Presented by: Rick Howard, CSO, Palo Alto Networks

With all of the negative press about how weak the collective good-guy cyber defenses are, there is reason to hope. Today I discuss four cyber security innovations that not only work but will fundamentally change how we will all do our jobs in the future. Some of our community are leaning forward with these ideas and showing us the way. They are teaching us how to transform our tactical Incident Response teams into strategic intelligence organizations. They are changing our old-school thinking of deploying tactical signature defenses into the more modern Kill-Chain and Indicators-of-Compromise methodology. They are breaking new ground on how to share threat indicator information between peers. Finally, they are adopting next generation firewall technology to replace the very old last generation technology.

Key Take-Aways:

Rick Howard began with a review of security measures commonly used to counteract  ever- evolving threats to data.  Perimeter firewalls and signature scan methodologies are too restrictive to meet today’s demands of BYOD and social media.  New strategy has four pillars: 1) intelligence response team 2) Kill-chain methodology 3) Information Sharing and 4) Next generation capability in firewalls. These are designed to address vulnerable points that could invite attack.   Howard suggested a comprehensive plan of multi-layer security planning attack analysis. First comes the understanding that an attack has to go through several stages before it can be successful in achieving its goals. 
These stages typically involve:
information gathering
preparation of the appropriate weapon
delivering the weapon to a soft point, 
exploiting command and control functions, and finally 
taking action against the operator. 
A kill chain approach would detect the pattern of attacks in any of these points and track them. In the next stage the attack group signature is shared with other vendors of security software. Defense improves when all security vendors collaborate.