Its the start of a new year and amidst the countless predictions flooding the internet, one things for certain 2019 is shaping up to be the year of cloud adoption. Analysts are expecting that enterprise adoption of cloud will ramp up significantly, but with this migration and the continued adoption of mobile and IoT technologies, the attack surface is changing dramatically and this has major implications for security.
Fundamentally, security boundaries extend from on premises infrastructure to cloud service provider environments where perimeters no longer exist. Organizations cannot defend themselves with the same strategies and tactics that applied when it did. In this brave new world of cloud, IoT and mobile technology, organizations must be agile and shift, extend, and evolve their perimeter-based defense practices to those that are more robust. Further, a comprehensive defense in depth approach enables defense of high value assets amidst a more unpredictable cyber security landscape that cannot be defined by old boundaries.
Watch this recorded webinar to hear SANS Principal Instructor, Alissa Torres, Fidelis Chief Scientist, Dr. Abdul Rahman and Cyber Security expert, Tom Clare, discuss how organizations can evolve their approach to the fundamentals of a defensible security architecture toward a more robust strategy that is strong enough to defend organizations from the threats of today, and the zero-day threats of tomorrow.
Topics discussed include:
- How organizations can identify the assets that need protecting using the SANS Top 20 CIS Controls to understand your asset inventory.
- How to get a clear understanding of your own terrain by correlating endpoint and network sensors to gain a reliable asset DB that describes the cyber terrain of an enterprise.
- How to best identify your exploitable locations by Intersecting common vulnerability and exploit (CVE) data with the Asset DB to determine the hosts that have vulnerabilities.
- Best practice for protecting your most valuable data by Identifying the hosts that are likely to be used for lateral movement as well as using updated signatures/rules and leveraging visibility to protect the hosts that are critical to business operations.
- Next steps Improving your defensive postures and using decoys to confuse adversarial recon.