THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY

ISE Confidential - not for distribution

T H E E V O LV I N G T H R E A T L A N D S C A P E :

A D V A N C I N G E N T E R P R I S E S E C U R I T Y11 December 2013

Agenda

• Objectives• About ISE• I. Security Separated from Functionality• II. Black Box vs. White Box• III. Secure Assets, Not Perimeters• IV. “Build It In,” Not “Bolt It On”• V. Security as Ongoing Process• Q&A

Objectives

• Analyze trending best practices• Keep pace with the rapidly evolving adversaries• Streamline resource and financial investment

About ISE

Analysts

• Fortune 500 Enterprises• Media & Entertainment, Security Software, Healthcare, etc

Customers

• White boxPerspective

• Computer Scientists• Ethical Hackers

Research• Recent: Browsers; Routers• Upcoming: Digital Cinema; Hospital Pilot

I. Security Separated From Functionality

CONFLICT IS GOOD!There, I said it.

Objective of Conflict• Facilitate dialogue amongst teams to arrive at a

usable system, on deadline, that entails an acceptable level of security protocols.

II. Black Box vs. White Box

• Evaluation Types• Penetration Test• Vulnerability Assessment

• Methodologies• Black Box• White Box

Black Box Perspective

White Box Perspective

III. Secure Assets, Not Perimeters

Traditional Attacks Traditional Defenses

Modern Attacks

IV. “Build It In,” Not “Bolt It On”

V. Security as Ongoing Process

I. Security Separated from FunctionalityII. Black Box vs. White BoxIII. Secure Assets, Not PerimetersIV. “Build It In”, Not “Bolt It On”V. Security as Ongoing Process

Whitepaper forthcoming

Questions?

Ted HarringtonExecutive Partner

ted.harrington@securityevaluators.com

THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY

Documents

The Evolving Automotive Threat Landscape · SBD Automotive 2019: The Evolving Automotive Threat Landscape 10 Nissan Leaf hack Two security researchers discovered a vulnerability on

Hartford, CT Evolving Doors for Advancing Healthcare

Assessing the Evolving Threat of Terrorism - USC CREATEcreate.usc.edu/.../assessingtheevolvingthreatofterrorism_2.pdf · Assessing the Evolving Threat of Terrorism ... School of Economic,

IT SECURITY: THE EVOLVING THREAT LANDSCAPEdownloads.node4.co.uk/pdfs/IT Security - The Evolving Threat Landsc… · to identify cogent patterns, and a lack of knowledge of whether

SecureWorld: Information Security Adaption: Survival In An Evolving Threat Landscape

The Evolving Threat Landscape - San Francisco Bay Area ...sfbay.issa.org/comm/presentations/2009/Sep/RoyalISSA0909.pdf · The Evolving Threat Landscape . ... • P2P-over-HTTP spamming

The Evolving Terrorist Threat to Southeast Asia: A Net Assessment

The Evolving Cyber Threat - TaxAdmin.org · The Evolving Cyber Threat August 8, 2016 FTA Technology Conference Pittsburg, PA . Background ... Reality n Security technologies can’t

THE EVOLVING WARSAW PACT THREAT IN CONTEXT

Maintaining Cyber Readiness in an Evolving Threat Landscape...Evolving Threat Landscape Brent Benson Brent.benson@logrhythm.com 320-492-6011 The Modern Cyber Threat Pandemic 3,930

The North Korean Air Force: A Declining or Evolving Threat?

Ever-Evolving Security Threat Landscape - ISACA · Ever-Evolving Security Threat Landscape ... – GIAC GCIA – GIAC GSEC ... – GIAC GCFW – GIAC GCIH – GIAC GCFA – GIAC GCWN

The Evolving Threat from Militant Jihadist Groups

The evolving threat of antimicrobial resistance - WHOapps.who.int/iris/bitstream/10665/44812/1/9789241503181_eng.pdf · The evolving threat of antimicrobial resistance Options for

Network & Application Availability in an Evolving Threat

The Evolving Threat Landscape

SecureWorld St. Louis: Survival in an Evolving Threat Landscape

A Talos Look into the Evolving Threat Landscape · A Talos Look into the Evolving Threat Landscape Earl Carter Senior Threat Researcher. Today’s Plan • Threat Landscape • Attack

The Evolving Threat of AMR_WHO 2012

2020 Track Evolving Cyber Threat