Bradley Anstis
In his position as Director of Product Management, Trustwave, Bradley works with partners and customers around the world to define the immediate roadmap and longer term strategic direction of Trustwave’s email and web security solutions.

He also is deeply involved in the threat research that the Trustwave SpiderLabs team perform in the areas of Email & Web security. A frequent presenter and commentator, Bradley has presented at all the leading security conferences around the world and is frequently in the press on real world security issues customers’ experience.

Does MSS actually make a difference
Technical Level (3 being the highest score): 1

In this session we take stock of where we are now for the average company in Australia, what defences do we have and what is the security posture for an Australian organisation. How does this compare to where MSS has come from and where it is going, but perhaps more importantly how useful is MSS really, and where perhaps should I consider using it?

The backbone of MSS services should be taking care of what we could call the commodity tasks of your IT infrastructure, doing all the easy stuff like firewall monitoring and freeing up internal teams to concentrate on the harder, trickier stuff. While this is what we have been doing, is it the best thing for tomorrow? With the volume and increasing complexity of today’s emerging threats are we really at a point where internal teams can be the cyber experts their organizations need them to be?

Now let’s compare this to current Australia Threat Data – what is this telling us. What are the leading Australian threats that seem to refuse to go away. Why is a 9 year old (CVE_2010_3333) vulnerability still in the top 5 vulnerabilities for 2018 exploits via email, causing so much havoc. Are we staying ahead, are we even keeping pace or are we trying to do too much.

How can you be the cyber expert your company needs. Can you go it alone…?

Why don’t we turn this on its head, and review how managed security services has been able to actually leap frog what a lot of internal teams are able to do. Have internal teams really been able to move outside of just doing protect into detect and even respond? So why is it that managed security services can, with managed detect and respond (endpoint and network), and other emerging tech. and what role does global threat intel play in all of this. Does it really make a difference?

Presentation video can be found HERE