1 / 7

Enhancing Cyber Security: Detection and Response Strategies Workshop

Join Dale Drew from Global Security Level 3 Communications, LLC for an engaging workshop focusing on advanced detection and response techniques in cyber security. We will cover essential tools for monitoring trends, utilizing Netflow and SFlow for real-time detection, integrating physical security, and developing skilled personnel for incident response. Explore industry and government information sharing forums, the importance of vigilant vendor coordination, and address the growing threat of social engineering attacks. Equip yourself with the knowledge to enhance your organization's defenses.

damita
Télécharger la présentation

Enhancing Cyber Security: Detection and Response Strategies Workshop

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. FCC Cyber Security WorkshopPanel 2: Detect and Respond Dale Drew, Global Security Level 3 Communications, LLC

  2. Detection: The Tools • Monitoring for trends and techniques • Industry and government forums • Grey and Blackhat forums • Netflow & SFlow– Core and Edge • Real time detection of events • Netflow & SFlow – better sampling capability needed • DPI - Swarming • Element log files • Registration data • Physical Security integration • Etc

  3. Detection: The Tools • People • Skilled and trained personnel are key! • Regular incident testing • Continuous training • Attacks are becoming much more social in nature • Go after the infrastructure by attacking the people who operate it

  4. Detect and Respond: Commercial • Plenty of formal and informal avenues exist to share information • Who to include/exclude often becomes the problem • ISP Threat sharing forums • Vendor coordination – although becoming more difficult • On the topic of vendors • Edge vendors are becoming more versatile, more capable in detecting/stoping attacks • Core vendors care about speed

  5. Detect and Respond: Government • Plenty of formal and informal avenues exist to share information • Circle of trust is easier here • MANY forums to choose from • Information sharing needs to be more bi-directional

  6. ISP Needs • Vendors to be more accountable for security of their products • Better capable DPI systems • Better Netflow monitoring capabilities • More information sharing between forums and from the Government • More focus on the Layer 8 (end user) problem; social networking attacks • Captcha + passwords?

  7. Thank you!

More Related