Cyber Security Defenses: What Works Today
This session covers tips for defending against current attackers in the form of recommendations for both IT/IS Management prioritization and technology configuration/integration. This session also includes a live demonstration of an attack tool used to compromise credentials. Attacker threats have shifted from nuisance mass malware to advanced espionage and exfiltration of intellectual property, creating a need to change paradigms of network defense. Attackers have become sophisticated in both attack methodologies and in navigating business/social structures to obtain the information they want. This session focuses on what defenses have proved effective and what defenses are designed to mitigate attack methods in current use. This session is intended for both IT professionals and IT managers working to build an effective defense against cyber-attackers. Session content includes guidance on how to identify what assets to defend as well as technical topics including: Identify and protect intellectual property that is valuable to the organization (and valuable to potential attackers); Effective Workstation and Server Defenses, run standard users without local administrative access, use of Smartcards or other multi-factor authentication, implementing exploit mitigation technologies including EMET, patching and compliance, creative destruction - phasing out risks from legacy software and operating systems; Protecting Active Directory and Administrative Accounts/Credentials/Rights, credential hygiene as a Pass the Hash Defense, delegating to least privileges with Role based access control (RBAC) and Privileged Identity Management (PIM). As attacker tactics can shift by week, we will reserve extra time during the session for questions and answers.