Interop ITX 2017 Schedule Viewer

Rise of Cyber Hunting: Not Falling Victim to Undetected Breaches

Interop ITX 2017 Schedule Viewer

Use this interactive agenda to get an overview of our ever-growing conference program and to sort sessions by pass type, track, day/time, and speaker. Many more sessions will be added in the weeks to come.

All SessionsSpeakersMy Schedule
View Sessions As:
  • Rise of Cyber Hunting: Not Falling Victim to Undetected Breaches

    Location:  TBD
    Format: Conference Session
    Track: Security
    Pass Type: All Access, Conference, Thursday Conference - Get your pass now!
    Vault Recording: TBD

    The security industry is beginning to see that organizations are tired of waiting to be notified of a breach, which on average takes 205 days to detect. Less than one-third of victims discovered their breaches themselves last year, while 69 percent were notified by an external entity.

    Companies are now becoming more proactive and employing dedicated cyber hunters – tasked with finding trails of malicious activity within their environment that bypass traditional AV and intrusion detection tools. A major challenge faced by enterprises employing cyber hunters, or those looking to do so, is how to implement this capability cost effectively. Cyber hunters are uniquely skilled and bring a sixth sense at finding relevant campaigns by listening to chatter in the dark net, analyzing third-party threat intelligence, and looking inward by combing through server logs and analyzing successful and unsuccessful intrusion attempts to spot patterns – a process that is intensely manual and time consuming. They are often more expensive than standard cyber security professionals who man enterprise security operation centers.

    In this session, Kris Lovejoy will discuss the evolution of cyber hunting, its relationship to traditional cyber security operations, and the role emerging technologies can play in reducing the cost and improving the effectiveness of hunting operations. She will also cover how new trends in automation can help reduce time spent investigating a breach from months to minutes.

    Attendees will learn:
    • Steps to take for a successful cyber hunting mission - from building a baseline hunting capability to hunting across the cyber kill chain – where emerging technologies have the biggest impact – to cyber hunting's contributions to incident investigation and remediation.
    • How leveraging adaptive logging technologies, predefined automated action plans, machine learning and contextual evidence generation allows cyber hunters to codify their insights, tactics, and procedures.
    • How this combination of technologies and processes will enable enterprises to ultimately reduce their reliance on high-end specialists and allow the security architecture and traditional security operators to bare a greater portion of the hunting efforts.
    • Insights into how a next-generation SOC operates.
    • How to achieve immediate ROI by empowering the cyber hunters to achieve the goal of confronting everything coming in vs. simply reacting and trying to determine how bad it is.