•  

First Things First

A session at Asia Pacific ICS Security Summit 2013

Thursday 5th December, 2013

6:30pm to 7:30pm (SMT)

Organizations are struggling with cyber security. It seems the more money that is spent, there is an equal increase in attack vectors. While new technologies will help, it is important to focus in on the core areas that will make the biggest impact. These areas need to be aligned with how an adversary breaks into a system.

Targeted intrusions of a computer network can be broken down into three stages, these are:

Stage 1: Code Execution is where an adversary attempts to gain an initial foothold into a computer network. This is typically done by delivering a socially engineered email to a staff member within the organisation containing a malicious attachment or link. If the user opens this link the adversaries malicious code will execute on the endpoint and provide this foothold.

Stage 2: Network Propagation is where an adversary uses this network foothold to spread to other locations inside the compromised computer network. In this stage they are typically looking to gain additional access to multiple internal systems and create reliable methods of accessing these systems in the future, this is also known as gaining persistence.

Stage 3: Data Exfiltration is where an adversary has located data of interest and removes this data from a corporate network.

The Top 4 Mitigation strategies provide coverage across all three stages of the intrusion process and an effective way to implement effective security. According to DSD While no single strategy can prevent malicious activity, the effectiveness of implementing the Top 4 Strategies remains very high. At least 85% of the intrusion techniques that ASD responds to involve adversaries using unsophisticated techniques that would have been mitigated by implementing the Top 4 mitigation strategies as a package. In this webcast learn about how attack vectors work and ways the Top 4 can defend against them.

Schedule:

17:45-18:30 Registration

18:30-19:30 Presentation

About the speaker

This person is speaking at this event.
Dr. Eric Cole

Dr. Cole- cyber security professional, instructor, keynote speaker & expert witness. He is a senior fellow with SANS & security consultant. bio from Twitter

Sign in to add slides, notes or videos to this session

Tell your friends!

When

Time 6:30pm7:30pm SMT

Date Thu 5th December 2013

Short URL

lanyrd.com/scrtbf

Official event site

www.sans.org/info/140710

View the schedule

Share

See something wrong?

Report an issue with this session