CU InfoSecurity 2017: Honeynets & Cybersecurity Economics

Implementing honeynets and web application firewalls, avoiding malware and zero day attacks, and the economics of cybersecurity, were among the topics covered at the CU InfoSecurity 2017 conference in San Diego.
Ananth, co-founder and CEO of security information and event management firm EventTracker described how a honeynet, a collection of honeypots − virtualized decoys that mimic desktops, servers, printers and other network technology – set up to invite attack can help study threat actors’ behavior.
These decoy networks help defray this cost by providing valuable intelligence about malicious activity brought against a credit union’s network.
Credit Unions have been getting regulation, guidance and tools from multiple authorities and understand how to comply with examiners.
However, bad actors still seem to be winning the war on cyber.
Why? asked Scott B.
Suhy, CEO of NetWatcher, a 24×7 network and endpoint security monitoring service.
In his presentation, Suhy suggested economics could be part of the problem. “The reality is that many credit unions can’t afford to hire security analysts (they couldn’t find them if they could afford them) and cannot afford expensive solutions.”
Les Flammer, managing partner of the vantage group spoke with Mark Bennett of Checkpoint, their partner, about how sophisticated malware and zero day attacks avoid detection and are difficult to defend.
They pointed to a Kasperksy Labs report, which revealed 320,000 new pieces of malware uncovered every day.
Flammer detailed how current generation malware is continually evolving and becoming increasingly stealthy.
Signature-based detection, although necessary, is insufficient.
He added, new attackers have successfully evaded first generation of sandboxing techniques.
The latest sandboxing technologies have offered some promise but attackers have now become increasingly effective at evading detection.
Worse yet, sandboxing interrupt business workflows or are late to notify that an infection has already occurred.

Share This Post