Zak Khan Director, Advanced Cyber Defence

Transcription

1 Securing your data, intellectual property and intangible assets from cybercrime Zak Khan Director, Advanced Cyber Defence

2 Agenda (16 + optional video) Introduction (2) Context Global Trends Strategic Impacts Considerations Additional insights 2

3 3

4 4

5 Agenda Introduction Context (5) Global trends Strategic impacts Considerations Additional insights 5

6 The story behind the headlines. Adversaries engineer & execute attacks which bypass traditional security controls within your network The problem is perpetuated by a shortage of resources & expertise Your data, communications, intellectual property & other intangible assets are at risk Your organisation is exposed to strategic risks & financially material costs 6

7 Why are so many organisations being breached? Low risk, high reward for attackers Low barriers to entry credit card and a web browser Ease of access to weapons, attack infrastructure & expertise Ease of monetisation of data and intellectual property

8 The perimeter is no longer the sole line of defense Proliferation of connected assets & devices Omnipresent network access On and off premise applications 8

9 Adversaries have the edge ADVERSARY Resources & expertise for hire Target rich guerilla offense Ease of execution Focused objectives ENTERPRISE Resource & expertise constraints Broad static defense Detection complexity Low signal to noise ratio 75% of attacks require little skill to execute 1 yet require advanced skills to detect and remediate 63% of security professionals believe it is only a matter of time until their enterprise is targeted 2 $5.9M is average cost of targeted attack 3 9

10 Today s business reality 63% of security professionals believe it is only a matter of time until their enterprise is targeted 78% of cyber espionage attacks utilize $5.9M is average cost of targeted attack $456B is cost of global cybercrime

11 Agenda Introduction Context Global Trends (3) Strategic impacts Considerations Additional insights 11

12 Global proliferation of cyber underground 12

13 Global Trends 13

14 Australia 2015 Malware Detections Malicious URLS > 20m > 4m Mobile Malware > 3.6m 14 David Jones, K-Mart 2014 according to DSD > 2K incidents and over $1B

15 Agenda Introduction Context Global Trends Strategic Impacts (3) Considerations Additional insights 15

16 What Are The Impacts of Targeted Attacks Unexpected Costs Unexpected Risks Unexpected Strategic Impacts Unexpected Career Impacts

17 Proof there is a Major Problem Attackers are able to bypass traditional security investments Networks, domains and brands are being repurposed Data, communications and intellectual property is being stolen Your organization is exposed to unexpected and material costs & strategic impacts

18 How Does This Happen?

19 Agenda Introduction Context Global Trends Strategic Impacts Considerations (2) Additional insights 19

20 Solving the Network Problem In the rapidly evolving threat landscape, the attacker is able to design & execute attacks that evade detection. To ensure detection of today s advanced threats you need to ensure: No Blind Spots Optional Endpoint Deployment External Sandbox Access Monitor All Network Traffic Attackers are not predictable. What happens when an attacker blindsides you with protocols beyond web or such as FTP SQL SMB or others On Premise Analysis Is the cost and impact of deploying a new mandatory endpoint agent of net benefit given all the devices operating on your network? Custom Sandbox Analysis Simulation of DNS or multistage downloads can be detected and bypassed by an attacker. True custom sandboxing can detect all malicious activity Attack Lifecycle Insight Attacker do not always use the perimeter as the point of entry. What happens I a compromised asset enters behind the perimeter? Can you detect malicious activity inside your network? Threat Intelligence Cloud based sandbox analytics take time to process and focus on the object alone. Do you really want your confidential data being sent to the cloud? Some vendors run generic sandbox What happens if the attacker has the OS key? What if attack code is looking for a specific application or international keyboard type? Do you have visibility into command and control, attacker behavior, asset identification, lateral movement. Do you have local and global insight? Is all data easily correlated and sharable with third other security investments? Do you have market leading insight into zero-day vulnerabilities?

21 Proven Detection Efficacy

22 Agenda Introduction Context Global Trends Strategic Impacts Considerations Additional Insights (2) 22

23 Low Cost & High ROI 23

24 Targeted Attack Simulation 24 Copyright 2015 Trend Micro Inc.

25 Thank You ZAK KHAN DIRECTOR, ADVANCED CYBER DEFENCE