Cisco Cybersecurity Analyst Specialist Certification James Risler, CCIE #15412 @JimRisler [email protected] BRKCRT-2206 Agenda Understanding the Problem • Why a Cybersecurity Analyst Specialist • Certification Understanding the Job Role of a • Security Analyst Topics included on the Exam • How to Prepare for the Certification • Exam Conclusion • The Problem… Ebay Anthem JP Morgan Chase Target Univ. of MD Neiman Marcus TJ Maxx Sony Zappos LinkedIn Citigroup http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/ Breaches Happen in Minutes… But go Undetected for Months or Years Seconds Minutes Hours Days Weeks Months Years Initial Attack to Initial In 60% of Compromise 10% 75% 12% 2% 0% 1% 1% breaches, data is stolen in hours Initial Compromise to Data Exfiltration 8% 38% 14% 25% 8% 8% 0% Initial Compromise 54% of breaches to Discovery 0% 0% 2% 13% 29% 54% 2% are not discovered for Discovery to months Containment/ Restoration 0% 1% 9% 32% 38% 17% 4% Timespan of events by percent of breaches Source: 2013 Data Breach Investigations Report, compiled by 18 organizations that contributed data Threat Landscape is Evolving… Enterprise Antivirus IDS/IPS Reputation (Global) Intelligence and Response (Host-Based) (Network Perimeter)and Sandboxing Analytics (Cloud) Spyware APTS Increased Worms and Rootkits Cyberwar Attack Surface 2000 2005 2010 Tomorrow The Evolution of Cyber Threats ILOVEYOU Viruses (1990s) Melissa Defense: Anti-Virus, Firewalls Anna Kournikova Nimda Worms (2000s) SQL Slammer Defense: Intrusion Detection & Prevention Conficker Tedroo Botnets (late 2000s to current) Rustock Defense: Reputation, DLP, App.-aware Firewalls Conficker Aurora Directed Attacks (APTs) (today) Shady Rat Strategy: Visibility and Context Duqu Why a Security Analyst Common Attacks Methods • Challenges facing Organizations • Security Analyst Skills • Security Investigation Process • Functional Model for Security Analyst • Examples of Security Analyst Tools • Common Attack Methods Social Engineering Technical Exploit Zero-day Attack
Description: