CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons it’s Written On - Alex Simons
2 likes1,021 views
The document discusses the critical importance of security in digital identity management, highlighting that without robust security measures, digital identity is essentially worthless. It outlines alarming statistics regarding the frequency of cyber attacks, the significant costs associated with data breaches, and various strategies and technologies being employed to enhance security. Additionally, it emphasizes the risks posed by weak protocols and malicious attacks, underscoring the need for constant vigilance and advanced detection techniques.
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons it’s Written On - Alex Simons
- 2. Without great security, Digital Identity is not worth the electrons it’s written on Alex Simons DirectorofProgramManagement MicrosoftCorporation
- 3. 90% organizations using Microsoft Active Directory WW 500M 10Bdaily Microsoft Account logons active Microsoft Account users 5.5M organizations using Microsoft Azure Active Directory >1,000 Microsoft engineers working on Identity and Security
- 4. The frequency and sophistication of cybersecurity attacks are escalating $500B total potential cost of cybercrime to the global economy $3.5M average cost of a data breach to a company 200+ median # days attackers reside within a victim’s network before detection network intrusions due to compromised user credentials 75%+
- 5. rule-based detection static analysis machine learning anomaly detection real-time risk scoring device profiling adaptive authentication conditional access smart cards security tokens OTPs & OATH codes authenticator apps biometrics dedicated teams threat intelligence dark web shared intelligence bounties Credential Hardening Dynamic Mitigation Attack Intelligence Advanced Detection
- 6. On premises In the cloud Machine Learning User and Entity Behavior Analytics
- 8. Monitoring abuse across tenants Bad username IP address: 199.34.28.10 Probable Penetration IP address: 199.34.28.10 Bad username Bad password Bad password Bad username Bad password Bad username Bad username Logon Successful
- 9. Anonymizers IP address: 199.34.28.10 IP address: 199.34.28.10
- 10. N Botnets 192.168.1.10 10.18.91.42 172.16.4.19 192.168.1.12 172.16.11.14 199.34.28.10 192.168.9.5 172.16.21.98 10.129.6.21 172.16.5.2 172.16.42.2 192.168.14.11 172.16.82.14 10.111.4.53 192.168.21.1 10.34.71.5 172.16.87.9 192.168.28.10 172.16.25.6 10.4.221.34 199.34.28.10 199.34.28.10199.34.28.10
- 12. Security issues and risks Broken trust Weak protocols Known protocol vulnerabilities
- 13. Malicious attacks Pass-the-Ticket (PtT) Pass-the-Hash (PtH) Overpass-the-Hash Forged PAC (MS14-068) Golden Ticket Skeleton key malware Reconnaissance BruteForce
- 14. Abnormal behavior Anomalous logins Remote execution Suspicious activity Unknown threats Password sharing Lateral movement