Download Organized, sophisticated supply chains (PII, financial

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
Document related concepts

Wireless security wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Deep packet inspection wikipedia , lookup

Computer security wikipedia , lookup

Transcript 
Anatomy of an Attack
© Copyright 2011 EMC Corporation. All rights reserved.
1
The “Community’ of Attackers
Organized
crime
Petty
criminals
Criminals
Unsophisticated
Nation
state
actors
Non-state
actors
Organized, sophisticated
supply chains (PII, financial
services, retail)
PII, government, defense industrial
base, IP rich organizations
Anti-establishment
Terrorists
vigilantes
“Hacktivists”
PII, Government,
Targets of opportunity
critical infrastructure
© Copyright 2011 EMC Corporation. All rights reserved.
2
AdvancedThreats
Threats2.0
1.0
Advanced
Clear-text &
custom protocol
abc.com
abc.com
SSL
or other&standards
Clear-text
based
encryption.
normal
protocol Custom
malware w/ no signature.
Custom
encryption
C2 Traffic
(port
C2 Traffic
80/443)
1.2.3.4
def.com
def.com
def.com
3.7.9.1
1.2.3.4
8.2.3.3
Content
Inspection
Protocol
Anomalies
© Copyright 2011 EMC Corporation. All rights reserved.
Network Traffic
Anomalies
Known Bad
Endpoints
3
© Copyright 2011 EMC Corporation. All rights reserved.
5
Executive Checklist
• Is your IT security organization functionally aligned
with the greater IT infrastructure?
– Outsourcer > Insourced Capabilities > SOC > etc.
• Do you monitor the crown jewels of your
organization and know where your most high value
programs and assets are?
• Does your organization have & practice a breach
readiness plan, incident response, discovery &
remediation process/procedures?
• In addition to perimeter defenses (ingress), does
there exist an egress defense strategy and
approach to mitigate data exfiltration?
• Is there a consistent 360 degree governance, risk
and compliance practice in your organization?
– Compliance, Regulatory, Legal, Corporate Policy,
Communications & HR
© Copyright 2011 EMC Corporation. All rights reserved.
6
Security Practices – Critical Checklist
Business Risk Assessment – Critical Asset Protection
Identify most critical systems; ensure they are given the highest priorities for all hardening and monitoring
activities
Active Directory and Exchange Hardening
Minimize number of admins
Monitoring and alerting (Windows Event ID #566)
Two factor admin access from hardened VDI platform
Executable whitelisting on hardened DCs
Disable default account and rename key accounts
Complex passwords (9 & 15 Char)
Infrastructure & Logging
Full and detailed logging & analysis
Tighten VPN controls
Increase controls on crypto keys
Full packet capture at strategic network locations
Network segmentation
Team trained and focused on APT activity
Service Accounts
Review accounts for privilege creep
Change passwords frequently
Do not embed credentials into scripts
Minimize interactive login
Restrict login only from required hosts
Web Access
Block access to high risk and web filter categories
Click through on medium risk websites
Black hole dynamic DNS domains
Authenticated internet access
DNS traffic analysis
User Education
Increase security training for IT
Launch security improvement initiative
Regular education of users on phishing attacks
Regular education on social engineering
Increase mail filtering controls
User Machine Hardening
Limit local admin and randomize PW- change often
Increase patching regime
Enable security controls in applications
Deep visibility to identify lateral movement
Limit use of non-authorized and unapproved software
© Copyright 2011 EMC Corporation. All rights reserved.
7
THANK YOU
© Copyright 2011 EMC Corporation. All rights reserved.
8
Related documents
Electromagnetic Interference (EMI) is any signal or emission
Electromagnetic Interference (EMI) is any signal or emission
The European Marketing Confederation (EMC)
The European Marketing Confederation (EMC)
language-use-in-online-comm
language-use-in-online-comm
emc values in action program
emc values in action program
Solution Overview - EMC Certified Solution Catalog
Solution Overview - EMC Certified Solution Catalog
TO: _____ Corporate Headquarters _____ USA ______, is the
TO: _____ Corporate Headquarters _____ USA ______, is the
Electron Nucleon scattering at CERN: past present - INFN-LNF
Electron Nucleon scattering at CERN: past present - INFN-LNF
Dytec/Midwest, Inc.
Dytec/Midwest, Inc.
Online channels
Online channels
xtremio $1 million dollar guarantee
xtremio $1 million dollar guarantee
See case-study
See case-study
Peterson, Christopher Columbus
Peterson, Christopher Columbus
EMC Testing for Medical Devices
EMC Testing for Medical Devices
Questionnaire as basis for a quotation for safety and / or EMC tests
Questionnaire as basis for a quotation for safety and / or EMC tests
POLICY NUMBER 212--Damage to Facilities - Joe
POLICY NUMBER 212--Damage to Facilities - Joe
Data Sheet: EMC FullTime RepliStor
Data Sheet: EMC FullTime RepliStor
4 litar elektrik i
4 litar elektrik i
Resume PDF
Resume PDF
EMC I i onix For Service Providers
EMC I i onix For Service Providers
EMC
EMC
TRANSFORM YOUR DATABASE ENVIRONEMNTS WITH EMC EMC FORUMS
TRANSFORM YOUR DATABASE ENVIRONEMNTS WITH EMC EMC FORUMS
Corporate Finance Vocabulary
Corporate Finance Vocabulary