80 likes | 219 Views
Security Track Day 2. Richard Stiennon Chief Research Analyst IT-Harvest Blog: ThreatChaos.com twitter.com/stiennon. Blog: www.ThreatChaos.com twitter.com/cyberwar. The Week’s Agenda. Yesterday What CXOs consistently fail to grasp about enterprise security Day 2, August 3, 2010
E N D
IT-Harvest Confidential Security TrackDay 2 Richard StiennonChief Research AnalystIT-Harvest Blog: ThreatChaos.com twitter.com/stiennon
IT-Harvest Confidential Blog: www.ThreatChaos.com twitter.com/cyberwar
IT-Harvest Confidential The Week’s Agenda • Yesterday What CXOs consistently fail to grasp about enterprise security • Day 2, August 3, 2010 Getting beyond vulnerabilities; resilience in security architectures • Day 3 Threat and risk management • Day 4 Security and ROI • Day 5 Data protection: strategies inside and outside the enterprise
IT-Harvest Confidential Getting beyond vulnerabilities – Resilience in security architectures • Vulnerability management is good, but only a small piece of the puzzle • Monthly patch cycles becoming hard to maintain for Microsoft (Stuxnet) • 0-day issue. (China and Russia)
IT-Harvest Confidential How your employees make VM superfluous 1. Who needs a vulnerability when your people • grant access to malicious software? 2. Malicious insiders use 3. Secure applications assume the user is hostile
What are the six elements of a resilient security architecture? 1. Data protection • Encrypting data at rest • Key management 2. The cloud • Data and VM segregation • Do not extend trust to the cloud provider 3. Continuous monitoring • Applications • Networks
IT-Harvest Confidential What are the six elements of a resilient security architecture? 4. Identity and Access Management (IAM) 5. Network protection • Network awareness • Complete Content Inspection 5. Application defense • Code review • Web Application Firewalls (WAF)
IT-Harvest Confidential Blog: www.threatchaos.com email: richard@it-harvest.com twitter.com/cyberwar