Insight By RSA And Carahsoft

Visibility, early detection critical to breach prevention, mitigation

RSA Senior Director Peter Tran encourages agencies to take a risk-based approach to cybersecurity.

When a breach occurs, whether it happens in the public or private sector, often the first question asked is “What happened?”

Then comes the barrage of follow-up questions that are harder to answer such as “What was compromised? What information was taken? Has the threat been removed? How long were the bad actors in the system?”

An agency or company’s ability to answer these questions quickly can go a long way to mitigating the damage of the breach and mitigating the damage of future breaches.

Peter Tran, general manager and senior director of RSA’s Worldwide Advanced Cyber Defense Practice, said understanding the behavior of a network is key to answering the hard questions quickly.

“In data breaches, when you want to really find out what happened, it’s always visibility, visibility and more visibility,” he said. “And the reason that we have these hard-to-answer questions that happen during a data breach is because we don’t have enough visibility – particularly in large networks, complex networks like the federal government. It’s a worldwide organization, and if you don’t drive enough visibility into those areas by which are the highest value, you end up with what we call operational thrashing or security tug-of-war.”

Tran said operational thrashing can lead to more inefficiencies, and prolong the breach. To combat this, enterprises must analyze and understand early on what’s happening on their networks.

“When you want to structure your monitoring and early detection environment, there are a couple of key areas you want to look at,” he said. “First, if you’re driving visibility you want to look at your analytics and in doing so you’re going to want to capture as much of the traffic – the behavior of the networks, what’s good, what’s bad, what looks potentially benign – and you capture that at both the network, the endpoints, and what we call the analytics environment. So we gather as much context as possible.”

Tran said when agencies capture the data, it allows them to see and analyze behaviors, and then take actionable intelligence from the context in advance of a breach.

 

Host

Jason Fornicola, Director of Custom Media, Federal News Radio

Jason Fornicola joined WTOP and Federal News Radio in February of 2014 as the Director of Custom Media, where he manages the stations’ sponsored and custom content initiatives. Fornicola provides clients with access to high-quality content consistent with the stations’ standard of excellence and works to solve clients’ needs through a multi-platform approach which includes on-air, digital, video and social media. His journalism and social media experience support the stations’ efforts to ensure the client message is conveyed in a way that will achieve their marketing campaign objectives.

 

Guest

Peter Tran, General Manager and Senior Director, Worldwide Advanced Cyber Defense Practice, RSA

Peter M. Tran is the GM & Senior Director for RSA’s Worldwide Advanced Cyber Defense (ACD) Practice. He is responsible for global cyber defense strategy, security operations design, implementation, intelligence and proactive computer network defense solutions and services. Prior to RSA, Peter led Raytheon’s commercial cyber professional services and solutions business as well as its global enterprise security operations and cyber threat programs for intelligence, APT threat analysis, technical operations, exploitation analysis, adversary attack methodologies research and tools development. He possesses over 18 years of combined government, commercial and research experience in the field of computer network forensics, exploitation analysis and operations . He is a Six Sigma Qualified Specialist and holds numerous technical certification to include the Certified Information Systems Security Professional (CISSP), Paraben’s Handheld Device/GPS Signals Examination and the SANS Institute GIAC Reverse Engineering Malicious Code Certification.

He has held senior technical leadership roles with Northrop Grumman and Booz Allen Hamilton supporting various Department of Defense (DoD) Intelligence agencies as well as commercial enterprises. Peter is a recognized expert within the commercial and public sector industries on technical matters relating to computer forensics, malicious code, foreign counterintelligence, technology transfer, network security and cyber espionage. Peter has authored several periodicals and journals published for his field work involving advanced cyber threat analytics, distributed computer forensics and biometric technology applications. His research and technical experience is applied to predictive threat analysis, automated comparative forensics and applied data analytics technology. Peter has defended some of the top commercial brands and public organizations and is a subject matter expert frequently appearing on Fox News, Fox Business, NBC, CBS, Reuters TV, SkyNews, Wall Street Journal, Boston Globe, LA Times, USA Today, Fast Company and The Harvard Business Review.

He holds a BA from the University of California at Santa Barbara, a Master of Forensic Sciences from the George Washington University and is a graduate of the Harvard Kennedy School Executive Program in Cyber Security Technology/Policy, MIT Sloan School of Management Executive Programs in Strategy and Innovation, Technology Operations and Value Chain Management.

Peter is also a graduate of the FBI Cyber Training Program, the U.S. Federal Law Enforcement Training Center (FLETC) and the John E. Reid Technique ® for interview and interrogation.

His professional experience includes work as a Federal Law Enforcement Special Agent, forensic analyst, systems/security engineer, software product designer, consultant in both technology prototyping/production and as an early stage venture mentor/advisor.

 

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

Related Stories

    Amelia Brust, Federal News NetworkTelework

    What the UK gets about remote work that the US doesn’t

    Read more
    APUSPS Delivery Changes

    Postal union calls for Open Season extension after members see enrollment issues

    Read more