Data Center security trends

Similar documents

WHITE PAPER. Protecting Your Network From the Inside-Out. Internal Segmentation Firewall (ISFW)

WHITE PAPER. Protecting Your Network From the Inside-Out. Internal Segmentation Firewall (ISFW)

Securing The Enterprise

WHITE PAPER. Protecting Your Network From the Inside-Out. Internal Segmentation Firewall (ISFW)

WHITE PAPER. Protecting Your Network From the Inside-Out. Internal Network Firewall (INFW)

The Hillstone and Trend Micro Joint Solution

Cloud Services Prevent Zero-day and Targeted Attacks

Agenda , Palo Alto Networks. Confidential and Proprietary.

Secure Your Mobile Workplace

How To Protect Your Organization From Insider Threats

An New Approach to Security. Chris Ellis McAfee Senior System Engineer

Botnets: The dark side of cloud computing

Security Services. 30 years of experience in IT business

High Performance NGFW Extended

Cisco & Big Data Security

ENDPOINT SECURITY WHITE PAPER. Endpoint Security and Advanced Persistent Threats

The Evolution of the Enterprise And Enterprise Security

By John Pirc. THREAT DETECTION HAS moved beyond signature-based firewalls EDITOR S DESK SECURITY 7 AWARD WINNERS ENHANCED THREAT DETECTION

Breaking the Cyber Attack Lifecycle

Stop advanced targeted attacks, identify high risk users and control Insider Threats

Internal Network Firewall (INFW) Protecting your network from the inside out

Top five strategies for combating modern threats Is anti-virus dead?

Combatting the Biggest Cyber Threats to the Financial Services Industry. A White Paper Presented by: Lockheed Martin Corporation

Analyzing HTTP/HTTPS Traffic Logs

Networking for Caribbean Development

Practice Good Enterprise Security Management. Presented by Laurence CHAN, MTR Corporation Limited

Security Architecture: From Start to Sustainment. Tim Owen, Chief Engineer SMS DGI Cyber Security Conference June 2013

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Modern Cyber Threats. how yesterday s mind set gets in the way of securing tomorrow s critical infrastructure. Axel Wirth

Driving Company Security is Challenging. Centralized Management Makes it Simple.

Fighting Advanced Threats

Advanced Threat Protection Framework: What it is, why it s important and what to do with it

Streamlining Web and Security

Office 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD.

The Advanced Attack Challenge. Creating a Government Private Threat Intelligence Cloud

Comprehensive Advanced Threat Defense

Securing your IOT journey and beyond. Alvin Rodrigues Market Development Director South East Asia and Hong Kong. What is the internet of things?

Advanced Persistent Threats

Simple security is better security Or: How complexity became the biggest security threat

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Advantages of Consolidating Network Security with Wireless for Small & Mid-Size Businesses

Network Security Solution. Arktos Lam

WHITE PAPER Cloud-Based, Automated Breach Detection. The Seculert Platform

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015

Combating the Next Generation of Advanced Malware

Next-Generation Firewalls: Critical to SMB Network Security

Advanced Cyber Threats in State and Local Government

Spear Phishing Attacks Why They are Successful and How to Stop Them

Cutting the Cost of Application Security

Scott Lucas: I m Scott Lucas. I m the Director of Product Marketing for the Branch Solutions Business Unit.

Next Generation Enterprise Network Security Platform

IBM Advanced Threat Protection Solution

Cyber Security. An Executive Imperative for Business Owners. 77 Westport Plaza, St. Louis, MO p f

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES

Concierge SIEM Reporting Overview

INTRUSION PREVENTION (IPS) Features SECURITY OF INFORMATION TECHNOLOGIES

WHAT S NEW IN WEBSENSE TRITON RELEASE 7.8

The FBI Cyber Program. Bauer Advising Symposium //UNCLASSIFIED

SECURITY REIMAGINED SPEAR PHISHING ATTACKS WHY THEY ARE SUCCESSFUL AND HOW TO STOP THEM. Why Automated Analysis Tools are not Created Equal

CKAHU Symposium Cyber-Security

Network/Cyber Security

Driving Success in 2013: Enabling a Smart Protection Strategy in the age of Consumerization, Cloud and new Cyber Threats. Eva Chen CEO and Co-Founder

How Attackers are Targeting Your Mobile Devices. Wade Williamson

WHITE PAPER. Understanding How File Size Affects Malware Detection

Why a Network-based Security Solution is Better than Using Point Solutions Architectures

Securing Cloud-Based

Product Factsheet MANAGED SECURITY SERVICES - FIREWALLS - FACT SHEET

Next-Generation Firewalls: CEO, Miercom

10 Smart Ideas for. Keeping Data Safe. From Hackers

Cyber Situational Awareness for Enterprise Security

McAfee Network Security Platform

White Paper. Why Next-Generation Firewalls Don t Stop Advanced Malware and Targeted APT Attacks

Security Intelligence Services.

Technology Brief Demystifying Cloud Security

Cyber Security, Fraud and Corporate Account Takeovers LBA Bank Counsel Conference December 2014

FortiGuard Security Services

Integrated Approach to Network Security. Lee Klarich Senior Vice President, Product Management March 2013

THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS. Junos WebApp Secure Junos Spotlight Secure

A Case for Managed Security

Achieve Deeper Network Security

Under the Hood of the IBM Threat Protection System

Threat Intelligence Pty Ltd Specialist Security Training Catalogue

The Cloud App Visibility Blindspot

Countering Insider Threats Jeremy Ho

Security A to Z the most important terms

Transcription:

Data Center security trends Tomislav Tucibat Major accounts Manager, Adriatic Copyright Fortinet Inc. All rights reserved.

IT Security evolution How did threat market change over the recent years?

Problem: Growing Attack Surface 3

Problem: Growing Attack Vectors An Extensive, Poisoned, Dark, Deep Web 4

Trends Affecting the Network BYOD, mobility and connected world Internet of Things Ever increasing bandwidth requirements Cloud consumption Advanced Persistent Threats and Growing Attack Surface Extension of the Data Center into the Cloud 5

What We Used To Think 6

How We Think Today 7

Most Valuable Asset is at Risk 1000 900 800 700 600 500 400 300 200 100 0 US Data Breaches 783 614 519 471 2012 2013 2014 2015* Source: Identity Theft Resource Center * Through 08/2015 8

Security Is Now A Board Room Discussion 63% of Enterprise IT decision makers report a very high level of Board Level pressure regarding security Source: Lightspeed GMI Survey 2014 9

CIO s Top Priority 12.00% % CIO s Indicating Security as Top Priority 11.50% 10.00% 8.00% 7.60% 8.10% 6.00% 6.20% 6.40% 5.80% 6.00% 4.00% 3.10% 2.00% 0.00% April '13 June '13 Oct '13 Jan '14 Apr '14 June '14 Oct '14 Jan '15 Source: Morgan Stanley Research, January 2015 98% increase 10

Dollars (Millions) Firewall Spending is Top Priority IT Security Spending by Technology $6,150 $2,900 $2,750 $1,900 $1,600 $1,400 $1,100 $500 $400 Firewall/VPN Endpoint Protection Security Software Web Gateway Email Gateway IPS SIEM/Fraud Data Loss Prevention Securty Testing Source: Gartner 2014 11

Common theme with threats How do threats work in detail?

The Threat is Worse Than Ever *Akylus July 2014 13

With A Consistent Motivation *Hackmageddon July 2014 14

Companies should be concerned FACT: Prevention techniques sometimes fail, so detection and response tools, processes, & teams must be added 229 days Average time attackers were on a network before detection 67% Victims were notified by an external entity GOAL: Reduce time to Find/Detect incidents Reduce time to Investigate incidents Reduce time to Remediate incidents 15

How to loose 148M USD a practical guide 1. Get infected by malware from a contractor s computer. The malware stole a user s credentials. 2. Hacker connects using stolen credentials and accesses Target s application dedicated to contractors 3. Hacker exploits an internal web app. This exploit allows privileged code execution, so a set of tools installed on the server hosting the app. 4. Hackers perform LDAP searches until admin account is identified. Steal the cached admin token from the web server memory. 5. Hacker creates a new LDAP admin account 6. Hackers copy readable information from reachable DBs (around 70M customer records, but no credit cards) 7. Install malware on POS system, steal 40M credit cards (Kaptoxa malware) 16

APT lifecycle Best Practices Network Architecture Technology Social Engineering Vulnerability 17

Key Breach Report Trends 95% OF MALWARE TYPES SHOWED UP FOR LESS THAN A MONTH, AND FOUR OUT OF FIVE DIDN T LAST BEYOND A WEEK. 70 90% OF MALWARE SAMPLES ARE UNIQUE TO AN ORGANIZATION. 50% NEARLY 50% OPEN E-MAILS AND CLICK ON PHISHING LINKS WITHIN THE FIRST HOUR. 23% OF RECIPIENTS NOW OPEN PHISHING MESSAGES AND 11% CLICK ON ATTACHMENTS. 60% IN 60% OF CASES, ATTACKERS ARE ABLE TO COMPROMISE AN ORGANIZATION WITHIN MINUTES. 18

Strategy to combat Threats How can you protect yourself?

Is There A Silver Bullet For Defeating an ATA? Advanced Targeted Attack 20

Training To Raise Awareness http://krebsonsecurity.com/2 012/01/phishing-youremployees-101/ Policy Procedure Process 21

Kill Chain of an Advanced Attack Bots leverage legitimate IPs to pass filters. Social engineering fools recipient. Malicious Link Anti-spam Web Filtering Spam Fast flux stays ahead of web ratings Malicious Email Zero-days pass IPS Intrusion Prevention Exploit Malicious Web Site Compression passes static inspection Bot Commands & Stolen Data Antivirus App Control/ IP Reputation Malware Encrypted communication passes controls Command & Control Center 22

Wireless Networks Ranked as the Most Vulnerable IT Infrastructure How vulnerable you believe each is from a security standpoint? 60% 50% 40% 30% 20% 10% 0% Endpoint Core network infrastructure Wireless Databases Applications Storage Email Worldwide 45% 29% 49% 25% 17% 11% 25% EMEA 47% 27% 52% 22% 17% 10% 24% UK 48% 23% 53% 21% 22% 13% 20% Confidential 23

Advanced Threats Take Advantage of the Flat Internal Network Existing Firewalls focused on the Border Internal network no longer trusted Many ways into the network Once inside threats can spread quickly Threat Production + Recon Disposal EXTERNAL Email (Phishing) Vulnerabilities Web Downloads 1 4 Threat Vector Extraction Border Package Encrypt Stage INTERNAL Social Engineering Exploits (Zero Days) Infection Communication 2 3 Hide, Spread, Disarm, Access, Contact Botnet CC, Update 24

Threat Landscape & Evolving IT Infrastructure Internal Segmentation Firewall (ISFW) ISFW Private Cloud ISFW Data Center ISFW Internet Edge Gateway Cloud External ISFW Internal Network (100 Gbps+) ISFW Interna l ISFW Branch Office WAN Home Office 25

ISFW Requirement NO. 1 - PERFORMANCE Internal Segmentation Firewall (ISFW) Border Firewall (NGFW) Internet Interfaces 10G, 40G & 100G No. of Ports 8 to 48 Ge/10Ge Throughput 10Gps to 1Tbps Ports Speeds 1G, 10G No. of Ports 2 to 12 Throughput Mbps to 1Gbps 26

High Performance Scalable Enterprise Firewall with Optimum Path Processing (OPP) Engine CPU CPU...... CPU UTM (Distributed Enterprise) UTM (SMB) Internal Segmentation Firewall (ISFW) Next Generation Firewall (NGFW) Data Center Firewall (DCFW) Virtual Firewall SDN Firewall Cloud Firewall Mbps Tbps Low latency High speed 27

Conclusion in short Technology is important, but it is only a part of the solution Always look to evaluate new solutions Single vendor solutions may provide an advantage But only if elements actually work together Remember your network extends beyond you Remote employees, third party suppliers and contractors Your employees are the first line of defense Equip and use them Never assume You re fully protected and the network hasn t already been breached 28

DON T GO UNPROTECTED 29