Do you have a supply chain or just vendors? Do any or all of them present a breach potential? We apply massive resources to hardening perimeters and preventing infiltration of our information security systems, but what if our adversaries have a built-in presence and already have a foothold in the software, hardware,...
The absolute worst time to develop a breach response plan is directly after you have discovered a breach. The absolute best way to have your response team fail is to have them untrained on rarely practiced procedures while being overly reliant upon expensive, improperly configured technology. It is proven that humans...
As well as being prepared to operationally and technically respond to an incident, organizations must also be prepared for the legal aspects of response. Private-sector organizations must be well versed in the response and notification processes and understand the how, what and why of the law enforcement/public agency...
Many attacks simply take advantage of known vulnerabilities or network weaknesses that have not been addressed, in which case the adversaries have no need to create custom malware but when they are employed, "zero-day" attacks are often extremely difficult to detect as they exploit hidden or as yet unknown...
As well as being prepared to operationally and technically respond to an incident, organizations must also be prepared for the legal aspects of response. Private-sector organizations must be well versed in the response and notification processes and understand the how, what and why of the law enforcement/public agency...
As company networks continue to grow in size and volume, cyber-attacks also continue to grow in sophistication which makes it very difficult for organizations to defend their critical assets, often times merely reacting to the threats as they occur. We are clearly losing the cyber battle.
To successfully defend our...
Even though many traditional defense mechanisms can be circumvented, it is essential that a proactive, layered, defensive security program be put in place and managed effectively. This will not prevent the persistent well-organized targeted attacks, but will eliminate 99 percent of the background noise and the vast...
Genesis: The Nation State APT - Dr. Dale Meyerrose (Major General, USAF, Retired)
Today: The Enterprise as a Target - Eduardo Perez, (SVP, North Americas Risk, Visa)
Many elements of the breaches we now see on a daily basis are firmly rooted in mechanisms developed by nation state adversaries. We will start the...
The absolute worst time to develop a breach response plan is directly after you have discovered a breach. The absolute best way to have your response team fail is to have them untrained on rarely practiced procedures while being overly reliant upon expensive, improperly configured technology. It is proven that humans...
PII breach insurance is becoming commonplace and has some value, but what about damage that goes way beyond the embarrassment, potential fraud and loss of consumer confidence resulting from PII theft? The motivations and objectives for many attacks are much broader than just financial gain, ranging from hacktivism,...
Since the phrase "Advanced Persistent Threat" (APT) was coined nearly ten years ago, it has been the subject of extensive discussion and debate in the IT security community, attracting terabytes-worth of media buzz. The spotlight on APT's has been critical of bringing the reality of today's threats to light, but the...
Although APT's can vary significantly from breach to breach, they generally have many common phases and mechanisms. In this session, we will define and describe the APT attack and defend lifecycle, provide an overview of how the day is structured and what we aim to achieve, answering such questions as:
What is...
Even though many traditional defense mechanisms can be circumvented, it is essential that a proactive, layered, defensive security program be put in place and managed effectively. This will not prevent the well-organized targeted attacks, but will eliminate 99 percent of the background noise and most of the less...
Intelligence is critical in mounting an effective defense and, equally as important, is an effective offense. This session will look at intelligence gathering from both sides of the DMZ. There is a great deal of critical information available about your adversaries and a startling amount about you, your organization,...
What are the most common mechanisms used in the "Exploit" phase? Many attacks simply take advantage of known vulnerabilities or network weaknesses that have not been addressed, in which case the adversaries have no need to create custom malware. When they are employed, "zero-day" attacks are often very difficult to...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.in, you agree to our use of cookies.
