cyber security threatsisaca.or.ke/resources2017/isaca presentation - handling...addresses security...
TRANSCRIPT
Identity Driven Security
Comprehensive solution
Managed mobile productivity
Cyber Security Threats
The world we live in is
increasingly complex
Challenges Facing Our Connected World
Shadow
IT
Data breach
IDENTITY – DRIVEN SECURITY
Employees
Partners
Customers
Cloud apps
Identity Devices Apps & Data
Transition tocloud & mobility
New attack landscape
Current defenses not sufficient
Identity breach On-premises apps
SaaS
AWS, Azure
CRIT ICAL ASSETS SEPARATED AND PROTECTED
© 2016 HERE
CARCASSONNE, FRANCE
Volume and Impact
Script Kiddies
BLASTER, SLAMMER
Motive: Mischief
2003-2004
2005-PRESENT
Organized Crime
RANSOMWARE, CLICK-FRAUD,
IDENTITY THEFT
Motive: Profit
Script Kiddies
BLASTER, SLAMMER
Motive: Mischief
2003-2004
2005-PRESENT
Organized Crime
RANSOMWARE, CLICK-FRAUD,
IDENTITY THEFT
Motive: Profit
Script Kiddies
BLASTER, SLAMMER
Motive: Mischief
2012 - Beyond
Nation States, Activists,
Terror Groups
BRAZEN, COMPLEX,
PERSISTENT
Motives:IP Theft,Damage,
Disruption
2003-2004
How do they get in? How do they get privilege's?
ANATOMY OF AN ATTACK
Malicious Attachment Execution
Browser or Doc Exploit Execution
Stolen Credential Use
Internet Service Compromise
Kernel-mode Malware
Kernel Exploits
Pass-the-Hash
Malicious Attachment Delivery
Browser or Doc Exploit Delivery
Phishing Attacks / Watering Hole
ESPIONAGE, LOSS OF IPDATA THEFT RANSOMLOST PRODUCTIVITYBUSINESS DISRUPTION
ENTER
ESTABLISH
EXPAND
ENDGAME
NETWORK
DEVICE
USER
HOW DO BREACHES OCCUR?
Malware and vulnerabilities are not the only thing
to worry about
99.9%of exploited Vulnerabilities were used more than a year after the CVE was published
46%of compromised systems had no malware on them
Fast and effective phishing attacks
give you little time to react
If an attacker sends
an email to 100
people in your
company…
…23 people will
open it…
…11 people will
open the
attachment…
…and six will do it
in the first hour.
ADDRESSING THE THREATS REQUIRES A NEW APPROACH:
RUIN THE ATTACKERS ECONOMIC MODEL
BREAK THE ATTACK PLAYBOOK
ELIMINATE THE VECTORS OF ATTACK
IntelligentInnovativeHolistic Identity-driven
Addresses security challenges across users
(identities), devices, data, apps, and
platforms―on-premises and in the cloud
Offers one protected common identity for secure access to all
corporate resources, on-premises and in the
cloud, with risk-based conditional access
Protects your data from new and changing
cybersecurity attacks
Enhances threat and
anomaly detection with
the Microsoft Intelligent
Security Graph driven by
a vast amount of
datasets and machine
learning in the cloud.
IDENTITY – DRIVEN SECURITY
IDENTITY – DRIVEN SECURITY
1. Protect at the front doorSafeguard your resources at the front door with innovative
and advanced risk-based conditional accesses
2. Protect your data against user mistakesGain deep visibility into user, device, and data activity on-
premises and in the cloud.
3. Detect attacks before they cause damageUncover suspicious activity and pinpoint threats with deep
visibility and ongoing behavioral analytics.
Identity-driven security
Protect against advanced threats