SlideShare a Scribd company logo

How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authentication

Brian Kelly, profile picture
Brian Kelly

The webinar discusses how strong authentication can prevent targeted attacks and mitigate the 'expense in depth' in security strategies, featuring insights from Forrester Research and the University of Tennessee. Key topics include the necessity for a robust security strategy, the importance of staff retention, and the implementation of multi-factor authentication. Recommendations emphasize evaluating security investments and focusing on fundamental security principles to protect against user-targeted attacks.

Technology
1 of 51
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authentication Presented by Duo Security with guests Forrester Research and University of Tennessee, Knoxville September 25, 2014 #duowebinar
Agenda Rick Holland, Forrester Research How To Stop Targeted Attacks and Avoid “Expense In Depth” with Strong Authentication Brian Kelly, Duo Security How Duo Helps You Avoid “Expense In Depth” Bob Hillhouse, University of Tennessee, Knoxville A Case for Multi-factor Authentication #duowebinar
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authentication Rick Holland, Principal Analyst Forrester Research #duowebinar
Agenda › Targeted attacks! › Targeted-Attack Hierarchy Of Needs › Recommendations © 2014 Forrester Research, Inc. Reproduction Prohibited
APT! © 2014 Forrester Research, Inc. Reproduction Prohibited
Heartbleed OpenSSL vulnerability exploited to compromise SSL VPN © 2014 Forrester Research, Inc. Reproduction Prohibited
Adversaries are on shopping sprees © 2014 Forrester Research, Inc. Reproduction Prohibited
Except the adversary isn’t being timed © 2014 Forrester Research, Inc. Reproduction Prohibited
We are hyper focused on the © 2014 Forrester Research, Inc. Reproduction Prohibited WRONG things
Anything but the data © 2014 Forrester Research, Inc. Reproduction Prohibited Malware sandboxes Alert driven security Perimeter security controls
Agenda › Targeted attacks! › Targeted-Attack Hierarchy Of Needs › Recommendations © 2014 Forrester Research, Inc. Reproduction Prohibited
Targeted-Attack Hierarchy Of Needs © 2014 Forrester Research, Inc. Reproduction Prohibited
Targeted-Attack Hierarchy Of Needs © 2014 Forrester Research, Inc. Reproduction Prohibited
Targeted-Attack Hierarchy Of Needs Need No. 1: An Actual Security Strategy © 2014 Forrester Research, Inc. Reproduction Prohibited
Silver bullets, for investment not defense © 2014 Forrester Research, Inc. Reproduction Prohibited
Expense in Depth © 2014 Forrester Research, Inc. Reproduction Prohibited
Targeted-Attack Hierarchy Of Needs Need No. 2: A Dedication To Recruiting And Retaining Staff © 2014 Forrester Research, Inc. Reproduction Prohibited
Lack of staff is a problem © 2014 Forrester Research, Inc. Reproduction Prohibited
Targeted-Attack Hierarchy Of Needs Need No. 3: A Focus On The Fundamentals © 2014 Forrester Research, Inc. Reproduction Prohibited
A Focus On The Fundamentals © 2014 Forrester Research, Inc. Reproduction Prohibited
Forrester’s Zero Trust model © 2014 Forrester Research, Inc. Reproduction Prohibited
Forrester’s Zero Trust model © 2014 Forrester Research, Inc. Reproduction Prohibited
Zero Trust is fundamental © 2014 Forrester Research, Inc. Reproduction Prohibited
Strong Authentication › Strong authentication is critical for disrupting attackers © 2014 Forrester Research, Inc. Reproduction Prohibited
Strong Authentication › Strong auth is critical for disrupting attackers › Protect your VPNs and Citrix but don’t forget about SaaS applications › Consider step up authentication for admins © 2014 Forrester Research, Inc. Reproduction Prohibited
Least privilege › Privileged accounts need to be monitored and audited › Don’t share local admin passwords across all hosts › Work towards a data classification program © 2014 Forrester Research, Inc. Reproduction Prohibited
Detecting lateral movement › Segment your network › Deploy visibility to key ingress/egress chokepoints › NETFLOW can be used for lateral movement detection © 2014 Forrester Research, Inc. Reproduction Prohibited
Agenda › Targeted attacks! › Targeted-Attack Hierarchy Of Needs › Recommendations © 2014 Forrester Research, Inc. Reproduction Prohibited
Return on Expense in Depth? © 2014 Forrester Research, Inc. Reproduction Prohibited
Recommendations › Evaluate your potential investments › What provides greatest marginal return on your investment? › What technology reduces the greatest attack surface? © 2014 Forrester Research, Inc. Reproduction Prohibited
Thank you Rick Holland rholland@forrester.com Twitter: @rickhholland
How Duo Helps You Avoid “Expense In Depth” Brian Kelly, Principal Product Marketing Manager Duo Security #duowebinar
Adoption of cloud, mobile, and BYOD is accelerating dramatically    # #  &  ☁#☁# IT 1.0: Mainframe IT 2.0: Client/Server IT 3.0: Cloud/Mobile
   # #  &   &   &  ☁#☁# 1995 2000 2005 2010  &  Data Breaches Along this same timeline we’ve also seen dramatic growth in user-targeted attacks
   # #  &   &   &  ☁#☁# 1995 2000 2005 2010  &  Data Breaches Why?
What’s new in IT 3.0? ‣ Users ‣ Access from anywhere ‣ “Zero Trust” environment ‣ Devices ‣ Mobile proliferation ‣ BYOD acceptance ‣ Services ‣ Diminishing perimeter ‣ Platform and Software -as-a-Service  &  ☁#☁#
What’s new in Security 3.0? ‣ Users ‣ Access from anywhere ‣ “Zero Trust” environment ‣ Devices ‣ Mobile proliferation ‣ BYOD acceptance ‣ Services ‣ Diminishing perimeter ‣ Platform and Software -as-a-Service Better OS and app security …but, limited endpoint control Better service security …but, limited network visibility
What’s new in Security 3.0? ‣ Users ‣ Access from anywhere ‣ “Zero Trust” environment ‣ Devices ‣ Mobile proliferation ‣ BYOD acceptance ‣ Services ‣ Diminishing perimeter ‣ Platform and Software -as-a-Service User-targeted attacks Credentials are easily stolen • Phished • Guessed • Keylogged • Sniffed • Cracked • Reused • Bypassed
100% OF BREACHES involve stolen credentials — Mandiant Source: mandiant.com/threat-landscape and M-Trends annual reports
advanced adversary will compromise your environment and accomplish their goal. The Targeted Attack Figure 2 The Hierarchy Targeted-Attack Hierarchy Of Of Needs Needs Detection and response Prevention An integrated portfolio that enables orchestration A focus on the fundamentals A dedication to recruiting and retaining staff An actual security strategy 107121 Source: Forrester Research,
advanced adversary will compromise your environment and accomplish their goal. The Targeted Attack Figure 2 The Hierarchy Targeted-Attack Hierarchy Of Of Needs Needs Detection and response Prevention An integrated portfolio that enables orchestration A focus on the fundamentals A dedication to recruiting and retaining staff An actual security strategy 107121 Source: Forrester Research, Back to Basics ‣ Patch, harden, update (everything) ‣ Segment data, services, networks ‣ Review access controls (often) ‣ Inspect endpoints, enforce policy ‣ Require strong authentication
Legacy two-factor authentication solutions overlook TCO On boarding Deployment $  #  ✉ $ $ $ Management Login  ⚠  ⏲
Duo Security minimizes cost throughout 2FA lifecycle On boarding Deployment ☁ . Management Login / 
Thousands Getting Better Security, Not Just More duosecurity.com/success-stories
A Case For Multi-Factor Authentication Bob Hillhouse, Associate CIO and CISO University of Tennessee, Knoxville #duowebinar
Cast ▪ The University of Tennessee, Knoxville ▪ 57 merchants across campus ▪ 130 Users; 150 Devices ▪ The UT Office of the Treasurer ▪ The Office of Information Technology (OIT)
Act I - Prelude ▪ PCI-DSS Requirement 8.3 – Incorporate two-factor authentication for remote access to the network by employees, administrators, and third parties… ▪ 150 devices in the PCI-Subnet require Remote Desktop Services (RDP)
Act II – The Timeline ▪ 8:00 AM ▪ 8:15 AM ▪ 8:30 AM ▪ 9:00 AM
Act III – Prologue ▪ 2013 – The end of strong password-only security. – http://duo.sc/utk-vid
Epilogue ▪ Compliance Goal was met ▪ Next: Two-Factor Authentication for all central IT staff using the VPN – 200 additional users ▪ Next: Two-Factor Authentication for all VPN Users – Usage Patterns – Establish scope (Campus-wide? Privileged Users Only?)
Questions + Answers #duowebinar Rick Holland, Forrester Research rholland@forrester.com @rickhholland Brian Kelly, Duo Security bkelly@duosecurity.com @resetbrian Bob Hillhouse, University of Tennessee, Knoxville bob@utk.edu @ut_oit

More Related Content

PDF
PROGRAMMING AND CYBER SECURITY
Sylvain Martinez
 
PDF
VIRTUAL CISO AND OTHER KEY CYBER ROLES
Sylvain Martinez
 
PDF
INCIDENT RESPONSE CONCEPTS
Sylvain Martinez
 
PDF
Advanced persistent threats(APT)
Network Intelligence India
 
PDF
Birds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - Howard
HITCON GIRLS
 
PDF
Atelier Technique CISCO ACSS 2018
African Cyber Security Summit
 
PPTX
Introduction to Advanced Persistent Threats (APT) for Non-Security Engineers
Ollie Whitehouse
 
PDF
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
CrowdStrike
 
PROGRAMMING AND CYBER SECURITY
Sylvain Martinez
 
VIRTUAL CISO AND OTHER KEY CYBER ROLES
Sylvain Martinez
 
INCIDENT RESPONSE CONCEPTS
Sylvain Martinez
 
Advanced persistent threats(APT)
Network Intelligence India
 
Birds of a Feather 2017: 邀請分享 Glance into the Enterprise InfoSec Field - Howard
HITCON GIRLS
 
Atelier Technique CISCO ACSS 2018
African Cyber Security Summit
 
Introduction to Advanced Persistent Threats (APT) for Non-Security Engineers
Ollie Whitehouse
 
Proactive Threat Hunting: Game-Changing Endpoint Protection Beyond Alerting
CrowdStrike
 

What's hot (20)

POTX
Ransomware: Why Are Backup Vendors Trying To Scare You?
marketingunitrends
 
PPTX
The Best Just Got Better, Intercept X Now With EDR
Netpluz Asia Pte Ltd
 
PDF
Overview of the Cyber Kill Chain [TM]
David Sweigert
 
PPTX
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
mdagrossa
 
PPTX
kill-chain-presentation-v3
Shawn Croswell
 
PDF
Addressing the cyber kill chain
Symantec Brasil
 
PDF
Threat Hunting 102: Beyond the Basics
Cybereason
 
PDF
Understanding Cyber Kill Chain and OODA loop
David Sweigert
 
PPT
Security Intelligence: Advanced Persistent Threats
Peter Wood
 
PPTX
Common Techniques To Identify Advanced Persistent Threat (APT)
Yuval Sinay, CISSP, C|CISO
 
PDF
Combating Advanced Persistent Threats with Flow-based Security Monitoring
Lancope, Inc.
 
PDF
OFFENSIVE IDS
Sylvain Martinez
 
PDF
Cyber Kill Chain vs. Cyber Criminals
David Sweigert
 
PPTX
Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...
CODE BLUE
 
PDF
Corporate threat vector and landscape
yohansurya2
 
PDF
ICS Cyber Security Effectiveness Measurement
Aleksey Lukatskiy
 
PDF
Advanced Persistent Threat
Ammar WK
 
PPTX
The Internal Signs of Compromise
FireEye, Inc.
 
PDF
InfoSecurity Europe 2014: The Art Of Cyber War
Radware
 
PDF
Threat Hunting
Splunk
 
Ransomware: Why Are Backup Vendors Trying To Scare You?
marketingunitrends
 
The Best Just Got Better, Intercept X Now With EDR
Netpluz Asia Pte Ltd
 
Overview of the Cyber Kill Chain [TM]
David Sweigert
 
ION-E Defense In Depth Presentation for The Institiute of Internal Auditors
mdagrossa
 
kill-chain-presentation-v3
Shawn Croswell
 
Addressing the cyber kill chain
Symantec Brasil
 
Threat Hunting 102: Beyond the Basics
Cybereason
 
Understanding Cyber Kill Chain and OODA loop
David Sweigert
 
Security Intelligence: Advanced Persistent Threats
Peter Wood
 
Common Techniques To Identify Advanced Persistent Threat (APT)
Yuval Sinay, CISSP, C|CISO
 
Combating Advanced Persistent Threats with Flow-based Security Monitoring
Lancope, Inc.
 
OFFENSIVE IDS
Sylvain Martinez
 
Cyber Kill Chain vs. Cyber Criminals
David Sweigert
 
Lessons learned from hundreds of cyber espionage breaches by TT and Ashley - ...
CODE BLUE
 
Corporate threat vector and landscape
yohansurya2
 
ICS Cyber Security Effectiveness Measurement
Aleksey Lukatskiy
 
Advanced Persistent Threat
Ammar WK
 
The Internal Signs of Compromise
FireEye, Inc.
 
InfoSecurity Europe 2014: The Art Of Cyber War
Radware
 
Threat Hunting
Splunk
 
Ad

Similar to How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authentication (20)

PDF
Forrester and Duo Security Webinar - 5 Signs You're Doing Authentication Wrong
Duo Security
 
PDF
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
Dean Iacovelli
 
PPTX
ciso-workshop-3-identity-protection.pptx
elyas44
 
PPTX
Presentation for information security & hacking
faizanmalik255119
 
PDF
The hacker playbook: How to think and act like a cybercriminal to reduce risk...
Paula Januszkiewicz
 
PPTX
Make your Azure PaaS Deployment More Safe
Thuan Ng
 
PPTX
Webinar: Beyond Two-Factor: Secure Access Control for Office 365
SecureAuth
 
PPTX
6 Biggest Cyber Security Risks and How You Can Fight Back
MTG IT Professionals
 
DOCX
Hot Cyber Security Technologies
RuchikaSachdeva4
 
PPTX
Identity and Security in the Cloud
Richard Diver
 
PPTX
Indianapolis Splunk User Group Dec 22
WesComer2
 
PDF
Industry Overview: Big Data Fuels Intelligence-Driven Security
EMC
 
PPTX
Mapping the Enterprise Threat, Risk, and Security Control Landscape with Splunk
Andrew Gerber
 
PPTX
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...
SecureAuth
 
PDF
Strong authentication implementation guide
Nis
 
PPTX
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
EC-Council
 
PDF
1. security 20 20 - ebook-vol2
Adela Cocic
 
PPTX
Stopping Breaches at the Perimeter: Strategies for Secure Access Control
SecureAuth
 
PDF
Big Data & Security Have Collided - What Are You Going to do About It?
EMC
 
PPTX
Infosec is Broken “did you bring a knife to a gun fight?"
Jorge Sebastiao
 
Forrester and Duo Security Webinar - 5 Signs You're Doing Authentication Wrong
Duo Security
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
Dean Iacovelli
 
ciso-workshop-3-identity-protection.pptx
elyas44
 
Presentation for information security & hacking
faizanmalik255119
 
The hacker playbook: How to think and act like a cybercriminal to reduce risk...
Paula Januszkiewicz
 
Make your Azure PaaS Deployment More Safe
Thuan Ng
 
Webinar: Beyond Two-Factor: Secure Access Control for Office 365
SecureAuth
 
6 Biggest Cyber Security Risks and How You Can Fight Back
MTG IT Professionals
 
Hot Cyber Security Technologies
RuchikaSachdeva4
 
Identity and Security in the Cloud
Richard Diver
 
Indianapolis Splunk User Group Dec 22
WesComer2
 
Industry Overview: Big Data Fuels Intelligence-Driven Security
EMC
 
Mapping the Enterprise Threat, Risk, and Security Control Landscape with Splunk
Andrew Gerber
 
Unmask anonymous attackers with advanced threat intelligence webinar 6.29 fin...
SecureAuth
 
Strong authentication implementation guide
Nis
 
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
EC-Council
 
1. security 20 20 - ebook-vol2
Adela Cocic
 
Stopping Breaches at the Perimeter: Strategies for Secure Access Control
SecureAuth
 
Big Data & Security Have Collided - What Are You Going to do About It?
EMC
 
Infosec is Broken “did you bring a knife to a gun fight?"
Jorge Sebastiao
 
Ad

More from Brian Kelly (6)

PDF
Avoiding the Passion Pit: How to stumble through startups to find your career
Brian Kelly
 
PDF
Launching A Startup in 2017: A Founder's Pocket Guide
Brian Kelly
 
PDF
Now is the best time to start a company… Now what?
Brian Kelly
 
PDF
Churn and what it says about product/market fit
Brian Kelly
 
PDF
Pragmatic Marketing recap by Brian Kelly
Brian Kelly
 
PPTX
A look back bkelly duo farewell - june 2015
Brian Kelly
 
Avoiding the Passion Pit: How to stumble through startups to find your career
Brian Kelly
 
Launching A Startup in 2017: A Founder's Pocket Guide
Brian Kelly
 
Now is the best time to start a company… Now what?
Brian Kelly
 
Churn and what it says about product/market fit
Brian Kelly
 
Pragmatic Marketing recap by Brian Kelly
Brian Kelly
 
A look back bkelly duo farewell - june 2015
Brian Kelly
 

Recently uploaded (20)

PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PPTX
Machine Learning_overview_presentation.pptx
kondavamsidharreddy2
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PDF
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
PDF
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PDF
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PPTX
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
Teaching material agriculture food technology
LiaRayya
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
Approach and Philosophy of On baking technology
30anthuong17
 
Machine Learning_overview_presentation.pptx
kondavamsidharreddy2
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 

How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authentication

  • 1. How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authentication Presented by Duo Security with guests Forrester Research and University of Tennessee, Knoxville September 25, 2014 #duowebinar
  • 2. Agenda Rick Holland, Forrester Research How To Stop Targeted Attacks and Avoid “Expense In Depth” with Strong Authentication Brian Kelly, Duo Security How Duo Helps You Avoid “Expense In Depth” Bob Hillhouse, University of Tennessee, Knoxville A Case for Multi-factor Authentication #duowebinar
  • 3. How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authentication Rick Holland, Principal Analyst Forrester Research #duowebinar
  • 4. Agenda › Targeted attacks! › Targeted-Attack Hierarchy Of Needs › Recommendations © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 5. APT! © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 6. Heartbleed OpenSSL vulnerability exploited to compromise SSL VPN © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 7. Adversaries are on shopping sprees © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 8. Except the adversary isn’t being timed © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 9. We are hyper focused on the © 2014 Forrester Research, Inc. Reproduction Prohibited WRONG things
  • 10. Anything but the data © 2014 Forrester Research, Inc. Reproduction Prohibited Malware sandboxes Alert driven security Perimeter security controls
  • 11. Agenda › Targeted attacks! › Targeted-Attack Hierarchy Of Needs › Recommendations © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 12. Targeted-Attack Hierarchy Of Needs © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 13. Targeted-Attack Hierarchy Of Needs © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 14. Targeted-Attack Hierarchy Of Needs Need No. 1: An Actual Security Strategy © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 15. Silver bullets, for investment not defense © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 16. Expense in Depth © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 17. Targeted-Attack Hierarchy Of Needs Need No. 2: A Dedication To Recruiting And Retaining Staff © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 18. Lack of staff is a problem © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 19. Targeted-Attack Hierarchy Of Needs Need No. 3: A Focus On The Fundamentals © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 20. A Focus On The Fundamentals © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 21. Forrester’s Zero Trust model © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 22. Forrester’s Zero Trust model © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 23. Zero Trust is fundamental © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 24. Strong Authentication › Strong authentication is critical for disrupting attackers © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 25. Strong Authentication › Strong auth is critical for disrupting attackers › Protect your VPNs and Citrix but don’t forget about SaaS applications › Consider step up authentication for admins © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 26. Least privilege › Privileged accounts need to be monitored and audited › Don’t share local admin passwords across all hosts › Work towards a data classification program © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 27. Detecting lateral movement › Segment your network › Deploy visibility to key ingress/egress chokepoints › NETFLOW can be used for lateral movement detection © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 28. Agenda › Targeted attacks! › Targeted-Attack Hierarchy Of Needs › Recommendations © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 29. Return on Expense in Depth? © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 30. Recommendations › Evaluate your potential investments › What provides greatest marginal return on your investment? › What technology reduces the greatest attack surface? © 2014 Forrester Research, Inc. Reproduction Prohibited
  • 31. Thank you Rick Holland rholland@forrester.com Twitter: @rickhholland
  • 32. How Duo Helps You Avoid “Expense In Depth” Brian Kelly, Principal Product Marketing Manager Duo Security #duowebinar
  • 33. Adoption of cloud, mobile, and BYOD is accelerating dramatically    # #  &  ☁#☁# IT 1.0: Mainframe IT 2.0: Client/Server IT 3.0: Cloud/Mobile
  • 34.    # #  &   &   &  ☁#☁# 1995 2000 2005 2010  &  Data Breaches Along this same timeline we’ve also seen dramatic growth in user-targeted attacks
  • 35.    # #  &   &   &  ☁#☁# 1995 2000 2005 2010  &  Data Breaches Why?
  • 36. What’s new in IT 3.0? ‣ Users ‣ Access from anywhere ‣ “Zero Trust” environment ‣ Devices ‣ Mobile proliferation ‣ BYOD acceptance ‣ Services ‣ Diminishing perimeter ‣ Platform and Software -as-a-Service  &  ☁#☁#
  • 37. What’s new in Security 3.0? ‣ Users ‣ Access from anywhere ‣ “Zero Trust” environment ‣ Devices ‣ Mobile proliferation ‣ BYOD acceptance ‣ Services ‣ Diminishing perimeter ‣ Platform and Software -as-a-Service Better OS and app security …but, limited endpoint control Better service security …but, limited network visibility
  • 38. What’s new in Security 3.0? ‣ Users ‣ Access from anywhere ‣ “Zero Trust” environment ‣ Devices ‣ Mobile proliferation ‣ BYOD acceptance ‣ Services ‣ Diminishing perimeter ‣ Platform and Software -as-a-Service User-targeted attacks Credentials are easily stolen • Phished • Guessed • Keylogged • Sniffed • Cracked • Reused • Bypassed
  • 39. 100% OF BREACHES involve stolen credentials — Mandiant Source: mandiant.com/threat-landscape and M-Trends annual reports
  • 40. advanced adversary will compromise your environment and accomplish their goal. The Targeted Attack Figure 2 The Hierarchy Targeted-Attack Hierarchy Of Of Needs Needs Detection and response Prevention An integrated portfolio that enables orchestration A focus on the fundamentals A dedication to recruiting and retaining staff An actual security strategy 107121 Source: Forrester Research,
  • 41. advanced adversary will compromise your environment and accomplish their goal. The Targeted Attack Figure 2 The Hierarchy Targeted-Attack Hierarchy Of Of Needs Needs Detection and response Prevention An integrated portfolio that enables orchestration A focus on the fundamentals A dedication to recruiting and retaining staff An actual security strategy 107121 Source: Forrester Research, Back to Basics ‣ Patch, harden, update (everything) ‣ Segment data, services, networks ‣ Review access controls (often) ‣ Inspect endpoints, enforce policy ‣ Require strong authentication
  • 42. Legacy two-factor authentication solutions overlook TCO On boarding Deployment $  #  ✉ $ $ $ Management Login  ⚠  ⏲
  • 43. Duo Security minimizes cost throughout 2FA lifecycle On boarding Deployment ☁ . Management Login / 
  • 44. Thousands Getting Better Security, Not Just More duosecurity.com/success-stories
  • 45. A Case For Multi-Factor Authentication Bob Hillhouse, Associate CIO and CISO University of Tennessee, Knoxville #duowebinar
  • 46. Cast ▪ The University of Tennessee, Knoxville ▪ 57 merchants across campus ▪ 130 Users; 150 Devices ▪ The UT Office of the Treasurer ▪ The Office of Information Technology (OIT)
  • 47. Act I - Prelude ▪ PCI-DSS Requirement 8.3 – Incorporate two-factor authentication for remote access to the network by employees, administrators, and third parties… ▪ 150 devices in the PCI-Subnet require Remote Desktop Services (RDP)
  • 48. Act II – The Timeline ▪ 8:00 AM ▪ 8:15 AM ▪ 8:30 AM ▪ 9:00 AM
  • 49. Act III – Prologue ▪ 2013 – The end of strong password-only security. – http://duo.sc/utk-vid
  • 50. Epilogue ▪ Compliance Goal was met ▪ Next: Two-Factor Authentication for all central IT staff using the VPN – 200 additional users ▪ Next: Two-Factor Authentication for all VPN Users – Usage Patterns – Establish scope (Campus-wide? Privileged Users Only?)
  • 51. Questions + Answers #duowebinar Rick Holland, Forrester Research rholland@forrester.com @rickhholland Brian Kelly, Duo Security bkelly@duosecurity.com @resetbrian Bob Hillhouse, University of Tennessee, Knoxville bob@utk.edu @ut_oit