Why Defensive Information Security Fails

Dave Marcus, Director Security Research, McAfee
Defensive technologies are more pervasive and deployed than ever before. At the same time digital threats like identity theft, targeted attacks, so-called APTs, advanced malware and rootkits reach new highs daily. Attacks grow more sophisticated as each day passes and these attacks go seemingly unchallenged by today’s defensive technologies. Why is this?

Defensive InfoSec has lost its hacker mentality and edge. Defensive security has lost its ability to be agile like the attacker. That is why it fails.

To truly be a hacker is to take nothing for granted. It is to take technology or ideas in new directions if only to challenge the assumptions the original answer was based on. Yet today the hacking mentality only seems to have taken r00t on the offensive infosec side. Has defensive infosec ever really stepped back and examined or challenged its original assumptions?
Maybe it’s time for defensive hacking.
Aug 15 2012
35 mins
Why Defensive Information Security Fails
Join us for this summit:
  • Channel
  • Channel profile
Up Down
  • The Rise of Advanced Malware and Evasive Network Attacks Jun 18 2014 4:00 pm UTC 45 mins
    Networking communication protocols make it possible for the internet to work. Unfortunately, criminals can use those trusted systems to obfuscate malicious data and penetrate your network defenses undetected. An advanced evasion technique (AET) is a method of delivering an exploit or malicious content into a vulnerable target so that the traffic looks normal and security devices will allow it to pass through. By combining attacks using several protocol layers, these advanced evasions bypass most existing security solutions undetected. Join us for a review of these attack techniques and a demonstration.
  • Using Sequence Package Analysis to Detect Terrorism and Sedition Jun 17 2014 5:00 pm UTC 45 mins
    This webinar will demonstrate how Sequence Package Analysis (SPA), a new natural language method that utilizes a corpus of annotated training data comprised of a unique set of feature extractions, may detect early signs of terrorism and sedition. Using an SPA-designed BNF table consisting of sequentially-implicative (as opposed to syntactic) parsing structures, this natural language tool searches social media content and recordings of conversations of suspected terrorists to identify (and measure) collusion, collaboration, affinity with other terror or sedition suspects. Whereas conventional text mining methods are hindered by the speech system’s failure to identify keywords (most suspects intentionally refrain from the use of keywords that pinpoint location, names, dates and time), SPA is designed to work around these obstacles in which users refrain from referring to named entities that are likely to flag their communications as suspicious.
  • Combining Gameification with Behavioural Psychology and Cyber Security Jun 17 2014 9:00 am UTC 45 mins
    Generation Y are well versed in interactive gaming technology as these young people move into the world of employment how can we use gameification techniques to assist the security awareness process.

    What are the benefits and challenges of using gameification to build, develop and train security awareness?

    This talk looks at how three leading organisations have come together to provide the next level of interactive game based learning to improve online safety and security.

    Combining Gameification with Behavioural Psychology and Cyber Security expertise CyberSense™ is setting the benchmark standard in the field of staff on boarding using advanced techniques that will be of interest to organisations concerned about the protection of IP, Commercial Data, fraud and other wider security risks and threats.

    Who should attend this presentation: Executives, HR, IT, Training…indeed anyone with an interest in cyber security awareness training and the latest leading edge technologies in company and individual cyber defence capabilities.
  • Secure File Sharing in the Cloud May 14 2014 5:00 pm UTC 45 mins
    Virtually every business has contemplated moving data to the cloud. For many companies, the risk of storing certain classes of un-encrypted data in the cloud is not acceptable. Encrypting data, however, can hinder your ability to share that information with others.

    What you put in the cloud and how you protect it will largely determine what you, and to some degree, what an adversary can do with it. This webinar will discuss different approaches to sharing encrypted data in the cloud, and highlight the benefits and drawbacks of each model.
  • Cloudy With a Lack of Awareness May 14 2014 12:00 pm UTC 45 mins
    Virtually every organisation relies on a standard set of solutions to enable day-to-day operations. These include outsourcing and cloud offerings. It’s right they should – there’s no point re-inventing the wheel every time – and it’s also only normal to expect that the drive to cut costs and increase value will push non-core business processes out of the organisation.

    Growing hyperconnectivity will lead many organisations to increase their dependence on these accepted solutions. However, they will become increasingly unreliable. So are you prepared with alternatives if the things you’ve built your trust around come crashing down?

    This webcast will examine the key areas of potential vulnerability regarding cloud storage, providers and data management, providing key insights into how to manage these vulnerabilities to ensure the maximum benefit and minimum risk.
  • Contain Yourself - Analysis of BYOD Secure Containers May 13 2014 5:00 pm UTC 45 mins
    In today's world, everyone wants access to information from his or her personal mobile device. As a business, this includes your customers and/or employees. What if the information they want access to is highly sensitive? While it's tempting to resist these pressures for security reasons, providing mobile access can be a significant competitive advantage and most importantly keep your customers and employees happy and productive. The reality is that in order to survive in a connected world, we must provide a way to meet these demands without sacrificing security.

    Organizations have begun moving from "managed devices" to a Bring Your Own Device (BYOD) model where company resources can be accessed and stored on unmanaged devices. As you can imagine, there are some inherent risks with this approach due to the organizations inability to enforce policies on personal devices. There is currently a huge market for solutions that allowing enterprises protect their data on unmanaged devices. Enter "Secure Containers” and “Application Wrapping". The basic premise of these solutions is that it allows organizations enforce policies at the application layer rather than the device layer. For example, authentication, remote wipes, lockouts and data encryption can now be enforced on a per application basis. Application Wrapping is a technique, which allows the ability inject their own code into existing iOS applications. Once injected, existing iOS method implementations can be overwritten to enforce these policies. In a nutshell, you can have an existing application and have it wrapped so that it enforces various defined policies and secure it without developers having to manually implement it.
  • Getting Started with Business Continuity May 7 2014 5:00 pm UTC 60 mins
    From natural disasters to hacking attacks, your business needs a plan to respond to adverse events and keep on going. That’s the goal of Business Continuity and Stephen Cobb helps you lay the groundwork for a successful strategy for your organization.
  • Considerations for Ramping to a Big Data Network Monitoring Architecture, Part 2 May 7 2014 5:00 pm UTC 60 mins
    This is a continuation of our 2-part series on Big Data Visibility with Network Packet Brokers (NPBs).

    Big data techniques and technologies can be powerful tools for scaling network monitoring and forensics. They can also facilitate new use cases for network data, potentially beyond the scope of Operations.

    Gordon Beith, Director of Product Management at VSS Monitoring, will discuss practical considerations for migrating to a Big Data Visibility Architecture, including:
    • Accommodating network volume, velocity and variety using sophisticated hardware preprocessing and APIs
    • Metadata versus flow statistics versus full packet capture – considerations and use cases for each
    • Open versus proprietary formats for storage
    • Pros and cons of integrated capture/storage/analysis solutions versus separate capture/ storage solutions coupled with virtualized analysis probes
    • Addressing retrieval in an “open” forensics model
    • Leveraging a distributed computing framework for processing large-scale data stores
  • Leveraging a Big Data Model in the IT domain, Part 1 Apr 30 2014 5:00 pm UTC 60 mins
    This is part 1 of our 2-part series on Big Data Visibility with Network Packet Brokers (NPBs).

    Even as network data has exploded in volume, velocity and variety, network monitoring solutions have been behind the curve in adopting new technologies and approaches to cost-effectively scale and accommodate a widening virtualization trend. Customers are demanding greater freedom in how applications are deployed and are moving to a consolidated, shared model of data using big data frameworks, such as Hadoop, which enable large-scale processing and retrieval for multiple stakeholders.

    Join Andrew R. Harding, VP of Product Line Management at VSS Monitoring, as he discusses:
    - Big data and its implications for network monitoring and forensics
    - Why network monitoring solutions are lagging from a virtualization standpoint and why this is a problem for network owners
    - How certain traditional network monitoring functions will eventually be offloaded to adjacent technologies
    - How Network Packet Brokers can accelerate the adoption of virtualized probes, “open” storage, and big data technologies within network management / monitoring
    • How a Big Data Visibility architecture can enable network data to become part of the “big data store,” allowing it to integrate with the rest of enterprise data
  • BYOD Challenges, Recommendations & Best Practices from Box Apr 24 2014 3:00 pm UTC 60 mins
    85% of enterprises permit BYOD, but only 25-30% of them actually have policies and technology to manage these devices. What is your business doing to ensure that the content on that device stays secure, regardless of what device your employees are using? If you are considering moving to a BYOD strategy or are in the midst of doing so, join this webinar to learn how to develop and execute a BYOD plan in your company. We'll talk about major challenges from creating a BYOD strategy and best practices from ensuring that the content on your device stays secure with Box.
  • The New IT - How the World of Work is Changing and What IT Needs to Do to Adapt Apr 23 2014 5:00 pm UTC 60 mins
    The future of work sees changes to how employees work, how managers lead, and how organizations are structured. However, technology still remains the central nervous system of organizations and things like enables flexible work, collaboration, communication, and BYOD. In short, IT helps organizations be competitive. But how is IT changing in the context of new work behaviors and expectations, a multi-generational workforce, the cloud, globalization, and many of the other trends that are shaping the world of work? Join us in this session as a panel of experts debates and explores how IT is changing and what the future of IT looks like.
  • Modern Malware and the need for Remediation Innovation Apr 23 2014 5:00 pm UTC 45 mins
    Malware today is very different from just a few years ago. Traditional AV technology is no longer able to consistently and fully remediate or defend against today’s most advanced threats. New and emerging threats such as ransomware, social engineering driven attacks and micro variant financial threats are just some examples of difficult to remediate infections. This presentation will take a look at the malware landscape and explain why these tactics are so effective against traditional AV technology. We will examine three specific families of infections and highlight their tactics to evade detection and what issues occur with remediation. Lastly, we will talk about Webroot’s innovation and how our SecureAnywhere AV solution is capable of defending against, and remediating today’s most advanced threats.
  • Data Protection and Compliance: Where Encryption Applies Apr 23 2014 3:00 pm UTC 60 mins
    Organizations of all sizes face a number of industry and regulatory compliance mandates. Whether its PCI DSS, SOX, HIPPA or FISMA, these regulations are changing to accommodate the ever-growing threat to sensitive data.

    Join Dave Shackleford, IT security consultant and founder of Voodoo Security, as he breaks down these updated requirements and how to remain current while securing your business.

    Attend this webcast and learn:
    - Best practices for protecting data in today’s complex security landscape

    - Latest updates to compliance mandates pertaining to data encryption

    - What these updates mean to your security teams.
  • Panel: Securing Documents and Data In A Mobile World Apr 22 2014 3:00 pm UTC 60 mins
    Once upon a time, a knowledge worker accessed proprietary
    documents on a company-owned desktop computer within the corporate
    firewall. Today's work environment is dramatically different - sensitive
    data and proprietary documents are increasingly produced and accessed
    outside the firewall, on employee-owned devices. Virtual collaboration is
    growing, and the cloud is redefining security paradigms even further. Yet,
    some things remain the same. Intellectual property must be protected,
    regulations must be complied with, and individual identities,
    authentication and privileges must be dynamically managed. This panel will
    look at how changing use cases and scenarios are changing the threat
    landscape for corporate IP, and how leading vendors are rising to the
    occasion to help enterprises meet these challenges. It will also discuss
    best practices in developing and executing a forward-looking IP protection
    strategy.
  • Security Metrics to Manage Change: Which Matter, Which Can Be Measured? Apr 17 2014 6:00 pm UTC 45 mins
    Successful organizations run on key metrics and IT security should be no different. But which security metrics should operations, management and the boardroom be focused on? Factories focus on “days without an accident” Is the cyber parallel “days without a breach?”
    What to measure, how to measure, and how to communicate performance is key to improving the security team’s effectiveness and standing within the organization. Information like:
    - Which departments have access to which servers?
    - Who are the privileged users and when are they most active?
    - Where are the assets with vulnerabilities that can be reached from outside?
    - When are security defenses like firewalls likely to maxout?
    Join Dr. Larry Ponemon, Chairman & Founder of the Ponemon Institute, for key results of a new research study on security metrics and change management, and Jody Brazil, Founder, President and CTO of FireMon, for a pragmatic perspective on generating actionable metrics from your network security infrastructure and reducing the risks of relentless change.
  • Big Data Security: Challenges, Strategies and Tools Apr 17 2014 5:00 pm UTC 60 mins
    The webinar will explore the challenges facing security professionals concerning the prevalent and ever-increasing risks to Big Data Security, recommended strategies for closing the gaps, and tools and techniques for keeping Big Data secure.
  • Security Ratings: A Big Data Approach to Measuring and Mitigating Security Risk Apr 17 2014 4:00 pm UTC 45 mins
    The increasing volume of breaches we hear about in the news highlights the challenge risk managers face in working to address cyber risk. Current assessment methods, while insightful, are inadequate due to the pace at which security postures change, leaving organizations vulnerable and exposed in the blink of an eye. In order to truly reduce security risk, managers need more insight and better tools that allow for continuous visibility into the ever-changing network environments they are administering.

    Join Stephen Boyer, CTO and co-founder of BitSight Technologies, and Oliver Brew, Vice President of Professional Liability at Liberty International Underwriters (LIU) for this webinar to discover:

    - Why measuring security risk is difficult and how some assessment methods leave organizations vulnerable to threats and financial loss

    - How forward-looking organizations are using Big Data to reduce risk, increase transparency and address new regulatory requirements

    - Case Study: How LIU is using Security Ratings to mitigate risk
  • The Security of Big Data: An Enterprise Perspective Apr 17 2014 3:00 pm UTC 45 mins
    Everyone knows that there are risks associated with moving enterprise data to a Cloud and everyone knows the huge potential that the analytics of Big Data can bring especially when using the Cloud, but what happens when these two converge.

    The presentation will discuss some of the security and privacy challenges associated with Big Data in the Cloud and will present a number of key initiatives that the ODCA have done to support enterprises that wish to take this step.
  • Building Your Backup and Recovery Checklist Live 60 mins
    Join backup and recovery experts to find out how to build your backup and recovery requirements checklist. By the end of this session, you’ll learn how you can:

    -Cut storage requirements by up to 80%
    -Save on storage costs and performance hits to your network.
    -Leverage near-instant recovery technology for protected virtual machines or servers.
    -Automate application-aware backups and testing for data corruption.
  • The Cybersecurity Framework is here, now what? Live 60 mins
    Now that NIST has published Version 1.0 of the Framework for Improving Critical Infrastructure Cybersecurity, the long awaited CSF, what are the implications for companies? How can the CSF help your business improve its defenses? Cameron camp investigates.
For Certified Members and Information Security Professionals Globally
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (C|EH), Computer Hacking Forensics Investigator (C|HFI) and EC-Council Certified Security Analyst (E|CSA)/License Penetration Tester (L|PT) programs, and various others offered in over 60 countries around the globe.
Try a powerful marketing platform for your videos and webinars. Learn more  >

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Why Defensive Information Security Fails
  • Live at: Aug 15 2012 4:00 pm
  • Presented by: Dave Marcus, Director Security Research, McAfee
  • From:
Your email has been sent.
or close
You must be logged in to email this