THE BAD GUYS ARE WINNING -...

THE BAD GUYS ARE WINNING:Why Your Security Strategy Isn't Working

#ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM

Nick CavalanciaTechnical Evangelist

Techvangelism

NICK CAVALANCIA▪ Technical Evangelist

▪ Certifications: MVP / MCSE / MCT / MCNE / MCNI

▪ Co-Founder of ConversationalGeek.com

▪ Founder of Techvangelism

▪ Consultant/Trainer/Speaker/Author

▪ Technical author with over a dozen books

▪ Technical speaker for Techmentor, Connections, SpiceWorld

▪ Regular speaker for 1105 Media, Penton, Spiceworks, TechTarget

▪ Writes, Speaks, and Blogs for some of today’s best-known tech companies

SESSION AGENDA

• Look at the state of security today

• Look at the state of threats today

• Discuss why your security strategy isn’t working

• Provide 3 steps to win the battle

THE STATE OF SECURITY

• Lots of “solutions”

Source: KnowBe4 2018 Threat Impact and Endpoint Protection Report

• Lots of “solutions”

• Little focus on strategy

• Feels very reactive

• Not adequately adapting to changes in attack

• Strategy needs to begin with understanding your enemy

STATE OF THE THREAT

• Attacks are becoming more targeted

• Follow the money trail…

• $8 Billion in Ransomware

• $6 Trillion in Cybercrime (projected)

• Cybercriminals are focused on new ways to generate “revenue”

• White hats going gray/black

• “Evil”-as-a-Service

• #ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM

STATE OF THE THREAT

• Malware – 102% increase in malware volume

• Ransomware – 181.5M ransomware attacks

• Encrypted Attacks – 275% increase

• Cryptojacking – 5.6M CoinHive attacks

• Evasive Malware - 86% of exploit kits, 85% of payloads

bit.ly/CyberMYU bit.ly/MLEoY

State of the threat

/ Initial Access

Data Breaches

Ransomware

/Cryptojacking

CYBER ATTACKS: A CLOSER LOOK

Source: KnowBe4 2018 Threat Impact and Endpoint Protection Report

With so much security in place, why are we still experiencing attacks?

THE PROBLEM WITH SECURITY

• Not Layered

• Doesn’t Align with the Attack

• Not Leveraging AI / Machine Learning

• Not Optimized

STEP 1: START WITH DEFENSE IN DEPTH

USING A LAYERED SECURITY STRATEGY

Perimeter

Endpoint

Identity

Privilege

USE AN ATTACK-CENTRIC SECURITY STRATEGY

Perimeter

Endpoint

Identity

Privilege

Vulnerabilities, Email, Web, Phone

Phishing, Scams, Social Engineering

Malware, Evasive Techniques, Fileless, RDP

Leveraging Credentials, Lateral Movement

Elevation, Permissions, Persistence

Recon, Leverage, Access

Exfiltration, Encryption, Fraud, Espionage

GETTING TO DEFENSE IN DEPTH

Perimeter

Endpoint

Identity

Privilege

Firewalls, Email Scanning, DNS Filtering, Web Scanning

Security Awareness Training

AV, EDR, Application Whitelisting, EMM

MFA for EVERYONE

PAM, PSM

App-specific Auditing, UAM, UBA

UAM, File Auditing

HOW MUCH TRUST SHOULD YOU HAVE?

Perimeter

Endpoint

Identity

Privilege

STEP 2: LEVERAGE AI/ML

THE VALUE OF MACHINE LEARNING

• Instant expertise

• Adaptive expertise

• Extends intelligence beyond your organization

• Improves protection through sharing

STEP 3: OPTIMIZE YOUR STRATEGY

WINNING THE BATTLE

• Map the strategy to the state of attack

• Checklist of Solutions ➤ Defense in Depth

• Leverage intelligence through machine learning

• Consider an adaptive strategy

QUESTIONS?

THANK YOU

nick.cavalancia@techvangelism.com

Don’t forget to visit conversationalgeek.com

THE BAD GUYS ARE WINNING -...

Documents

Transcript of THE BAD GUYS ARE WINNING -...

Automation Azure with PowerShell - files.informatandm.comfiles.informatandm.com/...with_PowerShell_Beyond_the_Azure_PowerShell... · #ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM PowerShell

Constantin Guys

Story Guys

Good Guys vs. Bad Guys: Security Awareness & Social Engineering

McAfee Endpoint Security 10b2b-download.mcafee.com/products/evaluation/Endpoint... · 2016-07-07 · McAfee Endpoint Security McAfee® Endpoint Security is a comprehensive security

Seniors Guys

files.informatandm.comfiles.informatandm.com/...Edge_Computing_Congress_Dr… · Web viewThe only event dedicated to MECEndorsed by:. Contact us now for speaking opportunities:

Endpoint Security, Endpoint Management

Tomorrow’s Endpoint Protection Platforms...TOMORROW’S ENDPOINT PROTECTION PLATFORMS 3 The Technology Behind Endpoint Protection Platforms Endpoint protection platforms (EPPs) detect

Endpoint Protection Plus - naglotech.comnaglotech.com/pdf/endpoint-protection.pdf · Panda Security presents its simple and light endpoint security and productivity solution. Endpoint

Endpoint Modeling 101 - A New Approach to Endpoint Security

Stigmatism - GUYS

Single Sign-On Showdown - files.informatandm.comfiles.informatandm.com/uploads/2018/10/Single_SignOn_Showdown_ADFS_vs... · #ITDEVCONNECTIONS | ITDEVCONNECTIONS.COM Max Fritz Solutions

Symantec™ Endpoint Protection 12.1 · · 2016-04-28Symantec™ Endpoint Protection 12.1.6 Data Sheet: Endpoint Security ... "Enterprise Endpoint Security Performance Benchmarks",

Seqrite Endpoint Security (EPS) - Quick Healdlupdate.quickheal.com/.../Seqrite_Endpoint_Security_EPS_SME_Data… · Endpoint Security (EPS) Simple and Comprehensive Endpoint Security

files.informatandm.comfiles.informatandm.com/uploads/2017/5/FY16_GBS_Bio_Med...unable to run commercial off-the-shelf endpoint security agents or anti-malware scanning software. And

Vintage Guys

Ivanti Endpoint Manager, Endpoint Security for Endpoint ...

ESET Endpoint Security 6 ESET Endpoint Antivirus 6static3.esetstatic.com/fileadmin/Images/INT/Docs/Other/Business... · ESET Endpoint Security 6, ESET Endpoint Antivirus 6 Specialized

Endpoint Protection Solutions – TotalDefense Endpoint r12