First Things First The Top 4 Security Mitigation Strategies

  • Webcast Aired Tuesday, 10 Dec 2013 8:00PM EST (11 Dec 2013 01:00 UTC)
  • Speaker: Dr. Eric Cole

Sponsored by Palo Alto Networks

When the Future of Enterprise Security Is Determined Be a Part of It.

March 31 - April 2, 2014 | The Cosmopolitan, Las Vegas

Get $300 off with the special Sans Institute discount code "SANS14".

https://www.paloaltonetworks.com/ignite/

Organizations are struggling with cyber security. It seems the more money that is spent, there is an equal increase in attack vectors. While new technologies will help, it is important to focus in on the core areas that will make the biggest impact. These areas need to be aligned with how an adversary breaks into a system.

Targeted intrusions of a computer network can be broken down into three stages, these are:

Stage 1: Code Execution is where an adversary attempts to gain an initial foothold into a computer network. This is typically done by delivering a socially engineered email to a staff member within the organisation containing a malicious attachment or link. If the user opens this link the adversaries' malicious code will execute on the endpoint and provide this foothold.

Stage 2: Network Propagation is where an adversary uses this network foothold to spread to other locations inside the compromised computer network. In this stage they are typically looking to gain additional access to multiple internal systems and create reliable methods of accessing these systems in the future, this is also known as gaining 'persistence'.

Stage 3: Data Exfiltration is where an adversary has located data of interest and removes this data from a corporate network.

The Top 4 Mitigation strategies provide coverage across all three stages of the intrusion process and an effective way to implement effective security. According to DSD "While no single strategy can prevent malicious activity, the effectiveness of implementing the Top 4 Strategies remains very high. At least 85% of the intrusion techniques that ASD responds to involve adversaries using unsophisticated techniques that would have been mitigated by implementing the Top 4 mitigation strategies as a package." In this webcast learn about how attack vectors work and ways the Top 4 can defend against them.