Tuesday, 5 December 2017
12 pm (EST) / 11 am (CST) / 9 am (PST) / 16:00 (UTC)
1 CPE (Members only)
If you could predict how hackers would break into your organization and extract data, you could use this information to design security controls to prevent a data breach. Well, now someone has done it – using a technique called attack path mapping, to understand the probability of the hacker kill chain and quantify the risks, companies can not only reduce risk but design controls better. In this session, MWR security will share how they are using these techniques to not only help companies put controls in the right place but also think like attackers. Instead of building a security strategy based fear and sensationalism, organizations can apply a methodology which instills confidence across the organization. MWR has applied this approach at SGN (Scotia Gas Network), the first fully cloud based utility company in the UK with great success and created an example which the UK NCSC (National Center for Cyber Security) is using to follow.
Sr. Director of Security
Naresh Persaud is Sr. Director of Security at CA Technologies. He has more than 15 years of experience in security & identity management, across roles engineering, architecture, sales, business development, marketing and product management. He has devoted much of his career following the dynamic security industry and helping customers achieve successful outcomes.
Ed has spent a decade in security roles including seven years working for the UK and Australian governments. Ed specializes in cyber risk assessment and risk management. He has a detailed understanding of the risks faced by enterprises, based on interaction with a number of global organizations as a risk consultant, and expert knowledge of cyber adversaries, their motivations and methods, honed over several years as an investigator. Ed has met hackers and their victims, including nation states and Fortune 500 organizations. As Head of Defense, Ed leads a team of security experts who help MWR’s clients identify, assess and treat the risks to their organizations, thereby measurably improving their security.