advanced threats: how to respond to bigger, stronger ... · introduction iot attacks. nation-state...
TRANSCRIPT
Advanced Threats: How to Respond to Bigger, Stronger, Faster Attacks
ISMG SECURITY EXECUTIVE ROUNDTABLEsponsored by NETSCOUT Arbor
Agenda6:00 – 7:00 p.m.
Registration, Networking and Cocktails
7:00 – 7:15 p.m.
Introductions and Opening Remarks• Tom Field, SVP Editorial, Information Security Media Group• Chris Finan, CEO and Co-Founder, Manifold Technology
7:15 – 9:00 p.m.
Roundtable Discussion
9:00 p.m. Program Concludes
Introduction IoT attacks. Nation-state innovation. The commercialization of crimeware. These are among the advanced threats that continue to target individuals and enterprises – but with an unprecedented evolution of technology and procedures.
What types of advanced threats are you detecting? Who are the most persistent threat actors? How
prepared are your defenses for bigger, stronger and faster attacks than they have ever before faced?
If you’re looking for new answers to these questions, then welcome to this exclusive executive
roundtable on Advanced Threats: How to Respond to Bigger, Stronger, Faster Attacks.
Helping lead this discussion will be security entrepreneur Chris Finan, CEO and co-founder of Manifold
Technology. He previously served in the Obama administration as the director for cybersecurity
Legislation and Policy on the National Security Council staff in the White House. During his time at the
NSC, Finan led the administration’s legislative reform efforts, played a key role in the data privacy debate
and spearheaded the executive order that directed the NIST cybersecurity risk framework.
Guided by Finan’s unique insight, this invitation-only dinner will draw from the results of NETSCOUT
Arbor’s latest threat reports, as well as the experiences of the attendees, who will offer insights on how
they have been able to improve detection and defense against advanced threats and threat actors.
Among the discussion topics:
• What types – and size – of advanced threats are most commonly detected?
• Who are the most persistent threat actors?
• How must enterprise defenses evolve to detect and prevent these attacks?
You’ll have the opportunity to discuss advanced threats and defenses with a handful of senior executives
in an informal, closed-door setting, from which you will emerge with new strategies and solutions you
can immediately put to work.
Advanced Threats: How to Respond to Bigger, Stronger, Faster Attacks 2
Discussion PointsAmong the questions to be presented for open discourse:
• What are the advanced threats that concern you most in 2019?
• Which threat actors concern you the most?
• How have the threats – and threat actors – evolved in their approach?
• How do you rate your current state of enterprise defenses?
• Where are the biggest gaps?
• What are the biggest technical and nontechnical barriers to filling these gaps?
• What controls and processes will you invest in to respond to this new generation of threats?
Advanced Threats: How to Respond to Bigger, Stronger, Faster Attacks 3
About the ExpertJoining our discussion today to share the latest insights and case studies is:
Chris FinanCEO and Co-Founder, Manifold Technology
Manifold Technology is a Silicon Valley-based startup that provides high-performance blockchain
infrastructure. Before launching the company, Finan led business development for Impermium, a
cybersecurity startup that was acquired by Google. Prior to that, he was the product director for Plan X,
a Department of Defense cyberwarfare research and development program at DARPA. He previously
served in the Obama administration as the director for cybersecurity legislation and policy on the
National Security Council and was a U.S. Air Force pilot and intelligence officer.
About NETSCOUT | Arbor
Since 1999, NETSCOUT Arbor’s DDoS protection and network visibility solutions have been tested and
proven in the world's largest, most complex networks. The company delivers powerful visibility and
traffic intelligence, at internet scale, to help customers not only understand their own environment, but
threat actors and their tools, behaviors and campaigns on a global basis.
To learn more about NESCOUT Arbor products and services, please visit our website at arbornetworks.
com or follow on Twitter @ArborNetworks.
Advanced Threats: How to Respond to Bigger, Stronger, Faster Attacks 4
About the ModeratorLeading our discussion today is:
Tom FieldSVP Editorial, Information Security Media Group
Field is an award-winning journalist with over 30 years of experience in newspapers, magazines,
books, events and electronic media. A veteran community journalist with extensive business/
technology and international reporting experience, Field joined ISMG in 2007 and currently oversees
the editorial operations for all of ISMG's global media properties. An accomplished public speaker,
Field has developed and moderated scores of podcasts, webcasts, roundtables and conferences and
has appeared at RSA Conference and on various C-SPAN, The History Channel and Travel Channel
television programs.
About ISMG
Information Security Media Group (ISMG) is the world’s largest media organization devoted solely
to information security and risk management. Each of our 28 media properties provides education,
research and news that is specifically tailored to key vertical sectors including banking, healthcare
and the public sector; geographies from the North America to Southeast Asia; and topics such as
data breach prevention, cyber risk assessment and fraud. Our annual global summit series connects
senior security professionals with industry thought leaders to find actionable solutions for pressing
cybersecurity challenges.
For more information, visit www.ismg.io.
Advanced Threats: How to Respond to Bigger, Stronger, Faster Attacks 5
NOTE: In advance of this event, ISMG’s Tom Field spoke about
advanced threats with Chris Finan, CEO and co-founder of
Manifold Technology. Here is an excerpt of that conversation.
Advanced Threats of ConcernTOM FIELD: From IoT to terabit attacks and the commercialization
of crimeware, what are the advanced threats that concern you
most in 2019?
CHRIS FINAN: What’s most concerning is not necessarily any
specific vector, but the scale of attacks happening across the
board, as well as the proliferation of advanced nation-state
capabilities. Multiple terabit DDoS attacks and freely available
nation-state tooling are now part of the environment in which we
need to figure out how to deliver trust and reliability. Board and
shareholder expectations haven’t changed.
Threats EvolveFIELD: How have the threats – and threat-actors – evolved in their
approach?
FINAN: There are two notable trends that are converging in a
powerful way. The first is IoT vulnerabilities. The rate at which
new devices are being scanned is incredible. They’ve become a
reliable part of the playbook for intrusions and high-scale DDoS.
We all knew this was coming; the incentives for device makers to cut
corners are simply too great.
The other trend, though, that I don’t think a lot of us saw coming –
or at least this quickly – has been the proliferation of nation-state
capabilities. There are so many countries now developing offensive
cyber capabilities, and we’re beginning to see what happens
when those investments trickle down much more broadly. Folks
are getting trained by their governments and then moonlighting
or transitioning into more lucrative activities. What was once a
phenomenon confined to a few places in Eastern Europe and Asia is
now much more pervasive.
CONTEXT
Advanced Threats: How to Respond to Bigger, Stronger, Faster AttacksQ&A with Chris Finan
“Multiple terabit DDoS attacks and freely available nation-state tooling are now part of the environment in which we need to figure out how to deliver trust and reliability.”
Chris Finan
Advanced Threats: How to Respond to Bigger, Stronger, Faster Attacks 6
The Biggest Defensive GapsFIELD: Where are you most concerned about the current state of enterprise defenses?
Where are the biggest gaps?
FINAN: Talent is still the biggest shortfall on the defense side. You can have the greatest
threat intel and the best analytics money can buy, but if you don’t have people who can
tune them with the right enterprise context the only two metrics that really matter – time to
detection and time to remediation – are going to lag.
The Best ResponseFIELD: What controls and processes do you recommend for responding to this new
generation of threats?
FINAN: There’s no magic solution. It takes the right combination of people, process and
tech. But look to your adversary to know where to invest and how. We often get too caught
up in the latest enterprise trends at conferences like this and forget that the best guru is the
person attacking us.
NETSCOUT Arbor’s RoleFIELD: How is NETSCOUT Arbor helping enterprises improve their defenses?
FINAN: The analysis they’re putting out is high quality. Few companies have the breadth and
diversity of perspective they do. And I like that they’ve joined the collective defense push
by becoming part of CTA. To me, that’s a sign of a company with a quality product that’s
additive.
One thing that’s clear from studying the threat: If you do not have a mitigation capability in
place to counter high-scale and advanced DDoS techniques, like ephemeral source and
destination ports, you’re at risk. These attacks have become too inexpensive to dismiss or
rely on a basic CDN to counter.
Arbor’s new enterprise DDOS mitigation product, Arbor Edge Defense, was designed to
counter exactly these types of advanced techniques. n
“We often get too caught up in the latest enterprise trends at conferences like this and forget that the best guru is the person attacking us.”
Advanced Threats: How to Respond to Bigger, Stronger, Faster Attacks 7
Notes
Advanced Threats: How to Respond to Bigger, Stronger, Faster Attacks 8
Notes
Advanced Threats: How to Respond to Bigger, Stronger, Faster Attacks 9
902 Carnegie Center • Princeton, NJ • 08540 • www.ismgcorp.com
About ISMG
Information Security Media Group (ISMG) is the world’s largest media organization devoted solely to information
security and risk management. Each of our 28 media properties provides education, research and news that is
specifically tailored to key vertical sectors including banking, healthcare and the public sector; geographies from
North America to Southeast Asia; and topics such as data breach prevention, cyber risk assessment and fraud.
Our annual global Summit series connects senior security professionals with industry thought leaders to find
actionable solutions for pressing cybersecurity challenges.
Contact
(800) 944-0401 • [email protected]