Overview
Explore intelligence-driven security strategies in this 42-minute conference talk from GrrCON 2014. Delve into the RSA perspective on cyber-espionage growth and detection, point of sale intrusions, and the increasing strength of attackers. Learn why security teams are missing attacks and how to increase efficiency beyond traditional SIEM approaches. Discover the shift in priorities and capabilities needed to understand everything, investigate and remediate faster, and implement risk-based data collection. Examine the move from log-centric approaches to an intelligence-driven architecture, and understand the power of a risk-based approach. Gain insights on planning and training for cyber defense, along with the benefits of adopting these advanced security methodologies.
Syllabus
Intro
The RSA Perspective
Cyber-Espionage Growth
Cyber-Espionage Detection
Point of Sale Intrusions
Attackers Are Getting Stronger
Security Teams Are Missing Attacks
Teams Need To Increase Efficiency
SIEM Is Not Enough
Shift in Priorities and Capabilities
Understand Everything
Investigate & Remediate Faster
Risk-based Data Collection
Move From Log-Centric Approach
Intelligence-Driven Architecture
The Power Of A Risk-Based Approach
Planning Cyber Defense
Train For Cyber Defense
Benefits