APTs and the Failure of Prevention

Starts: Thursday 03 March 2011, 3:15PM

Finishes: Thursday 03 March 2011, 5:30PM

Venue: Uni Pub, Level 3, Uni Pub, 17 London Circuit, Canberra

Topic: APTs and the Failure of Prevention - Today's advanced persistent threats (APT) evade both detection and prevention by current approaches to network security - whether you want to believe it or not. Most organisations have developed an over-reliance upon network-layer, perimeter-focused solutions that require signatures or statistical-based foreknowledge of each technical threat. As proven through endless security breaches over the last few years, most legacy solutions are obsolete with each new action of focused adversaries such as cyber criminals and nation-state groups, and because of their ever-changing methods, including targeted and zero-day malware, obfuscation, and covert network channels.

This session focuses on the true nature and sources of today's advanced threats, and describes solution characteristics, both technology and operations-related, which are required to combat these threats and close critical network visibility gaps. Mr Schwartz will demonstrate techniques that will enable your organisation to identify and stop zero-day malware, targeted attacks, and sophisticated data leakage, and to improve overall network visibility. The session will utilise actual technical case studies from leading commercial and public sector organisations to illustrate highly effective operational methods for enterprise network security monitoring.

Attendees will learn:

  • The true nature and sources of threats facing public and private organisations and the gaps in current network visibility.
  • The technical reasons that advanced persistent threats are evading current perimeter-based point solutions such as IDS, log monitoring and flow-based technologies.
  • A new approach to enterprise network monitoring and incident response.
  • Specific examples of adversary exploits (demonstrations) similar to trends observed within organised crime groups and state-sponsored attacks.

Presenter: Mr Eddie Schwartz

Mr Schwartz is Chief Security Officer of NetWitness and has 25 years experience in the information security and privacy fields. Previously, he was CTO of ManTech Security Technologies Corporation, EVP and General Manager for Global Integrity, SVP of Operations at Guardent, CISO for Nationwide Insurance; and as a Senior Computer Scientist at CSC he was Technical Director of the DSS Information Security Laboratory. Mr Schwartz has advised a number of security companies, and served on the Executive Committee for the Banking Information Technology Secretariat (BITS). Mr Schwartz has a B.I.S. in Information Security Management and an M.S. in Information Technology Management from the George Mason University School of Management.