{"id":10995,"date":"2013-02-28T10:58:11","date_gmt":"2013-02-28T18:58:11","guid":{"rendered":"http:\/\/www.intego.com\/mac-security-blog\/?p=10995"},"modified":"2015-03-26T13:42:13","modified_gmt":"2015-03-26T20:42:13","slug":"rsa-2013-recap-cyber-kill-chains-arent-just-useful-for-businesses","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/rsa-2013-recap-cyber-kill-chains-arent-just-useful-for-businesses\/","title":{"rendered":"RSA 2013 Recap: Cyber Kill Chains Aren’t Just Useful for Businesses"},"content":{"rendered":"

\"\"<\/p>\n

This week marked the 22nd annual RSA conference<\/a>, which is one of the biggest security conferences of the year. The theme for the event this year was \u201cSecurity in Knowledge: Mastering Data. Securing the World.\u201d There has definitely been a clear change of tone to one of securing data rather than just machines. With more data moving to the cloud and onto people\u2019s mobile devices, the whole idea of protecting your digital assets has really changed. Thieves aren\u2019t just going to a central home computer to get the mother lode of data, which means they don\u2019t care as much about what operating system you\u2019re on (if they ever really did).<\/p>\n

Another interesting change from years past is a much more battle-weary, realistic tone to presentations. After a year of press about \u201cAdvanced Persistent Threats\u201d that are able to get into and stay undetected on networks for years, security vendors aren\u2019t really promising bulletproof solutions anymore. They\u2019re promising improved visibility into your network, help with remediation, and better protection for your data, wherever it resides. I found this a rather refreshing change — it allows us to change the conversation from one of essentially blaming the victim (\u201cYou weren\u2019t updated\/using proper settings\/using enough layers\u201d) when breaches or infections happen to one of preparing for the possibility of a security event.<\/p>\n

One theme I\u2019ve been seeing mentioned more frequently in security circles is the concept of a \u201ckill chain<\/a>,” which in this case refers to the security tactic of reversing the attack progression. Much like in the case of a \u201cmeat space<\/a>\u201d burglary, the thief will perform reconnaissance on a building before trying to infiltrate it, and then go through several more steps before actually making off with the loot. The object of using a kill chain is to stop the thief as soon in the attack progression as possible. This requires a good bit of intelligence and visibility into what\u2019s in your network so that when something is there that shouldn\u2019t be, you can sound the alarms and thwart the attack.<\/p>\n

Lockheed Martin recently released details<\/a> of their own success using a kill chain tactic to stop someone who had intruded on their network. It\u2019s not just something that applies to government contractors or giant corporations, but also something that we can all apply to our own protection. And in the case of a home network, the intelligence can be considerably less complex.<\/p>\n

You don\u2019t have to be worried about new employees or unknown guests. You should have a pretty good idea who\u2019s a guest in your home network, and who is an unauthorized intruder. You can use tools that tell you what data is where on your computer, and what traffic is happening into and off of your machines. And then you can lock away your data and cherry-pick the valid traffic, stopping intruders from making off with your valuables.<\/p>\n","protected":false},"excerpt":{"rendered":"

This week marked the 22nd annual RSA conference, which is one of the biggest security conferences of the year. The theme for the event this year was \u201cSecurity in Knowledge: Mastering Data. Securing the World.\u201d There has definitely been a clear change of tone to one of securing data rather than just machines. With more […]<\/p>\n","protected":false},"author":6,"featured_media":11005,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[13],"tags":[2095,2098,1372],"yoast_head":"\n\n\n\n\n\n\n\n\n\n\n\n\n\t\n\t\n\n\n\t\n\t\n\t\n