Tanium Security Virtual Event

Session 2: This second session will focus on Security, the second of the three key components (Visibility and Awareness, Security and Integration) of the GOC’s Endpoint Visibility, Awareness and Security (EVAS) project.

This session will focus on Tanium’s solutions for Risk and Security which unifies management and security of endpoints, everywhere, instantly.

Security refers to the endpoint detection, response and protection capabilities integrated with other defence-in-depth protection systems.

The Government of Canada (GoC) endpoints comprise the largest threat surface for cyberattacks of any component of the enterprise IT environment. Considering this, attackers of all skill levels and motivations are continuing to evolve and modify their modes of attack to circumvent the Government’s defensive posture.

This presentation will demonstrate how the GoC can deploy a comprehensive security solution, targeted to be agile and flexible in today’s rapidly changing IT security landscape. This will result in the consolidation of endpoint solutions through a baseline GoC enterprise capability that will include advanced endpoint protection against sophisticated attacks. It will leverage a combination of traditional signature-based anti-virus and anti-malware, augmented by advanced anti-malware capabilities.

The demonstration will cover:

• Ensure a baseline malware defence continues to operate on all endpoints regardless of any individual organization’s IT security maturity level
• Ensure organizations (with multiple, flexible layers of access control) have the information and the tools at their disposal to take actions to address any endpoint under their control that does not meet baseline security requirements
• Ensure tools are available to each client’s IT security organization for security analysts and incident responders to investigate suspicious activities and perform other related actions such as, but not limited to, threat hunting
• Ensure that CCCS and other necessary organizations will be provided, at a minimum, an interface to access, query and generate reporting on any endpoint data in the GoC
• Maintain compliance to security policies as well as measure effectiveness of controls and adapt configurations by having the capability to report globally on security status, compliance and trends
• Provide security reporting capability to clients at the department/agency level
• Demonstrate the integrity of data and its source
• Facilitate interdepartmental communications and coordination for security programs
• Execute ad hoc queries to generate consolidated data and custom reports that are consumable by staff or other technologies
• Maintain privacy requirements
• Combined with awareness capabilities for configuration and patch information, produce near-real-time posture and risk assessments of GoC endpoints against threats and vulnerabilities
• Have near-real-time querying capabilities can be leveraged during cybersecurity incidents
• Exert control over endpoints if and when necessary without third-party involvement and be able to delegate that capability as required to the IT security operations teams of SSC’s GoC clients
• Leverage visibility capabilities to assist in the discovery of rogue, or previously unidentified endpoints on GoC networks

The lack of an enterprise cyber toolset across departments and agencies hinders the ability to efficiently prevent, detect, respond to and recover from cybersecurity threats and incidents. Endpoint security solutions are fragmented, resulting in an incomplete view of the GoC environment assets, and do not provide an optimal way to assist with and contribute to incident response activities. As a result, the time to detect and resolve security-related issues is higher than desired.

There is currently no simple and timely process to obtain and consolidate information from separate GoC departments to provide an SSC/GoC-wide enterprise view, which hinders a timely understanding of the impact of a cyber event, and resolution of the event.

ipss and Tanium are pleased to announce that we will be donating $25 for every attendee to the Ottawa Food Bank in response to COVID-19.