Upload File

defensive strategies

18
1 Defensive strategies How to build a defense-in-depth Claus Cramon Houmann Banque Öhman 2022-06-11

Upload: claus-cramon-houmann

Post on 30-May-2015

225 views

Category:

Technology


1 download

Report

Tags:

DESCRIPTION

How to build a defense in depth and promotion for www.defense-in-depth.com Free advise for all

TRANSCRIPT

Page 1: Defensive strategies

12023-04-12

Defensive strategies 

How to build a defense-in-depth

Claus Cramon Houmann

Banque Öhman

Page 2: Defensive strategies

2Öhman

Banque Öhman 2023-04-12

Key take aways:

• Never ever rely on a single solution• Defense in depth. In Depth...• Both threat prevention and threat detection are important• If the bad guys want to get in bad enough, they will – be able

to reduce the ”dwell time” they have inside your systems• The ”CLICKER” is the colleague who clicks on that ”interesting

link or attachment” in a suspicious e-mail...

Page 3: Defensive strategies

3Öhman

Banque Öhman 2023-04-12

1 Single 0-day or unpatched system is all ”they” need

Page 4: Defensive strategies

4Öhman

Banque Öhman 2023-04-12

Breach methods

– Hacking (Fx SQL injection against DB servers)– Malware (fx phishing)– Social engineering – Physical

Page 5: Defensive strategies

5Öhman

Banque Öhman 2023-04-12

Source: Verizon’s 2012 Data Breach investigations report

Page 6: Defensive strategies

6Öhman

Banque Öhman 2023-04-12

Defense-in-depth. Isnt is simple and beatiful?

Page 7: Defensive strategies

7Öhman

Banque Öhman

Page 8: Defensive strategies

8Öhman

Banque Öhman 2023-04-12

Where to start a defense-in-depth?• First establish where you are as an IT-security organization

today, then find out where you want to be• Get the right people. • As your organizations “Infosec level”

matures – you may be able to pass or almost pass a pentest. Most low hanging fruits have been “picked” already

• This makes it very hard for “them” to get in via hacking methods

• -> they will try malware next

Page 9: Defensive strategies

9Öhman

Banque Öhman 2023-04-12Advanced targettedMalware leveraging 0-days or recentlypatched vulnerabilities =CIO/CISO nightmare

• The CLICKER becomes your biggest external threat!

Page 10: Defensive strategies

10Öhman

Banque Öhman 2023-04-12

Mitigating the “CLICKER”

• There are now innovative next-generation tools available for advanced threat prevention and/or detection = AMP’s– Microvirtualization– Advanced code handling/analysis/reverse-engineering tools– Network level Sandboxing or detection based on behavioural

analysis/packet inspection– System and registry level lockdown of process/user-rights– Cloud based Big Data analytical/defense tools– Whitelisting tech– Others – this “market segment” is booming right now

Page 11: Defensive strategies

11Öhman

Banque Öhman 2023-04-12

Risk assessments match?

• The approach to pick the lowest hanging apples first should be identical to the approach your IT risk management would recommend

• Mitigating the easy-value-for-money threats first

Page 12: Defensive strategies

12Öhman

Banque Öhman 2023-04-12

Why is the AMP market booming?

• The AV industry in the traditional sense has declared their tools insufficient and the war on malware lost

• Hacking is increasing supported by big budgets – think nation-state-sponsored APT’s

• 0-days abound in the Wild – being purchased by “hackers” – unofficial hackers or nation-state sponsored hackers alike

• The black market cyber-industry is a huge! economy

Page 13: Defensive strategies

13Öhman

Banque Öhman 2023-04-12

The future of defense strategies

• Whatever the name (Defense-in-depth, layered defense, defensible security posture) – almost everyone in IT/Infosec agree that you need to think in

security at all levels• Defenders are always behind attackers

– Defenders need to share knowledge, experience and methodologies better and faster

• Develop capabilities to stop attackers at several points in the cyber kill chain

Page 14: Defensive strategies

14Öhman

Banque Öhman 2023-04-12

Conclusion

• To build a defense-in-depth you want to:– Have capabilities within Threat Prevention, Detection, Alerting,

Incident Response, some kind of IOC / Threat sharing community. AMP’s + more.

• To be able to this way both block+detect known and unknown attacks/payloads, and when penetrated, regain control and limit losses

Page 15: Defensive strategies

15Öhman

Banque Öhman 2023-04-12

Can I help? Can you help?

• There are people trying to help us: on twitter #wearethecavalry for example

• In the UK: Strategic security advisors alliance• My plan:

– Turn www.defense-in-depth.com into the WIKIPEDIA of IT-security/Infosec

http://www.defense-in-depth.com/
Page 16: Defensive strategies

16Öhman

Banque Öhman 2023-04-12

About me

• Claus Cramon Houmann, 38, married to Tina and I have 3 lovely kids• CISSP, ITIL Certified Expert, Prince2 practitioner• You can contact me anytime:

– Skype: Claushj0707– Twitter: @claushoumann or @improveitlux

• Sources used:– Verizon: Data Breach investigations report 2012– @gollmann from IOactive Blog posts– http://nigesecurityguy.wordpress.com/2013/10/02/advanced-threat-d

efense-part-1/ and other blog posts

– @RobertMLee

http://nigesecurityguy.wordpress.com/2013/10/02/advanced-threat-defense-part-1/
http://nigesecurityguy.wordpress.com/2013/10/02/advanced-threat-defense-part-1/
http://nigesecurityguy.wordpress.com/2013/10/02/advanced-threat-defense-part-1/
Page 17: Defensive strategies

17Öhman

Banque Öhman 2023-04-12

Questions?

Page 18: Defensive strategies

18Öhman

Banque Öhman 2023-04-12

More questions?


DEFENSIVE STRATEGIES AND FIRM'S DEMISE … STRATEGIES AND FIRM'S DEMISE AVOIDANCE: EVIDENCE FROM SELECTED OIL AND ... Liquidation and Captive Company Strategy. ... form of turnaround,

Defensive Driver Program...Defensive driving utilizes safe driving strategies to enable motorists to address identified hazards in a . predictable manner. These strategies help employees,

Defensive Situations and Strategies Single to left: bases

A Motivational Analysis of Defensive Pessimism and Self … · 2020. 1. 19. · Cognitive Strategies: Defensive Pessimism and Self-Handicapping Cognitive strategies have been defined

DEFENSIVE OPERATIONS DEFENSIVE OPERATIONS TC9B83

Defensive situations and strategies - Cottbus Graduates · PDF file · 2005-06-02Defensive situations and strategies ... defense goes for the force out at third ... Cover third base

Defensive Driver Program - csustan.edu & Risk... · Defensive driving utilizes safe driving strategies to enable motorists to address identified hazards in a ... DEFENSIVE DRIVER

Strategies for War Colonies Colonies 1. Allies 1. Allies 2. Make war Last 2. Make war Last 3. Fight Defensive 3. Fight Defensive England England 1. Blockade

MBA Part-II (Semester-IV)smspup.ac.in/images/58201515424th sem.doc · Web viewTypes of Strategies- Integration, Intensive, Diversification and Defensive Strategies. Porter’s Generic

Chapter Outline · 4/5/2016  · Diversification Strategies Defensive Strategies D. Ibrahim Rawabdeh (2011) Ch 5 -4 Chapter Outline (cont’d) Michael Porter’s Generic Strategies

Defensive publication advanced strategies

Offensive and Defensive Strategies

Defensive Strategies Copyright Roger J. Best, 2012 MBM6 Chapter 13 ■ The goal of defensive strategies is profit maximization, not sales or market share

Perry Hookman - 2 - DEFENSIVE MOVES STRATEGIES TO AVOID ...€¦ · Defensive Strategies Avert the Most Common Causes of Medical Malpractice Lawsuits in Primary Care & Specialty Practice

Defensive Driving Presentation Defensive Driving Presentation (Construction Vehicle Hazards)

Defensive and Evasive IP Strategies: An Exploratory ... · Defensive and Evasive IP Strategies 2 Abstract One commonly understood strategic use of intellectual property (IP) is to

Defensive strategies of Cladobranchia (Gastropoda

3 Defensive Strategies & 3 Offensive Strategies in Downturn€¦ · – The U.S. recession of 1980—1981 had a great influence on the Midwest – The recession of 1990—1991 hurt

Defensive Driving - - Brieser Constructionbrieserconstruction.com/.../2013/02/Defensive-Driving-1.pdfDEFENSIVE DRIVING Defensive Driving - The defensive driver tries to recognize potentially

OFFENSIVE AND DEFENSIVE COMPETITIVE STRATEGIES

Business Strategy and Policy Lecture-25 1. Recap DEFENSIVE STRATEGIES Retrenchment Divestiture Liquidation Defensive Strategies 2

Defensive Strategic Marketing Plans Copyright Roger J. Best, 2012 In this section we will examine how defensive strategies are focused on maximizing short-run

FIRA Simurosot: A CBR approach for defensive strategiesee11b127/files/MBR/Team19-projectreport.pdf · FIRA Simurosot: A CBR approach for defensive strategies Surajkumar Harikumar

FOIA: Offensive and Defensive Strategies...Defensive Strategies February 2014 Rick Oehler Don Carney Perkins Coie LLP | PerkinsCoie.com Offensive and Defensive FOIA “Offensive”

MGT703: STRATEGIC MANAGEMENT...2008/11/18  · •Defensive strategies •Strategies for using the internet •Appropriate functional-area strategies •First-mover advantages and

Hostile & Defensive Takeover Strategies

Chapter 5 DEFENSIVE DRIVING Chapter 5 DEFENSIVE DRIVING

Defensive strategies of European spiny lobster Palinurus ... · oped effective defensive strategies for each life-history stage. Defence mechanisms are generally mediated by 2 major

Chapter Thirteen Defensive Strategies. Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall13-2 Defensive Strategies Defensive strategic

Defensive and evasive ip strategies

Assessing offensive/defensive strategies in a football ... · offensive/defensive strategy aiming to maximize the goals scored and minimize the goals against. Once the match is over,

Koc defensive strategies

DEFENSIVE MARKETING STRATEGIES. - MIT · 2007. 4. 5. · Title: DEFENSIVE MARKETING STRATEGIES. Created Date: 5/25/2001 2:03:39 PM

Offensive Defensive Strategies

Defensive Strategies Buspoli