internal threats in kazakhstan. cyber crime. how to defend. cyber security
TRANSCRIPT
How to Defend
against
Internal ThreatsKen Tulegenov, Group Founder
“Information Security Community. Kazakhstan” on LinkedIn
AlmatyNovember 16
2016
Measures for Internal Threats (IMHO) :
Data Encryption (FDE, USB, Backup)
Application Control
Device Control
HIPS + AV
NGFW
Prevent (Basic)
DLP
Privilege Rights Management
Internal NGFW
802.1x
SIEM
Prevent (Gen)
Database Activity Monitoring
Users Activity Monitoring
Database Encryption
IRM (Information Rights Management)
User Behavior Analysis
Prevent
(Adv)
How to manage this ZOO?
One Security Platform for 1 Security Layer or Products Family
Easy Administration via Console (User Interface / Configuration / Support)
Unified Real-time Monitoring for all products
What can Intel Security (McAfee) offer?
SIEM (Security Information Event Management)
EPP (Endpoint Protection)
DLP (Data Loss Prevention)
MDP (Mobile Data Protection / Encryption)
Measures for Internal Threats (IMHO) :
Data Encryption (FDE, USB, Backup)
Application Control
Device Control
HIPS + AV
NGFW
Prevent (Basic)
DLP
Privilege Rights Management
Internal NGFW
802.1x
SIEM + Threat Exchange
Prevent (Gen)
Database Activity Monitoring
Users Activity Monitoring
Database Encryption
IRM (Information Rights Management)
User Behavior Analysis
Prevent (Adv)
Reasons for Using:
Market Presence (Gartner’s “Magic Quadrants”)
Unified Management (for Different Products)
Scalability (Branches around the country)
Integration (with Current / Future Solutions)
Transparency (for Users)
Easy to use (for Security Administrators)