SlideShare a Scribd company logo

The Most Common Failure With Today's Defences

Mark Nunnikhoven, profile picture
Mark Nunnikhoven

The document discusses common failures in current security defenses and highlights the increasing frequency and impact of data breaches. It emphasizes the need for organizations to improve monitoring of user behavior, implement dynamic trust levels, and expand existing security controls to prevent unauthorized access and data exfiltration. Key recommendations include enhancing authentication methods and analyzing behavioral patterns to detect malicious activities.

Data & Analytics
1 of 38
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
The Most Common Failure With Today's Defences Mark Nunnikhoven Vice President, Cloud & Emerging Technologies @marknca Just like you probably can’t see this, I can’t see the backchannel Tweet me now @marknca, I’ll reply after the talk…
Recent attacks The problem What you can do?
Recently…
The Most Common Failure With Today's Defences
450 000 000 “Client record” is typically at least [username+password]
27-Nov-2013—15-Dec-2013 First real CEO “resignation” due primarily to information security incident
Early May-2014—Late Aug-2014 a/k/a “Target 2” …but worse
Late Feb-2014—Mid May-2014 Nominated for “Worst Communications During An Incident”
17-Jun-2013—17-Oct-2014 Real reputation risk & impact on ability to conduct business
17-Sep-2013—Early Oct-2013 Should have received more attention More on this one later…
Amazing visualization from Information Is Beautiful “World’s Biggest Data Breaches & Hacks”
The Most Common Failure With Today's Defences
Breaches: more frequent, lasting longer, bigger impact on businesses
The Problem
Data Restrict inbound Restrict outbound Heavily monitor access Data space: servers, applications, infrastructure, etc.
User Restrict inbound Allow outbound Little to no monitoring User space: Where the users are ;-) Endpoints like laptops, desktops, tablets, etc.
The Most Common Failure With Today's Defences
Authentication Authorization Yes, we typically only use 2 controls here
152 million records 40 GB of source code ~44 GB of data exfiltrated
What can you do?
Authentication Authorization
Authentication Authorization Behaviour analysis 3 is more than 2. That’s an immediate win when reporting up to your boss(es)
What to look at All traffic leaving user space Most organizations have some controls between the user and the world Need to start to address internal data flow & expand existing controls
What to look for Malicious patterns A service or appliance can help here
What to look for Odd access patterns Most breaches are access data through authorized channels BUT using odd behavioural patterns
What to do about it Vary the level of trust in the user * Dynamically vary the level depending on specific criteria and indicators of trust
You may trust me to deliver a talk on security…
But would you trust me to look after your kids?
Trust is a spectrum
Varying trust A quick example
Normal access
Have a confirmed finding (or high enough confidence)
Not sure what we’ve found
Not sure what we’ve found
Take a deeper look
Not sure what we’ve found? Increase monitoring, block high value access temporarily
Add behavioural analysis Look for odd/malicious patterns Vary the level of trust
The Most Common Failure With Today's Defences

More Related Content

PDF
GBS - Prevent network security fires
Kristin Helgeson
 
PDF
3 Perspectives Around Data Breaches
Symantec
 
PPT
Anton Chuvakin on What is NOT Working in Security 2004
Anton Chuvakin
 
PDF
Ransomware attacks
Texas Medical Liability Trust
 
PPTX
Balance Risk With Better Threat Detection
SecureData Europe
 
PPTX
"We Have Met the Enemy and He Is Us": The Role of the Human Factor in Protect...
Jack Pringle
 
PPTX
5 Signs Your End-Users Need a Security Boost
The TNS Group
 
DOCX
The internet and safety
Patricia bb
 
GBS - Prevent network security fires
Kristin Helgeson
 
3 Perspectives Around Data Breaches
Symantec
 
Anton Chuvakin on What is NOT Working in Security 2004
Anton Chuvakin
 
Ransomware attacks
Texas Medical Liability Trust
 
Balance Risk With Better Threat Detection
SecureData Europe
 
"We Have Met the Enemy and He Is Us": The Role of the Human Factor in Protect...
Jack Pringle
 
5 Signs Your End-Users Need a Security Boost
The TNS Group
 
The internet and safety
Patricia bb
 

What's hot (20)

PPT
Footprintig(Haching)
Asif Iqbal
 
PDF
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
21CT Inc.
 
PPT
Security and trust. gabriel waller, nokia siemens networks.
Business Finland
 
PPTX
Mischievous Malware
The TNS Group
 
PDF
Data exfiltration so many threats 2016
FitCEO, Inc. (FCI)
 
PDF
Data Analytics in Real World
geetachauhan
 
PDF
Personam Solution - How it Works Brief
Sunny Geo
 
PPTX
Anomaly Detection and You
Mary Kelly Rich
 
PDF
E-FILE_Proofpoint_Uberflip_120915_optimized
Lynn Feltner
 
PDF
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Shawn Tuma
 
PPTX
Hacker Halted Miami , USA 2010
Aditya K Sood
 
PDF
How to Catch a Wolf in Sheep's Clothing
ThinAir
 
PPTX
Threat Detection and Response Solutions
The TNS Group
 
PDF
How to Use Artificial Intelligence to Minimize your Cybersecurity Attack Surface
SparkCognition
 
PPTX
Jim Wojno: Incident Response - No Pain, No Gain!
centralohioissa
 
PPTX
Anatomy of a Ransomware Event
Art Ocain
 
PPTX
Cognitive Analysis With SparkSecure
SparkCognition
 
PDF
IT security in 2021: Why Ransomware Is Still The Biggest Threat
ETech 7
 
PDF
The New Normal - Rackspace Solve 2015
Major Hayden
 
PPTX
BSidesTO 2016 - Incident Tracking
Judy Nowak, OSCP, GCIH, CISSP
 
Footprintig(Haching)
Asif Iqbal
 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
21CT Inc.
 
Security and trust. gabriel waller, nokia siemens networks.
Business Finland
 
Mischievous Malware
The TNS Group
 
Data exfiltration so many threats 2016
FitCEO, Inc. (FCI)
 
Data Analytics in Real World
geetachauhan
 
Personam Solution - How it Works Brief
Sunny Geo
 
Anomaly Detection and You
Mary Kelly Rich
 
E-FILE_Proofpoint_Uberflip_120915_optimized
Lynn Feltner
 
Lifecycle: Responding to a Ransomware Attack - A Professional Breach Guide's ...
Shawn Tuma
 
Hacker Halted Miami , USA 2010
Aditya K Sood
 
How to Catch a Wolf in Sheep's Clothing
ThinAir
 
Threat Detection and Response Solutions
The TNS Group
 
How to Use Artificial Intelligence to Minimize your Cybersecurity Attack Surface
SparkCognition
 
Jim Wojno: Incident Response - No Pain, No Gain!
centralohioissa
 
Anatomy of a Ransomware Event
Art Ocain
 
Cognitive Analysis With SparkSecure
SparkCognition
 
IT security in 2021: Why Ransomware Is Still The Biggest Threat
ETech 7
 
The New Normal - Rackspace Solve 2015
Major Hayden
 
BSidesTO 2016 - Incident Tracking
Judy Nowak, OSCP, GCIH, CISSP
 
Ad

Similar to The Most Common Failure With Today's Defences (20)

PDF
Introduction to the Current Threat Landscape
Melbourne IT
 
PPTX
Insider Threat - How Do You Find a Wolf in Sheep's Clothing?
dianadvo
 
PDF
selected Pervasive Computing edited 05.pdf
KelemAlebachew
 
DOCX
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Falgun Rathod
 
PDF
The Hacker Playbook: How to Think Like a Cybercriminal to Reduce Risk
BeyondTrust
 
PPTX
Unintentional Insider Threat featuring Dr. Eric Cole
David Mai, MBA
 
PPTX
Unintentional Insider Threat featuring Dr. Eric Cole
David Mai, MBA
 
PPTX
ObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT
 
PPTX
I’ve Been Hacked  The Essential Steps to Take Next
Brian Pichman
 
PPTX
Website security
RIPPER95
 
PPT
DeltaV Security - Don’t Let Your Business Be Caught Without It
Emerson Exchange
 
PPTX
Mapping the Enterprise Threat, Risk, and Security Control Landscape with Splunk
Andrew Gerber
 
PPT
Security
dominion
 
PDF
Forrester and Duo Security Webinar - 5 Signs You're Doing Authentication Wrong
Duo Security
 
PDF
The Small Business Cyber Security Best Practice Guide
Inspiring Women
 
PPTX
2022 Rea & Associates' Cybersecurity Conference
Rea
 
PDF
01-introductiontosecurity-111122004432-phpapp02.pdf
RiyaSonawane
 
PDF
Cyber Security Analytics – The Weapon to Fight Cyber Crime
Happiest Minds Technologies
 
PPT
Information Leakage - A knowledge Based Approach
Global Business Events - the Heart of your Network.
 
PDF
Cybersecurity risk assessments help organizations identify.pdf
TheWalkerGroup1
 
Introduction to the Current Threat Landscape
Melbourne IT
 
Insider Threat - How Do You Find a Wolf in Sheep's Clothing?
dianadvo
 
selected Pervasive Computing edited 05.pdf
KelemAlebachew
 
Vulnerability Assessment and Penetration Testing Framework by Falgun Rathod
Falgun Rathod
 
The Hacker Playbook: How to Think Like a Cybercriminal to Reduce Risk
BeyondTrust
 
Unintentional Insider Threat featuring Dr. Eric Cole
David Mai, MBA
 
Unintentional Insider Threat featuring Dr. Eric Cole
David Mai, MBA
 
ObserveIT - Unintentional Insider Threat featuring Dr. Eric Cole
ObserveIT
 
I’ve Been Hacked  The Essential Steps to Take Next
Brian Pichman
 
Website security
RIPPER95
 
DeltaV Security - Don’t Let Your Business Be Caught Without It
Emerson Exchange
 
Mapping the Enterprise Threat, Risk, and Security Control Landscape with Splunk
Andrew Gerber
 
Security
dominion
 
Forrester and Duo Security Webinar - 5 Signs You're Doing Authentication Wrong
Duo Security
 
The Small Business Cyber Security Best Practice Guide
Inspiring Women
 
2022 Rea & Associates' Cybersecurity Conference
Rea
 
01-introductiontosecurity-111122004432-phpapp02.pdf
RiyaSonawane
 
Cyber Security Analytics – The Weapon to Fight Cyber Crime
Happiest Minds Technologies
 
Information Leakage - A knowledge Based Approach
Global Business Events - the Heart of your Network.
 
Cybersecurity risk assessments help organizations identify.pdf
TheWalkerGroup1
 
Ad

More from Mark Nunnikhoven (13)

PDF
Advanced Security Automation Made Simple
Mark Nunnikhoven
 
PDF
AWS re:Invent 2017 re:View
Mark Nunnikhoven
 
PDF
Security Teams & Tech In A Cloud World
Mark Nunnikhoven
 
PDF
Defending your workloads with aws waf and deep security
Mark Nunnikhoven
 
PDF
AWS re:Invent 2015 re:Cap
Mark Nunnikhoven
 
PDF
Whodunit, The Mechanics of Attack Attribution
Mark Nunnikhoven
 
PDF
Power Struggle: Balancing Relationships & Responsibility in the Cloud
Mark Nunnikhoven
 
PDF
Security OF The Cloud
Mark Nunnikhoven
 
PDF
Shared Responsibility In Action
Mark Nunnikhoven
 
PDF
Infrastructure as (Secure) Code
Mark Nunnikhoven
 
PDF
Updating Security Operations For The Cloud
Mark Nunnikhoven
 
PDF
Shared Responsibility In Action
Mark Nunnikhoven
 
PDF
Is That Normal? Behaviour Modelling On The Cheap
Mark Nunnikhoven
 
Advanced Security Automation Made Simple
Mark Nunnikhoven
 
AWS re:Invent 2017 re:View
Mark Nunnikhoven
 
Security Teams & Tech In A Cloud World
Mark Nunnikhoven
 
Defending your workloads with aws waf and deep security
Mark Nunnikhoven
 
AWS re:Invent 2015 re:Cap
Mark Nunnikhoven
 
Whodunit, The Mechanics of Attack Attribution
Mark Nunnikhoven
 
Power Struggle: Balancing Relationships & Responsibility in the Cloud
Mark Nunnikhoven
 
Security OF The Cloud
Mark Nunnikhoven
 
Shared Responsibility In Action
Mark Nunnikhoven
 
Infrastructure as (Secure) Code
Mark Nunnikhoven
 
Updating Security Operations For The Cloud
Mark Nunnikhoven
 
Shared Responsibility In Action
Mark Nunnikhoven
 
Is That Normal? Behaviour Modelling On The Cheap
Mark Nunnikhoven
 

Recently uploaded (20)

PPTX
Business Acumen Training GuidePresentation.pptx
stephvshelton19
 
PDF
Launch Your Data Science Career in Kochi – 2025
sharafas2563
 
PDF
Introduction to Business Data Analytics.
jamalmumthaj
 
PPTX
MODULE 8 - DISASTER risk PREPAREDNESS.pptx
AceAquino4
 
PDF
"Python Programming for Geospatial Data Science." ...
institute of Geoinformatics and Earth Observation at PMAS ARID Agriculture University of Rawalpindi
 
PPTX
Moving the Public Sector (Government) to a Digital Adoption
PaulYoung221210
 
PPTX
ALIMENTARY AND BILIARY CONDITIONS 3-1.pptx
chepkoitcheruiyot
 
PPTX
advance b rammar.pptxfdgdfgdfsgdfgsdgfdfgdfgsdfgdfgdfg
rohullahansari5
 
PDF
Galatica Smart Energy Infrastructure Startup Pitch Deck
Shahzaib Ajmal
 
PPTX
IBA_Chapter_11_Slides_Final_Accessible.pptx
SrikantKapoor1
 
PPTX
mbdjdhjjodule 5-1 rhfhhfjtjjhafbrhfnfbbfnb
CHINTU5000
 
PDF
“Getting Started with Data Analytics Using R – Concepts, Tools & Case Studies”
Nusrat Gulbarga
 
PPTX
Major-Components-ofNKJNNKNKNKNKronment.pptx
dushyantsharma1221
 
PPTX
Global journeys: estimating international migration
Office for National Statistics
 
PPT
Reliability_Chapter_ presentation 1221.5784
abobaker13
 
PPTX
Business Ppt On Nestle.pptx huunnnhhgfvu
ashaurya327
 
PDF
Foundation of Data Science unit number two notes
sanguleumeshit
 
PPTX
climate analysis of Dhaka ,Banglades.pptx
rrawjatun
 
PPTX
CEE 2 REPORT G7.pptxbdbshjdgsgjgsjfiuhsd
hildogavino28
 
PPT
Chapter 2 METAL FORMINGhhhhhhhjjjjmmmmmmmmm
JanakiRaman206018
 
Business Acumen Training GuidePresentation.pptx
stephvshelton19
 
Launch Your Data Science Career in Kochi – 2025
sharafas2563
 
Introduction to Business Data Analytics.
jamalmumthaj
 
MODULE 8 - DISASTER risk PREPAREDNESS.pptx
AceAquino4
 
"Python Programming for Geospatial Data Science." ...
institute of Geoinformatics and Earth Observation at PMAS ARID Agriculture University of Rawalpindi
 
Moving the Public Sector (Government) to a Digital Adoption
PaulYoung221210
 
ALIMENTARY AND BILIARY CONDITIONS 3-1.pptx
chepkoitcheruiyot
 
advance b rammar.pptxfdgdfgdfsgdfgsdgfdfgdfgsdfgdfgdfg
rohullahansari5
 
Galatica Smart Energy Infrastructure Startup Pitch Deck
Shahzaib Ajmal
 
IBA_Chapter_11_Slides_Final_Accessible.pptx
SrikantKapoor1
 
mbdjdhjjodule 5-1 rhfhhfjtjjhafbrhfnfbbfnb
CHINTU5000
 
“Getting Started with Data Analytics Using R – Concepts, Tools & Case Studies”
Nusrat Gulbarga
 
Major-Components-ofNKJNNKNKNKNKronment.pptx
dushyantsharma1221
 
Global journeys: estimating international migration
Office for National Statistics
 
Reliability_Chapter_ presentation 1221.5784
abobaker13
 
Business Ppt On Nestle.pptx huunnnhhgfvu
ashaurya327
 
Foundation of Data Science unit number two notes
sanguleumeshit
 
climate analysis of Dhaka ,Banglades.pptx
rrawjatun
 
CEE 2 REPORT G7.pptxbdbshjdgsgjgsjfiuhsd
hildogavino28
 
Chapter 2 METAL FORMINGhhhhhhhjjjjmmmmmmmmm
JanakiRaman206018
 

The Most Common Failure With Today's Defences