Add to collection(s) Add to saved
  1. Business

download/Silicon Valley ISSA meeting May 19

advertisement 
Silicon Valley ISSA meeting May 19,2015
Topics
Chapter Business
President’s Report
RSA Social
Ratify new members
VP Brian Kennedy
Recording Director – James Carr
Both candidates were nominated, seconded, and approved by the membership
present at the meeting.
Cornerstones of Trust meeting status
June 16 in Foster City
Members were urged to register as soon as possible.
Board members present provided a status
Discussion on moving the SV ISSA future meetings closer to the center of SV.
Bill Danigelis has offered to sponsor at his company, Cyphort Inc, at intersection
of 237 and Great American Parkway
Speakers for July and August set. Looking for speakers for Sept and onward. There is
no meeting in June because of Cornerstones of Trust
July Meeting: Integrity Verification Trumps Signature–based Solutions in Detecting
Malware on Linux Systems
August meeting: Legal Concepts in Cybersecurity
Jim Carr invited DeAnza students in his security classes to the meeting and seven were
able to attend.
Speaker
CyberArk founded in 1999. The speaker, Barak Feldman, has been with the company
since 2001.
Title of the presentation: Protecting And Monitoring The Privileged Pathway - A New
Layer Of Security To Protect The Heart Of The Enterprise From Advanced Cyber
Threats
Speaker: Barak Feldman is West Coast Director for the Privileged Account Security
solution portfolio at CyberArk Software.
Barak Feldman discussed best practices that focus on proactively protecting and
monitoring all privileged account activity inside the network, covering all IT assets within
the data center. We will discuss this new dimension modern attackers are focusing on the keys to the kingdom and the most power they can achieve within an organization
infrastructure.
Privileged accounts create a huge attack surface.
Privileged accounts exist in every connected device, DB, application, industrial
controller, etc.
Typically 3x ration of privileged accounts to employees
Privileged access
System Admins
3rd party and services providers
Applications
Select business users
Social network account managers
Barak provided a comment that most executives: “would rather be breached than have
an application break.”
Other topics
Social engineer to get password of twitter account, then send out messages signed by
the user.
External attackers assume privilege account so it looks like an insider
Anthem system admin went on vacation and when he returned, found there was activity
using my accounts and passwords, when he was gone
Use “jump servers” Manage devices in a separate security zone. Managing a host in a
DMZ from a trusted network, for example.
RSA SecurID breach.
Ukrainian election breach
Carbanak/Anunak
Sands casino attack
Steps to stop advanced threats
Discover all your privileged accounts
Protect and manage privileged account credentials
Control, isolate, and monitor privileged access and activity on servers and DBs
Related documents
Community Initiative - RCCG Cornerstone Worship Center
Community Initiative - RCCG Cornerstone Worship Center
User Behavior Monitoring
User Behavior Monitoring
this File - SOCTEC1-EN
this File - SOCTEC1-EN
Sunglasses
Sunglasses
- Cloud Security Alliance
- Cloud Security Alliance
Standards for individuals with privileged access
Standards for individuals with privileged access
Homework No
Homework No
Click to View Presentation
Click to View Presentation
Chapter 10
Chapter 10
Chad Froomkin (CyberArk) - The New Cyber Battleground
Chad Froomkin (CyberArk) - The New Cyber Battleground
PL1 - Security
PL1 - Security
Please provide
Please provide
Download
advertisement