Upload
burns-sheehan
View
287
Download
0
Embed Size (px)
DESCRIPTION
Marc Lueck's presentation slides on "The changing Threat actor" from Burns Sheehan's Security Event
Citation preview
Copyright © 2010 Pearson Education, Inc. or its affiliates. All rights reserved. 1
Threat Management – Infosec in 2014
Marc LueckDirector, Global Threat
Management
Copyright © 2010 Pearson Education, Inc. or its affiliates. All rights reserved. 2
The changing threat actor
Rise of Targeted Attacks:
Source: Symantec
Copyright © 2010 Pearson Education, Inc. or its affiliates. All rights reserved. 3
The changing threat actor
Rise of Targeted Attacks:
Copyright © 2010 Pearson Education, Inc. or its affiliates. All rights reserved. 4
The changing threat actor
• Nation-states
• Organised Crime
• Activists/Terrorists
“Not a what, but who?”
Copyright © 2010 Pearson Education, Inc. or its affiliates. All rights reserved. 5
Manage threats, not controls!
• Build threat analysis capability– Look for threats before they happen– Threat Intelligence feeds, DeepSight, Dell, open source– Understand your threat actors, who wants in?– Visualise the “Kill Chain”
• Build skills to analyse “big” security data– New tools, new capabilities!– Skybox, Redseal, Lynxeon, eGRC tools– Steep learning curve, tough sell– Essential for the shift from reactive/monitoring to proactive
• Utilise “threat communities”– Leverage your peers– Paid or open source services– RedSky, Open Threat Exchange
Copyright © 2010 Pearson Education, Inc. or its affiliates. All rights reserved. 6
Application Security – the final frontier?
Copyright © 2010 Pearson Education, Inc. or its affiliates. All rights reserved. 7
Application Security – the final frontier?
• Coders welcome!– Developer skills needed by Security teams– Act as the bridge between development and security
• Educate, assist and track– Utilise SAST, DAST and skilled assets to deliver efficient, permanent changes to
application security– Ensure BAU security capability understands and can react to web application
security faults
• New protective controls– WAF; is it worth it?