Cybersecurity Before - During - After An Integrated Security Strategy
|
|
- Thomasine Gibson
- 8 years ago
- Views:
Transcription
1 Cybersecurity Before - During - After An Integrated Security Strategy Peter Romness Business Development Manager Public SectorCybersecurity Cisco Systems Inc. 1
2 Mobility Cloud Threat IOT Consumercentric market dynamics require an end to end security architecture 2
3 Threat Evolution Enterprise Enterprise Anti-virus IDS/IPS Reputation (global) Intelligence & Analytics Response Response (Host based) (Network Perimeter) & Sandboxing (Cloud) INCREASED ATTACK SURFACE(MOBILITY+Cloud +IoT) APTs CYBERWARE SPYWARE / ROOTKITS Threats Threats WORMS Today 3
4 Examples of CyberThreats in the News Stuxnet/ Flame Zeus (Zitmo) Threat Characteristics: Night Dragon Crypto Locker Bypass the perimeter (Initial Infection Vector) Shamoon Citadel Spread laterally on internal network where detection abilities were limited Kaptoxa SpyEye(Spitmo) (Propagation Mechanism) (Target) Evade traditional detection techniques Red October Shady Rat (Persistence Mechanism) DUNIHI Sykipot 4
5 Cyber Threats Initial Infection Vector Effectivenessof Phishing More than95%of all attacks tied to State-Affiliated espionage employed Phishing as a means of establishing a foothold in their intended victims systems. - Verizon Data Breach Report -ThreatSim 5
6 IT Megatrends are creating the Any to Any problem Infrastructure Infrastructure public Apps Apps // Services Services Any Device, Any Cloud hybrid tenants Workloads Workloads private Endpoint Endpoint Proliferation Proliferation Blending Blending of of Personal Personal Access Access Assets Assets through through Services Services Reside Reside & & Business Business Use Use MultipleMethods MultipleMethods In In Many Many Clouds Clouds 6
7 Threat Landscape Cyber Activities 104% increase in reported incidents by US Government Agencies from %increase in attacks againstus Critical Infrastructure % increase in incidents involving PII from More sophisticated every day Minute Zero Cyber Crime Money Embarrassment Espionage Assets Targeted 1 75% Point of Sale systems 20% E-Commerce Systems 5% Other (espionage etc ) Verizon Data Breach Report; US House Intelligence; NSA; Bloomberg; GAO; 2012 Norton Cybercrime Report 7
8 Cyber Threats, Detection, and Response Malicious Traffic & Vulnerabilities 100% - Corporate Networks found to have visible malicious traffic 95% - Corporate organizations that admit to having been breached 14% - year of year growth of reported vulnerabilities and threats Breach Discovery Methods 82%External Party Fraud Detection Org., LE, Customer 13% Internal Detection Users, Audits, Equipment 5% Unkown Response *416 Average number of days an Advanced Persistent Threat sits on your network before detection! 7 - Now down to approximately 300 days / 10 months Verizon Data BreachReport 2013; US House Intelligence; SANS; Bloomberg; Cisco Annual Security Report 2013; ESG Mandiant 8
9 Loss of Revenue Cost of Cyber Breach $1T/year private sector revenue loss from cyberespionage $100B/year Cost of Cybercrime inus % of Americans have been victims of anidentitybreach $194 per record US average $233 per record US Healthcare average Initial PII Breach Costs State / Local Government 1 $11 - $13 perrecord based on known breaches $5 - $6 fornotification and credit checks $6 - $7 forremediation Constituent / customer confidencelost= added costs USHouse Intelligence; McAfee/CSIS, Ponemon/Symantec Bloomberg; NCSA; SANS/NORSE 9
10 Cybersecurity Concerns Internal Government Damage Policies Regulations Malware State Regulations Revenue Customer NIST Policy Loss Reputation DOD 8570 Anonymous PII Theft Intellectual Hackers Property Theft Embarrassment Advanced Education Persistent NERC SAM 8500 CIP Threat Partners Protecting National Insider Threat DISA STIG Money Theft MS-ISAC Security Espionage 10
11 New Cybersecurity Model 11
12 Policy Regulations Standards Presentation Session Content Security Education Application Transport Network Data Link Attack Supply Chain Anti-Counterfeit Disti-Channels Advanced Services Partner Trusted Systems Distribution Delivery Physical Vendor Security User Network Systems Attack Continuum Network Governance Cybersecurity Scope 12
13 The New Security Model Attack Continuum Network BEFORE DURING AFTER Control Detect Scope Enforce Block Contain Harden Defend Remediate Endpoint Mobile Point in time Virtual Cloud Continuous 13
14 Mapping Integrated Solutions Attack Continuum BEFORE DURING AFTER Control Detect Scope Enforce Block Contain Harden Defend Remediate Secure Identity & Mobility Solution Malware Detection and Defense Solution Cyber Continuous Monitoring Solution Cloud - Virtual and Physical Consistency 14
15 Secure Identity & Mobility 15
16 Secure Identity and Mobility Identity and Context Centric Policy Platform WHERE WHEN WHAT Business-Relevant Policies Security Policy Attributes WHO HOW Centralized Identity Policy Engine (Identity Services Engine) DynamicPolicy Monitoring User and Devices & Reporting Security PolicyEnforcement in the Network Application Controls 16
17 Secure Identity/Mobility in Everyday Life Access to the right resources basedonwho, What, When,Where and How User DevicesAccess set by policy Confidential Resources Laptop at Home Office General Resources iphone at Starbucks Internet Personal ipad 17
18 Malware Defense Defense and and Detection Detection Solution Solution 18
19 Cisco smalware Detection &Defense Solution A multi-layered approach tonetwork protection with threat intelligence information provided by CiscoSIO Cisco/SourceFireSecurity Intelligence Operations SIO/VRT Web and AMP Security Appliances ASA Firewall with AMP + IPS/NGIPS Botnet Filters Untrusted Networks Trusted Enterprise Network Enterprise Resources Connectionsto untrusted networks must be checkedin depth by multiplelayersof defense beforereaching enterprise resources 19
20 CiscoThreatIntelligence Security Intelligence Operation / Vulnerability Research Team SIO VRT Telemetryfrom1.6Mdevices worldwide 30B+ queries daily, 30% ofall Web traffic 500+securityspecialists / 24/7/365 / 40 languages URL reputation scores for Web, >7,500IPS signatures and >8 million rulesdaily 2.1M Telemetry Points Open Source Input 6,000 Threat Reports / day NSS Labs 100% Detection rate SIO/VRTEnables Importance of Reputation & WebTrafficAnalysis, feeds Reputation Information to IPS etc Viewintoboth & Web traffic dramatically improvesdetection 80% of spam contains URLs is a key distribution vector for Web-basedmalware SenderBase Malware is a keydistribution vectorforspamzombie infections WEB Security Appliances Security Appliances 20
21 Cyber Threat Defense Secure Secure Internal Internal Monitoring Monitoring 21
22 Internal Monitoring: The Need Customized Threat Bypasses Security Gateways Customized Threat Enters from Inside Firewall Threat Spreads Inside Perimeter IPS N-AV Threat Spreads to Devices Web Sec Sec Perimeter security stops many threats but Sophisticated Cyber Threats Evade Existing Security Constructs Fingerprints of Threat are Found Only in Network Fabric 22
23 Cyber Threat Defense Monitor, collect and analyze network trafficto detect anomalies Cybersecurity Anomaly Detection (Stealthwatch) NetFlow: Switches,Routers, and Firewalls Security Enabled Network Identity Services Context:NBAR/AVC Engine Cyber Threat Detection -enhances efficiencyand effectiveness of analysis andprovideskey insight into internal activity across the network 23
24 Beyond the Event Horizon Analysis Stops Addresses limitations of point-in-time detection Point-in-time Detection Not 100% Antivirus Sleep Sleep Techniques Techniques Blind to scope of compromise Unknown Unknown Protocols Protocols Encryption Encryption Polymorphism Polymorphism Sandboxing Actual Disposition = Bad = Too Late!! Initial Disposition = Clean Retrospective Detection, Analysis Continues Turns back time Continuous Visibility and Control are Key Initial Disposition = Clean Actual Disposition = Bad = Blocked 24
25 Secure Virtualization in in the the DataCenter DataCenter 25
26 SecuringVirtualized Computing Resources Nexus1000v/CSR1000v Ensures policy-based network and security services to allvm s Network visibility at the hypervisorlevel VMRouting andnetflowsource Virtual Security Gateway Provides trusted access to secure virtual data center. Trust zones access is controlled and monitored through established security policies Network Visibility ASA v Built onasafirewall code base proven firewall Tenant-edge tovmspecific policies Automated policy based provisioning SAN NetflowGeneration Appliance ProvidesNetFlowfrom non-netflowdevices High capacity for large flow areas LAN Cisco extends the secure network fabric into the Hypervisor 26
27 Comprehensive Security Portfolio Firewall & NGFW IPS & NGIPS AdvancedMalware Protection Cisco Sourcefire Web Security Cisco ASA 5500-X Series Cisco IPS 4300Series LancopeStealthwatch Cisco Web Security Appliance (WSA) Cisco ASA 5500-X Series integrated IPS Cisco ASA 5500-X w/ NGFW license FireAMP Cisco Virtual Web Security Appliance (vwsa) FirePOWERNGIPS Cisco ASA 5585-X w/ NGFW blade FireAMPMobile Cisco Cloud Web Security FirePOWER NGIPS w/ Application Control FirePOWER NGFW FireAMP Virtual FirePOWER Virtual NGIPS AMP for FirePOWERlicense Dedicated AMP FirePOWER appliance Security VPN NAC + Identity Services Cisco Security Appliance (ESA) Cisco Virtual Security Appliance (vesa) Cisco Identity Services Engine (ISE) Cisco Cloud Security Cisco Access Control Server (ACS) CiscoAnyConnectVPN UTM Meraki MX Advanced Malware ProtectionIntegratedwith Cisco ContentSecurity AMP Now Available on and Web Security Devices and Cisco Cloud Web Security Add on Licensing 27
28 Cisco Managed Threat Defense Service NEW Cisco Managed Threat Defense is a fully managed, security analyst delivered service that defends against zero-day attacks, and advanced persistent threats with monitoring, inspection and correlation from our security operations center, 24 hours a day, 7 days a week. BusinessValue Out of Band deployment ensures minimal impact / disruption to infrastructure availability Reduce security costs by migrating processes to a third party Improve security posture through accurate detection of advanced threats SecurityValue Provides high-fidelity detection to reduce unnecessary investigation Lets you make true network behavior anomaly detection an operational reality Uses full-packet capture to reduce and eliminate false positives Uses global threat intelligence to defend against known threats and anomalies Service Service availability availability inus, inus, CanadaandAPJC CanadaandAPJC fromcisco fromcisco and and our our Partners Partners 28
29 Other SecurityServices fromcisco and our Partners Plan / Design / Implement Technology Solutions Security policy Security plan, build SOC plan, build Security architecture roadmap Audits / Assessments TrustSec ISE 802.1x ASAinc.migration and web security VPN NAC Optimization Online security readiness assessment SDA and SDA for ICS Security posture assessment Network device security assessment Security optimization Firewall conversion Identity management DDoSmitigation readiness assessment Operate Customer Enablement Remote management services Change management and configuration SecurityIntelliShieldalert manager IR&R planning and implementation Online security consulting Online security education Online security training range SOC build, operate, transfer 29
30 CyberThreat Defense Future Application Centric Infrastructure AI-based Threat Detection www Increase Telemetry for Reputation Identity Analysis FW NextGenFirewall IPS NexGenIPS AMP Self-Learning and Evasion Resistance Global ThreatIntelligence Improve ThreatDetection: ArtificialIntelligence Based Anomaly Software Defined Networks: Application Centric / Security = Killer App 30
31 Human Firewall IT Management & Workforce Education Promote Formal Education and Training SANS Institute / MS-ISAC / University System Certifications Certified Cybersecurity Analyst CCNA CCNP-CCIE Security Tracks CISSP User Training Cyber Threats Compromise Instructions Monthly Updates Cyber Testing Security Assessment Network Penetration Testing Etc Cyber Exercises 31
32 Cybersecurity What to do next Leverage Cisco Core Network Maximize investment in Cisco Core Netflow,TrustSec, NBAR, AVC Strategically add Cisco Security products and services SIO/VRT Real time intelligence ISE, ASA, WSA,ESA, NGIPS, AMP Partner with industry leaders Lancope, Arbor,Splunk, Services 32
33 33
34 Cyber Policy ISO/IEC 27001:2005(replaced ) coversall types of organizations Specifiesthe requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented Information Security Management System within the context of the organization's overall businessrisks 34
35 Cyber Policy NIST's mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life. Conductworld-classresearch. Closecollaboration with industry, that advances the nation's technologyinfrastructure 35
36 Cyber Policy All50 statesrepresented Principalmembers are generally Chief Cyber Security Officers (or equivalents) from their state. StateHomeland SecurityOffices Lawenforcement and others in the physical security field. 36
bersecurity fore - During - After Integrated Security Strategy r Romness ness Development Manager ic Sector Cybersecurity o Systems Inc.
bersecurity fore - During - After Integrated Security Strategy r Romness ness Development Manager ic Sector Cybersecurity o Systems Inc. Mobility IOT Cloud Threat Consumer centric market dynamics requ
More informationCisco Advanced Malware Protection. Ross Shehov Security Virtual Systems Engineer March 2016
Cisco Advanced Malware Protection Ross Shehov Security Virtual Systems Engineer March 2016 The Reality Organizations Are Under Attack and Malware Is Getting in 95% of large companies targeted by malicious
More informationBEFORE. DURING. AFTER. CISCO'S INTEGRATED SECURITY STRATEGY NIALL MOYNIHAN CISCO EMEAR
BEFORE. DURING. AFTER. CISCO'S INTEGRATED SECURITY STRATEGY NIALL MOYNIHAN CISCO EMEAR The IndustrializaBon of Hacking SophisEcated AFacks, Complex Landscape Hacking Becomes an Industry Phishing, Low
More informationCyb T er h Threat D f e ense S l o uti tion Moritz Wenz, Lancope 1
C b Th Cyber Threatt Defense D f S Solution l ti Moritz Wenz, Lancope 1 The Threat Landscape is evolving Enterprise Response Antivirus (Host-Based) IDS/IPS (Network Perimeter) Reputation (Global) and Sandboxing
More informationCisco Security: Moving to Security Everywhere. #TIGcyberSec. Stefano Volpi 13-10-2015
#TIGcyberSec Cisco Security: Moving to Security Everywhere Stefano Volpi 13-10-2015 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco is All In with Security I expect security
More informationProtection Against Advanced Persistent Threats
Protection Against Advanced Persistent Threats Peter Mesjar Systems Engineer, CCIE 17428 October 2014 Agenda Modern Threats Advanced Malware Protection Solution Why Cisco? Cisco Public 2 The Problem are
More informationIntelligent Cybersecurity for the Real World
Intelligent Cybersecurity for the Real World Ali Fuat TÜRKAY aturkay@cisco.com 0 532 677 4080 Ali Fuat Türkay: Security Sales Fuat Kılıç: Consulting System Engineer Hakan Tağmaç: Emerging Markets SE Manager
More informationEXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY
EXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY Dean Frye Sourcefire Session ID: SEC-W05 Session Classification: Intermediate Industrialisation of Threat Factories Goal: Glory,
More informationCisco Advanced Malware Protection
Solution Overview Cisco Advanced Malware Protection Breach Prevention, Detection, Response, and Remediation for the Real World BENEFITS Gain unmatched global threat intelligence to strengthen front-line
More informationCisco and Sourcefire. AGILE SECURITY : Security for the Real World. Stefano Volpi
Cisco and Sourcefire AGILE SECURITY : Security for the Real World Stefano Volpi SOURCEfire Worldwide John Chambers statement Security is the TOP issue for Cisco and many of the CIO s in the industry. We
More informationDas sollte jeder ITSpezialist über. Automations- und Produktionsnetzwerke wissen
Das sollte jeder ITSpezialist über Automations- und Produktionsnetzwerke wissen Frank Schirra, Rockwell Automation Solution Architect Edi Truttmann, Cisco Systems Network Solution Sales Specialist 2012
More informationCisco Cyber Threat Defense Solution: Delivering Visibility into Stealthy, Advanced Network Threats
Solution Overview Cisco Cyber Threat Defense Solution: Delivering Visibility into Stealthy, Advanced Network Threats What You Will Learn The network security threat landscape is ever-evolving. But always
More informationCisco Security Strategy Update Integrated Threat Defense. Oct 28, 2015
Cisco Security Strategy Update Integrated Threat Defense Oct 28, 2015 Breaches are the New Normal FDA Wards of Security Flaw in Infusion Pump Cisco Confidential Cisco s Covers the Threat-Centric Entire
More informationRequirements When Considering a Next- Generation Firewall
White Paper Requirements When Considering a Next- Generation Firewall What You Will Learn The checklist provided in this document details six must-have capabilities to look for when evaluating a nextgeneration
More informationSourceFireNext-Generation IPS
D Ů V Ě Ř U J T E S I L N Ý M SourceFireNext-Generation IPS Petr Salač CCNP Security, CCNP, CICSP, CCSI #33835 petr.salac@alefnula.com Our Customers Biggest Security Challenges Maintaining security posture
More informationCisco Cybersecurity Pocket Guide 2015
Cisco Cybersecurity Pocket Guide 2015 Why Security Security investment: A top priority Security: A critical boardroom topic Why Security? Security Investment: A Top Priority Figure 1 How Enterprises View
More informationContent Security: Protect Your Network with Five Must-Haves
White Paper Content Security: Protect Your Network with Five Must-Haves What You Will Learn The continually evolving threat landscape is what makes the discovery of threats more relevant than defense as
More informationCisco RSA Announcement Update
Cisco RSA Announcement Update May 7, 2009 Presented by: WWT and Cisco Agenda Cisco RSA Conference Announcements Collaborate with Confidence Overview Cisco s Security Technology Differentiation Review of
More informationAddressing the Full Attack Continuum: Before, During, and After an Attack. It s Time for a New Security Model
White Paper Addressing the Full Attack Continuum: Before, During, and After an Attack It s Time for a New Security Model Today s threat landscape is nothing like that of just 10 years ago. Simple attacks
More informationTrends in Malware DRAFT OUTLINE. Wednesday, October 10, 12
Trends in Malware DRAFT OUTLINE Presentation Synopsis Security is often a game of cat and mouse as security professionals and attackers each vie to stay one step ahead of the other. In this race for dominance,
More informationDefending Against Data Beaches: Internal Controls for Cybersecurity
Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity
More informationAddressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave
More informationThe Hillstone and Trend Micro Joint Solution
The Hillstone and Trend Micro Joint Solution Advanced Threat Defense Platform Overview Hillstone and Trend Micro offer a joint solution the Advanced Threat Defense Platform by integrating the industry
More informationCisco & Big Data Security
Cisco & Big Data Security 巨 量 資 料 的 傳 輸 保 護 Joey Kuo Borderless Networks Manager hskuo@cisco.com The any-to-any world and the Internet of Everything is an evolution in connectivity and collaboration that
More informationCisco Advanced Malware Protection for Endpoints
Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection
More informationCisco Advanced Malware Protection for Endpoints
Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection
More informationFive Steps For Securing The Data Center: Why Traditional Security May Not Work
White Paper Five Steps For Securing The Data Center: Why Traditional Security May Not Work What You Will Learn Data center administrators face a significant challenge: They need to secure the data center
More informationAgenda. 3 2012, Palo Alto Networks. Confidential and Proprietary.
Agenda Evolution of the cyber threat How the cyber threat develops Why traditional systems are failing Need move to application controls Need for automation 3 2012, Palo Alto Networks. Confidential and
More informationBraindumps.700-295.50.QA
Braindumps.700-295.50.QA Number: 700-295 Passing Score: 800 Time Limit: 120 min File Version: 6.0 http://www.gratisexam.com/ Comprehensive, easy and to the point study material made it possible for me
More informationThe Advanced Attack Challenge. Creating a Government Private Threat Intelligence Cloud
The Advanced Attack Challenge Creating a Government Private Threat Intelligence Cloud The Advanced Attack Challenge One of the most prominent and advanced threats to government networks is advanced delivery
More informationCisco Cyber Threat Defense - Visibility and Network Prevention
White Paper Advanced Threat Detection: Gain Network Visibility and Stop Malware What You Will Learn The Cisco Cyber Threat Defense (CTD) solution brings visibility to all the points of your extended network,
More informationIntegrated Network Security Architecture: Threat-focused Nextgeneration
White Paper Integrated Network Security Architecture: Threat-focused Nextgeneration Firewall By Jon Oltsik, Senior Principal Analyst September 2014 This ESG White Paper was commissioned by Cisco Systems
More informationThreat-Centric Security for Service Providers
Threat-Centric Security for Service Providers Enabling Open & Programmable Networks Sam Rastogi, Service Provider Security Product Marketing, Security Business Group Bill Mabon, Network Security Product
More informationData Center security trends
Data Center security trends Tomislav Tucibat Major accounts Manager, Adriatic Copyright Fortinet Inc. All rights reserved. IT Security evolution How did threat market change over the recent years? Problem:
More informationCisco Master Security Specialization Practice Areas Summary. June 2015
Cisco Master Security Specialization Practice Areas Summary June 2015 New Master Security Model Prerequisites Advanced Security Architecture Specialization (ASAS) (1) CCIE Security (1) CCNP Security (1)
More informationREVOLUTIONIZING ADVANCED THREAT PROTECTION
REVOLUTIONIZING ADVANCED THREAT PROTECTION A NEW, MODERN APPROACH Blue Coat Advanced Threat Protection Group GRANT ASPLUND Senior Technology Evangelist 1 WHY DO I STAND ON MY DESK? "...I stand upon my
More informationZak Khan Director, Advanced Cyber Defence
Securing your data, intellectual property and intangible assets from cybercrime Zak Khan Director, Advanced Cyber Defence Agenda (16 + optional video) Introduction (2) Context Global Trends Strategic Impacts
More informationNetwork as a Sensor and Enforcer Leverage the Network to Protect Against and Mitigate Threats
Network as a Sensor and Enforcer Leverage the Network to Protect Against and Mitigate Threats Dragan Novaković Consulting Systems Engineer Security November 2015. New Networks Mean New Security Challenges
More informationIntegrating MSS, SEP and NGFW to catch targeted APTs
#SymVisionEmea #SymVisionEmea Integrating MSS, SEP and NGFW to catch targeted APTs Tom Davison Information Security Practice Manager, UK&I Antonio Forzieri EMEA Solution Lead, Cyber Security 2 Information
More informationSymantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team
Symantec Cyber Threat Analysis Program Symantec Cyber Threat Analysis Program Team White Paper: Symantec Security Intelligence Services Symantec Cyber Threat Analysis Program Contents Overview...............................................................................................
More informationSourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data
SEE everything in your environment LEARN by applying security intelligence to data ADAPT defenses automatically ACT in real-time Sourcefire Solutions Overview Security for the Real World Change is constant.
More informationJort Kollerie SonicWALL
Jort Kollerie Cloud 85% of businesses said their organizations will use cloud tools moderately to extensively in the next 3 years. 68% of spend in private cloud solutions. - Bain and Dell 3 Confidential
More informationDefending Against Cyber Attacks with SessionLevel Network Security
Defending Against Cyber Attacks with SessionLevel Network Security May 2010 PAGE 1 PAGE 1 Executive Summary Threat actors are determinedly focused on the theft / exfiltration of protected or sensitive
More informationAbout the Authors. Tom Hogue, Security Solutions Manager, Security Business Group, Cisco
Secure Data Center for Enterprise Threat Management with NextGen IPS Design Guide Last Updated: August 26, 2014 About the Authors About the Authors Tom Hogue, Security Solutions Manager, Security Business
More informationJUNIPER NETWORKS SPOTLIGHT SECURE THREAT INTELLIGENCE PLATFORM
JUNIPER NETWORKS SPOTLIGHT SECURE THREAT INTELLIGENCE PLATFORM May 2015 Nguyễn Tiến Đức ASEAN Security Specialist Agenda Modern Malware: State of the Industry Dynamic Threat Intelligence on the Firewall
More informationThe Role of Security Monitoring & SIEM in Risk Management
The Role of Security Monitoring & SIEM in Risk Management Jeff Kopec, MS, CISSP Cyber Security Architect Oakwood Healthcare Jeff Bell, CISSP, GSLC, CPHIMS, ACHE Director, IT Security & Risk Services CareTech
More informationDeploying Next Generation Firewall with ASA and Firepower services
Deploying Next Generation Firewall with ASA and Firepower services Dragan Novaković Security Consulting Systems Engineer March 2015. Threat Landscape Demands more than Application Control 60% of data is
More informationApplying machine learning techniques to achieve resilient, accurate, high-speed malware detection
White Paper: Applying machine learning techniques to achieve resilient, accurate, high-speed malware detection Prepared by: Northrop Grumman Corporation Information Systems Sector Cyber Solutions Division
More informationTop 5 Security Trends and Strategies for 2011/2012 Peter Sandkuijl Europe SE manager network security psandkuijl@checkpoint.com
Top 5 Security Trends and Strategies for 2011/2012 Peter Sandkuijl Europe SE manager network security psandkuijl@checkpoint.com 2011 Check Point Software Technologies Ltd. [PROTECTED] All rights reserved.
More informationCyberArk Privileged Threat Analytics. Solution Brief
CyberArk Privileged Threat Analytics Solution Brief Table of Contents The New Security Battleground: Inside Your Network...3 Privileged Account Security...3 CyberArk Privileged Threat Analytics : Detect
More informationCYBERSECURITY for ENTERPRISE INFRASTRUCTURE: Protecting your DataCenter. Marco Mazzoleni Consulting Systems Engineer, Cisco GSSO
CYBERSECURITY for ENTERPRISE INFRASTRUCTURE: Protecting your DataCenter Marco Mazzoleni Consulting Systems Engineer, Cisco GSSO 2014 Cisco and/or and/or its affiliates. its affiliates. All rights All reserved.
More informationINCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN. Albin Penič Technical Team Leader Eastern Europe
INCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN Albin Penič Technical Team Leader Eastern Europe Trend Micro 27 years focused on security software Headquartered
More informationIBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer
IBM Security QRadar SIEM & Fortinet / FortiAnalyzer Introducing new functionality for IBM QRadar Security Intelligence Platform: integration with Fortinet s firewalls and logs forwarded by FortiAnalyzer.
More informationCisco Master Security Specialization Practice Areas Summary. February 2016
Cisco Master Security Specialization Practice Areas Summary February 2016 New Master Security Model Prerequisites Advanced Security Architecture Specialization (ASAS) (1) CCIE Security (1) CCNP Security
More informationTechnology Blueprint. Protect Your Email Servers. Guard the data and availability that enable business-critical communications
Technology Blueprint Protect Your Email Servers Guard the data and availability that enable business-critical communications LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security
More informationIntel Cyber-Security Briefing: Trends, Solutions, and Opportunities
Intel Cyber-Security Briefing: Trends, Solutions, and Opportunities John Skinner, Director, Secure Enterprise and Cloud, Intel Americas, Inc. May 2012 Agenda Intel + McAfee: What it means Computing trends
More informationThe Leading Provider of Endpoint Security Solutions
The Leading Provider of Endpoint Security Solutions Innovative Policies to Defend Against Next-Generation Threats Conrad Herrmann CTO and Co-Founder Zone Labs, Inc. Network Security Is an Uphill Battle
More informationThreat-Centric Security Solutions. György Ács Security Consulting Systems Engineer 3 rd November 2015
Threat-Centric Security Solutions György Ács Security Consulting Systems Engineer 3 rd November 2015 The Problem is Threats About Angler Exploit Kit http://www.networkworld.com/article/2989827/security/cisco-disrupts-60m-ransomware-biz.html
More informationIBM Security re-defines enterprise endpoint protection against advanced malware
IBM Security re-defines enterprise endpoint protection against advanced malware Break the cyber attack chain to stop advanced persistent threats and targeted attacks Highlights IBM Security Trusteer Apex
More information應 用 SIEM 偵 測 與 預 防 APT 緩 攻 擊
應 用 SIEM 偵 測 與 預 防 APT 緩 攻 擊 HP Enterprise Security 林 傳 凱 (C. K. Lin) Senior Channel PreSales, North Asia HP ArcSight, Enterprise Security 1 Rise Of The Cyber Threat Enterprises and Governments are experiencing
More informationIntelligent Cybersecurity for the Real World. Cisco Cybersecurity Pocket Guide
Intelligent Cybersecurity for the Real World Cisco Cybersecurity Pocket Guide EMEA 2015 Content What an Opportunity! Security Investment is a Top Priority Why Cisco? Cisco is the Leading Security Company
More informationStop advanced targeted attacks, identify high risk users and control Insider Threats
TRITON AP-EMAIL Stop advanced targeted attacks, identify high risk users and control Insider Threats From socially engineered lures to targeted phishing, most large cyberattacks begin with email. As these
More informationHow To Protect Your Network From Intrusions From A Malicious Computer (Malware) With A Microsoft Network Security Platform)
McAfee Security: Intrusion Prevention System REV: 0.1.1 (July 2011) 1 Contents 1. McAfee Network Security Platform...3 2. McAfee Host Intrusion Prevention for Server...4 2.1 Network IPS...4 2.2 Workload
More informationEMERGING THREATS & STRATEGIES FOR DEFENSE. Stephen Coty Chief Security Evangelist @StephenCoty
EMERGING THREATS & STRATEGIES FOR DEFENSE Stephen Coty Chief Security Evangelist @StephenCoty Industry Analysis 2014 Data Breaches - Ponemon Ponemon 2014 Data Breach Report *Statistics from 2013 Verizon
More informationLeading The World Into Connected Security. Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA
Leading The World Into Connected Security Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA History of Defining Largest Dedicated Delivering a Next Generation Architecture
More informationDelivering Control with Context Across the Extended Network
Delivering Control with Context Across the Extended Network Agenda Current Challenges Cisco ISE Overview Introducing Cisco pxgrid Customer Success Stories Only Cisco ISE Delivers 2013-2014 Cisco and/or
More informationEl costo oculto de las aplicaciones Vulnerables. Faustino Sanchez. WW Security Sales Enablement. IBM Canada
El costo oculto de las aplicaciones Vulnerables. Faustino Sanchez. WW Security Sales Enablement. IBM Canada The Traditional Approach is Changing. Security is no longer controlled and enforced through the
More informationEnterprise Cybersecurity: Building an Effective Defense
Enterprise Cybersecurity: Building an Effective Defense Chris Williams Oct 29, 2015 14 Leidos 0224 1135 About the Presenter Chris Williams is an Enterprise Cybersecurity Architect at Leidos, Inc. He has
More informationFighting Advanced Threats
Fighting Advanced Threats With FortiOS 5 Introduction In recent years, cybercriminals have repeatedly demonstrated the ability to circumvent network security and cause significant damages to enterprises.
More informationIBM Security Strategy
IBM Security Strategy Intelligence, Integration and Expertise Kate Scarcella CISSP Security Tiger Team Executive M.S. Information Security IBM Security Systems IBM Security: Delivering intelligence, integration
More informationEvolution Of Cyber Threats & Defense Approaches
Evolution Of Cyber Threats & Defense Approaches Antony Abraham IT Architect, Information Security, State Farm Kevin McIntyre Tech Lead, Information Security, State Farm Agenda About State Farm Evolution
More informationCybersecurity: An Innovative Approach to Advanced Persistent Threats
Cybersecurity: An Innovative Approach to Advanced Persistent Threats SESSION ID: AST1-R01 Brent Conran Chief Security Officer McAfee This is who I am 2 This is what I do 3 Student B The Hack Pack I used
More informationEffective IDS/IPS Network Security in a Dynamic World with Next-Generation Intrusion Detection & Prevention
Effective IDS/IPS Network Security in a Dynamic World with Next-Generation Intrusion Detection & Prevention Your Security Challenges Defending the Dynamic Network! Dynamic threats 䕬 䕬 䕬 䕬 Many threats
More information7 Things All CFOs Should Know About Cyber Security
Insero & Company s Accounting & Finance Education Series Presents 7 Things All CFOs Should Know About Cyber Security September 23, 2014 Michael Montagliano Chief Technologist, IV4. Inc. CERTIFIED PUBLIC
More informationSecuring Your Business with DNS Servers That Protect Themselves
Summary: The Infoblox DNS security product portfolio mitigates attacks on DNS/DHCP servers by intelligently recognizing various attack types and dropping attack traffic while responding only to legitimate
More informationAddressing Advanced Web Threats. Addressing Advanced Web Threats: Protect Your Data and Brand
Addressing Advanced Web Threats: Protect Your Data and Brand What You Will Learn From collaboration to communication to data access, the web is a mission-critical business tool. Enterprises rely on the
More informationWAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales
WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales The Cost of Cybercrime Sony $171m PlayStation 3 data breach (April 2011) $3 trillion
More informationOVERVIEW. Enterprise Security Solutions
Enterprise Security Solutions OVERVIEW For more than 25 years, Trend Micro has innovated constantly to keep our customers ahead of an everevolving IT threat landscape. It s how we got to be the world s
More informationCisco Security Intelligence Operations
Operations Operations of 1 Operations Operations of Today s organizations require security solutions that accurately detect threats, provide holistic protection, and continually adapt to a rapidly evolving,
More information24/7 Visibility into Advanced Malware on Networks and Endpoints
WHITEPAPER DATA SHEET 24/7 Visibility into Advanced Malware on Networks and Endpoints Leveraging threat intelligence to detect malware and exploitable vulnerabilities Oct. 24, 2014 Table of Contents Introduction
More informationNext Generation Security Strategies. Marc Sarrias Regional Sales Manager msarrias@paloaltonetworks.com
Next Generation Security Strategies Marc Sarrias Regional Sales Manager msarrias@paloaltonetworks.com IT Ever-Evolving Challenges & Constraints Support IT Initiatives Minimize Business Risks from Cybersecurity
More informationCisco Security Optimization Service
Cisco Security Optimization Service Proactively strengthen your network to better respond to evolving security threats and planned and unplanned events. Service Overview Optimize Your Network for Borderless
More information聚 碩 科 技 主 題 : 如 何 幫 企 業 行 動 商 務 建 立 安 全 機 制 職 稱 : 技 術 顧 問
聚 碩 科 技 主 題 : 如 何 幫 企 業 行 動 商 務 建 立 安 全 機 制 主 講 人 : 廖 國 宏 Jerry Liao 職 稱 : 技 術 顧 問 Each attack instance can be slightly different 攻 擊 模 式 有 些 微 的 不 同 Domains are rotated in days, even hours 攻 擊 主 機 位 置
More informationDeploying Firewalls Throughout Your Organization
Deploying Firewalls Throughout Your Organization Avoiding break-ins requires firewall filtering at multiple external and internal network perimeters. Firewalls have long provided the first line of defense
More informationBy John Pirc. THREAT DETECTION HAS moved beyond signature-based firewalls EDITOR S DESK SECURITY 7 AWARD WINNERS ENHANCED THREAT DETECTION
THE NEXT (FRONT) TIER IN SECURITY When conventional security falls short, breach detection systems and other tier 2 technologies can bolster your network s defenses. By John Pirc THREAT HAS moved beyond
More informationOffice 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD.
Office 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD. Your Valuable Data In The Cloud? How To Get The Best Protection! A world safe for exchanging digital information
More informationIBM Internet Security Systems
IBM Global Services IBM Internet Security Systems Norberto Gazzoni Italy Channel Manager norberto_gazzoni@it.ibm.com +39 347 3499617 IBM Internet Security Systems Ahead of the threat. 2006 IBM Corporation
More informationThe Attacker s Target: The Small Business
Check Point Whitepaper The Attacker s Target: The Small Business Even Small Businesses Need Enterprise-class Security to protect their Network July 2013 Contents Introduction 3 Enterprise-grade Protection
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationA MULTIFACETED CYBERSECURITY APPROACH TO SAFEGUARD YOUR OPERATIONS
A MULTIFACETED CYBERSECURITY APPROACH TO SAFEGUARD YOUR OPERATIONS CYBER ATTACKS INFILTRATE CRITICAL INFRASTRUCTURE SECTORS Government and enterprise critical infrastructure sectors such as energy, communications
More informationUnified Security Management and Open Threat Exchange
13/09/2014 Unified Security Management and Open Threat Exchange RICHARD KIRK SENIOR VICE PRESIDENT 11 SEPTEMBER 2014 Agenda! A quick intro to AlienVault Unified Security Management (USM)! Overview of the
More informationAdvanced Visibility. Moving Beyond a Log Centric View. Matthew Gardiner, RSA & Richard Nichols, RSA
Advanced Visibility Moving Beyond a Log Centric View Matthew Gardiner, RSA & Richard Nichols, RSA 1 Security is getting measurability worse Percent of breaches where time to compromise (red)/time to Discovery
More informationCONTENTS. Cisco Cyber Threat Defense v2.0 First Look Design Guide 2
Cisco Cyber Threat Defense v2.0 First Look Design Guide Last Updated: April 21, 2015 CONTENTS Introduction 3 Goal of this Document 3 Intended Audience 3 Executive Summary 4 Solution Overview 4 Solution
More informationCisco Cloud Web Security Key Functionality [NOTE: Place caption above figure.]
Cisco Cloud Web Security Cisco IT Methods Introduction Malicious scripts, or malware, are executable code added to webpages that execute when the user visits the site. Many of these seemingly harmless
More informationDESIGN YOUR SECURITY. We build tailored, converged security for you. Technology. Strategy. People. The synergetic collaboration.
converged DESIGN Technology. Strategy. People. The synergetic collaboration. YOUR SECURITY agile Hackers sleep - we don t. We re ready whenever, wherever. We build tailored, converged security for you.
More informationRETHINKING CYBER SECURITY Changing the Business Conversation
RETHINKING CYBER SECURITY Changing the Business Conversation October 2015 Introduction: Diane Smith Michigan Delegate Higher Education Conference Speaker Board Member 2 1 1. Historical Review Agenda 2.
More informationHow To Sell Security Products To A Network Security Company
Market Segment Definitions Author Joshua Mittler Overview In addition to product testing, NSS Labs quantitatively evaluates market size for each of the product categories tested. NSS provides metrics that
More informationWEBSENSE EMAIL SECURITY SOLUTIONS OVERVIEW
WEBSENSE EMAIL SECURITY SOLUTIONS OVERVIEW Challenge The nature of email threats has changed over the past few years. Gone are the days when email security, better known as anti-spam, was primarily tasked
More informationHow To Protect Your Virtual Infrastructure From Attack From A Cyber Threat
VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Security and Compliance VMware vcloud Networking and Security is the leading networking and security
More informationSecure Cloud Computing
Secure Cloud Computing Agenda Current Security Threat Landscape Over View: Cloud Security Overall Objective of Cloud Security Cloud Security Challenges/Concerns Cloud Security Requirements Strategy for
More information