Copyright © 2010 Pearson Education, Inc. or its affiliates. All rights reserved. 1

Threat Management – Infosec in 2014

Marc LueckDirector, Global Threat

Management

Copyright © 2010 Pearson Education, Inc. or its affiliates. All rights reserved. 2

The changing threat actor

Rise of Targeted Attacks:

Source: Symantec

Copyright © 2010 Pearson Education, Inc. or its affiliates. All rights reserved. 3

The changing threat actor

Rise of Targeted Attacks:

Copyright © 2010 Pearson Education, Inc. or its affiliates. All rights reserved. 4

The changing threat actor

• Nation-states

• Organised Crime

• Activists/Terrorists

“Not a what, but who?”

Copyright © 2010 Pearson Education, Inc. or its affiliates. All rights reserved. 5

Manage threats, not controls!

• Build threat analysis capability– Look for threats before they happen– Threat Intelligence feeds, DeepSight, Dell, open source– Understand your threat actors, who wants in?– Visualise the “Kill Chain”

• Build skills to analyse “big” security data– New tools, new capabilities!– Skybox, Redseal, Lynxeon, eGRC tools– Steep learning curve, tough sell– Essential for the shift from reactive/monitoring to proactive

• Utilise “threat communities”– Leverage your peers– Paid or open source services– RedSky, Open Threat Exchange

Copyright © 2010 Pearson Education, Inc. or its affiliates. All rights reserved. 6

Application Security – the final frontier?

Copyright © 2010 Pearson Education, Inc. or its affiliates. All rights reserved. 7

Application Security – the final frontier?

• Coders welcome!– Developer skills needed by Security teams– Act as the bridge between development and security

• Educate, assist and track– Utilise SAST, DAST and skilled assets to deliver efficient, permanent changes to

application security– Ensure BAU security capability understands and can react to web application

security faults

• New protective controls– WAF; is it worth it?