th.docx

ETHICAL HACKING

Client server network threat

5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...

Introduction to Ethical Hacking

Final Project – Incident Response Exercise SAMPLE.docx

455845434-Chapter-2-Cyber-Security-pptx.pptx

Cyper security & Ethical hacking

IRJET- An Overview of Ethical Hacking

ThreatModeling.ppt

Plus de David Broussard

SPSHOU18 Working on the Go With Microsoft

David Broussard

In todays' world we are always on the go. It might be on a plane to a dozen cities in a month, or it might be on the train into work on a Wednesday. It might be at the ballpark watching your kids play ball, or it might be walking from one conference room to another. Lucky for us, Microsoft has developed a number of mobile apps that allow us to take out work with us on the go. From OneDrive synching our files to our laptops, to iOS and Android apps, we now have a panoply of options to work on the go.

SPSTC18 Working on the Go With Microsoft

David Broussard

SPSTC18 Laying Down the Law - Governing Your Data in O365

David Broussard

HSPUG presentation - Advanced Data Governance

David Broussard

SPSNE Sun Tzu and the Art of Digital Transformation

David Broussard

SPSCincy 2017 Hidden Gems in O365

David Broussard

Spshou Hidden Gems in O365

David Broussard

SPSAC - What do we Want? A New Intranet!

David Broussard

What do we want? A New Intranet! When do we want it? Right Now!!! We know what we want, but how do we get it? Our passion for SharePoint doesn't lead to a new project for our Intranet. This presentation talks about why that is teh case and how we can determine who the "customer" of our Intranet projhect should be (it may surprise you). Then how to build a consensus and get that project going!

SPSNYC - How to Sell Your Intranet

David Broussard

SPSDFW Bottom Up SharePoint Design

David Broussard

2014 SP Summit Vancouver Bottom Up SharePoint

David Broussard

SPSNYC Building Social Solutions

David Broussard

SASUG April - Building Social Networks and the Social Journey

David Broussard

Catapult k2 partner event oct 12 2011

David Broussard

Building the perfect share point farm

David Broussard

Spstc2011 share point for dotcom sites

David Broussard

Plus de David Broussard (16)

SPSHOU18 Working on the Go With Microsoft

SPSTC18 Working on the Go With Microsoft

SPSTC18 Laying Down the Law - Governing Your Data in O365

HSPUG presentation - Advanced Data Governance

SPSNE Sun Tzu and the Art of Digital Transformation

SPSCincy 2017 Hidden Gems in O365

Spshou Hidden Gems in O365

SPSAC - What do we Want? A New Intranet!

SPSNYC - How to Sell Your Intranet

SPSDFW Bottom Up SharePoint Design

2014 SP Summit Vancouver Bottom Up SharePoint

SPSNYC Building Social Solutions

SASUG April - Building Social Networks and the Social Journey

Catapult k2 partner event oct 12 2011

Building the perfect share point farm

Spstc2011 share point for dotcom sites

Dernier

Enterprise Knowledge’s Urmi Majumder, Principal Data Architecture Consultant, and Fernando Aguilar Islas, Senior Data Science Consultant, presented "Driving Behavioral Change for Information Management through Data-Driven Green Strategy" on March 27, 2024 at Enterprise Data World (EDW) in Orlando, Florida. In this presentation, Urmi and Fernando discussed a case study describing how the information management division in a large supply chain organization drove user behavior change through awareness of the carbon footprint of their duplicated and near-duplicated content, identified via advanced data analytics. Check out their presentation to gain valuable perspectives on utilizing data-driven strategies to influence positive behavioral shifts and support sustainability initiatives within your organization. In this session, participants gained answers to the following questions: - What is a Green Information Management (IM) Strategy, and why should you have one? - How can Artificial Intelligence (AI) and Machine Learning (ML) support your Green IM Strategy through content deduplication? - How can an organization use insights into their data to influence employee behavior for IM? - How can you reap additional benefits from content reduction that go beyond Green IM?

Driving Behavioral Change for Information Management through Data-Driven Gree...

Enterprise Knowledge

🐬 The future of MySQL is Postgres 🐘

RTylerCroy

2024: Domino Containers - The Next Step. News from the Domino Container commu...

Martijn de Jong

Imagine a world where information flows as swiftly as thought itself, making decision-making as fluid as the data driving it. Every moment is critical, and the right tools can significantly boost your organization’s performance. The power of real-time data automation through FME can turn this vision into reality. Aimed at professionals eager to leverage real-time data for enhanced decision-making and efficiency, this webinar will cover the essentials of real-time data and its significance. We’ll explore: FME’s role in real-time event processing, from data intake and analysis to transformation and reporting An overview of leveraging streams vs. automations FME’s impact across various industries highlighted by real-life case studies Live demonstrations on setting up FME workflows for real-time data Practical advice on getting started, best practices, and tips for effective implementation Join us to enhance your skills in real-time data automation with FME, and take your operational capabilities to the next level.

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

Safe Software

This presentations targets students or working professionals. You may know Google for search, YouTube, Android, Chrome, and Gmail, but did you know Google has many developer tools, platforms & APIs? This comprehensive yet still high-level overview outlines the most impactful tools for where to run your code, store & analyze your data. It will also inspire you as to what's possible. This talk is 50 minutes in length.

Powerful Google developer tools for immediate impact! (2023-24 C)

wesley chun

BooK Now Call us at +918448380779 to hire a gorgeous and seductive call girl for sex. Take a Delhi Escort Service. The help of our escort agency is mostly meant for men who want sexual Indian Escorts In Delhi NCR. It should be noted that any impersonator will get 100 attention from our Young Girls Escorts in Delhi. They will assume the position of reliable allies. VIP Call Girl With Original Photos Book Tonight +918448380779 Our Cheap Price 1 Hour not available 2 Hours 5000 Full Night 8000 TAG: Call Girls in Delhi, Noida, Gurgaon, Ghaziabad, Connaught Place, Greater Kailash Delhi, Lajpat Nagar Delhi, Mayur Vihar Delhi, Chanakyapuri Delhi, New Friends Colony Delhi, Majnu Ka Tilla, Karol Bagh, Malviya Nagar, Saket, Khan Market, Noida Sector 18, Noida Sector 76, Noida Sector 51, Gurgaon Mg Road, Iffco Chowk Gurgaon, Rajiv Chowk Gurgaon All Delhi Ncr Free Home Deliver

08448380779 Call Girls In Civil Lines Women Seeking Men

Delhi Call girls

How to convert PDF to text with Nanonets

naman860154

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

sammart93

Finology Group – Insurtech Innovation Award 2024

The Digital Insurer

GenCyber Cyber Security Day Presentation

Michael W. Hawkins

Partners Life - Insurer Innovation Award 2024

The Digital Insurer

How to Troubleshoot Apps for the Modern Connected Worker

ThousandEyes

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

The Digital Insurer

Axa Assurance Maroc - Insurer Innovation Award 2024

The Digital Insurer

08448380779 Call Girls In Friends Colony Women Seeking Men

Delhi Call girls

Abhishek Deb(1), Mr Abdul Kalam(2) M. Des (UX) , School of Design, DIT University , Dehradun. This paper explores the future potential of AI-enabled smartphone processors, aiming to investigate the advancements, capabilities, and implications of integrating artificial intelligence (AI) into smartphone technology. The research study goals consist of evaluating the development of AI in mobile phone processors, analyzing the existing state as well as abilities of AI-enabled cpus determining future patterns as well as chances together with reviewing obstacles as well as factors to consider for more growth.

Exploring the Future Potential of AI-Enabled Smartphone Processors

debabhi2

Automating Google Workspace (GWS) & more with Apps Script

wesley chun

presentation ICT roal in 21st century education

jfdjdjcjdnsjd

Boost Fertility New Invention Ups Success Rates.pdf

sudhanshuwaghmare1

Scaling API-first – The story of a global engineering organization

Radu Cotescu

Dernier (20)

Driving Behavioral Change for Information Management through Data-Driven Gree...

🐬 The future of MySQL is Postgres 🐘

2024: Domino Containers - The Next Step. News from the Domino Container commu...

From Event to Action: Accelerate Your Decision Making with Real-Time Automation

Powerful Google developer tools for immediate impact! (2023-24 C)

08448380779 Call Girls In Civil Lines Women Seeking Men

How to convert PDF to text with Nanonets

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Finology Group – Insurtech Innovation Award 2024

GenCyber Cyber Security Day Presentation

Partners Life - Insurer Innovation Award 2024

How to Troubleshoot Apps for the Modern Connected Worker

Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024

Axa Assurance Maroc - Insurer Innovation Award 2024

08448380779 Call Girls In Friends Colony Women Seeking Men

Exploring the Future Potential of AI-Enabled Smartphone Processors

Automating Google Workspace (GWS) & more with Apps Script

presentation ICT roal in 21st century education

Boost Fertility New Invention Ups Success Rates.pdf

Scaling API-first – The story of a global engineering organization

Beyond the Fortress Network

1. Beyond the Fortress Network David C. Broussard Principal Consultant @dbroussa Blogs.catapultsystems.com/dbroussard

2. Who am I?  

3. The Fortress Network     

4. Security in the old mindset    

5. What are we concerned about again?    

7. Did it work?    − −

8. Bad EXTERNAL actor  − − − − −  −

9. Story Time  − − − −  − −

10. Story Time 2  − − − − −  − − −

11. Malicious INTERNAL Actor  − − − −  − −

12. Story Time 3  − − − −  −

13. Story Time 4  − − − − −  − −

14. Core questions about security     

15.

16. DELIVERY Employee A opens infected email on workstation2 A Malware EXPLOITATION Employee B opens infected email using mobile device2 BMalware Infected phone disables Antivirus; and compromised credentials used to access Email service 3Control Evasion Password/Hash Dumping 3 Threat Actor gather credentials on compromised machine COMMAND AND CONTROL Credentials harvested after Employee attempts login to bogus site 2 4 Threat Actors move laterally within network using compromised credentials Compromised Credential ACTIONS ON OBJECTIVE 5 Threat Actors use compromised devices/accounts to exfiltrate PII 48 Hours 200+ Days PII Leak/Exfiltrate Data Threat Actor targets employees via phishing campaign1 Phishing 3 Compromised credentials used to access service

17. Mobile Device Management  − − − −

18. Risk Based Access   

19. Data Loss Prevention and Encryption   

20. Threat Detection and Prevention  − − − −

21. Tools that you didn’t know you had      

22. http://get.catapultsystems.com/0365-business-registration http://get.catapultsystems.com/0365-bootcamp-registration-it-track/ @CloudWhisperers Learn More

Notes de l'éditeur

Focused on access to data as opposed to securing the data itself Deny malicious users from accessing data except from inside of our secure network The cloud is seen as insecure primarily because we (IT) no longer can restrict access to the information Or can we? However, even the Fortress Network didn’t work completely What about email? Didn’t we lose control of that document once we hit send?
Build high walls around our data Firewalls Network segments VPNs NTFS permissions Build deep defense in depth DMZs Detonation Chambers Pre-scan incoming requests (honey traps, URL scans) Malware protection Malicious link detection Spam and virus software on desktops and servers Interior security was much less strenuous Virus scans Malware But assumption was if you had access you could do anything

Beyond the Fortress Network

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

Similaire à Beyond the Fortress Network

Similaire à Beyond the Fortress Network (20)

Plus de David Broussard

Plus de David Broussard (16)

Dernier

Dernier (20)

Beyond the Fortress Network

Notes de l'éditeur