taste june 28th of technology - peters & associates · day on new threats and reputations of...

June 28thof

Taste

Technology

Helping you grow your business with

scalable IT services & solutionsfor today’s challenges & tomorrow’s vision.

© 2018 Peters & Associates, Inc. All rights reserved.

Taste of Technology

June 28, 2018

Bruce Ward, VP of Business StrategyAdam Gassensmith, Manager of Client Engagement

What to expect…What to expect…

• Give-Aways

• Raffle

• Evaluations

Wrap-up@

Device Bar

Final Wrap-up


IT SecuritySolutionsNIST’s CyberSecurity Framework (CSF)


IT SecuritySolutionsPeters & Associates Security Wheel

DATAData protected by Controls

Network Perimeter

Office 365

Approved Cloud Services

Unmanaged Devices

Shadow ITThreatsPersistent

Network perimeter works…except for threats such as• Phishing • Credential theft

+ External Data and Devices

= Identity security perimeter▪ Multi-factor Authentication ▪ Conditional Access ▪ Login Risk intelligence

Resources

Identity Perimeter


IT SecuritySolutionsOffice 365 Multi-factor Authentication


IT SecuritySolutionsMovie #2!

Fraudulent Instruction

https://www.nbcchicago.com/news/local/cyber-scam-responds-476728413.html


IT SecuritySolutionsOffice 365 Multi-factor Authentication

http://www.peters.com/events http://www.peters.com/blog/

Events, Webinars & Blogs

http://www.peters.com/events

http://www.peters.com/blog/




FIRE!

What wildfires taught me about security

June 28, 2018

Adam Gassensmith, Manager of Client Engagement


IT SecuritySolutions


IT SecuritySolutionsFighting Wildfires with NIST



Firefighters

Populated Areas

Critical Infrastructure

Density

Identify

Your Secure Organization

Critical People

Critical Infrastructure

Critical Data


IT SecuritySolutionsProtect

Firefighters

Awareness

Fire Lines

Controlled Burns

Maintenance


Awareness

Network Configuration

Access Configuration

Anti-Virus and Anti-SPAM

Routine Patching


IT SecuritySolutionsDetect

Firefighters

People

Sensors and Detection Systems


People

Security Monitoring


IT SecuritySolutionsRespond

Firefighters

Alert Notifications

Helicopters, Trucks, and People

Water

Fire Retardants


Notification

Incident Remediation

Disaster Recovery Plan


IT SecuritySolutionsRecover

Firefighters

Monitor

Rebuild

Fire Lines

Adjust


Monitor

System Restore

Forensics

Adjust



Ignoring any phases leaves you

at risk

There are multiple layers to address in

each phase

New threats emerge as technology advances

Applying these Firefighting Principles


IT SecuritySolutionsIncreasing Frequency of BEC Attacks

Hacker gain access to mailbox

Hacker monitors communications

Hacker impersonates hacking victim

Wire fraud victim wires funds



Security Awareness Training

Security Monitoring

Office 365 Security Settings

Frequent Office 365 Audit Log Review

How do you battle BEC?



PULSE Complete

Office 365 Weekly*

Security Audit

How Can Peter & Associates Help?

*Critical login data reviewed daily

Weekly O365 Security Check

Mailbox Auditing Inbox Forwarding Mailbox Retention

Office 365 Domains Office 365 Settings MFA Phone Numbers

Foreign Mailbox Logons Old / Unused Mailboxes Roles assigned


Overall Posture


IT SecuritySolutionsNIST’s CyberSecurity Framework (CSF)


Solution Details

https://www.peters.com/solutions-services/it-support-services-pulse/


Solution Details

https://www.peters.com/solutions-services/it-support-services-pulse/managed-firewall/


IT SecuritySolutionsMulti-factor Complexities

Technology User Experience

Conditions Expertise

Our Solution

Results-driven



DATAData = crown jewels



DATAIdentity

© 2015 Peters & Associates, Inc. All rights reserved.© 2018 Peters & Associates, Inc. All rights reserved.

To ask questions, either:

1) Take phone off mute, ask.

2) Type question in IM Window

1801 S. Meyers Road, Suite 120Oakbrook Terrace, IL 60181

(630) 832-0075

Thank you!


Bruce Ward

[email protected]

mailto:[email protected]




Smarter by the Numbers

Andrew Bagnato

The Challenge

The amount of daily ransomware attacks since the beginning of 2016

(Source: CyberSense)

4,000

2016 financial loss from cybercrime in the U.S.

(Source: FBI)

1.3 Billion

(Source: National cyber Security Alliance)

of small companies go out of business within six months of a cyberattack

60%

of hacking-related breaches leveraged either stolen passwords and/or weak or guessable passwords.

(Source: 2017 Verizon DBIR)

80%

The High Cost of User Error

July 2, 2018 40

90% 55%

of successful data breaches caused by

user error

of SMBs experienced a cyberattack in past year

Ransomware Trends

$5 billion dollarsDamages estimate from WannaCry and Notpetya

200,000 computers

Business Intelligence


Record-Breaking Infection Count

Cyberwar.liveuamap.com

Trends in Malware by Operating System

Phishing

High-risk URLs by Country

Attack Life Cycles are Getting Shorter

Top 10 Brands Impersonated in Phishing Attacks

Change in the Leaders of Top Phishing Impersonation Brands

Malicious Mobile Apps

How do we answer this?

Paranoia!

User Error is a Big Issue

Necessary: People are the weakest link in the security chain

01

Proven: Educating employees can reduce security risk

02

Best Practice:Security Awareness Training is a best practice or requirement for many industries

03

\\

of all successful cyber attacks is caused by human error

Source: IBM Cyber Security Intelligence Index

95%

Highly Automated, Massive Scale Machine Learning

Hundreds of classification models

hosted in Hadoop to cover different

threat types and content languages

Advanced machine learning and multiple

sources mean URLs, IPs, files and apps are

classified faster and more accuratelyPublishes millions of updates every

day on new threats and reputations of

existing URLs, IPs, apps and files

Low-touch systems requiring

minimal human interaction

Powered by 5th generation machine

learning to analyze and produce rich

sources of contextual Threat

Intelligence and security outcomes

across multiple vectors in milliseconds

July 2, 2018 Confidential 53



Webroot Threat Intelligence Platform

27+ Billion URLs

600+ Million

Domains

4.3+ Billion

IP Addresses

15+ Billion

File Behavior Records

62+ Million

Mobile Apps

52+ Million

Connected Sensors

The Strategy of Multi-Vector Protection

July 2, 2018 Confidential 55

File Exploit Prevention

Behavior Heuristics

Identity Shield

Malicious PE File Detection

Journaling & Rollback

Malicious URL Blocking

Real-Time Anti-Phishing

Web-Exploit Prevention

Malicious Script Blocking

Malicious PE File Blocking

Pre-Execution

Threat Prevention

Post-Execution

Protection & Remediation



Thank you!

taste june 28th of technology - peters & associates · day on new threats and reputations of...

Documents