The Cyber Threat Landscape



Similar documents
KSÖ-SICHERHEITSKONGRESS 2015

Market Guide for Network Sandboxing

Worldwide Specialized Threat Analysis and Protection Market Shares, 2014: Rapidly Evolving Security Defenses

Solution Path: Threats and Vulnerabilities

Do not forget the basics!!!!!

Understanding the Security Vendor Landscape Using the Cyber Defense Matrix

IBM Security re-defines enterprise endpoint protection against advanced malware

Security Intelligence Services.

Next-Generation Firewalls: CEO, Miercom

Next Generation Security Strategies. Marc Sarrias Regional Sales Manager

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

CaaS Think as a bad guy Petr Hněvkovský, CISA, CISSP HP Enterprise Security

Securing Your Business with DNS Servers That Protect Themselves

Breaking the Cyber Attack Lifecycle

Best Practices for Mitigating Advanced Persistent Threats

The Current State of Cyber Security

SANS Top 20 Critical Controls for Effective Cyber Defense

Realize That Big Security Data Is Not Big Security Nor Big Intelligence

Defending Against Cyber Attacks with SessionLevel Network Security

KEYW uses acquired Sensage technology to form Hexis Cyber Solutions

When attackers have reached this stage, it is not a big issue for them to transfer data out. Spencer Hsieh Trend Micro threat researcher

Security Intelligence

Predictive Defense and Real-Time Insight

McAfee Network Security Platform

Rethinking IT and IT Security Strategies in an Era of Advanced Attacks, Cloud and Consumerization

As threat actors target various types of networks, companies with improperly configured network infrastructures risk the following repercussions:

MSSP Advanced Threat Protection Service

SECURITY REIMAGINED SPEAR PHISHING ATTACKS WHY THEY ARE SUCCESSFUL AND HOW TO STOP THEM. Why Automated Analysis Tools are not Created Equal

Advanced Threats: The New World Order

Public/Private/Hybrid Cloud choosing horses for courses. NetEvents APAC Cloud Summit

White Paper. Why Next-Generation Firewalls Don t Stop Advanced Malware and Targeted APT Attacks

Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness

Defending against Advanced Threats: Addressing the Cyber Kill Chain

An Old Dog Had Better Learn Some New Tricks

Next Generation Firewalls and Sandboxing

By John Pirc. THREAT DETECTION HAS moved beyond signature-based firewalls EDITOR S DESK SECURITY 7 AWARD WINNERS ENHANCED THREAT DETECTION

THE EVOLUTION OF SIEM

Best Practices for Mitigating Advanced Persistent Threats

Whitepaper BEST PRACTICES FOR INTEGRATION AND AUTOMATION OF INCIDENT RESPONSE USING ENCASE ENDPOINT SECURITY

The Custom Defense Against Targeted Attacks. A Trend Micro White Paper

CYBER SECURITY INFORMATION SHARING & COLLABORATION

Spear Phishing Attacks Why They are Successful and How to Stop Them

Agenda , Palo Alto Networks. Confidential and Proprietary.

Guidance Software Whitepaper. Best Practices for Integration and Automation of Incident Response using EnCase Cybersecurity

Driving Success in 2013: Enabling a Smart Protection Strategy in the age of Consumerization, Cloud and new Cyber Threats. Eva Chen CEO and Co-Founder

Braindumps QA

Security and Privacy

The Outlook for IT to Michael Smith VP Distinguished Analyst January 31, 2014

Cisco Cyber Threat Defense Solution: Delivering Visibility into Stealthy, Advanced Network Threats

DDoS ATTACKS: MOTIVES, MECHANISMS AND MITIGATION

Today s New Breed of -based Cyber Attacks and What it Takes to Defend Against Them

A Modern Framework for Network Security in Government

Securing BYOD With Network Access Control, a Case Study

SPEAR PHISHING AN ENTRY POINT FOR APTS

Splunk: Using Big Data for Cybersecurity

McAfee Endpoint Protection for SMB. You grow your business. We keep it secure.

Managing Web Security in an Increasingly Challenging Threat Landscape

Stop advanced targeted attacks, identify high risk users and control Insider Threats

Defending Against Data Beaches: Internal Controls for Cybersecurity

Protecting What Matters Most. Bartosz Kryński Senior Consultant, Clico

Reinventing Network Security Vectra s cyber-security thinking machine delivers a new experience in network security

Guidance Software Whitepaper. Best Practices for Integration and Incident Response Automation Using EnCase Endpoint Security

Advanced Threat Detection: Necessary but Not Sufficient The First Installment in the Blinded By the Hype Series

Protection Against Advanced Persistent Threats

Threat Intelligence: What is it, and How Can it Protect You from Today s Advanced Cyber-Attacks A Webroot publication featuring analyst research

Office 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD.

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

Reference Architecture: Enterprise Security For The Cloud

EMERGING THREATS & STRATEGIES FOR DEFENSE. Stephen Coty Chief Security

IT Security Strategy and Priorities. Stefan Lager CTO Services

Modular Network Security. Tyler Carter, McAfee Network Security

Cybersecurity Kill Chain. William F. Crowe, CISA, CISM, CRISC, CRMA September 2015 ISACA Jacksonville Chapter Meeting August 13, 2015

Protecting Your Data, Intellectual Property, and Brand from Cyber Attacks

Carbon Black and Palo Alto Networks

Is security awareness a waste of time?

How To Protect Your Virtual Infrastructure From Attack From A Cyber Threat

How we see malware introduced Phishing Targeted Phishing Water hole Download (software (+ free ), music, films, serialz)

Network Security Forensics Global Market

Practical Steps To Securing Process Control Networks

Logging In: Auditing Cybersecurity in an Unsecure World

EnCase Endpoint Security Product Overview

Stallion SIA Seminar PREVENTION FIRST. Introducing the Enterprise Security Platform. Sami Walle Regional Sales Manager

Content Security: Protect Your Network with Five Must-Haves

The Hillstone and Trend Micro Joint Solution

Transcription:

The Cyber Threat Landscape Oliver Rochford Research Director Gartner is a registered trademark of Gartner, Inc. or its affiliates. This publication may not be reproduced or distributed in any form without Gartner's prior written permission. If you are authorized to access this publication, your use of it is subject to the Usage Guidelines for Gartner Services posted on gartner.com. The information contained in this publication has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information and shall have no liability for errors, omissions or inadequacies in such information. This publication consists of the opinions of Gartner's research organization and should not be construed as statements of fact. The opinions expressed herein are subject to change without notice. Although Gartner research may include a discussion of related legal issues, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner is a public company, and its shareholders may include firms and funds that have financial interests in entities covered in Gartner research. Gartner's Board of Directors may include senior managers of these firms or funds. Gartner research is produced independently by its research organization without input or influence from these firms, funds or their managers. For further information on the independence and integrity of Gartner research, see "Guiding Principles on Independence and Objectivity."

First You See Me External Attack Internal Attack Delivery Exploit C&C Privileged Operations Resource Access Exfiltration Then You Don't!

Key Issues 1. What are the key trends in cybersecurity attacks? 2. Which tools and processes should enterprises adopt to defend against these attacks? 3. What are the best practices for mitigating cyberthreats?

Spear Phishing Still Works Vector for malware actions within cyber-espionage n = 329 Source: Verizon 2014 Data Breach Investigations Report

Malware Rates: Consumers Outpace Enterprises Nearly 2x A Challenge for BYOD Source: Microsoft Security Intelligence Report, Volume 14, July through December, 2012

Off-network Traffic Grows to 25% by 2018 By 2018, 25% of corporate data traffic will bypass perimeter security (up from 4% today) and flow directly from mobile devices to the cloud. Gartner Predicts 2014: Infrastructure Protection, 25 November 2013

We Call Them "Advanced" Threats Because they bypass traditional defenses: Firewall Intrusion Prevention Endpoint Protection Secure Web Gateway Secure Email Gateway Traditional defense-in-depth components are still necessary, but are no longer sufficient.

Cyberattack on German Steel Plant Unnamed steelplant targeted in Germany Multistage persistant attack, initiated via spearphishing Control components were manipulated, leading to damage to a blast furnace Germanys Federal Agency for Information Security (BSI) stated the attackers possessed advanced technical knowledge of OT Source: https://www.securityweek.com/cyberattack-german-steel-plant-causes-significant-damage-report 7

Defending Against Targeted Attacks NAC Mobile Device Security App White/Black Listing SIEM Endpoint Protection Network Segmentation Firewall/IPS Secure Web Gateway Next-generation Firewall Net/Computer Forensics DLP/DAM Sandboxing DAST Fundamentals Advanced Technology "Lean Forward" Vulnerability Management Privilege Management Process Change Control Incident Response

Where to Look Five Styles of Advanced Threat Defense Time Network Real Time/ Near Real Time Network Traffic Analysis Style 1 Post Compromise (Days/Weeks) Network Forensics Style 2 Payload Endpoint Payload Analysis Style 3 Endpoint Behavior Analysis Style 4 Endpoint Forensics Style 5

Five Styles Sample Vendors Arbor Networks, Damballa, Lancope, Fidelis, Cisco (Sourcefire), Vectra AhnLab, Cyphort, FireEye, Lastline, Blue Coat (Norman Shark), Cisco (ThreatGRID), Fortinet, McAfee, Trend Micro, Check Point Software Technologies, Palo Alto Networks, Proofpoint, Websense, Zscaler Network Traffic Analysis Payload Analysis Endpoint Behavior Analysis Network Forensics Endpoint Forensics Arbor Networks, IBM (QRadar), LogRhythm, FireEye (npulse) RSA NetWitness, Blue Coat (Solera Networks) Bit9 (Carbon Black), Guidance Software, FireEye (Mandiant), ManTech Bromium, CounterTack, Invincea, Palo Alto Networks (Cyvera), ManTech, RSA, The Security Division of EMC, Triumfant, IBM (Trusteer) Sample vendors not an exhaustive list

Recommendations Update your layered defense strategy: - Adopt "lean forward" technologies. - Use five-styles framework. Protect mobile workers: - 25% of traffic will bypass traditional security defenses. - Consider cloud security services. Present a hard target focus on fundamentals: - Vulnerability management, change management, incident response and others. - Develop mature processes.

Recommended Gartner Research Five Styles of Advanced Threat Defense Lawrence Orans and Jeremy D'Hoinne (G00253559) Using SIEM for Targeted Attack Detection Oliver Rochford and Kelly Kavanagh (G00260253) Leverage Your Network Design to Mitigate DDoS Attacks Andrew Lerner and Lawrence Orans (G00253330) Adapting Vulnerability Management to Advanced Threats Mark Nicolett (G00227901) For more information, stop by Gartner Research Zone.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information