what every company has in common with all required security in practice?
– not just good thing but right thing
We are protecting, but detection is a MUST
Detection – identify deviation in
Any packet going outside, ip should be in DNS cache otherwise suspicious
Legitimate connections per ip, outgoing traffic is less than incoming. If else suspicious
Generally attackers connect encrypted traffic connection started from inside.
This is 90% caused due to user clicking link/opening exploited app – social engg.
Executive Management is worried about Reputational Damage.
Caused by exposure of sensitive data
Majority of threat comes from main variants of malware.
2)1.5M sites/month, DNS attacks, CSS, Phishing
3) DDos Attacks
4) Data – autorun.ini
Is cloud computing a threat as breaking into cloud gives access to vast data. — This is a serous topic that needs to dwelled in.
Getting the right thing is three questions asked – which is the key to handling threats
What is risk? Priority of risk? Cost-Effective solution to mitigate the risk?
Wow…we use it Likelihood and Impact drives the risk calculation which we work this way
We work on (likelihood*consequence)*Impact = RISK