SLIDE 1
Security Trends & Tactics
AND Strategies of UETN
The Quilt Winter Member Meeting 2018 Presented by Troy Jessup, UETN
2400 Baud of Technical Excitement
Pretty Sure this begins to date me...
2400 Baud of Technical Excitement Pretty Sure this begins to date - - PowerPoint PPT Presentation
2400 Baud of Technical Excitement Pretty Sure this begins to date - - PowerPoint PPT Presentation
Security Trends & Tactics AND Strategies of UETN The Quilt Winter Member Meeting 2018 Presented by Troy Jessup, UETN 2400 Baud of Technical Excitement Pretty Sure this begins to date me... DDoS Attacks on the Decline? Mitigation at
SLIDE 2
SLIDE 3
DDoS Attacks on the Decline?
Mitigation at the ISP level is more effective, Fewer Attacks are
- ccurring.
Threat is not entirely gone however.
SECURITY TRENDS...
SLIDE 4
Cyber Liability Extending
Responsibility for data and data storage practices becoming more regulated.
SECURITY TRENDS...
SLIDE 5
Internet of Things the brewing crisis.
IoT Devices are increasing risk, but much of the risk is not understood.
SECURITY TRENDS...
SLIDE 6
Ransomware is changing.
Focus on Cryptocurrency mining is surfacing.
SECURITY TRENDS...
SLIDE 7
Botnets Reign
More sophisticated malware is being used to C&C
SECURITY TRENDS...
SLIDE 8
Network Scanning is faster, and more targeted
Scanning at the rate of 10,000,000 hosts/sec Its becoming easy and fast to catalog targets for new attacks.
SECURITY TRENDS...
SLIDE 9
Timeframe for Action is quickly Shrinking.
Attacks are much more quickly following vulnerability announcements.
SECURITY TRENDS...
SLIDE 10
SLIDE 11
Companies Compromising Security for Business Models
Emerging more and more. The "Not so friendly Device"
SECURITY TRENDS...
SLIDE 12
Cisco Issues "Smart Install"
Critical issues for Cisco device networks and services.
SECURITY TRENDS...
SLIDE 13
Spectre / Meltdown The aftermath...
Critical Update for Tenant Networks, slightly less critical for public systems. Don't join the Panic!
SECURITY TRENDS...
SLIDE 14
if A = true { } process this data if B = true { } process this data if all = false { END }
Speculative Evaluation
speculative processed data is managed
- utside protected memory.
SLIDE 15
UETN STRATEGIES FOR SECURITY
AREAS OF FOCUS
SLIDE 16
Deeper Monitoring Capabilities and Tools Development
Using better tools and monitoring options to catalog threats.
UETN STRATEGIES FOR SECURITY
SLIDE 17
- Dr. Ray Timothy
Executive Director of UETN
Gary Herbert
Governor of the State of Utah
SLIDE 18
UETN OPERATIONS CENTER
SLIDE 19
Penetration Testing Services for Connected Tenants
In-Depth Testing to Identify threats, and establish baseline effectiveness of security controls.
UETN STRATEGIES FOR SECURITY
SLIDE 20
Supporting strategies for independent security personnel
Working with tenants to build better security support in connected networks.
UETN STRATEGIES FOR SECURITY
SLIDE 21
Security Focused Organization
UtahSAINT Organization SAINTCON Conference
UETN STRATEGIES FOR SECURITY
SLIDE 22
Security Briefings and Education
Security Briefing Calls Every 2 Weeks Includes Quilt Members
UETN STRATEGIES FOR SECURITY
SLIDE 23
Mentoring / Intern Programs
Providing assistance to connected organizations to send IT/Security Professionals to UETN for internships.
UETN STRATEGIES FOR SECURITY
SLIDE 24
UETN CHALLENGES FOR SECURITY
AREAS OF FOCUS
SLIDE 25
Monitoring Security
- n Large Pipes...
100Gbps Pipes
make Monitoring Difficult. 3rd Party Tools are not in the 100GB space yet.
CHALLENGES IN SECURITY
100+ Gbps
SLIDE 26