Upload
adnet-technologies-llc
View
199
Download
1
Tags:
Embed Size (px)
Citation preview
Agenda
Background
Current Threats – What’s happening in the real world
Prevention/Response – What can we do about the threats?
What are we facing?
Traditional Threatso Credit Card/Financial
o Health Care
o Ransomware
New Threatso Nation/State Attacks
o “Internet of Things”
TARGET Corporation Network
Ariba – external billing
Target Project Management System
Active Directory –Internal Network
Fazio Mechanic Login
Compromised user ID and password
POS Server / Sensitive Data
DMZ Internal Network
How did they do it ? … Part II
Sensitive DataPOS System Exfiltration Server:
\\TTCOPSCLI3ACS\
TARGET Corporation Network
External Server under Hacker Control
POS.exe
Information Security Controls
IT Risk Management
Corrective
Detective
Preventive
Preventive controls: reduce vulnerabilities
Detective controls: discover incidents / events
Corrective controls: reduce business impact
Detective Controls: Target Breach
Sensitive DataPOS System Exfiltration Server:
\\TTCOPSCLI3ACS\
TARGET Corporation Network
External Server under Hacker Control
POS.exe
Summary
Are your security basics covered?o Preventive:
o Detective / Corrective
Do you have tools to gather security related information
Are you able to efficiently and effectively respond to threats?
Our PartnersADNET proudly partners with leading technology and business solution providers to help our clients find the best possible fit for their needs. We encourage you to visit our partners' websites to learn more about their services.