Evolution of Cyber Threats and Defense Approaches

Threat landscape continue to evolve. Attacker’s Tactic, Technique and Procedures (TTPs) are continuously improving. Today’s approach to cyber defense is radically different from yesterday’s defense. It is important to have an intelligence driven framework rooted in people, process and technology to keep up with threats of today and tomorrow. In this presentation, Antony Abraham will talk about evolution of advanced targeted attacks, pitfalls of yesterday’s defense and how the enterprises are approaching this problem differently. The presentation will briefly talk about the NIST cyber security framework and ways to leverage it to improve cyber defense capabilities. The session will also cover the huge opportunity to utilize security analytics to make sense of the logs enterprises already collect, derive intelligence from it and act up on the derived intelligence (hopefully, automatically).

Antony Abraham, Security Architect – Information Security at State Farm Mutual Co.

Antony Abraham has about 17 years of experience working in the fields of Networking and Network Security and Cyber Defense. Prior to joining State Farm, he has held lead positions with 5 other global organizations including Cisco systems. For the last 12 years of his career he has been solidly focused in the area of Cyber Security. He has been with State Farm since 2011. He has led many networking and security initiatives, many of them global efforts. He designed and deployed intrusion detection systems across 3 continents, designed large campus networks to accommodate more than 30,000 users as well architected internet data centers. For State Farm, he was the Tech Lead of Border Protection team and was instrumental in bringing new technical capabilities to improve State Farm’s defense in depth architecture. He is currently a Security Architect, specially focused in enhancing State Farm’s Cyber Defense. He currently holds following certification CRISC (Certified in Risk and Information Systems Controls), CISSP (Certified Information Security Professional), CISA (Certified Information Security Auditor) and CEH (Certified Ethical Hacker).