this month in cyber security - peters & associates … · 11-11-2019 · classified as...
Post on 21-Jul-2020
0 Views
Preview:
TRANSCRIPT
Classified as Confidential
Helping you grow your business with
scalable IT services & solutionsfor today’s challenges & tomorrow’s vision.
© 2019 Peters & Associates, Inc. All rights reserved.
This Month in Cyber Security
November 2019
Bruce Ward, Vice President
Classified as Confidential© 2019 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsNIST’s CyberSecurity Framework (CSF)
Classified as Confidential© 2019 Peters & Associates, Inc. All rights reserved.
In the news…
1.Phishing2.Patching3.Ransomware4.Solution Reviews
Classified as Confidential© 2019 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutions
Topic Stories
Phishing • Cybercriminals use Analytics and AI to improve phishing campaigns• Speed up Time to Detect / Respond to a Compromised User
Patching • BlueKeep is an old vulnerability but becoming increasingly dangerousand exploits Windows OS moving past End of Support dates soon
• Windows 7 to 10 migration projects not finished before Jan? Options?• Windows 2003 – No support, no security?• November Patch Tuesday – Overview from Krebs
Ransomware • Ginsu Knives and paralleling that with Ransomware as a Service (RaaS)!• Purelocker is going after servers – Windows, Linux, and more• Web hosting provider ASP.NET hit with ransomware
Solution Reviews (to protect AD)
Protect Active Directory:• Azure ATP• Azure Password Protection• Azure MFA
Classified as Confidential© 2019 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsIssue: Phishing
“…the best defense against analytics is more analytics."
Classified as Confidential© 2019 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsSolution: Phishing
“…the best defense against analytics is more analytics."
Classified as Confidential© 2019 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsPatching - Overview
Classified as Confidential© 2019 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsPatching - BlueKeep
Classified as Confidential© 2019 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsPatching – Windows 7
October 2018:1 Year Ago
Classified as Confidential© 2019 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsPatching - Solution
Extended Service Updates (ESU) = Windows 7 patches
Buy Subscribe Move
Classified as Confidential© 2019 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsPatching - Solution
Today Windows 10 Pro
Windows 10 Ent (E3)
No ownership $203 $326* (incl 2 years SA)
Own Win7 or 8 $181 $326* (incl 2 years SA)
Subscription N/A $7/mo$11/mo (E5, includes ESU)
© 2018 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsWindows 10 - Design Questions
UEFI
Disk Encryption
AAD Join / Co-Manage
Windows Defender
Bitlocker / MBAM
ManagementNew
Hardware
Telemetry
Secure / Lockdown
© 2018 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsWindows 10 – Deployment Options
© 2018 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsPatching W2K3 – Security by Obscurity?
Classified as Confidential© 2019 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsRansomware – SmarterASP.NET
Classified as Confidential© 2019 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsRansomware – Customer Story
Classified as Confidential© 2019 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsRansomware – PureLocker
Classified as Confidential© 2019 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsRansomware – R as a Service (RaaS)
Creators
Deployers
Customers
Classified as Confidential© 2019 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsRansomware – Solution Review
Classified as Confidential© 2019 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsSolution Review
Classified as Confidential© 2019 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsSolution Review
APT = Advanced Persistent Threat
ATP = Advanced Threat Protection
Classified as Confidential© 2019 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsAzure ATP
✓ Lateral Movement✓ Account Compromise✓ DNS Enumeration✓ Analogous Behavior✓ Domain Join/Removal✓ Admin anomalies✓ RDP port usage✓ Pass-the-Hash✓ Certificate misuse
Classified as Confidential© 2019 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsAzure Password Protection
P@ssw0rd1
Global banned password list
Custom banned password list
Good Passwords!
Classified as Confidential© 2019 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutions+ One Day MFA
Classified as Confidential© 2019 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutions
http://www.peters.com/blog/
Events, Webinars & Blogs
Classified as Confidential© 2019 Peters & Associates, Inc. All rights reserved.
IT SecuritySolutionsReady to engage?
Free 14-Day
Trial
Free One-Time Phishing
Test
Free One-Time External V-Scan
Free Coffee
Classified as Confidential
1801 S. Meyers Road, Suite 120Oakbrook Terrace, IL 60181
(630) 832-0075
Thank you!
© 2016 Peters & Associates, Inc. All rights reserved.
Bruce Ward
Bruce.Ward@peters.com
top related