Browse communities
Presenting a webinar?
Share this content

Building Castles in the Sky: Advanced Persistent Responses

Tom Kellerman, US Vice President of Cybersecurity, Trend Micro
Cyberspace is not a pacific environment; there is a fight for power in a modern-day colonial movement. As the cyber kill chain has evolved so too must our defenses. The digital insider threat aka the APT (advanced persistent threat) will metastasize in the cloud computing environment of 2012. The use of mobile devices and cloud computing creates a perfect storm for the exfiltration of sensitive data. To tap into the power of Web-based, wireless, and other emerging technologies, and thus build stouter virtual castles in the sky, we must appreciate the evolution of blended threats from the simple virus of yesteryear to the virulent MALFI (multifaceted malware with remote file inclusion, local file inclusion, cross-server attack, and remote code execution) botnet attacks of 2012.

Rather than endorsing security models that drive us to construct additional defenses and filters that have an increasingly slim chance of stopping advanced threats, the focus within IT development and security must shift to emphasize more aggressive, proactive self-assessment through which “offense can inform defense.” To achieve an advanced persistent response (APR) on our networks, we must blend our cyber defenses so as to realize deep security.

This presentation will focus on the evolution of the staged and blended attacks and share expertise on organizational strategies and tactics to mitigate risks in the short term and over time.

Tom Kellermann, a member of the Commission on Cybersecurity for the 44th President, is a trusted cybersecurity advisor and strategist within the federal, state and local government markets. As a security evangelist and government affairs expert, he manages strategic partnerships both domestically and internationally to help increase Trend Micro's profile in emerging technologies and policy issues.
Tom is a professor at American University's School of International Service and a Certified Information Security Manager (CISM).
Apr 27 2012
22 mins
Building Castles in the Sky: Advanced Persistent Responses
APT cybersecurity cloud computing mobile devices
More from this community:

Virtualization

Webinars and videos

  • Live and recorded (1192)
  • Upcoming (31)
  • Date
  • Rating
  • Views
  • Join Amazon Web Services for the sixth in our series of webinars, 'Journey Through the AWS Cloud'. This complimentary webinar discusses the use of AWS as a storage and archive platform.

    A wide range of assets can be cost effectively held in highly durable storage systems within the AWS cloud, for global distribution, long term storage or cold archive. Learn about a range of use cases for the Amazon Simple Storage Service (S3) beyond simple object storage, and how Amazon Glacier can revolutionise long term archive economics and technology.
    Read more >
  • Summer Spaulding, CA Sr. Principal Engineering Services Architect discusses the benefits of CA Chorus Software Manager. Learn more at http://www.ca.com/chorus
    Read more >
  • Join SAP and VMware for this live webinar to learn how you can increase IT agility, simplify management and lower total cost of ownership when you virtualize your SAP HANA ® environment with VMware. We will discuss the new deployment options that are now available, enabling you to run your SAP HANA onsite, offsite or both – without compromise. Also, you will learn best practices for configuring and deploying SAP HANA in a virtual shared storage environment and how you can create, manage and automate new SAP HANA-based capacity on demand, enabling seamless workload mobility for your data center.

    During this live webinar, we will discuss:
    - Market trends and how SAP customers are transforming they way they run their workloads and data centers
    - The new deployment choices for your virtualized SAP HANA environment, on vCloud Suite or newly announced vCloud® Hybrid Service™, and the benefits you can achieve from each option
    - Best practices for configuring and deploying SAP HANA on VMware cloud infrastructure
    - Getting started: how VMware and SAP together are helping SAP customers assess, create and adopt virtualization strategies for their SAP HANA environments
    - Answers to your questions during live Q&A

    Register today to learn how you can benefit from virtualizing your SAP HANA environment with VMware and transform your business.

    About the presenters:
    Kevin Knieriem, Vice President, Innovation Solutions, SAP, Inc.
    Dominic Uliano, Virtualization and Cloud Management Practice Lead, North America, SAP, America, Inc.
    Ray Blanchard, Sr. Director, Strategic ISV Alliances, VMware, Inc.
    Bob Goldsand, Global Alliance Partner Architect, VMware, Inc.
    Read more >
  • What is software-defined storage? What does it mean for your storage strategy? Tune into this webinar for a sneak preview of four exciting new storage technologies from VMware that are on the roadmap for increasing storage efficiencies in virtual environments, from VMware's new policy-driven approach to storage for managing end-to-end SLAs per virtual machine.
    Read more >
  • What is software-defined storage? What does it mean for your storage strategy? Tune into this webinar for a sneak preview of four exciting new storage technologies from VMware that are on the roadmap for increasing storage efficiencies in virtual environments, from VMware's new policy-driven approach to storage for managing end-to-end SLAs per virtual machine.
    Read more >
  • Virtualization, cloud computing, hybrid environments and BYOD are here to stay. When implemented successfully, these solutions can transform the way businesses operate and lower the OPEX and CAPEX costs of IT departments. However, these major IT trends cannot be considered separately: virtualization and cloud are often linked, and needs for anytime anywhere connectivity and mobile workforce enablement won't wait. This is why it's essential to have a holistic approach and address the business, technology and financial implications of today for tomorrow's needs.


    Dell has quickly become one of the largest and fastest growing networking providers in the world by leveraging its extensive expertise in the data center to build a complete portfolio of switches that are designed to be open, flexible, powerful and economical.
    Read more >
  • The Lazy Attacker: Defending Against Broad-based Cyber Attacks with Unified & Collaborative Defenses

    Advanced Persistent Attacks (APTs) get most of the attention from the cyber security community because, as defenders, we want to be vigilant against the most insidious techniques. However, this unilateral mindset ignores a much less interesting reality. Generally, cyber criminals are as lazy as criminals in the “real world.” What do we mean by lazy? Attackers will use the “lowest common denominator” method against the widest range of IP addresses from the same source set of IP addresses - which means that sharing information about their methods with others, and implementing simple defenses are best practices.

    Adjusting your focus from the “shiny object” of APTs to those broad-based threats can help prioritize your own defenses and optimize your incident response program. Attend this webinar to hear directly from Jaime Blasco, Director of AlienVault Labs, on how you can:

    * Understand the common exploit methods of the “lazy attacker”
    * Review the benefits of a collaborative approach to threat intelligence
    * Prioritize defensive tactics and remediation activities
    * Implement a unified, simplified approach to threat management
    Read more >
  • Jan Teichmann, our SAP HANA Mobility expert, will present how you can develop mobile applications in the cloud with SAP HANA One in only 20 minutes. Learn from our expert and be ready to build your own mobile SAP HANA apps by the end of this session.

    Teichman's blog on mobile development with the Android SDK and SAP HANA received 55k hits in the first week it was published. Join our session and see:
    - How to deploy the Android SDK on SAP HANA One
    - Actual code samples and step by step instructions for building mobile SAP HANA apps
    - How HANA One will simplify your environment creating one place where you can easily build and run your mobile app in the cloud
    Read more >
  • Did you know that the majority of all web attacks occur at the website or web application layer? Can you see attackers threatening your public web applications right now?
    Join Juniper security experts, Pete McMullen & Keir Asher for a 60 minute Junos WebApp Secure (JWAS) overview and live demo to learn how Juniper can protect your web assets from the largest Internet security threats known!
    Read more >
  • Software Defined Storage. Is it just another buzzword or can the concept bring meaningful change to the way storage is acquired, implemented and used? As vendors race to jump on the "software defined" bandwagon, Storage Switzerland set out to explain the term, provide users with an understanding of how software defined storage can solve many of their current storage challenges and provide a way to decide which vendors are really delivering a software defined storage future.
    Read more >
You might also like: Is Cloud Meeting Your Expectations?
  • Channel
  • Channel profile

Trend Micro Enterprise Webinar Series

Up Down
  • Exposing Risks and Opportunities of Mobility & Consumerization in Education Recorded: May 21 2013 40 mins
    The explosion of consumer technologies are changing the Information Technology landscape as we know it. While mobility and consumerization can introduce many risks, it also opens up an enormous productivity opportunity that needs to be exploited! Dive into the latest threat landscape as it relates to mobile as well as how security is actually enabling education!
  • The Cybercriminal Underground Recorded: May 10 2013 28 mins
    This presentation will discuss the most recent information on advances within the cybercriminal underground. Discussion will revolve around the different cybercriminal business models used within the underground and how this affects you. From Organized crime to the Mentor/Apprentice models we’ll give you information you need to better understand how the underground economy works.
  • Advanced Security Options for Mid Market Business Recorded: Mar 13 2013 45 mins
    Mid Market organizations face even greater security threats than before. Their organizational growth and assets – be it intellectual property, PII or credit card data – increases the risk of a breach or targeted attack. Limited IT staff wearing many hats may find it challenging to keep up with the ever-changing threat landscape.

    Join us for this webinar and gain a deeper understanding of the:

    · Threats that Mid Market firms face across physical, virtual and cloud environments

    · Three security steps that SMB firms can implement to enhance their security posture today

    · Advanced Persistent Threats aimed at higher-risk Mid Market firms and how to overcome

    · Resources and expertise available to augment organizational security

    Comware CEO Charles Carlson in this webinar invites guest JD Sherry to share his security expertise with Mid Market businesses as well as protecting state and local governments. JD Sherry, Director of Product and Technology at Trend Micro, has significant mobile and cloud experience in developing secure, scalable IT solutions designed to meet strict compliance and payment card regulations.
  • Decoding New PCI DSS Guidelines for Cloud Computing Recorded: Feb 19 2013 60 mins
    This webinar will review the new PCI Guidelines published on February 7, 2013, with a focus on relevant DSS requirements for cloud computing. In this discussion, we will review the implications of the newly published PCI Guidelines and recommend best practices for businesses to achieve compliance when deploying in the cloud.

    Attendees should expect the following:

    •A summary of the implications of new PCI Guidelines for cloud computing.
    •A review of requirements that are fulfilled by Infrastructure as a Service providers and specifically by Amazon Web Services (AWS).
    •Practical guidance on best practices for clients to address their requirements for compliance.

    Join this panel of experts from Accuvant, Amazon Web Services and Trend Micro for a concise roadmap of how to navigate PCI compliance in cloud computing's shared risk model.
  • Threat Predictions 2013 Recorded: Feb 12 2013 60 mins
    The security and risk landscape will be more complex in 2013. Are you concerned about protecting intellectual property and valuable company information? What are the gaps that cybercriminals use to steal information, profit, and sabotage operations? And what can organizations of all sizes do to use effective solutions to protect themselves?
    Please join Jon Clay, Sr. Manager of Core Technology at Trend Micro, for this LIVE webinar. Jon will outline the key security threats from 2012 and discuss what CTO Raimund Genes, along with the 1,100 threat researchers at Trend Micro, deem as the highest security risks for 2013.
    Topics will include:
    •Security threats to businesses, our digital lifestyle and the cloud
    •Effective solutions to protect your organization
    •Safeguarding your customers’ interests
    •Establishing and implementing IT usage
  • Trend Micro Mobile Security Workshop Recorded: Dec 18 2012 63 mins
    The Mobile Security Workshop is a technical presentation delivered via webcast targeted for IT management (specifically clients that have OfficeScan or are looking into purchasing OfficeScan) to familiarize themselves with the features and benefits of Trend Micro’s Mobile Device Management solution (TMMS).

    In this webinar, we will illustrate how to deploy the two most popular Mobile OS brands (iOS and Android devices) and the technical steps involved to get started.
  • Cyber Situational Awareness: Offense informs Defense Recorded: Dec 13 2012 15 mins
    APTS have long relied upon information security tunnel vision in order to maintain persistence within agency and corporate networks. We must spin the chess board and learn from the advanced tactics utilized in cyber campaigns. This webinar will discuss the evolution of the cyber kill chain and the relevant risk management practices that are best suited to mitigate the threat to your enterprise.
  • Product Demo: Requirements Driven Virtualization Security with Deep Security Recorded: Dec 13 2012 45 mins
    As companies journey into virtualization, they discover requirements from the nature of virtualization, as-well-as heightened regulatory requirements put in place because of a virtualized environment. Deep Security meets these requirements and helps a company realize the greatest potential from their virtualization investment.
  • Hybrid Cloud Security Infrastructure: It's All About Policy Recorded: Dec 12 2012 40 mins
    Cloud infrastructure gets more complex when you add hybrid clouds, using in-house private clouds while dynamically adding capacity through public clouds, such as AWS.

    This presentation will cover hybrid cloud strategies and focus on three key components of enforcing security policy across the entire hybrid cloud using a security management and policy framework that spans both private and public clouds.

    Key components include:
    1) security that supports different variants of the EC2 images
    2) a security agent that can be baked into the AWS golden image
    3) a management console that integrates with AWS APIs to coordinate visibility and security policies across both private cloud and AWS instances.
  • Stopping Hackers in Their Tracks With Custom Defense Recorded: Dec 5 2012 48 mins
    As hacking communities grow, gain support from state actors and shift their priorities it is more important than ever to have the right toolset, processes and controls in place to meet them.

    Join Jon Clay, Security Technology Expert, as he goes over the most common and insidious hacker attacks and how your organization can strengthen your custom defenses, increase breach and vulnerability assessment and prevent hackers from getting in.
  • The IT Security Threat Landscape: Hackers in 2013 Recorded: Dec 5 2012 57 mins
    It is said that if you know your enemies and know yourself, you can win a hundred battles without a single loss. This panel will focus on the former. As hacker motivations, resources and attack vectors change IT Security teams and CISO's need to prepare to meet new challenges and adjust their risk postures.

    Join our C-Level panel as they discuss the 2013 threat landscape and what security teams and executives need to know to prepare for what will no doubt be the year of the Hacker.
  • Custom Defense against APTs Recorded: Dec 4 2012 56 mins
    APTs use a customized approach. You should too.
    Attackers stop at nothing in their quest for your most valuable data. You need to be just as committed to protecting it. To adapt your security rapidly enough to prevent damage from Advanced Persistent Threats (APTs), you need to see deep enough to discover them.

    Are you ready to detect, analyze, adapt, and respond?
    You've got to be prepared to act on any suspicious content, communications, and behavior. And your approach has to be as unique as your network. Join Laura Maio, Director of Solutions Marketing, to hear how Trend Micro gives you everything you need to build your own custom defense against APTs.
  • Trend Micro OfficeScan - Enterprise Endpoint Protection That Goes Beyond the End Recorded: Oct 25 2012 25 mins
    As the industry's first endpoint security solution optimized for virtual environments, OfficeScan delivers comprehensive protection for physical and virtual desktops and servers on and off the corporate network. Learn how OfficeScan can solve your business security issues through a better understanding of the product features. Find out how OfficeScan 10.6 can make a difference in your endpoint security strategy by providing advanced protection beyond the endpoint with the our VDI (Virtual Desktop Infrastructure), Mobile Security and DLP (Data Loss Prevention) Plug-Ins.
  • Securing the Evolving Datacenter: Physical. Virtual. Cloud. Recorded: Oct 2 2012 25 mins
    Security and compliance are often cited as the topmost concerns amongst customers planning and deploying virtual and cloud environments. Trend Micro is delivering virtualization-aware security that supports compliance by providing comprehensive protection for your virtualized and cloud deployments. In this session, find out how Deep Security and SecureCloud from Trend Micro delivers better than physical security, reduces cost & complexity, and delivers dynamic, adaptive security for your virtualized and cloud infrastructure.
  • Using “Big Data” to Identify and Protect Against Global Computing Threats Recorded: Sep 28 2012 22 mins
    Every computing system is globally linked; desktops, servers, laptops, tablets and handheld devices. They all access information through networks corporates don’t control, thus increasing these devices and their organizations to greater risk of contamination. This webinar discusses how Trend has utilized global “Big Data” gathering to enhance our risk identification and analysis, deliver better intelligence thus protection through a global cloud infrastructure we call Smart Protection Network. This SPN extends Trends risk identification and protection reach exponentially over conventional technology in its ability to find global threats, identify trends and dynamically deliver this intelligence and protection to local customers on a global basis.
  • Enterprise Compliance Strengthened via Continuous Monitoring Recorded: Sep 14 2012 35 mins
    Enterprise firms of all sizes face increased compliance requirements to combat new threats and avoid data breaches. Continuous Monitoring coupled with diagnosis and mitigation are critical tools for protecting intellectual property and personal identifiable information (PII). Commercial security professionals must adapt and evolve to this era of hyper security and vigilance. JD Sherry, Trend Micro’s Director of Technology, has 15+ years experience with IT Security and real-world implementations. Join Mr. Sherry as he:

    •Outlines the current environment: defense in depth; always at risk; hacktivism; and the rise of the security threat entrepreneur

    •Highlights the benefits of continuous monitoring and diagnostics

    •Outlines Best Practices and lessons learned from industry and government

    Learn how mid to large Enterprise firms can remediate threats and apply countermeasures to cyber attack risks.
  • Federal Directives for Continuous Diagnostics and Mitigation Recorded: Sep 10 2012 35 mins
    Federal agencies face increasing directives for continuous monitoring to help combat new threats. Cyber security professionals must adapt and evolve to this era of hyper security and vigilance. JD Sherry, Trend Micro’s Director of Technology, has 15+ years experience with IT Security and real-world implementations. Join Mr. Sherry as he:

    •Outlines Federal continuous monitoring mandates such as NIST 800-37 and FedRamp

    •Highlights the benefits of continuous monitoring and diagnostics

    •Outlines Best Practices from government entities and lessons learned from industry

    Federal agencies will learn how to remediate threats and apply countermeasures to cyber attack risks.
  • Cloud Computing: Maintaining Security and Privacy on Your Journey to the Cloud Recorded: May 24 2012 47 mins
    For security experts, cloud computing presents a new set of urgent questions and challenges that need to be answered as their organizations begin to demand the ROI that comes with moving to the cloud.

    Cloud infrastructures pose security challenges that are fundamentally different than physical risks. Join Dave Asprey, VP of Cloud Security at Trend Micro, as he covers the top 5 points for maintaining security and privacy as workloads transition to the cloud.

    •Identify security challenges that can limit virtualization and cloud adoption;
    •Transform your data center with security designed for virtualization and the cloud;
    •Learn best practices to help you achieve 99% virtualization; and
    •Empower your servers and desktops to better combat the current and merging threats.
  • Securing the Cloud - Best Practices from Private to Public Recorded: May 23 2012 58 mins
    Join industry leaders representing the top IT security publications, alliances and organizations as they discuss best practices for securing your data in private, hybrid and public environments.

    Panelists:

    Peter Judge, UK Editor, Tech Week Europe (moderator)
    Daniele Catteddu, Managing Director EMEA, Cloud Security Alliance
    David Mortman, Chief Security Architect, enStratus
    JD Sherry, Director - Public Sector IT Security Solutions, Trend Micro
    Jeff Williams, CEO, Aspect Security
  • Building Castles in the Sky: Advanced Persistent Responses Recorded: Apr 27 2012 22 mins
    Cyberspace is not a pacific environment; there is a fight for power in a modern-day colonial movement. As the cyber kill chain has evolved so too must our defenses. The digital insider threat aka the APT (advanced persistent threat) will metastasize in the cloud computing environment of 2012. The use of mobile devices and cloud computing creates a perfect storm for the exfiltration of sensitive data. To tap into the power of Web-based, wireless, and other emerging technologies, and thus build stouter virtual castles in the sky, we must appreciate the evolution of blended threats from the simple virus of yesteryear to the virulent MALFI (multifaceted malware with remote file inclusion, local file inclusion, cross-server attack, and remote code execution) botnet attacks of 2012.

    Rather than endorsing security models that drive us to construct additional defenses and filters that have an increasingly slim chance of stopping advanced threats, the focus within IT development and security must shift to emphasize more aggressive, proactive self-assessment through which “offense can inform defense.” To achieve an advanced persistent response (APR) on our networks, we must blend our cyber defenses so as to realize deep security.

    This presentation will focus on the evolution of the staged and blended attacks and share expertise on organizational strategies and tactics to mitigate risks in the short term and over time.

    Tom Kellermann, a member of the Commission on Cybersecurity for the 44th President, is a trusted cybersecurity advisor and strategist within the federal, state and local government markets. As a security evangelist and government affairs expert, he manages strategic partnerships both domestically and internationally to help increase Trend Micro's profile in emerging technologies and policy issues.
    Tom is a professor at American University's School of International Service and a Certified Information Security Manager (CISM).
Securing Your Journey to the Cloud
Thought leadership webinar series
  • Upcoming webinars (0)
  • Recorded webinars (29)
  • Subscribers (4,692)
Channel RSS feed
Up Down

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Building Castles in the Sky: Advanced Persistent Responses
  • Live at: Apr 27 2012 6:00 pm
  • Presented by: Tom Kellerman, US Vice President of Cybersecurity, Trend Micro
  • From:
Your email has been sent.
or close
You must be logged in to email this
OK