Roberto Langdon, Nicolas Orlandini, KPMG: One way companies can expand their expertise is by bringing in security intelligence to pinpoint problems, identify anomalies and highlight unusual or suspi-cious activity. Intelligence can help in two ways. First, an “early-warning-as-a-service” can reduce the vulnerability thre-at window: the time between the detec-tion and the remediadetec-tion of an attack.
Intelligence can also provide a broader picture of global threats than any one or-ganization could gather on its own. Secu-rity is an ecosystem; organizations need to know what is going on externally as well as internally. Organizations can expand their own intelligence by using Threat Intelligence tools for consolidating, analyzing and sharing information about their own security threats with peers and competitors. While this is a sound idea in theory, sharing information with competi-tors is not something many organizations are willing to do—yet. Understanding the threat landscape and knowing your ene-my with security intelligence is another.
What you can’t prevent, you should try to detect. And what you can’t detect, you should be prepared to respond to quickly.
Andrew Bagrin, My Digital Shield: Simplifi-cation as opposed to flexibility. Security needs to start making a stand and force software developers to start following standards when they communicate across the network.
Ondrej Krehel, LIFARS: Better integration and multiple source management.
Wade Lovell, Simpatic: Threat modeling for real-time response will become the new norm even in small organizations.
David Clarke, VCiso: Threat Intelligence may be the catalyst to make IT safe.
T OOLS OF THE TRADE
What new trends will we see on threat
intelligence?
W HO IS
WHO
Rick Blaisdell
Experienced CTO, creating technical strategies which reduce IT operational costs and improve efficiency. Rick has 20 years of product, bu-siness development and high -tech experience with Fortu-ne 500 companies, develo-ping innovative technology strategies, with particular expertise in cloud computing integration, delivering cost effective IT services, strategic planning and deve-lopment for Information Systems, and creating in-novative businesses nation-state cyber battlefield when he founded the In-formation Warfare Depart-ment at the Israeli Air For-ce. Under his leadership, the IWD pioneered the use of data manipulation for conduc-ting risk and cyber security maturity assessments for large enterprises. Prior to PwC, Shay participated in establishing the first TTP Certificate Authority in Isra-el.Shay’s unique blend of private and public sector experience and deep understanding of how cyber risk evolves and impacts an organization’s bottom line hel-ped crystallize his vision for Cytegic. He received his bachelors and masters degrees in computer science from the Open University of Israel, and his Executive MBA from Northwestern University and Tel-Aviv University, upon graduating from Mamram, the IDF (Israeli Defense Forces) technical elite unit in 1990.
Wade Lovell Simpatic, CEO
Wade Lovell has founded eight companies with $200+
million in stakeholder re-turns. Wade began his
Re-Sec Technologies Ltd, CEO and Co-Founder
Lt. Commander Israel Navy has more than 10 years of management experience in several leading companies and startups in Israel and US.
Michael A. Goedeker, Auxilium Cyber Se-curity: The push for more automation will eventually happen. We have started this process by being the first company to in-troduce our copyrighted concept of the
„Self Protecting Network”.
Mark Bennet, Blustor: As more employees telecommute and the workforce continu-es to become more mobile, network secu-rity will continue to evolve to better support granting secure and remote ac-cess to enterprise networks. A key con-cern is positively identifying that a remote employee is, in fact, who they claim to be at the point of entry into the network. We will see the incorporation of biometrics as one of the key solutions. Companies will also discover that storing an employee’s biometrics in a centralized location comes with tremendous liability in the event that data ever becomes compromised. Solu-tions such as BluStor’s CyberGate platform are uniquely positioned to help address those types of risks.
Leon Kuperman, Zenedge: Increased DDOS attacks in both size and complexity.
Increased penetration into corporate ne-tworks, where threat actors wait and stay longer without detection. New attack methods for hiding command / control communication.
Wade Johansen, CouriTech LLC: It will continue to grow as a field, and busines-ses will be required meet new standards if they want to trade at global levels.
Wade Lovell, Simpatic: I anticipate a rise in the adoption of security appliances and air-gapped internal networks in 2016 (similar to the structure of the 1970’s and early 1980’s when each company had its own mainframe that did not communica-te with the outside world).
Julie Herold, Kenny Herold, Odin’s Eye:
“All your eggs in one basket” – We see SaaS, PaaS, IaaS, with many tenants beco-ming a target for network pivoting betwe-en organizations and/or the presbetwe-ence of malicious faux companies establishing presence to increase the proximity to tar-geted organizations.
Mitchell Bezzina, Guidance Software:
Expect more breaches where organiza-tions had detected compromise long be-fore data theft, but mishandled the origi-nal response. This trend will continue to drive changes in incident response pro-cess, and the depth of forensic investiga-tion.