Thursday, January 9, 2014

CPE: McAfee AudioParasitic: Episode 67: Risk management part 2/2

lenght 00:23:21

how user's malaise or lack of malaise quantifiable?

One way to check it it: during login: prompt a security related challenged question randomly.
User has to answer 10 questions correctly before they can login.
Then check if it is getting faster or longer for the average user to login.

At the end of the day it is the user who put the network at risk.

Once you got the metric is it really difficult to get the message to the CxO.

latest trends:
1. Application white listing
similar to PCI
McAfee acquired SolidCore.
the world of bad stuff is HUGE and it is growing
BUT the number of known good is relatively small
idea: blended solution <- white listing that blending 2. File integrity monitoring monitors file system, registry, directory tree. preventing changes in real time white listing and file integrity is nothing new, but finally folds realize: all these stuff that people had been screaming may be it was a good idea <- full blown product. is it amazing how long it takes before people realize that 10 ago people were saying the same thing: TCP wrappers, tripwire, pgp... in the future we will be able to make a better quantitative metric compare to qualitative. big part of SOX: cyber control government is getting more and more involved -> there will be more regulation

at the time time cyber crime will adapt to new regulation

risk management role:
- make things as much automated as possible
- killing the 80/20

but 1% left will be the professions malware write getting more sophisticated and more esoteric

risk and compliance: is all about auditing.
-> if you do it properly you can do it once and reporting many many times
-> the effort will be reduced

solidcore: when product and technology works out of the box.

Labels: ,


Post a Comment

Subscribe to Post Comments [Atom]

<< Home