ebook img

Practical Handbook and Reference Guide for the Working Cyber Security Professional PDF

388 Pages·2016·8.61 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Practical Handbook and Reference Guide for the Working Cyber Security Professional

! ! ! ! ! ! !!!!!! ! ! ! Designer!–!Vision!Creative! Finance!–!M&T!Bank! Administration!–!navitend!! Promotion!–!Braithwaite!Communications!! Research!–!TAG!Cyber!LLC! Lead!Author!–!Dr.!Edward!G.!Amoroso!! ! TAG!Cyber!LLC!! P.O.!Box!260,!Sparta,!New!Jersey!07871! ! Copyright!©!2017!TAG!Cyber!LLC.!All!rights!reserved.! ! This!publication!may!be!freely!reproduced,!freely!quoted,!freely!distributed,!or!freely!transmitted!in! any!form!or!by!any!means,!electronic!or!mechanical,!including!photocopying,!recording,!or!any! information!storage!and!retrieval!system!without!need!to!request!permission!from!the!publisher,!so! long!as!the!content!is!neither!changed!nor!attributed!to!a!different!source.!! ! Security!experts!and!practitioners!must!recognize!that!best!practices,!technologies,!and!information! about!the!cyber!security!industry!and!its!participants!will!always!be!changing.!Such!experts!and! practitioners!must!therefore!rely!on!their!experience,!expertise,!and!knowledge!with!respect!to! interpretation!and!application!of!the!opinions,!information,!advice,!and!recommendations!contained! and!described!herein.!! ! Neither!the!author!of!this!document!nor!TAG!Cyber!LLC!assume!any!liability!for!any!injury!and/or! damage!to!persons!or!organizations!as!a!matter!of!products!liability,!negligence!or!otherwise,!or!from! any!use!or!operation!of!any!products,!vendors,!methods,!instructions,!recommendations,!or!ideas! contained!in!any!aspect!of!the!2017!TAG!Cyber!Security!Annual!volumes.!The!opinions,!information,! advice,!and!recommendations!expressed!in!this!publication!are!not!representations!of!fact,!and!are! subject!to!change!without!notice.!TAG!Cyber!LLC!reserves!the!right!to!change!its!policies!or! explanations!of!its!policies!at!any!time!without!notice.!! ! ! ! !!!!!Page!2! 2017%TAG%Cyber%Security%Annual% % % !!!!!! ! ! ! ! ! ! ! ! ! ! September!1,!2016! To!the!Reader:! ! I!wrote!every!word!of!this!2017%TAG%Cyber%Security%Annual%based!on!my!experience,!opinion,!and! research!–!and!I!wrote!it!for!one!purpose:!To!serve!as!a!useful!guide!for!Chief!Information!Security! Officer!(CISO)!teams.!My!desire!was!to!make!all!three!volumes!of!the!2017%TAG%Cyber%Security%Annual! free!to!practitioners,!and!any!other!persons!or!groups!who!might!find!the!content!useful.!To!that!end,! roughly!fifty!cyber!security!vendors!served!as!sponsors,!agreeing!to!distribute!this!Annual!with!no! pre]arranged!agreements!about!the!nature!of!the!analysis!included.!They!kindly!offered!their!advice,! expertise,!and!knowledge!in!the!development!of!this!report!–!and!to!that!end,!they!are!referenced! here!as!distinguished%vendors.!Without!their!assistance,!this!report!would!not!exist.! ! As!with!any!researcher,!I!must!admit!to!my!biases.!With!the!publication!of!this!report,!I!am!only! several!months!removed!from!three!decades!of!proud!service!to!the!customers!and!people!of!AT&T.! During!that!time,!I!poured!my!heart!and!soul!into!the!development!and!operation!of!the!vast! assortment!of!cyber!security!services!that!the!company!continues!to!market.!To!that!end,!it!is! impossible!for!me!to!remain!unbiased!in!my!conviction!that!these!services!are!world!class,!and!that! the!underlying!promise!of!AT&T’s!software!defined!network,!led!by!John!Donovan,!to!support!on] demand!virtualized!cyber!security!will!prove!to!be!exactly!the!right!technical!and!infrastructure! approach!to!stopping!advanced!malicious!actors.! ! Furthermore,!I!have!served!proudly!over!the!years!on!a!variety!of!informal!advisory!boards!for!cyber! security!vendors,!such!as!Koolspan,!over!the!past!decade.!I!also!serve!as!an!independent!director!on! M&T!Bank’s!Board!of!Directors,!as!a!Senior!Advisor!to!the!Applied!Physics!Lab!at!Johns!Hopkins! University,!and!as!an!Adjunct!Professor!in!the!Computer!Science!Departments!at!the!Stevens!Institute! of!Technology!and!New!York!University.!While!none!of!these!affiliations!should!introduce!any! untoward!bias,!all!inevitably!have!some!bearing!on!the!advisory!material!included!here.!Discussions! with!students!and!faculty!at!Stevens!and!NYU,!in!particular,!have!had!considerable!influence!on!my! opinions!regarding!cyber!security!technology.!! ! You!will!notice!that!the!research!presented!here!differs!significantly!from!the!advisory!work!of!firms! such!as!Gartner!and!Forrester.!Where!such!firms!rank!vendors!based!on!in]depth!feature!analysis,! my!approach!is!to!try!to!educate!readers!in!the!fundamentals.!The!emphasis!is!therefore!on!broad! themes!that!are!likely!to!remain!constant,!rather!than!detailed!feature]by]feature!comparisons!that! can!change!in!an!instant.!Also,!the!decision!to!avoid!rankings!is!made!in!the!observation!that!all! vendors!provide!some!value!to!their!customers!–!or!they!would!not!be!in!business.!And!the!familiar! process!of!“asking!around”!to!see!what!“customers!are!saying”!is!both!unscientific!and!misleading!–! not!to!mention!fraught!with!the!conflicts!that!arise!when!advisory!firms!sell!consulting!services!to! the!same!vendors!they!are!ranking.! ! One!major!caveat!regarding!this!2017%TAG%Cyber%Security%Annual!is!that!the!reader!must!expect!a! plethora!of!errors!and!inaccuracies,!especially!in!Volume!3,!where!facts!about!company!names,! product!offerings,!and!executive!positions!change!so!quickly!that!it!is!impossible!to!keep!up.!But!this! should!not!detract!from!the!usefulness!of!the!report.!Readers!should!use!the!volumes!as!an!Alpha! Guide!to!their!own!understanding,!and!should!take!the!initiative!to!augment!this!guide!with!their! own!research,!which!hopefully!will!be!shorter!and!easier!based!on!the!material!provided!here.!! ! I!hope!that!this!guide!is!useful!to!you.!Expect!updates!–!and!a!completely!revised!edition!next!year.! ! Dr.!Edward!G.!Amoroso,!Chief!Executive!Officer,!TAG!Cyber!LLC! ! ! ! !!!!!Page!3! 2017%TAG%Cyber%Security%Annual% % % !!!!!! ! ! Purpose!and!Overview!of! 2017!TAG!Cyber!Security!Annual! ! The!purpose!of!this!2017%TAG%Cyber%Security%Annual!is!to!assist!the!women!and!men! who!are!tasked!with!protecting!their!organizations!from!the!potentially!damaging! effects!of!cyber!attacks.!Throughout!the!report,!these!dedicated!cyber!defenders!are! referred!to!as!members!of!Chief!Information!Security!Officer!(CISO)!teams.!The! report!provides!CISO!team!members!with!detailed!technical!and!architectural! guidance!based!on!fifty%specific%controls!that!support!the!reduction!of!cyber!risk.! Offering!cyber!security!guidance!based!on!a!control!methodology!is!hardly!a! new!idea.!Literally!dozens!of!cyber!security!frameworks!are!available!to!working! professionals.!What!is!unconventional!here,!however,!is!an!underlying!security! framework!that!uniquely!embraces!cloud,!virtualization,!and!mobility!as!solutions! rather!than!problems.!It!is!a!cyber!framework!that!seeks!to!support!proactive! avoidance,!rather!than!just!passive!acceptance,!of!malicious!attacks.!! The!underlying!architectural!framework!of!this!report!consists!of!a!three] step!infrastructure!improvement!process!that!every!CISO!team!should!embrace:!In! Step!1,!they!must!explode%their!perimeter]based!infrastructure!into!smaller,! distributed!micro]segments.!In!Step!2,!they!must!offload!these!segments!onto! virtualized,!cloud]based!systems!with!advanced!security!protections.!And!in!Step!3,! they!must!reload!their!cyber!security!technology!with!superior!technologies!from! the!myriad!of!expert!commercial!vendors!available.! ! ! ! Figure!1.!Three]Step!Methodology!for!Enterprise!Security!Teams!! ! It!is!argued!throughout!this!report!that!these!three!steps!–!exploding,%offloading,%and% reloading!–!are!absolutely!required!to!stop!the!advanced!cyber!attacks!being!aimed! at!commercial!and!government!systems.!The!case!is!made!in!these!pages!that!these! three!steps!cannot!be!ignored!by!CISO!teams!if!they!wish!to!regain!control!of!their! infrastructure!from!malicious!intruders!and!re]establish!dependability!and!trust!in! the!computing!and!networking!systems!that!support!our!world.!The!argument!is! ! !!!!!Page!4! 2017%TAG%Cyber%Security%Annual% % % !!!!!! ! ! made!repeatedly!here!that!the!consequences!of!following!the!familiar!perimeter] dependent!path!are!simply!unthinkable.! The!report!does,!however,!recognize!the!practical!and!budgetary!realities!of! the!modern!enterprise,!and!that!no!CISO!team!can!simply!wave!a!magic!wand!and! move!their!applications!and!systems!to!some!micro]segmented!cloud!with!advanced! machine]learning!analytics.!To!that!end,!the!report!includes!specific!guidance!on!the! most!likely!existing!types!of!systems!and!infrastructure!that!will!exist!in!companies! and!agencies!–!including,!for!example,!mainframe!systems.!This!approach!is!taken!so! that!readers!can!translate!the!underlying!three]step!process!and!associated! framework!into!a!feasible!plan.!! This!2017%TAG%Cyber%Security%Annual%is!organized!around!a!comprehensive! set!of!resources,!technical!information,!and!guidance!designed!to!assist!the!CISO! team!with!the!recommended!distribution,!virtualization,!and!improvement!tasks.!It! does!so!in!the!context!of!fifty%specific%cyber%security%controls!that!must!be!present!in! the!CISO!team’s!arsenal!as!they!upgrade!their!infrastructure.!Some!of!these!controls! are!familiar,!such!as!firewall!platforms!and!anti]malware!tools.!But!others!might!be! new!including!security!analytics,!network!monitoring,!and!deception.!All!of!the! controls,!however,!are!relevant!and!essential!to!the!success!of!the!modern!CISO! team.! One!final!point!on!purpose!and!overview:!This!report!is!not!written!for!C] suite!managers!or!board]level!executives,!and!it!is!not!written!to!raise!awareness! amongst!industry!observers!or!politicians!with!casual!technical!backgrounds.!It!is! written!instead!for!the!hard!core,!working!CISO!team!member!professional.!The! report!targets!those!individuals!and!groups!with!the!requisite!experience,!expertise,! and!ability!to!make!decisions!and!to!take!positive!steps!to!improve!our!global!cyber! security!infrastructure.!! So!if!you!don’t!know!the!difference!between!an!IP!packet!and!a!USPS! envelope,!or!if!you!don’t!know!the!difference!between!a!virtual!and!physical! machine,!or!if!you!have!no!idea!why!signature]based!processing!makes!variant! writing!so!easy!–!then!please!toss!this!book!aside.!It’s!not!for!you.!! ! ! ! ! !!!!!Page!5! 2017%TAG%Cyber%Security%Annual% % % !!!!!! ! ! Introduction!to!the% 2017!TAG!Cyber!Security!Annual! ! To!be!successful!at!protecting!infrastructure!from!cyber!attacks,!modern!Chief! Information!Security!Officer!(CISO)!teams!must!attend!properly!to!the!following! four!focus!areas!in!their!organizational!cyber!protection!scheme:! ! 1. Compliance!–!Frameworks!such!as!PCI!DSS,!NIST!SP!800]53,!and!ISO!27000,! serve!as!the!underlying!basis!for!regulatory!and!audit!controls.!! 2. Technology!–!Thousands!of!global!cyber!security!technology!vendors!offer!a! plethora!of!product!and!service!options!for!different!security!environments.!!!! 3. Architecture!–!Evolving!from!the!traditional!perimeter,!new!security! architectures!must!now!focus!on!virtualization,!mobility,!and!cloud.!! 4. Innovation!–!Clever!innovative!strategies!and!techniques!to!protect!assets!are! becoming!more!commonly!found!in!defensive!controls.!! ! The!traditional!security!metaphor!that!emerges!in!this!context!involves!the!use!of!a! fence!to!prevent!attacks.!Where!any!one!of!the!four!focus!areas!might!have!been! sufficient!in!the!past!as!the!basis!for!fence%height,!the!emergence!of!nation]state! actors!has!raised!the!bar!literally,!on!what!is!needed!to!stop!the!most!advanced! cyber!attacks.!! ! ! ! Figure!2.!Cyber!Security!Focus!Areas!–!“Fence!Height”! ! Of!these!four!focus!areas,!cyber%security%compliance!has!received!the!most!attention! in!the!security!community!over!the!past!few!years.!When!a!company!is!hacked,!for! example,!the!recommended!solution!from!managers,!auditors,!and!regulatory! groups!is!based!invariably!on!improved!compliance!controls.!Such!emphasis!stems! from!the!ease!with!which!compliance!control!requirements!can!be!prescribed,! tested,!and!managed.!As!a!result,!most!organizations!find!themselves!dealing!with! multiple!compliance!frameworks!simultaneously,!and!the!result!is!a!relatively! mature!compliance!discipline!(albeit!one!with!continued!policy!violations).! ! !!!!!Page!6! 2017%TAG%Cyber%Security%Annual% % % !!!!!! ! ! In!contrast,!the!proper!selection!of!cyber%security%technology%products!and! services!is!performed!in!a!largely!ad!hoc!manner!from!one!organization!to!the!next.! CISO!teams!will!get!information!on!specific!vendors!from!security!conference! booths,!industry!magazine!articles,!peer!word]of]mouth,!carry]over!vendor!inertia,! and!previous!experiences!by!local!team!members.!Perhaps!worse,!many!CISO!teams! will!obtain!their!guidance!from!analyst!reports!ranking!vendors!into!categories,! often!based!on!criteria!that!might!be!irrelevant!to!the!buyer.!The!result!is!usually!a! hodge]podge!of!selected!product!and!service!solutions,!rarely!optimized!to!the! specific!needs!and!budget!of!the!organization!and!based!largely!on!a!lack!of! information!about!alternate!vendor!options.! The!cyber%security%architecture!that!dictates!how!products!and!services!are! deployed!is!often!more!structured.!Specifically,!enterprise!architectures!have! evolved!from!the!firewalls!of!the!mid]Nineties!to!the!complex!perimeters!found! today.!The!perimeter!is!so!ubiquitous!that!if!an!observer!randomly!picks!a!group!of! companies,!their!perimeters!will!have!roughly!the!same!design,!construction,!and! functions.!This!would!be!true!regardless!of!the!size!or!sector!of!the!company.!Sadly,! however,!these!perimeters!are!now!ineffective!at!stopping!cyber!attacks.!As!a!result,! a!deliberate!shift!to!a!virtual,!mobility]supporting!security!solution!across!a! software!defined!network!(SDN)!will!be!required!for!most!current!and!new!security! architectural!initiatives.!! The!one!security!imperative!receiving!the!least!attention!today!is!cyber% security%innovation.!Unlike!cyber!hackers,!nation]state!cyber!warriors,!and!even! drug!dealers!on!the!Dark!Web!who!continue!to!shift!and!reinvent!their!novel!tactics,! CISO!teams!have!been!boxed!into!pre]scripted!defensive!solutions!dictated!by! regulators!and!auditors.!Such!stiff,!non]inventive!approaches,!sometimes!derisively! referred!to!as!“clipboard!solutions,”!are!another!reason!cyber!attacks!to!businesses! have!been!so!successful.!Clever!innovation!in!cyber!security!solutions!is!therefore! going!to!be!increasingly!required!in!future!state!architectures.!! ! Purpose!of!the! 2017!TAG!Cyber!Security!Annual! ! This!2017%TAG%Cyber%Security%Annual!is!intended!as!a!practical!handbook!and! reference!guide!for!Chief!Information!Security!Officer!(CISO)!team!members.!The! report!offers!CISO!teams!with!guidance!on!fifty!cyber!security!control!areas,!insights! into!cyber!security!industry!market!trends,!and!detailed!vendor!information!to! support!local!architecture!improvements!using!modern!cyber!security!technologies.! This!report!is!written!under!the!firm!assumption!that!the!CISO!team!is!willing!to! distribute%their!infrastructure!into!segments,!virtualize!these!segments!into!cloud] based!systems,!and!upgrade%the!associated!cyber!security!technology!using!modern,! advanced!protection!methods.! Great!effort!has!been!made!to!avoid!turning!this!report!into!a!marketing! contest!between!vendors!over!who!has!the!most!extensive!features.!To!that!end,!this% ! !!!!!Page!7! 2017%TAG%Cyber%Security%Annual% % % !!!!!! ! ! report%specifically%avoids%vendor%rankings,%recommendations,%and%comparisons,!since! such!efforts!are!generally!meaningless!in!the!context!of!the!CISO’s!day]to]day!work! activities.!Smaller!vendors,!for!example,!with!fewer!features!tend!to!rank!poorly!in! popular!advisory!rankings,!even!though!they!might!provide!world]class!support!to! their!customers.!Similarly,!larger!vendors!with!massive!global!offerings!will!tend!to! shine!in!most!advisory!rankings,!even!though!their!products!might!be!too!complex! or!expensive!for!customers!with!only!modest!needs.!! Since!so!much!material!is!included!in!this!report,!it!had!to!be!organized!into! the!following!three!separate!volumes:! ! • Volume%1:%TAG%Cyber%Security%Fifty%Controls!–!Volume!1!introduces!the!fifty! primary!control!areas!required!for!CISO!teams!to!be!more!effective.!These! areas!include!traditional!controls!such!as!firewall!platforms!and!two]factor! authentication!along!with!somewhat!non]traditional!controls!such!as! security!recruiting!and!security!R&D.!For!each!control!area,!an!extensive!list! of!vendors!is!included!to!support!distribution,!virtualization,!and!upgrade.! • Volume%2:%Interviews%with%Distinguished%Vendor%Principals!–!Volume!2! attempts!to!faithfully!reproduce!the!extensive!technical!and!market! discussions!held!with!select!distinguished!cyber!security!vendor!principals!in! the!production!of!this!report.!It!offers!a!brief!digest!of!the!expert!guidance! and!amazing!cyber!security!insights!offered!by!these!principals!during!the! research!stages!of!this!report.! • Volume%3:%TAG%Cyber%Security%Vendor%Listings!–!Volume!3!serves!as!a!sort!of! “Barron’s!Guide”!to!the!cyber!security!industry!–!albeit!with!listings!for!only! those!vendors!which!time!permitted!to!cover.!While!this!2017!version! includes!1337!vendors,!an!additional!separate!list!of!500!more!vendors!will! be!incorporated!into!next!year’s!report.!The!volume!also!does!its!best!to!help! sort!out!the!on]going!mergers!and!acquisitions!in!this!industry.! ! The!material!offered!here!is!designed!specifically!to!address!the!needs!of!both!large! and!small!enterprise!CISO!teams!–!although!the!bias!might!lean!ever%so%slightly! toward!larger!companies!with!more!options.!Companies!and!government!agencies! in!critical!infrastructure!industries!with!large,!complex!enterprise!systems!will!find! the!treatment!here!especially!useful.!Smaller!companies!who!outsource!(or!ignore)! many!of!their!security!obligations!might!find!some!aspects!of!the!report!to!be! beyond!their!basic!size!and!scope.!!! Finally,!the!treatment!here!is!designed!to!have!global!applicability.!While!a! majority!of!the!companies!listed!and!analyzed!are!domestic!to!the!United!States,!a! healthy!percentage!of!the!vendors!included!have!wide,!international!footprints,! serving!customers!in!countries!located!around!the!word.!Many!new!cyber!security! start]ups!have!recently!emerged!in!Israel,!for!example,!and!CISO!teams!should!take! the!time!to!determine!whether!any!of!these!vendors!offer!value!to!their!mission.! Information!about!companies!in!China!and!Russia!tended!to!be!more!difficult!to! ! !!!!!Page!8! 2017%TAG%Cyber%Security%Annual% % % !!!!!! ! ! obtain,!with!most!collected!data!coming!from!Internet!and!Web]based!research,!as! well!as!cyber!security!community!word]of]mouth.! !! TAG!Cyber!“Enterprise!50”!Security!Controls!! ! The!cyber!security!guidance!offered!in!this!report!attempts!to!cover!the!full%range%of! solution!areas!that!must!be!included!to!support!improved!enterprise!cyber!security.! Different!frameworks!such!as!the!NIST!Framework!or!PCI!DSS!might!address!these! solutions!using!alternate!names!and!under!different!groupings,!but!the!treatment! here!was!derived!from!practical!experience!across!various!industries.!Readers! should!have!little!trouble!mapping!the!categories!included!here!to!ones!that!might! have!been!adopted!locally!with!different!names!or!meanings.!! The!treatment!in!this!report!is!unique!in!the!sense!that!it!weaves!technical! recommendations!on!common!and!familiar!areas!such!as!identity!and!access! management!with!areas!that!typically!receive!less!attention!such!as!security! recruiting!and!cyber!insurance.!The!unifying!theme,!however,!is!their!practical! relevance!to!any!CISO!teams!trying!to!improve!defensive!posture.!The!fifty!specific! categories!included!in!the!security!solution!guidance!in!this!section!are!as!follows:!! ! Perimeter!Controls! ! 1. Intrusion%Detection/Prevention!–!Traditional!signature]based!intrusion! detection!and!prevention!products!have!improved!their!accuracy!and!false! positive!rates!recently!through!the!use!of!improved!algorithmic!techniques! such!as!behavioral!profiling!and!contextual!adjustment.!! 2. Data%Leakage%Prevention!–!Enterprise!data!leakage!prevention!(also!known! as!data!loss!prevention)!has!evolved!from!simple!egress!traffic!sniffing!and! file!download!blocking!into!more!comprehensive!data!management!systems! coordinated!with!file!and!record!markings!based!on!sensitivity.!! 3. Firewall%Platform!–!Five]tuple!firewall!products!have!been!enhanced!to!now! incorporate!next]generation,!application]aware!security!policy!enforcement! across!distributed!perimeters!virtualized!over!enterprise!network,!mobile! carrier,!and!public/hybrid!cloud!infrastructure.! 4. Network%Access%Control!–!Local!area!network!admission!and!access!controls! based!on!PC!and!hardware!credentials!are!expanding!their!perimeter]based! enterprise!focus!to!support!more!heterogeneous!arrangements!of!mobile,! cloud,!and!virtual!computing.!! 5. Unified%Threat%Management%–!Small!and!medium!sized!businesses!continue!to! demand!highly!economical,!integrated!product!solutions!for!managing! multiple!security!appliances!such!as!firewalls!and!data!leakage!prevention! systems!through!simple,!common!interfaces.! 6. Web%Application%Firewall!–!Web!application!firewalls!are!evolving!from! appliance]based!gateway!products!that!block!the!familiar!cross]site!scripting! and!SQL!injection!attacks!to!much!more!dynamic,!virtualized!filters!that! ! !!!!!Page!9! 2017%TAG%Cyber%Security%Annual% % % !!!!!! ! ! mitigate!advanced,!zero]day!attacks!in!HTTP!conversations!across! distributed!cloud!systems.! 7. Web%Fraud%Prevention%–!Tools!to!detect!on]line!misuse!of!e]commerce!are! extending!their!original!focus!on!user!account!origination!and!takeover!to! include!more!advanced!fraud!detection!algorithms!such!as!navigational! analysis!and!transaction!monitoring.! 8. Web%Security%Gateway%–!The!use!of!forward!and!reverse!proxies!combined! with!dynamic!filtering!of!URLs!based!on!live!threat!intelligence!continues!to! offer!essential!enforcement!of!organizational!security!and!acceptable!use! policies!for!Web!traffic.! ! Network!Controls! ! 9. CA/PKI%Solutions!–!Certification!authority!(CA)]supported!public!key! infrastructure!(PKI)!solutions!remain!essential!for!secure!e]commerce,! mobile!authentication,!network!encryption,!and!many!other!enterprise!and! infrastructure!applications!such!as!Internet!of!Things!(IoT)!and!Industrial! Control!Systems!(ICS).!! 10. Cloud%Security!–!Security!solutions!for!public,!hybrid,!and!private!clouds! include!cloud!access!security!brokers,!cloud]resident!data!encryption! schemes,!and!virtual!perimeters!for!modern!data!centers!and!software] defined!networks.!!! 11. DDOS%Security!–!DDOS!security!protection!platforms!have!evolved!from! support!for!simple!detection!and!scrubbing!of!volume]based!Layer!3!botnet! attacks!to!now!include!the!detection!and!prevention!of!advanced!Web]based! attacks!at!the!application]level.!!! 12. Email%Security!–!Current!email!security!product!solutions!include!traditional! malware!and!Spam!filtering,!end]to]end!encryption!and!digital!signatures,! and!public!key!infrastructure!controls!designed!to!reduce!the!risk!associated! with!fraudulent!senders.! 13. Infrastructure%Security%–!Modern!enterprise!cyber!security!solutions!rely! heavily!on!the!centralized!protections!embedded!in!Internet!infrastructure! components!such!as!the!familiar!Domain!Name!System!(DNS)!and!Border! Gateway!Protocol!(BGP).!!!! 14. Network%Monitoring!–!Network!monitoring!product!solutions!consist!of! platforms!and!tools!that!are!designed!to!collect!and!process!network!meta] data!and!content!at!line!speed!across!network!gateways!to!support!real!time! security!analysis.! 15. Secure%File%Sharing%–!Enterprise!users!require!secure!means!for!internal!and! external!file!sharing,!information!transfer,!and!project!collaboration!usually! with!encrypted!repository!support.!! 16. VPN/Secure%Access%–%Simple!employee!VPN!tools!have!evolved!to!more! comprehensive!product!platforms!that!support!the!complex!needs!of! ! !!!!!Page!10! 2017%TAG%Cyber%Security%Annual% % %

Description:
contained!in!any!aspect!of!the!2017!TAG!Cyber!Security!Annual!volumes.!The!opinions roughly!fifty!cyber!security!vendors!served!as!sponsors Computer! enforcers!rely!heavily!on!digital!forensic!tools!for!extracting!information! . Several!vendors!dubbed!this!graphic!as!the! . (UTM)!systems.
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.