Slide 1

Cyber Security Discussion Craig DAbreo VP Security Operations

Slide 2

Elements of a Unified Approach to Cyber Security Advanced Persistent Threat (APT) Detection Network Behavioral Analysis and Correlation Intrusion Detection and Prevention (PCI enabled) Vulnerability Scanning and Management SIEMEvent Management, Analysis and Monitoring Network Access Policy Monitoring Security Threat Intelligence Comprehensive Compliance Reporting Customized Security Alert Response Procedure (SARP) Continuous monitoring, ticketing, reporting by certified security analysts A deeper look at the UES solution 2

Slide 3

Identifying and analyzing abnormal network behaviors 3 People Process Technology

Slide 4

Company suspected a breach but incumbent security company ran scans and found nothing Deployed the ASM and within 24 hours detected outbound activity to China Over next few days we found 15/20 critical servers were compromised exfiltrating data (few packets at random infrequent intervals) + desktops were p0wned Attack pattern is called the Grains of Sand Through log analysis we discovered this was a targeted spear phishing attack 4 Case Study - Satellite Communications Company