Continuous Monitoring, Real World Analysis and Strategies to Mitigate Targeted Attacks; Bonus Story Behind The Top 4 Mitigations

  • Wednesday, 27 May 2015 10:00PM EDT (28 May 2015 02:00 UTC)
  • Speakers: Alan Paller, Seth Misenar

We're pleased to invite you to join us for this next very special session in the SANS-APAC webcast series. Alan Paller, SANS Founder, President of the SANS Technology Institute and Director of Research at the SANS Institute joins forces with Seth Misenar, SANS course author and Senior Instructor for a unique, not-to-be-missed webcast for anyone interested in cyber defence.

Topic 1: What to do first: The Top 4 Mitigations
Presenter: Alan Paller, SANS Founder, President of the SANS Technology Institute and Director of Research, SANS Institute

Topic 2: Continuous Monitoring & Real World Analysis
Presenter: Seth Misenar, SANS Senior Instructor

Date: Thursday, May 28, 2015
Time: 12:00 pm Canberra / 10:00 am Singapore / 7:30 am Bangalore

Note: This webcast is free of charge however a SANS portal account is required (see webcast link for details)

What to do first: The Top 4 Mitigations

A few years ago the Australian Secretary of the Department of Resources, Energy and Tourism was negotiating a huge uranium sale to a large country to the north of China when he discovered the other nation's negotiators had access to the secret documents stored only on Australian government computers. Upon returning to Canberra, he asked then Secretary of Defence Ian Watt to find out what happened. The ensuing initiative -- isolation of the attack techniques, identification or the kill chain, sequential culling of defensive techniques and finally identification of four key defenses -- is one of the greatest cybersecurity stories in the world and its impact touches government and industry around the world. Alan will share that story, identify the key players and roles, and most importantly illuminate the lessons learned during that incident and ensuing developments that are now shaping security strategies in smart organisations everywhere.

Continuous Monitoring and Real World Analysis

Repeat after me, I will get breached. Most organisations realise this fact too late; usually after a third party informs them - months after the initial compromise. Treating security monitoring as a quarterly auditing process means most compromises will go undetected for weeks or months. The attacks are continuous, and the monitoring must match.

Modern threats require a paradigm shift in the way we perform our analysis and monitoring. This talk will help you face the problems and describe how to move your organisation to a more defensible security architecture that enables continuous security monitoring.