Allen began by outlining threat actors, techniques, and common attack scenarios. He summarized examples of remote attacks, insider (intentional or not) attacks, and vendor attacks, where a vendor product or partner effectively provides a back door for hackers.
Next, Allen reviewed the Kill Chain Methodology to illustrate the common patterns of attack and stopping the attack before it spreads.
Finally, Allen reviewed key tips to making an organization a ‘hard target’.
- Secure the environment where the widget is installed and maintained
- Implement strong authentication
- Minimize your widget’s exposures
- Simplify and harden your widget’s life-cycle maintenance
- Keep up-to-date with hacker methods and tactics