Top 10 Data Security Threats Plaguing Credit Unions
|
|
- Clarence Manning
- 8 years ago
- Views:
Transcription
1 Top 10 Data Security Threats Plaguing Credit Unions (2H 2013 Threat Report) Andrew Jaquith CTO & SVP, Cloud Strategy Grace Zeng, SilverSky Labs February 20, 2014
2 Housekeeping rules Everyone s phone is muted, but please feel free to ask questions by typing your question in the right hand area. We will have a Q/A Session at the end of the Webinar. 2
3 Housekeeping rules For Technical Issues, use the Chat function to send a question to me, SilverSky. 3
4 Housekeeping rules You will all receive a link to download the presentation materials and a link to view the recording in an tomorrow. 4
5 Agenda 1 Introduction 2 Financial institutions incident trends 3 Threat highlights, second half Recommendations 5
6 Agenda Introduction 2 Financial institutions incident trends 3 Threat highlights, second half Recommendations 6
7 SilverSky delivers security from the cloud What we do We simplify how our customers secure their information. How we do it We secure our customers sensitive data, monitor their networks 24x7 for intrusions and manage our customers and collaboration applications all from our cloud. Why it matters We enable growth-minded leaders to pursue their business ambitions without security worry. 7
8 The expert cloud provider of information security solutions By tirelessly safeguarding our customers most important information, SilverSky enables growth-minded leaders to pursue their business ambitions without security worry. NETWORK SECURITY SERVICES PROTECTION SERVICES MANAGED APPLICATION SERVICES UTM Management Event Monitoring and Exchange Response Brand Lync Protection Web SharePoint App Firewall Managed Event Mobile Monitoring BlackBerry device and Response management Log management DLP Vulnerability Encryption management Archive Brand protection UTM management Continuity Advanced Event monitoring Targeted Attack and response Prevention Exchange Lync Security SharePoint DLP Managed BlackBerry Encryption Mobile Device Management Continuity Archive CONSULTING AND PROFESSIONAL SERVICES 8
9 SilverSky is a recognized security leader The combination of strong business and technical value, SLA adherence, plus innovative use of the cloud puts SilverSky solidly in the Leaders category. SilverSky s Hosted Exchange offerings have robust security features, and comply with federal and industry rules and regulations SilverSky has strong appeal with companies that have stringent security and regulatory requirements. 9
10 About the SilverSky Security Operations Center Our experienced team of 60 SOC analysts and engineers helps protect $525 billion in banking and credit union assets. Every month on average, SilverSky s Security Operations Center analyzes: 15 billion raw events 325,000 security alerts A majority of the incidents we see are informational or reconnaissance-related. A small number are likely and confirmed compromises (medium- and high-level incidents). All are reported to customers. 10
11 SilverSky SIEM correlates events and alerts SilverSky SIEM 11
12 How SilverSky classifies incidents Level 0 Alert forwarded to SOC from our SIEM. Every alert is analyzed by a human analyst and escalated if necessary Level 1 Informational incident: scanning, reconnaissance or information leak Level 2 Suspected compromise or medium-severity incident Level 3 Verified compromise; considered high-severity incident Likely and confirmed compromises 12
13 Headlines from the 2 nd Half of 2013 More compromises overall, but fewer affected % with likely and confirmed compromises decreased Major threat was eliminated in Q4, and our customers implemented more effective web security controls But: those who were compromised had the same number, or more, as before Threats more concentrated and fast-moving Decrease in attack sources and types of threats 6 out of the top 10 threats different from 1 year ago New ransomware and special-purpose threats 13
14 Analysis highlights SilverSky analyzed security incidents based on data from 925 financial institutions for the second half of 2013 We found: 1,556 likely and confirmed compromises (up from 1513 in 1H 2013) 390 institutions affected (down from 437) 42% of our financial customers experienced at least one incident (down from 47%) 48% of attacks came from U.S. IP addresses Most common potential compromise: ZmEu vulnerability scan; CryptoLocker rising fast. Attack source IP addresses and threats more concentrated (reversal from last year) Full report at: 90 billion raw events 1.9 million security alerts 72,000 potential incidents 1,556 compromises 58m:1 1,200:1 46:1 1:1 14
15 The modern threat landscape Spam botnets Storm, Rustock, Cutwail In 2009, 83.4% of spam originated from botnets 1 Spam may contain Trojan droppers such as Bredolab Attack botnets Darkness, BlackEnergy, Stuxnet Botnets for hire (DDOS), often politically motivated Marketed to attack or disable competitor sites Financial botnets DarkLeech, Zeus, BlackHole Steal victim s bank and credit card data Sold as kits; franchise model like McDonald s: 1,400 versions controlled by many attackers 3 Zeus offshoot Citadel has stolen $500m 3 Special-purpose trojans CryptoLocker, Reveton, Plasma Ransomware encrypts, holds victim files hostage. More than 500,000 victims and counting. 4 Bitcoin mining bots feed affiliate services such as FeodalCash 5 Sources: 1 Symantec/MessageLabs 2 FBI (390 cases) 3 Microsoft 4 Symantec 5 Krebs on Security, XyliBox 15
16 SilverSky tracks 140+ botnets SilverSky uses multiple external lists of known malicious IP addresses and domains, plus internal built lists based on anomalies detected within the customer base Lists are updated hourly, daily or in real-time to keep up with fastchanging C&C infrastructures. Others use complex regular expressions to detect patterns in URLs Currently tracking 140+ botnets, exploit kits and malware indicators 16
17 Agenda 1 Introduction Financial institutions incident trends 3 Threat highlights, second half Recommendations 17
18 Incidents reverted to the mean during holidays 299 Number of Level 2 and Level 3 incidents, 2H 2013 (n=925 financial institutions) 351 Incidents dipped in early fall but increased to the highest levels of the year during holidays Arrest of BlackHole kit creator in October had immediate positive effect on incidents Overall number of compromises are trending back to historical highs, due to CryptoLocker and ZmEu January 2012 December 2013 trend 2H 2013 Jul Aug Sep Oct Nov Dec Jan 2012 Jul 2012 Jan 2013 Jul
19 Compromises decreased slightly in 2H % 40% 30% 20% 10% 0% 42% 12% 4% 1% Most compromised institutions Institution Size Incidents 1 Credit union Mid-size 42 2 Credit union Large 37 3 Credit union Small 28 4 Bank Mid-size 24 5 Credit union Small 20 6 Credit union Mid-size 20 7 Bank Small 18 8 Credit union Large 18 9 Money transfer Large Bank Large 17 42% of institutions had at least one compromise, down from 47% in 1H 2013 Attacks more evenly distributed: 3.2% experienced > 10, up from 1% One customer a mid-sized credit union had 42 incidents 6 of the top 10 most compromised institutions were credit unions 19
20 Affected FIs down, but compromises continue Number of institutions with incidents and % with at least one incident Size of institution ($assets) Average # of incidents 1H H H H % 1H % 2H % 55% 51% 34% Large Medium Small Small (<$250 million) 3 4 Mid-sized (<$1 Bn) 4 4 Large (>$1 Bn) 6 6 A smaller percentage of institutions of all sizes were compromised Customers have been blocking more unrated web domains However, for affected institutions, average incidents stayed even Attacks on smaller institutions increased slightly Small institutions have smaller staffs, less resources and expertise Testing grounds for attacks on larger institutions 20
21 Threat sources becoming more concentrated Country 2H H 2013 United States 54% 48% China 6% 12% Netherlands 2% 5% Germany 7% 5% Russian Federation 4% 3% France <1% 3% United Kingdom 4% 3% Canada 3% 3% Ukraine 3% 2% Romania <1% 1% Total 86% 85% Simpson Index of Diversity (1.0=highest) Offending source IP addresses from 40 countries, up from 49 in 1H 2013 % from the top 10 countries decreased, and attacker source countries are more concentrated About 48% of known attacks came from the U.S., down from 54% Institutions under scrutiny almost all U.S.-based; non-us IP traffic often blocked Some malware came from legitimate U.S. web sites 21
22 Agenda 1 Introduction 2 Financial institutions incident trends Threat highlights, second half Recommendations 22
23 Attackers continues to evolve their methods Exploit kits are attackers main weapons. Modern attacks focus on inducing victims to visit malware-laden websites through the usual methods, notably via phishing. Infected websites host exploit kits such as DarkLeech and ransomware such as CryptoLocker. These kits are marketed and sold with support to botnet operators; they are essentially franchise operations. Exploit kit competition is heating up. Historically popular kits such as BlackHole are giving way to newer, competing kits, leading to a splintering of the malware supply chain. 23
24 Threat highlight: CryptoLocker CryptoLocker, a piece of ransomware, surfaced in Sep 2013 and has been on the rise Spreads via spam s containing malicious attachments Uses public keys to encrypt files on local disks, network shares and USB devices The private key is stored in a C&C server under the attacker s control Victims need to pay the attacker with cyber-currency such as Bitcoin and MoneyPak to retrieve the private key to decrypt files SilverSky has correlations to detect customer traffic to CryptoLocker C&C domains and IP addresses. 24
25 More attackers, more attack tools Increased threat diversity means defenders must worry about more threats (stretch the field) 42% of SilverSky financial services customers were compromised at least once in the second half of 2013 Availability of attack tools means the threat environment is becoming more chaotic Example: politically motivated attacker encouraging DDOS attacks on healthcare.gov (and distributing tools) Anonymized currencies grease the wheels of commerce and make it harder to follow the money These three trends mean that more attackers have access to more weapons than ever before. 25
26 Top 10 threats for the second half of 2013 Trojans remain the #1 threat category facing financial customers ZmEu has become dominant threat facing customers Significant other new threats are CryptoLocker & Pony Loader BlackHole has fallen from #1 in 1H 2013 to #9 (following Oct 2013 arrest of co-creator) Six out of the top 10 threats are new compared to one year ago (2H 2012) Threat environment more concentrated (Simpson score 0.59 versus 0.88 first half of 2013) % of incidents Threat Name 1H H ZmEu Vulnerability Scan 4% 30% 2 Darkleech Exploit Kit 10% 4% 3 Andromeda C&C 3% 4% 4 CryptoLocker - 2% 5 ZeroAccess Rootkit C&C - 2% 6 Pony Loader C&C - 2% 7 TDL4/TDSS C&C 4% 1% 8 Zeus C&C 2% 1% 9 Blackhole Exploit Kit 11% 1% 10 Stabuniq Trojan 2% 1% Total 47% 47% Simpson Index of Diversity (1.0=most diverse)
27 Threats are rapidly changing every day 1 ZmEu Vulnerability Scan 2 Darkleech Exploit Kit 3 Andromeda C&C 4 CryptoLocker 5 ZeroAccess Rootkit C&C 6 Pony Loader C&C 7 TDL4/TDSS C&C 8 Zeus C&C 9 Blackhole Exploit Kit 10 Stabuniq Trojan 6 out of the top 10 threats SilverSky detected in 2H 2013 differ compared to 1 year ago. 27
28 How SilverSky protects customers We follow exploit kits and botnets closely 60 SilverSky experts tracking more than 140 botnets Four layers of defense protect customers Targeted Attack Prevention (TAP) detects zero-day threats and links in (Launched last week) Network-based AV is equipped with JavaScript/iframe signatures to keep clients from executing code Web security filters block known botnet host domains and suspicious domains Analysts constantly adding new correlations in SIEM to match related IP addresses, domains and file names 28
29 Agenda 1 Introduction 2 Financial institutions incident trends 3 Threat highlights, first half Recommendations 29
30 Recommendations: PCs Use multi-layered defenses Firewalls, web security, IDS/IPS, anti-virus, SIEM, targeted attack detection for Safeguard PCs and observe best practices Never open suspect attachments or follow links Don t respond to s asking for financial information Disable and/or uninstall unused services Keep software current, especially OS, browser and AV Patch, patch, patch! OS, but also third-party browser plugins Minimum browsers: IE 9, FireFox 16, Chrome 25, Safari 5.1 Block Flash and ads in browser or with web security software When practical, block access to unclassified sites If you must use Flash or Java, turn on auto-update 30
31 Recommendations: Servers and network Consider server host intrusion detection systems (HIDS) Use for key workloads where application binaries are largely static Webservers and transactional systems Use in combination with application whitelisting technologies Enforce very strong production server passwords Brute-forcing admin or root passwords is popular way in Strong passwords help prevent compromises of hosts inside the firewall or require multi-factor authentication Change default admin account names as well Remove unnecessary server components Examples: PHP MyAdmin (ZmEu ingress points) Don t just trust, verify scan everything regularly 31
32 Recommendations: Management For balance, invest in a highly skilled, highly trained security event detection and response staff Companies lacking budget or expertise should outsource Set expectations with management Prevention cannot be perfect. You will be judged, in part, on how much you can reduce the likelihood of the worst attacks Create and test your response plan. The measure of your program is how quickly (and effectively) you respond to compromises that occur due to your residual risks 32
33 Thank you for your time
Secure Your Mobile Workplace
Secure Your Mobile Workplace Sunny Leung Senior System Engineer Symantec 3th Dec, 2013 1 Agenda 1. The Threats 2. The Protection 3. Q&A 2 The Mobile Workplaces The Threats 4 Targeted Attacks up 42% in
More informationInnovations in Network Security
Innovations in Network Security Michael Singer April 18, 2012 AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual Property and/or AT&T affiliated companies.
More informationIBM Security Strategy
IBM Security Strategy Intelligence, Integration and Expertise Kate Scarcella CISSP Security Tiger Team Executive M.S. Information Security IBM Security Systems IBM Security: Delivering intelligence, integration
More informationModern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth
Modern Cyber Threats how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure Axel Wirth Healthcare Solutions Architect Distinguished Systems Engineer AAMI 2013 Conference
More informationUsing big data analytics to identify malicious content: a case study on spam emails
Using big data analytics to identify malicious content: a case study on spam emails Mamoun Alazab & Roderic Broadhurst Mamoun.alazab@anu.edu.au http://cybercrime.anu.edu.au 2 Outline Background Cybercrime
More informationComprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)
Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus February 3, 2015 (Revision 4) Table of Contents Overview... 3 Malware, Botnet Detection, and Anti-Virus Auditing... 3 Malware
More informationMicrosoft Security Intelligence Report
Microsoft Security Intelligence Report Volume 16 July through December, 2013 Key Findings Summary This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED, OR STATUTORY,
More informationBeyond Aurora s Veil: A Vulnerable Tale
Beyond Aurora s Veil: A Vulnerable Tale Derek Manky Cyber Security & Threat Research FortiGuard Labs October 26th, 2010: SecTor 2010 Toronto, CA Conficker: April Doomsday.. Meanwhile JBIG2 Zero Day PDF/SWF
More informationConcierge SIEM Reporting Overview
Concierge SIEM Reporting Overview Table of Contents Introduction... 2 Inventory View... 3 Internal Traffic View (IP Flow Data)... 4 External Traffic View (HTTP, SSL and DNS)... 5 Risk View (IPS Alerts
More informationIBM Advanced Threat Protection Solution
IBM Advanced Threat Protection Solution Fabio Panada IBM Security Tech Sales Leader 1 Advanced Threats is one of today s key mega-trends Advanced Threats Sophisticated, targeted attacks designed to gain
More informationFighting Advanced Threats
Fighting Advanced Threats With FortiOS 5 Introduction In recent years, cybercriminals have repeatedly demonstrated the ability to circumvent network security and cause significant damages to enterprises.
More informationSummary of the State of Security
Summary of the State of Security Tram Jewett, CISA CliftonLarsonAllen LLP Virginia GFOA Annual Spring Conference, 2016 1 1 Summary of the State of Security Tram Jewett, MS., CISA, 11 years IT audit and
More informationSecurity A to Z the most important terms
Security A to Z the most important terms Part 1: A to D UNDERSTAND THE OFFICIAL TERMINOLOGY. This is F-Secure Labs. Learn more about the most important security terms with our official explanations from
More informationQUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY
QUARTERLY REPORT 2015 INFOBLOX DNS THREAT INDEX POWERED BY EXPLOIT KITS UP 75 PERCENT The Infoblox DNS Threat Index, powered by IID, stood at 122 in the third quarter of 2015, with exploit kits up 75 percent
More informationDefending Against Cyber Attacks with SessionLevel Network Security
Defending Against Cyber Attacks with SessionLevel Network Security May 2010 PAGE 1 PAGE 1 Executive Summary Threat actors are determinedly focused on the theft / exfiltration of protected or sensitive
More informationA Case for Managed Security
A Case for Managed Security By Christopher Harper Managing Director, Security Superior Managed IT & Security Services 1. INTRODUCTION Most firms believe security breaches happen because of one key malfunction
More information場 次 :C-3 公 司 名 稱 :RSA, The Security Division of EMC 主 題 : 如 何 應 用 網 路 封 包 分 析 對 付 資 安 威 脅 主 講 人 :Jerry.Huang@rsa.com Sr. Technology Consultant GCR
場 次 :C-3 公 司 名 稱 :RSA, The Security Division of EMC 主 題 : 如 何 應 用 網 路 封 包 分 析 對 付 資 安 威 脅 主 講 人 :Jerry.Huang@rsa.com Sr. Technology Consultant GCR Minimum Requirements of Security Management and Compliance
More information24/7 Visibility into Advanced Malware on Networks and Endpoints
WHITEPAPER DATA SHEET 24/7 Visibility into Advanced Malware on Networks and Endpoints Leveraging threat intelligence to detect malware and exploitable vulnerabilities Oct. 24, 2014 Table of Contents Introduction
More informationGlasnost or Tyranny? You Can Have Secure and Open Networks!
AT&T is a proud sponsor of StaySafe Online Glasnost or Tyranny? You Can Have Secure and Open Networks! Steven Hurst CISSP Director - AT&T Security Services and Technology AT&T Chief Security Office 2009
More informationGetting Ahead of Malware
IT@Intel White Paper Intel Information Technology Security December 2009 Getting Ahead of Malware Executive Overview Since implementing our security event monitor and detection processes two years ago,
More informationTrend Micro Cloud App Security for Office 365. October 27, 2015 Trevor Richmond
Trend Micro Cloud App Security for Office 365 October 27, 2015 Trevor Richmond Too many malware incidents >90% Targeted Attacks Start with Email Attackers: Target specific companies or individuals Research
More informationCisco Security Intelligence Operations
Operations Operations of 1 Operations Operations of Today s organizations require security solutions that accurately detect threats, provide holistic protection, and continually adapt to a rapidly evolving,
More informationCybercrime myths, challenges and how to protect our business. Vladimir Kantchev Managing Partner Service Centrix
Cybercrime myths, challenges and how to protect our business Vladimir Kantchev Managing Partner Service Centrix Agenda Cybercrime today Sources and destinations of the attacks Breach techniques How to
More informationData Center security trends
Data Center security trends Tomislav Tucibat Major accounts Manager, Adriatic Copyright Fortinet Inc. All rights reserved. IT Security evolution How did threat market change over the recent years? Problem:
More informationTrust the Innovator to Simplify Cloud Security
Trust the Innovator to Simplify Cloud Security Contents MailGuard Pty Ltd Page 1 of 7 2 Let s get real for a moment. Your antivirus software isn t stopping fastbreak phishing and other spam attacks like
More informationOverview. Common Internet Threats. Spear Phishing / Whaling. Phishing Sites. Virus: Pentagon Attack. Viruses & Worms
Overview Common Internet Threats Tom Chothia Computer Security, Lecture 19 Phishing Sites Trojans, Worms, Viruses, Drive-bydownloads Net Fast Flux Domain Flux Infiltration of a Net Underground economy.
More informationTMCEC CYBER SECURITY TRAINING
1 TMCEC CYBER SECURITY TRAINING Agenda What is cyber-security? Why is cyber-security important? The essential role you play. Overview cyber security threats. Best practices in dealing with those threats.
More informationAnalyzing Security for Retailers An analysis of what retailers can do to improve their network security
Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Clone Systems Business Security Intelligence Properly Secure Every Business Network Executive Summary
More informationPreparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS
Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS CONTENTS PAGE RECONNAISSANCE STAGE 4 INCURSION STAGE 5 DISCOVERY STAGE 6 CAPTURE STAGE 7 EXFILTRATION STAGE
More informationZscaler Cloud Web Gateway Test
Zscaler Cloud Web Gateway Test A test commissioned by Zscaler, Inc. and performed by AV-TEST GmbH. Date of the report: April15 th, 2016 Executive Summary In March 2016, AV-TEST performed a review of the
More informationAttackers are highly skilled, persistent, and very motivated at finding and exploiting new vectors. Microsoft Confidential for internal use only
Attackers are highly skilled, persistent, and very motivated at finding and exploiting new vectors Microsoft Confidential for internal use only Wall Street Journal, JP Morgan, Lockheed, Bushehr nuclear
More information10 Smart Ideas for. Keeping Data Safe. From Hackers
0100101001001010010001010010101001010101001000000100101001010101010010101010010100 0100101001001010010001010010101001010101001000000100101001010101010010101010010100000 0100101001001010010001010010101001010101001000000100101001010101010010101010010100000
More informationES ET DE LA VIE PRIVÉE E 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISSIONERS
ES ET DE LA VIE PRIVÉE E 29 th INTERNATIONAL CONFERENCE OF DATA PROTECTION AND PRIVACY COMMISS The Internet Threat Landscape Symantec TM Dean Turner Director Global Intelligence Network Symantec Security
More informationENABLING FAST RESPONSES THREAT MONITORING
ENABLING FAST RESPONSES TO Security INCIDENTS WITH THREAT MONITORING Executive Summary As threats evolve and the effectiveness of signaturebased web security declines, IT departments need to play a bigger,
More informationCITADEL TROJAN OUTGROWING ITS ZEUS ORIGINS
CITADEL TROJAN OUTGROWING ITS ZEUS ORIGINS May 2012 As of April 30th, 2012 the Citadel Trojan was at its fourth upgrade with Version 1.3.4.0 already in the hands of its customers. Citadel s features, bug
More informationThe dramatic growth in mobile device malware. continues to escalate at an ever-accelerating. pace. These threats continue to become more
The dramatic growth in mobile device malware continues to escalate at an ever-accelerating pace. These threats continue to become more sophisticated while the barrier to entry remains low. As specific
More informationMalware B-Z: Inside the Threat From Blackhole to ZeroAccess
Malware B-Z: Inside the Threat From Blackhole to ZeroAccess By Richard Wang, Manager, SophosLabs U.S. Over the last few years the volume of malware has grown dramatically, thanks mostly to automation and
More informationProtect Your Business and Customers from Online Fraud
DATASHEET Protect Your Business and Customers from Online Fraud What s Inside 2 WebSafe 5 F5 Global Services 5 More Information Online services allow your company to have a global presence and to conveniently
More informationEndpoint protection for physical and virtual desktops
datasheet Trend Micro officescan Endpoint protection for physical and virtual desktops In the bring-your-own-device (BYOD) environment, protecting your endpoints against ever-evolving threats has become
More informationCompliance series Guide to meeting requirements of the UK Government Cyber Essentials Scheme
Compliance series Guide to meeting requirements of the UK Government Cyber Essentials Scheme avecto.com Contents Introduction to the scheme 2 Boundary firewalls and internet gateways 3 Secure configuration
More informationUNCLASSIFIED. Briefing to Critical Infrastructure Sector Organizations on the Canadian Cyber Incident Response Centre (CCIRC)
Briefing to Critical Infrastructure Sector Organizations on the Canadian Cyber Incident Response Centre (CCIRC) Cyber in the News 1 Tactics, Techniques and Procedures These observed tactics, techniques
More informationTop five strategies for combating modern threats Is anti-virus dead?
Top five strategies for combating modern threats Is anti-virus dead? Today s fast, targeted, silent threats take advantage of the open network and new technologies that support an increasingly mobile workforce.
More informationManaging Web Security in an Increasingly Challenging Threat Landscape
Managing Web Security in an Increasingly Challenging Threat Landscape Cybercriminals have increasingly turned their attention to the web, which has become by far the predominant area of attack. Small wonder.
More informationInformation Security Threat Trends
Talk @ Microsoft Security Day Sep 2005 Information Security Threat Trends Mr. S.C. Leung 梁 兆 昌 Senior Consultant 高 級 顧 問 CISSP CISA CBCP M@PISA Email: scleung@hkcert.org 香 港 電 腦 保 安 事 故 協 調 中 心 Introducing
More informationMicrosoft s cybersecurity commitment
Microsoft s cybersecurity commitment Published January 2015 At Microsoft, we take the security and privacy of our customers data seriously. This focus has been core to our culture for more than a decade
More informationProč a jak splnit literu kybernetického zákona
Proč a jak splnit literu kybernetického zákona Ondrej Stahlavsky Regional Director, CEE 1 PROBLEM: GROWING ATTACK SURFACE 2 PROBLEM: GROWING ATTACK VECTORS An Extensive, Poisoned, Dark, Deep Web 3 PROBLEM:
More informationUiBScfs Cloud Financial Services
UiBScfs Cloud Financial HEAD OFFICE 1 Agias Zonis Str. Pentadromos Centre Office B401 CY-3026 Limassol, Cyprus P.O. Box 52208 CY-4062 Limassol, Cyprus Call Center: Tel: +357 7777 UIBS (8427) Tel: +357
More informationWhite Paper THE FOUR ATTACK VECTORS TO PREVENT OR DETECT RETAILER BREACHES. By James Christiansen, VP, Information Risk Management
White Paper THE FOUR ATTACK VECTORS TO PREVENT OR DETECT RETAILER BREACHES By James Christiansen, VP, Information Risk Management Executive Summary Security breaches in the retail sector are becoming more
More informationPractical Threat Intelligence. with Bromium LAVA
Practical Threat Intelligence with Bromium LAVA Practical Threat Intelligence Executive Summary Threat intelligence today is costly and time consuming and does not always result in a reduction of successful
More informationEndpoint & Server Protection. Brent Biernat First Vice President Network Services May 13, 2014
Endpoint & Server Protection Brent Biernat First Vice President Network Services May 13, 2014 The Evolution of Cyber Crime 1878 Bell Telephone Teenage Switchboard Operator Disconnected calls, eavesdropped,
More informationModular Network Security. Tyler Carter, McAfee Network Security
Modular Network Security Tyler Carter, McAfee Network Security Surviving Today s IT Challenges DDos BOTS PCI SOX / J-SOX Data Exfiltration Shady RAT Malware Microsoft Patches Web Attacks No Single Solution
More informationAttacks 2011: How Complexity Evaded Defenses and Strategies for Prevention TOMER TELLER CHECK POINT SOFTWARE TECHNOLOGIES. Session Classification:
Attacks 2011: How Complexity Evaded Defenses and Strategies for Prevention TOMER TELLER CHECK POINT SOFTWARE TECHNOLOGIES Session ID: SPO1-303 Session Classification: General Interest Welcome to RSA 2013.
More informationPrevent Malware attacks with F5 WebSafe and MobileSafe. Alfredo Vistola Security Solution Architect, EMEA
Prevent Malware attacks with F5 WebSafe and MobileSafe Alfredo Vistola Security Solution Architect, EMEA Malware Threat Landscape Growth and Targets % 25 Of real-world malware is caught by anti-virus Malware
More informationSR B17. The Threat Landscape Continues to Change: How are You Keeping Pace? Dean Turner
SR B17 The Threat Landscape Continues to Change: How are You Keeping Pace? Dean Turner Director - Engineering, Global Intelligence Network Symantec Intelligence Group Agenda 1 2 3 5 Symantec Intelligence
More informationAgenda. John Veldhuis, Sophos The playing field Threats Mobile Device Management. Pagina 2
Mobile Security Agenda John Veldhuis, Sophos The playing field Threats Mobile Device Management Pagina 2 The Changing Mobile World Powerful devices Access everywhere Mixed ownership User in charge Powerful
More informationEvolution of attacks and Intrusion Detection
Evolution of attacks and Intrusion Detection AFSecurity seminar 11 April 2012 By: Stian Jahr Agenda Introductions What is IDS What is IDS in mnemoic How attacks have changed by time and how has it changed
More informationWhat does it take to deliver the most technologically advanced Games ever?
What does it take to deliver the most technologically advanced Games ever? Enzo Sacco, Quang Tu October 20, 2015 Purpose of today s session To share our experiences and lessons learned in securing the
More informationWhere every interaction matters.
Where every interaction matters. Peer 1 Vigilant Web Application Firewall Powered by Alert Logic The Open Web Application Security Project (OWASP) Top Ten Web Security Risks and Countermeasures White Paper
More informationINCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN. Albin Penič Technical Team Leader Eastern Europe
INCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN Albin Penič Technical Team Leader Eastern Europe Trend Micro 27 years focused on security software Headquartered
More informationEnd to End Security do Endpoint ao Datacenter
do Endpoint ao Datacenter Piero DePaoli & Leandro Vicente Security Product Marketing & Systems Engineering 1 Agenda 1 Today s Threat Landscape 2 From Endpoint: Symantec Endpoint Protection 3 To Datacenter:
More informationUnknown threats in Sweden. Study publication August 27, 2014
Unknown threats in Sweden Study publication August 27, 2014 Executive summary To many international organisations today, cyber attacks are no longer a matter of if but when. Recent cyber breaches at large
More information2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security
2016 Trends in Cybersecurity: A Quick Guide to the Most Important Insights in Security For 10 years, Microsoft has been studying and analyzing the threat landscape of exploits, vulnerabilities, and malware.
More informationThe Fundamental Failures of End-Point Security. Stefan Frei Research Analyst Director sfrei@secunia.com
The Fundamental Failures of End-Point Security Stefan Frei Research Analyst Director sfrei@secunia.com Agenda The Changing Threat Environment Malware Tools & Services Why Cybercriminals Need No 0-Days
More informationAnti-exploit tools: The next wave of enterprise security
Anti-exploit tools: The next wave of enterprise security Intro From malware and ransomware to increasingly common state-sponsored attacks, organizations across industries are struggling to stay ahead of
More informationWhose IP Is It Anyways: Tales of IP Reputation Failures
Whose IP Is It Anyways: Tales of IP Reputation Failures SESSION ID: SPO-T07 Michael Hamelin Lead X-Force Security Architect IBM Security Systems @HackerJoe What is reputation? 2 House banners tell a story
More informationProtect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities Protecting a business s IT infrastructure is complex. Take, for example, a retailer operating a standard multi-tier infrastructure
More informationAdvanced Persistent Threats
Emilio Tonelli Senior Sales Engineer South Europe WatchGuard Technologies, Inc. Advanced Persistent Threats the new security challenge Are you protected? Current Threat Landscape 2 Global Threat Landscape:
More informationBotnets: The Advanced Malware Threat in Kenya's Cyberspace
Botnets: The Advanced Malware Threat in Kenya's Cyberspace AfricaHackon 28 th February 2014 Who we Are! Paula Musuva-Kigen Research Associate Director, Centre for Informatics Research and Innovation (CIRI)
More informationWEB ATTACKS AND COUNTERMEASURES
WEB ATTACKS AND COUNTERMEASURES February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in
More informationCyber Security. John Leek Chief Strategist
Cyber Security John Leek Chief Strategist AGENDA The Changing Business Landscape Acknowledge cybersecurity as an enterprise-wide risk management issue not just an IT issue How to develop a cybersecurity
More informationThe SIEM Evaluator s Guide
Using SIEM for Compliance, Threat Management, & Incident Response Security information and event management (SIEM) tools are designed to collect, store, analyze, and report on log data for threat detection,
More informationWEBTHREATS. Constantly Evolving Web Threats Require Revolutionary Security. Securing Your Web World
Securing Your Web World WEBTHREATS Constantly Evolving Web Threats Require Revolutionary Security ANTI-SPYWARE ANTI-SPAM WEB REPUTATION ANTI-PHISHING WEB FILTERING Web Threats Are Serious Business Your
More informationMcAfee Endpoint Protection Products
McAfee Total Protection Security Overview for MEEC Sumeet Gohri, CISSP Sr. Sales Engineer GovED + Healthcare McAfee, Inc. Agenda Protection Challenges McAfee Protection Products McAfee epo walkthrough
More informationRSA Security Analytics
RSA Security Analytics This is what SIEM was Meant to Be 1 The Original Intent of SIEM Single compliance & security interface Compliance yes, but security? Analyze & prioritize alerts across various sources
More informationDNS POISONING, AKA PHARMING, MAKES THE HEADLINES IN NOVEMBER S NEWS
DNS POISONING, AKA PHARMING, MAKES THE HEADLINES IN NOVEMBER S NEWS December 2011 November saw DNS Poisoning, aka Pharming, making the headlines on more than one occasion: To name a few, the online threat
More informationTRENDS IN THE THREAT LANDSCAPE
TRENDS IN THE THREAT LANDSCAPE Guy Eilon, SEE Regional Manager April 2013 geilon@websense.com TRITON STOPS MORE THREATS. WE CAN PROVE IT. 2013 Websense, Inc. Page 1 CHANGING CUSTOMERS NEEDS 90% of companies
More informationNATIONAL CYBER SECURITY AWARENESS MONTH
NATIONAL CYBER SECURITY AWARENESS MONTH Tip 1: Security is everyone s responsibility. Develop an awareness framework that challenges, educates and empowers your customers and employees to be part of the
More information2012 Endpoint Security Best Practices Survey
WHITE PAPER: 2012 ENDPOINT SECURITY BEST PRACTICES SURVEY........................................ 2012 Endpoint Security Best Practices Survey Who should read this paper Small and medium business owners
More informationCan We Become Resilient to Cyber Attacks?
Can We Become Resilient to Cyber Attacks? Nick Coleman, Global Head Cyber Security Intelligence Services December 2014 Can we become resilient National Security, Economic Espionage Nation-state actors,
More informationSECURITY ANALYTICS MOVES TO REAL-TIME PROTECTION
SECURITY ANALYTICS MOVES TO REAL-TIME PROTECTION How ThreatBLADES add real-time threat scanning and alerting to the Analytics Platform INTRODUCTION: analytics solutions have become an essential weapon
More informationCertified Secure Computer User
Certified Secure Computer User Exam Info Exam Name CSCU (112-12) Exam Credit Towards Certification Certified Secure Computer User (CSCU). Students need to pass the online EC-Council exam to receive the
More informationReal World and Vulnerability Protection, Performance and Remediation Report
Real World and Vulnerability Protection, Performance and Remediation Report A test commissioned by Symantec Corporation and performed by AV-Test GmbH Date of the report: September 17 th, 2014, last update:
More informationDEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER
DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND Introduction > New security threats are emerging all the time, from new forms of malware and web application exploits that target
More informationOffice 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD.
Office 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD. Your Valuable Data In The Cloud? How To Get The Best Protection! A world safe for exchanging digital information
More informationCyber and Mobile Landscape, Challenges, & Best Practices
Cyber and Mobile Landscape, Challenges, & Best Practices while increasing efficiencies through automation Cheri McGuire VP, Global Govt. Affairs & Cybersecurity Policy Cyber and Mobility Challenges and
More informationSecurity Challenges and Solutions for Higher Education. May 2011
Security Challenges and Solutions for Higher Education May 2011 Discussion Topics Security Threats and Challenges Education Risks and Trends ACH and Wire Fraud Malware and Phishing Techniques Prevention
More informationEvolving Threats and Attacks: A Cloud Service Provider s viewpoint. John Howie Senior Director Online Services Security and Compliance
Evolving Threats and Attacks: A Cloud Service Provider s viewpoint John Howie Senior Director Online Services Security and Compliance Introduction Microsoft s Cloud Infrastructure Evolution of Threats
More informationMalicious Network Traffic Analysis
Malicious Network Traffic Analysis Uncover system intrusions by identifying malicious network activity. There are a tremendous amount of network based attacks to be aware of on the internet today and the
More informationDeep Security Vulnerability Protection Summary
Deep Security Vulnerability Protection Summary Trend Micro, Incorporated This documents outlines the process behind rules creation and answers common questions about vulnerability coverage for Deep Security
More informationNorth American Electric Reliability Corporation (NERC) Cyber Security Standard
North American Electric Reliability Corporation (NERC) Cyber Security Standard Symantec Managed Security Services Support for CIP Compliance Overviewview The North American Electric Reliability Corporation
More informationInternet threats: steps to security for your small business
Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential
More informationHow To Manage Security On A Networked Computer System
Unified Security Reduce the Cost of Compliance Introduction In an effort to achieve a consistent and reliable security program, many organizations have adopted the standard as a key compliance strategy
More informationSeven Strategies to Defend ICSs
INTRODUCTION Cyber intrusions into US Critical Infrastructure systems are happening with increased frequency. For many industrial control systems (ICSs), it s not a matter of if an intrusion will take
More informationALERT LOGIC FOR HIPAA COMPLIANCE
SOLUTION OVERVIEW: ALERT LOGIC FOR HIPAA COMPLIANCE AN OUNCE OF PREVENTION IS WORTH A POUND OF CURE Alert Logic provides organizations with the most advanced and cost-effective means to secure their healthcare
More informationInformation Security Addressing Your Advanced Threats
Information Security Addressing Your Advanced Threats Where We are Going Information Security Landscape The Threats You Face How To Protect Yourself This Will Not Be Boring What Is Information Security?
More informationProtecting Your Organisation from Targeted Cyber Intrusion
Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology
More informationFSOEP Web Banking & Fraud: Corporate Treasury Attacks
FSOEP Web Banking & Fraud: Corporate Treasury Attacks Your Presenters Who Are We? Tim Wainwright Managing Director Chris Salerno Senior Consultant Led 200+ penetration tests Mobile security specialist
More informationSpear Phishing Attacks Why They are Successful and How to Stop Them
White Paper Spear Phishing Attacks Why They are Successful and How to Stop Them Combating the Attack of Choice for Cybercriminals White Paper Contents Executive Summary 3 Introduction: The Rise of Spear
More informationSection 12 MUST BE COMPLETED BY: 4/22
Test Out Online Lesson 12 Schedule Section 12 MUST BE COMPLETED BY: 4/22 Section 12.1: Best Practices This section discusses the following security best practices: Implement the Principle of Least Privilege
More informationProtection for Mac and Linux computers: genuine need or nice to have?
Protection for Mac and Linux computers: genuine need or nice to have? The current risk to computers running non-windows platforms is small but growing. As Mac and Linux computers become more prevalent
More information