Cyber Defense Magazine - Annual RSA Conference 2019 - Print Edition

More documents

Info

P7 –AI-based attacks, a nightmare for security experts The adoption of AI systems in cyber security is not a novelty. Some threat intelligence systems already employ AI to detect threats and neutralize them. Basically AI-powered defense systems today are used to automate manual tasks and enhance human activities, but many experts argue that currently many entities are already working to use it for offensive purposes, AIbased systems could be used to automate some phases of the attacks like reconnaissance or exploitation of vulnerabilities. Intelligent systems could be used to search for unfixed vulnerabilities in a target system and exploit them to carry out the attacks. AI systems could be also used to carry out sophisticated social engineering attacks or to use false flags to deceive the defenders and make hard the attribution. The involvement of AI-based systems in misinformation campaign conducted by rogue states is a nightmare for security experts and intelligence analysts. The risk that AI-bases systems could be used to launch surgical attacks is concrete and most of defense systems could be not prepared to detect and repel these kind of attacks. P8 - Cloud storages, the gold mines for attackers A growing number of companies already rely on cloud storages, it’s normal that threat actors are devising new technique to find unsecured systems and attack them. Cloud infrastructures are a potential targets of security breaches, attackers will use several techniques to steal data and to monetize their efforts. Cloud-based ransomware could target infrastructure of businesses and cause heavy losses. 8 Cyber Defense Magazine - Annual Print Edition 2019
Inspiring Greater Accountability with Improved Security KPIs By Lewie Dunsworth, EVP Technical Operations, Herjavec Group Getting a good night’s sleep has become increasingly difficult for CISO’s. In a recent Cybersecurity CEO piece Herjavec Group Founder & CEO, Robert Herjavec, referenced how CISOs toss and turn, kept awake by thoughts of: • Accountability to leadership – being held accountable to delivering on expectations as the board approves investments to improve security • Capability of team – questioning do I have the right skills and right people to do the right things? • Compliance & Privacy Regulation – how do GDPR, and other industry or regional regulations impact my security program? The good news is that the CEO and board are more engaged in cybersecurity conversations than ever before. C-Level members are no longer passing off responsibility. CISOs aren’t educating in the board room as they used to – and trust me, I’ve been in their shoes. The board is asking the right questions and holding their teams accountable. I would confidently say the C-suite is maturing when it comes to security knowledge. Keep in mind, each player around that table may have slightly different priorities: - CEO – Concerned with the reputation of the company in the event of a breach. How could credibility, customer retention and overall stock price/business value be impacted? - CFO – How will we fund ongoing security initiatives? Are we maximizing the value of our investments today? What risk remains and what risk are we sharing with 3rd parties, including contractors, suppliers and customers? - COO – Will any business operation be impacted by the security program or new technology roll out? Is the roadmap on schedule? What is our incident response plan to regain business operation in the event of a breach? At the end of the day the C-Suite shares mutual concerns about security risk and liability in the event of a breach. How you communicate this and keep them informed is pivotal. As security becomes a more digestible topic of conversation at the quarterly board meeting it’s imperative CISOs have the proper metrics to measure their progress and the inherent risks that remain. Herjavec Group recommends aligning early with your executive leadership team on a Security Roadmap – then developing key performance indicators (KPIs) that you can report on so status updates and progress measurements are concise, clear and continue to be digestible. Cyber Defense Magazine - Annual Print Edition 2019 9
Page 2 and 3: WELCOME ABOARD We’re honored to b
Page 4 and 5: Welcome Letter RSAC 2019 Cyber Defe
Page 6 and 7: P3 - Nation-state hacking, it’s a
Page 10 and 11: I’ve summarized a sample roadmap
Page 12 and 13: Does Your Organization Need MFT Sof
Page 14 and 15: But a fully-connected world is a Ut
Page 16 and 17: GTB Technologies Data Protection th
Page 18 and 19: 360 ESG, itself, is endowed with PE
Page 20 and 21: Winning the Battle for the Inbox by
Page 22 and 23: 3. Incident Response with Global Re
Page 24 and 25: HORNETSECURITY • A V ENTER COMPA
Page 26 and 27: Zero Trust? Not if You’re Surfing
Page 28 and 29: Remote Browser Isolation is Zero Tr
Page 30 and 31: INTEZER GENETIC MALWARE ANALYSIS De
Page 32 and 33: Through its unique cyber service de
Page 34 and 35: Fraud Protection and AI in the Fina
Page 36 and 37: Especially in the financial industr
Page 38 and 39: Thanks to Human Expertise, Companie
Page 40 and 41: The email told recipients that the
Page 42 and 43: Why Major Data Breaches Will Contin
Page 44: The Advanced SQL Behavioral Analysi
Page 47 and 48: Advanced Safeguards Secure Channels
Page 49 and 50: www.securechannels.com Protect Your
Page 51 and 52: To understand how this can work, th
Page 54 and 55: Attivo Networks and Deception Marke
Page 56 and 57: Attivo ThreatDefend Solution Differ
Page 58 and 59:
Jumio Ad
Page 60 and 61:
YScanner Web Application Scan YOUNK
Page 62 and 63:
Authentication Methods After the us
Page 64 and 65:
Emerging Use Cases By using your us
Page 66 and 67:
Setting the Standard in Cyber Defen
Page 68 and 69:
For a security culture to take hold
Page 70 and 71:
O2, Ericsson, and Equifax: How Cert
Page 73 and 74:
‘To Be or Not To Be’: Here’s
Page 75:
On-Premise Model (Hosted by SMEs) M
Page 78 and 79:
How do we as organizations fight ag
Page 80 and 81:
'-. \;Global Learning Systems Globa
Page 82 and 83:
The time has come to move away from
Page 84 and 85:
High-Level Strategies for Third-Par
Page 86 and 87:
Wouldn't you like to see the threat
Page 88 and 89:
Insight into Your Security Posture
Page 90 and 91:
Quis custodiet ipsos custodes? (Who
Page 92 and 93:
ATAR ® SECURITY ORCHESTRATION, AUT
Page 94 and 95:
Aligning Cybersecurity Effectivenes
Page 96 and 97:
enterprises do not have the systems
Page 98 and 99:
DEFENSE BY OFFENSE Purple Team: The
Page 100 and 101:
◄-► NOZOMI , N E T W O R K S Re
Page 102 and 103:
It’s latest creation - the 2019 S
Page 104 and 105:
Filling the Public Relations Void f
Page 106 and 107:
PR is a relationship business; it m
Page 108 and 109:
InfoSec Awards for 2019 Access Cont
Page 110 and 111:
InfoSec Awards for 2019 Digital Foo
Page 112:
InfoSec Awards for 2019 Security Or
Page 115 and 116:
DELIVERING THE NEXT EVOLUTION IN MA
show all

Cyber Defense Magazine - Annual RSA Conference 2019 - Print Edition

Create successful ePaper yourself

Delete template?

Save as template?