T.E.N. Knowledge Base

ISE® North America 2017

On the Radar: Attivo Networks offers deception, vulnerability assessment, and response automation  > Download Whitepaper
Attivo Networks develops technology for threat deception, with products for network and endpoint, as well as threat visibility/vulnerability assessment and incident response. Its deception capability works across a company's user network, data center, cloud infrastructure, remote office/branch office (ROBO), industrial control systems (ICS), Internet of Things (IoT), and point-of-sales (POS) networks. Decoys can be made to look like a wide variety of targets, including a human-machine interface (HMI) device in operational technology (OT), an IoT node, or a POS terminal.

The number and variety of apps that are being adopted by organizations—from on-premises apps, cloud-based apps, to mobile apps — is rapidly increasing. While IT continues to deliver new and varying apps, lines of business and even individuals are now also adopting apps independently of IT at an astonishing rate. As a result, employees typically need to authenticate with a dizzying array of systems, from a variety of PC and mobile devices, with each app representing another silo of identity for IT to manage. Identity-as-a-Service (IDaaS) is an emerging solution category for managing and simplifying access to apps, but there are a number of feature, architecture and maturity considerations when selecting an IDaaS. This paper will discuss six of the top considerations.

Security Analytics and More: Putting Together an Effective Incident Response Plan  > Download Whitepaper
In this white paper, IT and security team members will learn about the necessary components of an effective incident response plan:

  • Understanding why current incident response plans are failing
  • Putting together the right incident response team
  • Developing successful response procedures
  • Selecting appropriate security technologies
  • Dramatically improving incident response and forensics with NetFlow and security analytics

Stop the Cybersecurity Guessing Game  > Download Whitepaper
The great contradiction in cybersecurity today is that the more enterprises spend on their security and risk controls, the less sure they are that it will all work as advertised.

Year after year, organizations invest more and more into detection systems, response systems, event management systems, rewalls, secure web gateways, and more. According to Gartner, the cybersecurity industry will break another record in 2017 for spending—analysts predict organizations worldwide will shell out $90 billion.

Enterprise Phishing Susceptibility and Resiliency Report  > Download Whitepaper
Welcome to PhishMe’s 2016 Enterprise Phishing Susceptibility and Resiliency report. The report we published in 2015 focused solely on susceptibility, only telling half of the story. Now, with over 5 million active installations of PhishMe ReporterTM across the globe, we can publish statistically significant metrics about the rate and accuracy of humans reporting phishing emails. We are excited to share this data as it has been missing from phishing studies in the past. Armed with this new data, we hope that security organizations focus their attention on the ratio of Report-To-Click instead of dwelling on susceptibility metrics.

Cloud-Based IT Asset Inventory: A SOLID FOUNDATION FOR INFOSEC INFRASTRUCTURE  > Download Whitepaper
Complete, unobstructed visibility of your IT environment is the foundation for e ective cybersecurity. Without a full, detailed inventory of all your IT assets, your InfoSec team won’t be able to properly protect your organization because the things that pose the highest risk are the ones that you don’t know are there.

For a long time, this basic requirement was fairly simple to ful ll. Network perimeters were well-de ned and IT environments were tightly encapsulated. Accounting for and monitoring all the hardware, software and networking elements in these self-contained and sealed IT environments was straightforward.

Leveraging the Cloud to Achieve Comprehensive Asset Visibility, Tracking, and Security  > Download Whitepaper
As more organizations embrace public cloud, mobile, and DevOps, the fundamental concept of an asset changes and significantly impacts how security teams interact with their colleagues and do their jobs. The traditional approach of scanning a network is no longer effective because the flux of assets prohibits security teams from gaining an accurate snapshot of their environment. By leveraging the cloud and new technologies that deliver greater visibility, organizations can gain an accurate picture of their assets and overall risk posture. This is a critical step toward addressing the current landscape where attackers are using a wide variety of vectors such as mobile, social, and cloud-based attacks to infiltrate organizations and steal data. This Technology Spotlight examines the evolution of vulnerability management and the need for organizations to achieve greater visibility into all of their assets and vulnerabilities, including new asset types such as containers. This paper also details the advantages provided by cloud-based vulnerability management as exemplified by Tenable.io, an approach that enables end users to leverage the elastic and scalable nature of the cloud to monitor changing corporate assets.


Jennifer Inserro
Director of Information Security Compliance
HCSC Health Care Service Corp.

Gone Phishing: Securing the Enterprise from Social Engineering Attacks  > Summary
Social media, a digital medium that is rooted in sharing personal and professional data, continues to be a favorite target for cyber-criminals because it offers a virtual treasure trove of readily accessible information. The very nature of how information is shared via social media goes against many longstanding core information security principals. Businesses of all shapes and sizes can be targets of social media engineering and phishing attacks. While phishing itself is an incredibly well-known attack technique, it still continues to be a major security issues for many organizations. Symantec’s 2017 Internet Security Threat Report found that Business Email Compromise (BEC) scams, relying on spear-phishing emails, targeted over 400 businesses every day, draining $3 billion over the last three years. While it’s critical for security teams to keep up to date on current social engineering and phishing attacks, what else needs to be done to ensure the enterprise at large is aware of the dangers and pitfalls of these kinds of attacks?

Ricardo Lafosse

Ricardo Lafosse
Chief Information Security Officer
The Kraft Heinz Company
ISE® Central Executive of the Year Award Winner 2019
ISE® North America Executive: Financial Award Finalist 2019

Outsourcing Cybercrime: Combatting Ransomware as a Service  > Summary
Ransomware is certainly nothing new in the cybersecurity business, with the first instances having appeared more than a decade ago. However, this old threat has undergone some deadly changes over the last few years. The rise of the Ransomware as a Service (RaaS) distribution model gives would-be cybercriminals the means to launch a cyber-extortion business with virtually no technical expertise required, flooding the market with new ransomware strains in the process. 2017 saw an influx of potent and damaging RaaS attacks like Petya and WannaCry, both of which showed the attack model’s devastating potential to spread quickly and cause serious damage. As the use of RaaS continues to grow, Information Security executives and their security teams need to take new precautions in order to combat this new form of a familiar threat.


Robert Pace
VP, Information Security & CISO
Invitation Homes
ISE® West Executive Award Finalist 2022

The Increasing Impact of Insider Threats  > Summary
Insider threats continue to be one of the top cyber security threats and have proven that they are a force to be reckoned with. According to a 2017 Insider Threat Report, 53% of companies estimate remediation costs of $100,000 and more, with 12% estimating a cost of more than $1 million. The same report suggests that 74% of companies feel that they are vulnerable to insider threats, with 7% reporting extreme vulnerability. Every company will face an insider-related breach sooner or later regardless of whether it will be caused by a malicious action or an honest mistake. As costs related to insider threats continue to grow, what can Information Security Executives and their security teams do to combat this all too familiar foe?

Ganesh Murugan

Ganesh Murugan
Director of Cyber Strategy
MUFG Americas

Seeing the Bigger Picture with Big Data Security Analytics  > Summary
With so much data at their disposal, more organizations are looking at ways to implement big data analytics and technologies to stay ahead of the curve. Currently, big data analytics plays an important part in help security teams understand major cyber security trends. By using big data analytics, it is possible to detect vulnerabilities and identify breaches that are already happening. Additionally, as more enterprises makes the move to cloud-based solutions, they also have a variety of ways to utilize big data analytics tools to better protect their organization. Big data has boundless potential to advance businesses and the future of data analytics does not have to be a daunting one. By using this technology in sync with the cloud, more enterprises can make the move to a more modernized and efficient IT security model.