Reports of network intrusions have spiked in recent years resulting in millions in financial loses, theft of intellectual property, and exposure of customer information. The groups responsible for these attacks are organized and can persist in your organization's systems and endpoints without detection for 6 months on average – sometimes years. The approach many organizations take to prevent these attacks is to simply layer on increasing numbers of defensive solutions – clearly this approach is no longer sufficient.
Learn why the current defense in depth model, as it is applied in many organizations, leaves critical gaps which allow attackers to remain undetected. Chris Gerritz, Infocyte’s Founder and the former Chief of Defensive Counter Cyberspace Operations for the U.S. Air Force AFCERT team, will discuss:
- The Defense in Depth model from an attacker kill chain perspective
- Why defense is important, but it is not the only factor to deliver security
- Where threat hunting and post-compromise detection fit in the model
