CERIAS Security Seminar: Proactive Endpoint and Network Security Operations. Detecting the Unknown Known

The Center for Education and Research in Information Assurance and Security
April 29, 2020
4:30 PM - 5:30 PM
STEW G52 (Suite 050B), West Lafayette Campus

Description

Speaker:
Corey Maypray
Eli Lilly

Abstract:

Cyber security resources remain limited. Organizations that attempt to broadly protect their data from all cyber threats tend to inefficiently invest these resources, making them slower to adapt to the changing trends and techniques of cyber threats. – Carnegie Mellon. 

This talk will discuss some of the basic principles of Cyber threat intelligence, and how proactive collection of information can enable an enterprise to protect its most critical assets. We will then dive into the main focus of this talk, operationalizing data in order to understand cyber criminals motivation and capabilities in order to tailor preventive controls meant to address threats your organization faces.   

“If you know the enemy and yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” - Sun Tzu

  1. Know yourself: Learn your environment (people, processes, technology).
  2. Know your adversary: Learn your adversaries motivations (motive and targeted data) and capabilities (attack methods, TTP’S and resources).
  3. Prioritize protection of your most critical assets and operations.

 

About: Corey currently acts as an Advisor-Threat Intelligence and Detection for Eli Lilly and Company.  In this role he is responsible for developing and maturing Lilly’s Information Security Cyber Threat Intelligence program and driving the creation of better threat detection capabilities.

Prior to joining Lilly, Corey served twelve years in the Army as an All Source Threat Analyst where he performed a variety of intelligence functions including collection management, threat/intelligence analysis, and operational assignments to support operations abroad. Corey has specialties in threat entity targeting, open source intelligence collection, and intelligence support to counter terrorism, weapons of mass destruction, geo-political tensions, and cyber based threats.

The weekly security seminar has been held every semester since spring of 1992. We invite personnel at Purdue and visitors from outside to present on topics of particular interest to them in the areas of computer and network security, computer crime investigation, information warfare, information ethics, public policy for computing and security, the computing "underground," and other related topics. More info

Contact Details

Add to calendar