Since the phrase "Advanced Persistent Threat" (APT) was coined nearly ten years ago, it has been the subject of extensive discussion and debate in the IT security community, attracting terabytes-worth of media buzz. The spotlight on APT's has been critical of bringing the reality of today's threats to light, but the...
Although APT's can vary significantly from breach to breach, they generally have many common phases and mechanisms. In this session, we will define and describe the APT attack and defend lifecycle, provide an overview of how the day is structured and what we aim to achieve, answering such questions as:
What is...
What are the most common mechanisms used in the "Exploit" phase? Many attacks simply take advantage of known vulnerabilities or network weaknesses that have not been addressed, in which case the adversaries have no need to create custom malware. When they are employed, "zero-day" attacks are often very difficult to...
As we've seen, we can't just keep doing what we've been doing. The cost of not ensuring the confidentiality, integrity and availability of information is on an upward ramp and, at some stage - if not already, we will reach the tipping point where the cost of not having an effective security program will overtake the...
The absolute worst time to develop a breach response plan is directly after you have discovered a breach. The absolute best way to have your team fail at responding is to not have them trained with well-practiced procedures and have them be overly reliant on expensive, improperly configured technology. Strike, strike,...
Even though many traditional defense mechanisms can be circumvented, it is essential that a proactive, layered, defensive security program be put in place and managed effectively. This will not prevent the well-organized targeted attacks, but will eliminate 99 percent of the background noise and most of the less...
To date, the most common reaction to targeted attacks has been for organizations to just do what they have always been doing, but harder. That isn't going to work. We need to look at this problem differently and adopt a different set of thought processes. There is a great deal to be said for adopting a warlike...
Our law enforcement agencies are amassing a deep set of capabilities for investigating and prosecuting cybercrime.
These public-sector organizations, however, need to understand the driving forces, priorities and procedures within the organizations they help protect. Equally as important is that private-sector...
The absolute worst time to develop a breach response plan is directly after you have discovered a breach. The absolute best way to have your team fail at responding is to not have them trained with well-practiced procedures and have them be overly reliant on expensive, improperly configured technology. Strike, strike,...
Malicious activity triggers measurable events at almost every stage of the attack. There are multiple sensory technologies available, but collecting this data from disparate sources can often just result in the creation of a very large pool of unrelated "facts," an impenetrable noise where no signal can be found. But...
Session Preview:A complete defense cannot be deployed overnight. There are multiple people, process and technology components to consider and implement. In the closing session, we will help identify where and how resources can be focused to have the biggest immediate risk reduction, discuss lessons learned from real...
You have identified the attack now it's time to react. How do you effectively respond, remediate, recover and potentially retaliate to the threat? This session will discuss how your organization can leverage the actionable intelligence gained from all the previous defense phases of threat indicators, analytics,...
Session Preview:
As the weapon is installed and begins to utilize mechanisms, such as remote access Trojans or backdoor channels to become resident, it will leave a trail of threat indicators. Certain malware focused anomaly detection solutions can recognize these indicators helping to facilitate a response, while...
Collecting security and fraud related data from multiple sources can often just result in creating a very large pool of unrelated facts. But, begin to add context to that data and you now have information. Triangulate multiple pieces of information together and you can create intelligence.
This session will answer...
Our opening keynote session will set the stage for the Summit's agenda. Our keynote speaker will provide a state of the industry update focused on the types of adversaries that are out there, how they are funded and organized, and what their intent is in attacking organizations. We will also examine the potential...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.