Even though many traditional defense mechanisms can be circumvented, it is essential that a proactive, layered, defensive security program be put in place and managed effectively. This will not prevent the well-organized targeted attacks, but will eliminate 99 percent of the background noise and most of the less sophisticated attacks. We're going to review the current thinking, with regards to establishing a baseline defense, from two different viewpoints:
- External/Ingress - A whole host of technologies exist for establishing a hardened perimeter and a layered defense. We'll discuss how legacy strategies can be adapted to meet the new threats and how best to eliminate as many of these attack vectors as possible.
- Internal/Egress - A very high proportion of attacks have a significant "internal" component that was either actively engaged, or blissfully ignorant of their participation, in the locating and exfiltration of data. We'll discuss how internal assets of all types are used for malicious purposes and what mechanisms should be considered for sealing egress paths from the inside.