the evolving threat landscape: advancing enterprise security
DESCRIPTION
THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY. 11 December 2013. Agenda. Objectives About ISE I. Security Separated from Functionality II. Black Box vs. White Box III. Secure Assets, Not Perimeters IV. “Build It In,” Not “Bolt It On” V. Security as Ongoing Process Q&A. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/1.jpg)
ISE Confidential - not for distribution
T H E E V O LV I N G T H R E A T L A N D S C A P E :
A D V A N C I N G E N T E R P R I S E S E C U R I T Y11 December 2013
![Page 2: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/2.jpg)
Agenda
ISE Confidential - not for distribution
• Objectives• About ISE• I. Security Separated from Functionality• II. Black Box vs. White Box• III. Secure Assets, Not Perimeters• IV. “Build It In,” Not “Bolt It On”• V. Security as Ongoing Process• Q&A
![Page 3: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/3.jpg)
Objectives
ISE Confidential - not for distribution
• Analyze trending best practices• Keep pace with the rapidly evolving adversaries• Streamline resource and financial investment
![Page 4: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/4.jpg)
About ISE
ISE Confidential - not for distribution
![Page 5: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/5.jpg)
About ISE
ISE Confidential - not for distribution
Analysts
• Fortune 500 Enterprises• Media & Entertainment, Security Software, Healthcare, etc
Customers
• White boxPerspective
• Computer Scientists• Ethical Hackers
Research• Recent: Browsers; Routers• Upcoming: Digital Cinema; Hospital Pilot
![Page 6: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/6.jpg)
I. Security Separated From Functionality
ISE Confidential - not for distribution
![Page 7: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/7.jpg)
I. Security Separated From Functionality
ISE Confidential - not for distribution
CONFLICT IS GOOD!There, I said it.
![Page 8: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/8.jpg)
I. Security Separated From Functionality
ISE Confidential - not for distribution
![Page 9: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/9.jpg)
I. Security Separated From Functionality
ISE Confidential - not for distribution
I.T.
![Page 10: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/10.jpg)
I. Security Separated From Functionality
ISE Confidential - not for distribution
![Page 11: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/11.jpg)
I. Security Separated From Functionality
ISE Confidential - not for distribution
![Page 12: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/12.jpg)
I. Security Separated From Functionality
ISE Confidential - not for distribution
![Page 13: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/13.jpg)
I. Security Separated From Functionality
ISE Confidential - not for distribution
Objective of Conflict• Facilitate dialogue amongst teams to arrive at a
usable system, on deadline, that entails an acceptable level of security protocols.
![Page 14: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/14.jpg)
II. Black Box vs. White Box
ISE Confidential - not for distribution
![Page 15: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/15.jpg)
II. Black Box vs. White Box
ISE Confidential - not for distribution
• Evaluation Types• Penetration Test• Vulnerability Assessment
• Methodologies• Black Box• White Box
![Page 16: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/16.jpg)
II. Black Box vs. White Box
ISE Confidential - not for distribution
Black Box Perspective
![Page 17: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/17.jpg)
II. Black Box vs. White Box
ISE Confidential - not for distribution
White Box Perspective
![Page 18: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/18.jpg)
II. Black Box vs. White Box
ISE Confidential - not for distribution
![Page 19: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/19.jpg)
III. Secure Assets, Not Perimeters
ISE Confidential - not for distribution
![Page 20: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/20.jpg)
III. Secure Assets, Not Perimeters
Traditional Attacks Traditional Defenses
20
![Page 21: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/21.jpg)
III. Secure Assets, Not Perimeters
21
Modern Attacks
![Page 22: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/22.jpg)
III. Secure Assets, Not Perimeters
22
![Page 23: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/23.jpg)
IV. “Build It In,” Not “Bolt It On”
ISE Confidential - not for distribution
![Page 24: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/24.jpg)
IV. “Build It In,” Not “Bolt It On”
ISE Confidential - not for distribution
![Page 25: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/25.jpg)
IV. “Build It In,” Not “Bolt It On”
ISE Confidential - not for distribution
![Page 26: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/26.jpg)
IV. “Build It In,” Not “Bolt It On”
ISE Confidential - not for distribution
![Page 27: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/27.jpg)
IV. “Build It In,” Not “Bolt It On”
ISE Confidential - not for distribution
![Page 28: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/28.jpg)
V. Security as Ongoing Process
ISE Confidential - not for distribution
![Page 29: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/29.jpg)
V. Security as Ongoing Process
ISE Confidential - not for distribution
![Page 30: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/30.jpg)
V. Security as Ongoing Process
ISE Confidential - not for distribution
![Page 31: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/31.jpg)
V. Security as Ongoing Process
ISE Confidential - not for distribution
![Page 32: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/32.jpg)
V. Security as Ongoing Process
ISE Confidential - not for distribution
![Page 33: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/33.jpg)
Recap
ISE Confidential - not for distribution
I. Security Separated from FunctionalityII. Black Box vs. White BoxIII. Secure Assets, Not PerimetersIV. “Build It In”, Not “Bolt It On”V. Security as Ongoing Process
Whitepaper forthcoming
![Page 34: THE EVOLVING THREAT LANDSCAPE: ADVANCING ENTERPRISE SECURITY](https://reader036.vdocuments.us/reader036/viewer/2022062323/5681610c550346895dd05c5c/html5/thumbnails/34.jpg)
Questions?
ISE Confidential - not for distribution
Ted HarringtonExecutive Partner