Over 90% of security executives reported that manual and informal processes between Security & IT hindered their security incident response capabilities. Come join your peers to discuss security incident response best practices and how response teams are optimizing their response practices to compress the time to identify and contain security incidents and vulnerabilities.
Most organizations will agree that privileged accounts and access are one of the most challenging and risky parts of all of IT Security still unmet even in mature security programs. Privileged Access is not a new problem but rather a very old problem which many organizations struggle to fix based on complexity, legacy access and unknown impact of change. Many reports such as M-Trends and Verizon, highlight that these same privileged accounts, at some point in the attack cycle, are almost universally leveraged and misused in breaches around the world in all verticals.
When it comes to detecting breaches, time is of the essence. The longer a threat actor persists in your environment, the more likely they are to establish a foothold, and walk away with your data. Many attackers will follow a similar attack methodology from target to target, or for every attack they carry out for years. This talk will discuss common indicators of compromise, the value of your own threat intelligence, and how you can spot the unusual behavior that your AV, firewall, or IDS can't.
Prevention, detection, and response are the core pillars for any company’s cybersecurity infrastructure. Always prevent what you can, but also have a solid plan for the real-time detection of an inside-the-network attacker and have the tools in place for post-compromise investigations and remediation. Deception is quickly becoming recognized as the most effective and efficient approach to detecting targeted, stolen credential, and ransomware attacks.