The threat landscape has evolved, but security investments have largely remained the same. A disproportionate percentage of budgets are spent on prevention, yet targeted attacks and advanced threats can easily evade these controls.
Attend this webinar and hear from special guest speaker Rick Holland, Forrester Research's Principal Analyst, as he joins Damballa CTO Brian Foster to discuss ways to shift focus and dollars from prevention to detection and response to give you the best defense against today's threats.
Discussion topics include:
Security for today's targeted attacks and advanced threats;
Shifting focus from prevention to detect and respond methods;
How to use automated breach defense for rapid response.
Today's advanced threat landscape is growing, with the variety of attacks far outnumbering security controls most enterprises need to effectively prevent compromises. News headlines read like a who's who of corporate enterprises - Target, Neiman Marcus, New York Times, and Lockheed to name a few. No matter what the attacks are called - advanced persistent threats (APT), advanced malware, or targeted attacks - today's prevention-based security will eventually fail to detect them and allow infections to penetrate the defensive walls. And with today's mobile workforce, devices are more likely to be compromised off network. Rapidly finding, tracking and mitigating the compromised devices before a data breach or theft of intellectual property is paramount.
Cyber threats will always be asymmetrical to our IT security, since threat actors will always have the first move. The traditional approach of looking for malware signatures or filtering bad web URLs are easily evaded. Experts now recommend a different approach to only relying on prevention-based security; a "detect and respond" layer is also necessary. Detecting infected devices by monitoring the network and focusing on situations that present significant danger becomes the security team's top priority, and mitigating risk from breaches becomes the driver for IT security investments.
Brian Foster brings over 25 years of successful product management and development experience to Damballa. Recently, Brian was senior vice president of product management for consumer security at McAfee, where he directed the strategy and development of consumer and mobile security solutions. Before focusing on consumer, Foster also directed the strategy and development of McAfee's enterprise security solutions. Foster expanded McAfee's enterprise product line to over 80 products, played key roles in numerous acquisitions including the Intel acquisition, and took an integral role in creating McAfee's differentiated technical strategy around Integrated and Deep Security. Foster spent over 20 years at Symantec growing from technical support to roles in software engineering, project management, development, and product management on lines such as Norton Utilities and Norton AntiVirus.
Principal Analyst, Forrester Research
Rick Holland is a principal analyst at Forrester Research, where he serves Security & Risk Professionals. Rick works with senior information security leadership, providing strategic guidance on security architecture, security operations, and data privacy. His research focuses on incident response, threat intelligence, vulnerability management, email and web content security, and virtualization security. Rick speaks at security events including the RSA conference and SANS summits. He is regularly quoted in the media and is a frequent guest lecturer at the University of Texas at Dallas.
Prior to joining Forrester, Rick was a solutions engineer with a national information security reseller and service provider. He advised Fortune 500 clients on security strategy and architected enterprise security solutions. Before that, he worked in both higher education and the home building industry, where he focused on intrusion detection, incident handling, and forensics. Rick also served as an intelligence analyst in the US Army stationed in the US, Europe, and the Middle East.
Rick holds a B.S. in business administration with an MIS concentration (cum laude) from the University of Texas at Dallas. Rick is also a Certified Information Systems Security Professional (CISSP), a Certified Information Systems Auditor (CISA), and a GIAC Certified Incident Handler (GCIH).