Addressing the “Big Three” Cybersecurity Pain Points: Where you Fit in? James Stanger NetCom Learning
© 1998-2021 NetCom Learning © 1998-2021 NetCom Learning
www.netcomlearning.com | info@netcomlearning.com | 1-888-563-8266 www.netcomlearning.com | info@netcomlearning.com | 1-888-563-8266
AGENDA The “big 3” pain points – and a total of three “trifectas” Attack surfaces presented by today’s organizations Essential security skills What this means to you
© 1998-2021 NetCom Learning
www.netcomlearning.com
|| info@netcomlearning.com || 1-888-563-8266
THE PROBLEM
© 1998-2021 NetCom Learning
www.netcomlearning.com
| info@netcomlearning.com | 1-888-563-8266
THE FIRST TRIFECTA: WHY ORGANIZATIONS ARE OVERWHELMED TODAY •
•
The big three: 1. Attack complexity 2. Threat volume 3. The ongoing skills gap The result? • A set of trifecta tidal waves • Organizations aren’t mature enough to handle them
“Cowboy IT”
© 1998-2021 NetCom Learning
www.netcomlearning.com
|| info@netcomlearning.com || 1-888-563-8266
“COWBOY IT” AND LACK OF MATURITY
© 1998-2021 NetCom Learning
www.netcomlearning.com
| info@netcomlearning.com | 1-888-563-8266
THE SECOND TRIFECTA THAT CREATES “COWBOY IT” 1. The underutilization of modern practices 2. Over-reliance on old ones 3. Lack of proper monitoring •In other words, what IT departments and organizations worldwide have been doing for nearly 30 years “But for the grace of God, there go I.” -About a dozen CISOs over the past month © 1998-2021 NetCom Learning
www.netcomlearning.com
|| info@netcomlearning.com || 1-888-563-8266
THE THIRD TRIFECTA 1.
2.
3.
Technical debt • The implied cost, or “debt” created when you choose an “easy” solution • What happens when you skip essential development or deployment steps • “Lift and shift” practices • Creates issues – lack of monitoring Shadow IT • Sourcing solutions independent of the IT department – Unauthorised IT • No governance Lack of proper governance
© 1998-2021 NetCom Learning
Technical debt Shadow IT Cowboy IT Lack of governance www.netcomlearning.com
|| info@netcomlearning.com || 1-888-563-8266
ESSENTIAL SKILLS AND BEST PRACTICES
© 1998-2021 NetCom Learning
www.netcomlearning.com
| info@netcomlearning.com | 1-888-563-8266
SOLUTIONS THAT SECURITY PROFESSIONALS PROVIDE – THE IMPORTANCE OF VISUALIZATION
© 1998-2021 NetCom Learning
www.netcomlearning.com
|| info@netcomlearning.com || 1-888-563-8266
VISUALIZATION – WHAT DO YOU SEE, HERE?
© 1998-2021 NetCom Learning
www.netcomlearning.com
|| info@netcomlearning.com || 1-888-563-8266
NEWER VISUALIZATION MODEL ▪
Capture – Network traffic – Host traffic logs
▪
Data feed
Slice and dice – Obtain only relevant information – Aggregate and sort (traffic) – Identify patterns
▪
Packet capture
Visualize – tell a story – Trends and patterns – Alerts – Geographies
© 1998-2021 NetCom Learning
Slice
Dice
Visualize
www.netcomlearning.com
|| info@netcomlearning.com || 1-888-563-8266
DATA ANALYTICS AND THREAT INTELLIGENCE Data analytics Security analytics (logs, IDS, SIEM, etc.)
Cybersecurity Threat Intelligence (CTI)
Actionable information Trending information
Reporting
AI / ML
© 1998-2021 NetCom Learning
www.netcomlearning.com
|| info@netcomlearning.com || 1-888-563-8266
SKILLSETS FOR SECURITY OPERATIONS SOC 2.0 Monitoring security •CTI integration •AI •Normalization •An essential nexus •Analytics / Correlation •Data normalization •Two-way communication •Also, incident response •Distributed workers
Cyber Threat Intelligence (CTI)
Security analyst
Routers
Data stores / Servers Security Information & Event Management (SIEM)
Intrusion Detection System (IDS)
Switches
XDR
© 1998-2021 NetCom Learning
Data normalization
Cloud presence
www.netcomlearning.com
Artificial Intelligence (AI)
| info@netcomlearning.com | 1-888-563-8266
BEST PRACTICES AT THE MANAGEMENT LEVEL ▪
Strategic IT
▪
Involving IT from the beginning
▪
Less clean-up, more proactive behavior
▪
Governance
© 1998-2021 NetCom Learning
www.netcomlearning.com
|| info@netcomlearning.com || 1-888-563-8266
BEST PRACTICES – NEED FOR GOVERNANCE, RISK AND COMPLIANCE ▪
Consider where cybersecurity has gone, in terms of where cyber workers actually reside
▪
Management – Governance, Risk, and Compliance (GRC) – is now a major, separate component
© 1998-2021 NetCom Learning
www.netcomlearning.com
|| info@netcomlearning.com || 1-888-563-8266
WE NEED WORKERS THAT CAN HANDLE . . .
Data analytics and monitoring
Governance Mapping tech to business Complex projects
Rapid development
Zero trust environments Š 1998-2021 NetCom Learning
Technical debt
Incident response
www.netcomlearning.com
|| info@netcomlearning.com || 1-888-563-8266
WHERE NETCOM AND COMPTIA FIT IN • Need for an authoritative pathway • Let’s talk about a few myths 1. Security pros are born, not made 2. You need to be in the industry for over ten years 3. You need a college degree 4. It’s all about forensics 5. You need to be a programmer
© 1998-2021 NetCom Learning
www.netcomlearning.com
|| info@netcomlearning.com || 1-888-563-8266
RECORDED WEBINAR VIDEO To watch the recorded webinar video for live demos, please access the link: https://bit.ly/3pvdPqL
© 1998-2021 NetCom Learning
www.netcomlearning.com
|| info@netcomlearning.com || 1-888-563-8266
ABOUT NETCOM LEARNING
100K+
14K+
3500
Professionals trained
Corporate clients
IT, Business & Soft Skills courses
96%
8.6/9
20+
Of customers recommend us to others
Instructor evaluations
Leadingvendors recognitions
Microsoft’s
80%
Top 20
Worldwide training partner of the year
Trained of the Fortune 100
ITTraining Company
Š 1998-2019 1998-2021NetCom NetCom Learning Learning
NetCom Learning is an award-winning global leader in managed learning services, training and talent development.
www.netcomlearning.com www.netcomlearning.com
Founded
: 1998
Headquarters
: New YorkCity
Delivery Capability
: Worldwide
CEO
: RussellSarder
|| info@netcomlearning.com || 1-888-563-8266
RECOMMENDED COURSES AND MARKETING ASSETS NetCom Learning offers a comprehensive portfolio for Security » COMPTIA CYBERSECURITY ANALYST (CYSA+) CERTIFICATION PREP (EXAM CS0-002) - Class Scheduled on Feb 15 » COMPTIA PENTEST+ CERTIFICATION PREP (EXAM PT0-001) - Class Scheduled on Feb 15 » COMPTIA SECURITY+ CERTIFICATION PREP (EXAM SY0-601) - Class Scheduled on Feb 22 » COMPTIA LINUX+ CERTIFICATION PREP (EXAM XK0-004) - Class Scheduled on Mar 04 » COMPTIA ADVANCED SECURITY PRACTITIONER (CASP+) CERTIFICATION PREP (EXAM CAS-003) - Class Scheduled on Mar 08
You can also access the below Marketing Assets » Free 1hr Training - Tips to Use Cyber Threat Intelligence to Defend Your Data » Free On-Demand Training - Cyber Attack Trends & Threat Forecast for 2021 » Blog - 6 Highest Paying Cyber Security Certifications » Blog - Top 5 Reasons You Should Certainly Do CompTIA PenTest+
© 1998-2019 NetCom Learning 1998-2021 NetCom Learning © 1998-2021 NetCom Learning
www.netcomlearning.com www.netcomlearning.com | |info@netcomlearning.com | |1-888-563-8266 www.netcomlearning.com| info@netcomlearning.com| 1-888-563-8266
UPCOMING WEBINARS
▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪ ▪
How Project Management Software Fills the Gap in Management Training Tips for Troubleshooting Your Kubernetes Pods How can SD-WAN help your Business? How Organizations Leverage Data Science Know your Dynamics 365 Security A Guide to Building a Multi-cloud Strategy with AWS and Azure How to Accelerate Digital Transformation with DevOps 4 Tips to Master the Art of Adobe InDesign Master Data Visualization with Power BI Tips & Tricks: Troubleshooting Citrix ADC Learn an Agile Method of Project Management
& More © 1998-2019 1998-2021NetCom NetCom Learning Learning
www.netcomlearning.com www.netcomlearning.com
|| info@netcomlearning.com || 1-888-563-8266
PROMOTIONS
NetCom Learning Super Saver Holidays – Buy One Get One Free As the year comes to its end, we bring the NetCom Learning Super Saver Holidays – Buy One Get One offer, which allows you to take two courses at the price of one! The offer is a special limited period holiday promotion to offer incredible savings for your organization. Buy any course from our scheduled open enrollment training solutions and get an additional seat for the same or lesser value absolutely FREE. Save Now
© 1998-2019 1998-2021NetCom NetCom Learning Learning
www.netcomlearning.com www.netcomlearning.com
|| info@netcomlearning.com || 1-888-563-8266
PROMOTIONS
Buy More to Save More! Now fulfill all your training needs without disturbing your business funds. Choose from the bundle of our Learning Saving Pass (LSP) pre-pay plans and get up to 100% value back on your investment. Unlock Now
Š 1998-2019 1998-2021NetCom NetCom Learning Learning
www.netcomlearning.com www.netcomlearning.com
|| info@netcomlearning.com || 1-888-563-8266
PROMOTIONS
Worry-Free Training with Price Match Guarantee Our Price Match Guarantee ensures that we'll match the offers of any other authorized training provider if you succeed at finding anyone offering the same publicly scheduled class within 30 days of our schedule at a lower regular price. Learn More
Š 1998-2019 1998-2021NetCom NetCom Learning Learning
www.netcomlearning.com www.netcomlearning.com
|| info@netcomlearning.com || 1-888-563-8266
FOLLOW US ON
© 1998-2019 1998-2021NetCom NetCom Learning Learning
YouTube
www.netcomlearning.com www.netcomlearning.com
|| info@netcomlearning.com || 1-888-563-8266
BUILDING AN INNOVATIVE LEARNING ORG.
A BOOK FROM RUSSELL SARDER,
CEO AT NETCOM LEARNING
A framework to build a smarter workforce, adapt to change and drive growth.
DOWNLOAD e-book
© 1998-2019 1998-2021NetCom NetCom Learning Learning
www.netcomlearning.com www.netcomlearning.com
|| info@netcomlearning.com || 1-888-563-8266
Thank you
1998-2019 NetCom Learning Š 1998-2021
www.netcomlearning.com www.netcomlearning.com
| || info@netcomlearning.com || 1-888-563-8266