Building Castles in the Sky: Advanced Persistent Responses

Tom Kellerman, US Vice President of Cybersecurity, Trend Micro
Cyberspace is not a pacific environment; there is a fight for power in a modern-day colonial movement. As the cyber kill chain has evolved so too must our defenses. The digital insider threat aka the APT (advanced persistent threat) will metastasize in the cloud computing environment of 2012. The use of mobile devices and cloud computing creates a perfect storm for the exfiltration of sensitive data. To tap into the power of Web-based, wireless, and other emerging technologies, and thus build stouter virtual castles in the sky, we must appreciate the evolution of blended threats from the simple virus of yesteryear to the virulent MALFI (multifaceted malware with remote file inclusion, local file inclusion, cross-server attack, and remote code execution) botnet attacks of 2012.

Rather than endorsing security models that drive us to construct additional defenses and filters that have an increasingly slim chance of stopping advanced threats, the focus within IT development and security must shift to emphasize more aggressive, proactive self-assessment through which “offense can inform defense.” To achieve an advanced persistent response (APR) on our networks, we must blend our cyber defenses so as to realize deep security.

This presentation will focus on the evolution of the staged and blended attacks and share expertise on organizational strategies and tactics to mitigate risks in the short term and over time.

Tom Kellermann, a member of the Commission on Cybersecurity for the 44th President, is a trusted cybersecurity advisor and strategist within the federal, state and local government markets. As a security evangelist and government affairs expert, he manages strategic partnerships both domestically and internationally to help increase Trend Micro's profile in emerging technologies and policy issues.
Tom is a professor at American University's School of International Service and a Certified Information Security Manager (CISM).
Apr 27 2012
22 mins
Building Castles in the Sky:  Advanced Persistent Responses
Join us for this summit:
More from this community:

Virtualization

Webinars and videos

  • Live and recorded (1878)
  • Upcoming (67)
  • Date
  • Rating
  • Views
  • This webinar is presented by McAfee and Intel to help customers understand their Data Protection solution from McAfee and to get the most business value out of their Intel based endpoints. Products that apply to this webcast include McAfee Complete Data Protection Suites, featuring Endpoint Encryption, and EPO Deep Command to extend the reach of your IT department to lower your total cost of ownership. The webinar will include a special highlight on Intel® Core™ vPro™ Processors and associated technologies that increase productivity and hardware-assisted security in the enterprise. This webcast is provided as a 35-40 minute overview and includes 5-10 minutes of Q & A.

    Join this webinar on Data Protection and learn about:
    • The key features of Data Protection and how it can provide you with the security you need
    • Use cases on utilizing the synergy between Intel® vPro™ and McAfee Data Protection technologies to reduce your overall TCO
    • How you can extend the reach of your IT team with the ability to remotely wake up or even power on PC’s, remediate “disabled” endpoints and remotely reset pre-boot passwords
    • How to securely manage your endpoints from a single console while simultaneously providing self-service features for your end-users
  • The multi-award winning PowerEdge VRTX now has even more amazing features packed into the extremely compact and amazingly quiet chassis.

    The Dell PowerEdge VRTX brings order to chaos, redefines IT operations and allows you to deploy performance anywhere.
    PowerEdge VRTX is a powerful, scalable, easy to manage solutions platform, optimized specifically for office environments. Clear up the complexity of disparate hardware, multiple management tools, and hardware sprawl with an optimized platform that integrates server nodes, storage, networking and management into a compact 5U chassis.

    Although initially designed with the express goal to deliver on the specialized needs of remote office/branch office (ROBO) environments the PowerEdge VRTX has found itself being deployed in a huge range of locations and solutions due to its power and flexibility.

    •Office-optimized dimensions, acoustics, and security
    •Virtualization-ready
    •Scalable, integrated shared storage to harness data explosion
    •Simplified systems management
    •Simplified networking to fit small business budgets
    •Highly available and easy to service
    •Flexible installation with both rack and standalone options.

    Join us to hear how VRTX and its new features could help you radically rethinking your organisations IT solutions. Get ready to be amazed by how powerful simplicity can be.
  • McAfee is unique among secure web gateway solution providers with its hybrid delivery model, which provides the flexibility to deploy a web gateway on-premises, in the cloud, or in combination. In this session, McAfee will discuss details of the hybrid web protection deployment model and the various elements that comprise it, along with provide guidance on to choose the deployment scenario that best addresses your organization’s specific business needs.
  • Mobile workers are increasingly demanding access to mission-critical data and apps from personal smart phones, tablets and laptops. However, co-mingling of personal and business data and apps on mobile devices creates risk of business data loss and introduction of malware. What are the risks and what technologies can businesses deploy to enable productivity while protecting from these threats ?

    •Learn about the risks introduced when personal and business data and apps co-mingle on mobile devices
    •Learn about available technologies and technology trends to address these risks.

    Join Dell to understand the risks introduced when personal and business data co-mingle on mobile devices and technologies to consider to protect corporate data.
  • Forty-four states, DC and four territories have adopted the Common Core State Standards (CCSS). This means that school districts across the country are planning for 100% online assessments during the 2014-2015 school year. One of the most important conditions needed for being able to administer online assessments is network infrastructure readiness.
    Attend this 30-minute webinar and join Gavin Lee, Senior K-12 Business Development Manager at Juniper Networks, to discuss the critical network must-haves that all school districts should consider when looking to deploy a robust and supportable network. You will also receive practical guidance on how to get the most out of your network infrastructure and how to best prepare for the CCCSS assessments:
    • Consortia network infrastructure
    • Wired and wireless network capabilities
    • Robust network security
    • Network support readiness
    • Juniper Networks network infrastructure readiness resources
  • Décrouvrez les solutions Networking Dell, Convergence, 10Gb et administration centralisée
  • Dell Présente lors du CRIP une approche concrète des PRA/PCA en 90 secondes
  • Heartbleed is not an exploit you want to ignore as an IT professional. It exposes passwords and cryptographic keys, and requires not only that you patch OpenSSL for each of the services using the OpenSSL library, but also that you replace the private keys and certificates so that attackers won’t be able to use any of the data compromised by the vulnerability. The simplicity of the exploit makes it powerful. It appears that over a half million websites are vulnerable.
    In this session we'll cover:
    What you need to know about the Heartbleed vulvnerability
    How to detect it using AlienVault USM
    How to investigate successful Heartbleed exploits
  • Software-defined networking offers the potential for an open network platform, hosting diverse applications, running over multiple technologies and vendors’ equipment. Openness is arguably the key to widespread SDN adoption, and the elusive goal of multi-vendor interoperability.

    This session will address the implications of Openness on SDN, including the evolving role of standards and OpenSource Software, including an examination of why the Open Networking Foundation, Network Functions Virtualization, and OpenDaylight are indicative of the future of networking.
  • Rob Sherwood, CTO of Big Switch Networks, will present an end-to-end open source technology stack for SDN R&D, spanning switch hardware, software and SDN controllers. He will touch on the Open Compute Projects' switch design, Open Network Linux, Project Indigo, Project Floodlight and others. He will also discuss how these projects fit together, their various evolutionary paths, and how this stack fits in the landscape of emerging commercial and open source SDN products.
  • Channel
  • Channel profile
Up Down
  • Windows XP: Survival & Migration Guide for Mid Enterprise Firms May 20 2014 5:00 pm UTC 60 mins
    After thirteen years, the last Microsoft patch for its popular OS has been distributed. Experts estimate that XP’s installed base is up to 30% of all devices; some organizations seem to have no plans to change. But end-of-support means no security fixes, patches or software updates. XP users are expected to become the target of hackers, according to research firm Gartner. Join Trend Micro’s threat researcher Christopher Budd as he outlines 5 tips to stay protected. Budd will also delve into security implications and recommend migration steps for Mid Enterprise organizations of all industries.
  • Anatomy of the Target Stores Breach: Lessons Learned May 8 2014 5:00 pm UTC 60 mins
    Target Stores has invested millions in "next gen" cyber security and had received PCI certification. And yet hackers compromised its systems and credit card data during the busy retail holiday season. Over 70 million people were impacted. Join Ken Donze/Senior Engineer - Trend Micro as he outlines the breach, how people and processes were impacted, and how warnings and false positives were overlooked. As more and more firms consolidate data centers and invest in new solutions, how can human error and social engineering be mitigated and risks managed? How can organizations balance risk and security investment? What Best Practices and controls are recommended?
  • Cyber Threat Defense Report Recorded: Apr 22 2014 61 mins
    Trend Micro sponsored an extensive security survey of businesses in North America and Europe. Conducted by Cyber-Edge Group, LLC, a premier research and marketing firm, the survey examines the current and planned deployment countermeasures for establishing effective cyber defenses. This webinar will reveal the significant findings from the survey and accompanying report and is intended to provide IT security decision makers with a better understanding of how their perceptions, concerns, priorities – and most importantly – current defensive postures stack up against those of other IT security professionals and organizations. Key highlights from the report include:
    • One in four security professionals doubt whether their organization has invested adequately in cyber threat defenses.
    • Over 60% of respondents were affected by a successful cyber-attack in 2013, but less than 40% expect to fall victim again in 2014.
    • Mobile devices (smartphones and tablets) are perceived as IT security’s “weakest link”, followed by laptops and social media applications.
    • One in four organizations lack the tools necessary to properly investigate the root cause and material impact of network security breaches.

    Join Mark Bouchard, Vice President with Cyber-Edge Group and Jon Clay, Director of Global Threat Research with Trend Micro, for this webinar to learn more about the state of cyber threat defenses among today’s businesses and gain a better understanding of what you can do to improve your defenses going forward.
  • Optimizing Security for Amazon Web Services Recorded: Apr 2 2014 62 mins
    This webcast focuses on securing AWS deployments. Join Trend Micro's Mark Nunnikhoven, Principal Engineer for Cloud Technolgies, as he recaps the realities of securing today's hybrid cloud environments and approaches for securing critical applications and data.
  • SharePoint Security Risks & Compliance: Best Practices for Governing Recorded: Mar 19 2014 50 mins
    Organizations are generating vast amounts of content and, with mobile access, enterprise social collaboration and cloud solutions, employees are sharing information in new ways, continually expanding how we collaborate. Microsoft SharePoint has become the corporate information hub for most organizations, and SharePoint content is often coming from internal employees as well as external partners and clients. This presents new risks to organizations like the inadvertent exposure to sensitive information, malware entering the enterprise and regulatory compliance issues. It’s important to consider if you are protecting yourself against these types of security risks and compliance issues. Is your corporate SharePoint Strategy using the best practices available for information security and governance? In this live webinar, Antonio Maio, Microsoft SharePoint MVP, and Chris Taylor, Trend Micro Director of Global Product Marketing, will discuss how current shifts in SharePoint utilization can create risks and compliance concerns for even the most veteran users and IT organizations
  • Defend Your Organization from Emerging Cyber Attacks Recorded: Feb 20 2014 62 mins
    Are you confident that your organization is fully protected from the emerging digital crimes occurring today? Join cyber security experts and learn why your data has monetary value in the cyber market.

    This educational webinar will be highly interactive, bringing together industry practitioners from Trend Micro’s Forward-looking Threat Research (FTR) Team and Dell SecureWorks’ Counter Threat Unit (CTU) team to help you combat the cyber underworld. This webinar is free to attend, but space is limited so register today!
  • TARGET-ed Attacks: What Retailers Need to Know about Recent Data Breaches Recorded: Jan 30 2014 47 mins
    The recent high-profile breaches at Target and other retailers—that reportedly lifted personal data from over 100 million customers including one-third of US citizens—has many retailers, including Trend Micro customers, wondering whether they are protected from a similar type of custom attack. During this webinar, security industry expert JD Sherry—a frequent guest on Fox News regarding the recent retail data breaches—will share an initial analysis of publicly available information by Trend Micro’s threat research team. IT security professionals and business leaders in retail and other industries will gain a deeper understanding of the data breach based on Trend Micro’s past experience with similar attacks. You also will learn about proven practices to create a layered defense as an effective strategy to detect and prevent Target-like attacks.
  • Threat Predictions 2014 - Enterprise Edition Recorded: Jan 28 2014 41 mins
    2013 saw enterprise, government and F100 firms all face catastrophic insider threats and data breaches. What does 2014 hold for Enterprise organizations with widely dispersed devices, a shrinking sense of privacy, supply chain risks and ever-increasing compliance requirements? How can larger firms optimize security ROI ?
    Please join Jon Clay, Sr. Manager of Threat Research at Trend Micro, for this LIVE webcast. He will outline the 2014 security risk assessment from Trend Micro’s CTO Raimund Genes, along with the 1,500 global threat researchers staffing the frontlines. You will have an opportunity to ask questions of the experts and learn from peers.
    TOPICS INCLUDE: Lessons learned from 2013; threat assessment for 2014; data breach insights; risks of legacy exploits; viewpoint of law enforcement; and staying a step ahead of cyber criminals.
    AUDIENCE: IT decision makers, risk & compliance teams, network engineers, infrastructure professionals, security architects, and frontline managers who want increased visibility into the 2014 security environment.
    PRESENTER: Jon Clay, Sr. Manager, Trend Micro’s Threat Research Group. Jon Clay is responsible for managing threat communication and serving as a public speaker for the wide range of core technologies within Trend Micro. He has been with Trend Micro for over 17 years and has held previous roles in Sales Engineering and Training. Jon has a BS in Electrical Engineering with a Minor in Computer Engineering from Michigan State University.
  • Threat Predictions 2014 - SMB Edition Recorded: Jan 28 2014 55 mins
    2013 was a banner year for malware, breaches and insider threats. SMB firms with limited IT staff, expertise and security funding can be challenged to identify and mitigate these never-ending risks. What does 2014 hold for security in the cloud, at the endpoint and the mobile professional? What steps can SMB firms take to protect themselves?
    Please join this LIVE webcast with Jon Clay, Sr. Manager of Threat Research at Trend Micro. He will outline the 2014 security risk assessment from Trend Micro’s CTO Raimund Genes, along with the 1,500 global threat researchers staffing the frontlines.

    TOPICS INCLUDE: Lessons learned from 2013; looking into the future of security threats; implications for SMB firms on a budget; and highlights on cloud, mobile and endpoint security risks

    AUDIENCE: IT decision makers, business owners and managers, security teams and frontline managers who want increased visibility into the 2014 security environment.

    PRESENTER: Jon Clay, Sr. Manager, Trend Micro’s Threat Research Group. Jon Clay is responsible for managing threat communication and serving as a public speaker for the wide range of core technologies within Trend Micro. He has been with Trend Micro for over 17 years and has held previous roles in Sales Engineering and Training. Jon has a BS in Electrical Engineering with a Minor in Computer Engineering from Michigan State University.
  • Addressing Dropbox Security Concerns Recorded: Jan 15 2014 48 mins
    Dropbox and other sync-and-share cloud services are growing rapidly. While there are productivity and convenience benefits, it also creates important security and compliance concerns. Is your confidential data safe in the cloud? Who has access to it? What security controls does Dropbox offer? What options are out there? Join Steve Duncan from Trend Micro who will address these security concerns in a 45-minute webinar. Gain a better understanding of the scope of Dropbox-type use, related security risks, and uncover more robust alternatives that solve these concerns.
  • Realize Higher ROI On Security Spending Recorded: Nov 13 2013 56 mins
    Organizations are seeing large increases in targeted attacks and advanced persistent threats (APTs). Often these advanced attacks involve multiple stages, spanning email, web, traditional endpoints, and corporate servers. Security professionals invest in security controls at each layer of the network stack to protect against these multi-faceted attacks. While multiple security point-products may be used, some prefer to purchase their solutions from a single vendor for better overall management and fewer gaps in security. Forrester, in a recent Total Economic Impact™ Study commissioned by Trend Micro, interviewed current Trend Micro customers, who identified reduced security-related issues and remediation time, faster security reporting tasks, consolidated vendor costs, improved end-user productivity, and overall a positive ROI since investing in and deploying a solution based on Trend Micro enterprise security products.
  • Why Traditional Anti-Virus Protection Is Not Enough Recorded: Nov 12 2013 37 mins
    Learn the factors as to why traditional Anti-Virus is no longer enough to protect your businesses from the risks posed by complex security threats of today. Macky Cruz, Lead Security Engineer for TrendLabs, outlines how the changes in digital trends and technologies introduce stealthier and multi-platform threats.
    • Discover what kinds of security threats plagued SMBs.
    • Understand how malware infection and information theft can impact your businesses
    • Learn how comprehensive security can protect your businesses from security risks.

    Who should attend this webinar: This webinar has been designed to cater to both technical and non-technical viewers. It is especially useful for IT personnel and SMB owners and/or decision makers.
  • Grading 2013 Security Threat Predictions from Trend Micro Recorded: Sep 24 2013 33 mins
    Each year Trend Micro predicts what the threat landscape will be in the next year. In this presentation we will review and grade how most of these predictions have rated. From APTs to Zbot, you will receive information on a variety of security topics discussed in our 2013 predictions developed by Trend Micro CTO, Raimund Genes, and our threat researchers from across the globe. Watch and listen as Jon Clay, Security Technology Expert with Trend Micro, shares the results.
  • Using "Big Data" to Identify and Protect Against Global Computing Threats Recorded: Sep 24 2013 22 mins
    Every computing system is globally linked; desktops, servers, laptops, tablets and handheld devices. They all access information through networks corporates don’t control, thus increasing these devices and their organizations to greater risk of contamination. This webinar discusses how Trend has utilized global “Big Data” gathering to enhance our risk identification and analysis, deliver better intelligence thus protection through a global cloud infrastructure we call Smart Protection Network. This SPN extends Trends risk identification and protection reach exponentially over conventional technology in its ability to find global threats, identify trends and dynamically deliver this intelligence and protection to local customers on a global basis.
  • Stay Protected - Think Like a Hacker Recorded: Sep 16 2013 28 mins
    The greatest operational and reputational risk a corporation faces is cyber. Today's hackers have evolved their capabilities and organization. The FBI 's number one criminal priority is cybercrime. This webinar will spin the chess board on hackers. Tom Kellermann/VP of Cyber Security at Trend Micro will outline how understanding offensive tactics can improve your defensive cyber posture.
  • Next Gen Incident Response: 3 Key Challenges Recorded: Aug 20 2013 45 mins
    In today’s global economy, IT professionals and security decision makers must combat the ever-changing threat landscape and actors that are keen on disrupting their organization. Securing virtualized and cloud ecosystems has become a top priority for both security-centric and C-level executives. JD Sherry, VP of Technology and Solutions for Trend Micro, will explore the top 3 challenges that organizations of all sizes are taking to manage Incident Response in an always-under-attack environment. He will outline the evolution facing Incident Response and how it fundamentally changes in this new paradigm of cloud computing and third-party hosting infrastructures.
  • Protect your IT Infrastructure to Prevent Targeted Attacks Recorded: Jul 23 2013 38 mins
    For most organizations, the network perimeter has expanded and blurred with the proliferation of social networking, remote access, and cloud computing. In addition, with the evident constant stream of new viruses, worms, rootkits, denial of service (DDoS) attacks and other security threats achieve substantial publicity; such threats don’t usually receive notice until significant damage has already occurred. And operations like yours are frequently required to provide a degree of network access to vendor partners and customers so that they can access pertinent information. With all of these potential entry points, it has never been more imperative for IT stakeholders to proactively support a comprehensive risk management strategy.

    Join Trend Micro and CDW to learn how to protect your organization from the various forms of sophisticated attacks aimed specifically at your users, your gas control systems, your customers’ information, or all of the above. CDW has the expertise, product and the services to help control and mitigate your risk exposure before damage has already occurred with Trend Micro Deep Discovery as a customizable solution specific to your environment as a part of your Defense in Depth strategy. Reduce your exposure.
  • Exposing Risks and Opportunities of Mobility & Consumerization in Education Recorded: May 21 2013 40 mins
    The explosion of consumer technologies are changing the Information Technology landscape as we know it. While mobility and consumerization can introduce many risks, it also opens up an enormous productivity opportunity that needs to be exploited! Dive into the latest threat landscape as it relates to mobile as well as how security is actually enabling education!
  • The Cybercriminal Underground Recorded: May 10 2013 28 mins
    This presentation will discuss the most recent information on advances within the cybercriminal underground. Discussion will revolve around the different cybercriminal business models used within the underground and how this affects you. From Organized crime to the Mentor/Apprentice models we’ll give you information you need to better understand how the underground economy works.
  • Advanced Security Options for Mid Market Business Recorded: Mar 13 2013 45 mins
    Mid Market organizations face even greater security threats than before. Their organizational growth and assets – be it intellectual property, PII or credit card data – increases the risk of a breach or targeted attack. Limited IT staff wearing many hats may find it challenging to keep up with the ever-changing threat landscape.

    Join us for this webinar and gain a deeper understanding of the:

    · Threats that Mid Market firms face across physical, virtual and cloud environments

    · Three security steps that SMB firms can implement to enhance their security posture today

    · Advanced Persistent Threats aimed at higher-risk Mid Market firms and how to overcome

    · Resources and expertise available to augment organizational security

    Comware CEO Charles Carlson in this webinar invites guest JD Sherry to share his security expertise with Mid Market businesses as well as protecting state and local governments. JD Sherry, Director of Product and Technology at Trend Micro, has significant mobile and cloud experience in developing secure, scalable IT solutions designed to meet strict compliance and payment card regulations.
Securing Your Journey to the Cloud
Thought leadership webinar series
Try a powerful marketing platform for your videos and webinars. Learn more  >

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Building Castles in the Sky: Advanced Persistent Responses
  • Live at: Apr 27 2012 6:00 pm
  • Presented by: Tom Kellerman, US Vice President of Cybersecurity, Trend Micro
  • From:
Your email has been sent.
or close
You must be logged in to email this