1 / 34

Arnie De Almeida Sophos arnie@sophos

Arnie De Almeida Sophos arnie@sophos.com. Understanding the NEW Threat Landscape. Personally identifiable information. Customer data. Intellectual property. Changing security landscape. Digital generation set loose. Information theft – not graffiti. Firewall. $.

riona
Download Presentation

Arnie De Almeida Sophos arnie@sophos

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Arnie De Almeida Sophos arnie@sophos.com Understanding the NEW Threat Landscape

  2. Personally identifiable information Customer data Intellectual property Changing security landscape Digital generation set loose Information theft – not graffiti Firewall $ Complex threats.... Corporate data Mobile workers Fast changing Web-based, Invisible Targeted ...targeting commercial data Contractors, outsourcing Partners, customers Web 2.0 – social media Regulatory disclosure and reputation damage PCI-DSS HIPAA GLBA 95/46/EC CSB 1386

  3. Malware is on the Rise • 150,000 new unique malicious malware samples every day during 2011 • One every 0.5 seconds, 60% increase over 2010 • 30,000 new malicious URLs every day – every 2.9 seconds • 40% increase over mid year report • 80% on legitimate websites • 85% of all malware (including viruses, worms, spyware, adware and Trojans) comes from the web

  4. Communication Shift Significant shift in the last 6-8 months. 59% decrease in email use among 12-17 year olds.

  5. The web: where the malware threat is A threat network • The number one source of infection • Legitimate sites are regularly infected • Productivity filtering isn’t enough • Many applications accessing the web How people do web protection today • Large scale deployments that focus on the gateway • Backhauling traffic to appliances • None or limited protection for users not connecting to the gateway

  6. Fake AV Today’s top malware problem Unprecedented growth • We’ve now seen >500,000 variants • Over 10,000 new variants a day • Google estimates >15% of web malwareis FakeAV Highly effective – infection is easy • Social engineering or black-hat SEO • Hijacked legitimate sites • Too many variants & changing quickly • Traditional defences ineffective • Millions of dollars at stake for • Distributors, Authors, Affiliates

  7. Malware hits OS X MacDefender, MacSecurity and more

  8. Social Engineering Social engineering is a primary method of attack • Cybercriminals know what motivates people (money, sex, gossip, etc) and exploit these themes to infect computers and steal information • We can upgrade operating systems and vulnerable apps all we like – it’s much harder to patch the human brain

  9. Social networking attacks • Social networking accounts are valuable to hackers • 600,000 facebook accounts are compromised each day (Oct. 2011) • They can use them to send spam, spread malware, steal identities.. • .. just like a compromised botnet PC

  10. Social networking phishing

  11. Malicious email spam • Email remains a significant vector for threats • Spammers using html attachments more than .exe to deliver malware • Spearphishing attacks – Lockheed Martin • Sees 1 million probes per day against it’s network • Takes advantage of holes in Office and Adobe products to launch malicious code within innocent-looking documents

  12. Email malware

  13. RustockBotnet Knockout • March 2011 • Coordinated efforts • Microsoft, University of WA, FireEye, U.S. Federal Agents • Rustock knocked offline • High volume botnet • 30 billion spam messages a day – Pharmacy Express/Viagra • Resulted in an immediate drop of about 30% in global spam volumes

  14. Data is the target

  15. Consequences of data loss 500M records1 compromised since ‘05 • Costs: $214/record2$7.2m/incident2 Fines: $1.5m/yr3, 5k/violation/record4, unlimited5 • Disclosures: Bad press, Reputation damage • Net: Loss of business • 1) www.privcyrights.org • 2) Annual Cost of a Data Breach ‘10, Ponemon Institute • 3) HITECH Act (US) – healthcare 4) Mass. Data security regulation 201 CMR 17 5) Data Protection Act (UK)

  16. Encrypt and Stay Safe Full disk encryption on laptops/desktops File share encryption for network share drives Removable media encryption for USB drives, CD/DVD’s Cloud file encryption when using cloud storage

  17. Mobile Malware Android leads the malicious charge

  18. Passcodes NOT to use on your iPhone 15% of all iPhone owners use one of just ten passwords on their lock screen

  19. The future

  20. A look at Q3 & Q4 2012 • Growth in malware spread by social media & the web • Not just Windows anymore • Mobile platforms evolve – so do the threats • New technologies = new threat vectors • More consumerized devices holding corporate data • Increase in Hactivism and targeted attacks • The basics will still go wrong – patches, password mgmt • Cloud services – how do you protect that data?

  21. IT security is hard • More to protect – data, devices, mobile workers • Still getting infected • Too many complicated solutions to manage • Too expensive, takes too much time • California SB1386

  22. What is the Solution?

  23. We think there’s a better way Our vision: Complete Security, without complexity • Better protection: the "security layer" for corporate IT: • Better together • Increased visibility • Full security lifecycle • Active Protection • Better value: it’s less complex, It’s supported by experts, and it fits your security budget 23

  24. We’re a recognized leader Protecting businesses for over 25 years, with unrivalled reputation for reliability and service • Experts in Threat and Data Protection • Global business with a local presence • Protect over 100 million users • Reputation for highest quality • Fastest growing of the three largest endpoint security companies Leaderin the Gartner Magic Quadrant for Endpoint Protection Leaderin the Gartner Magic Quadrant for Mobile Data Protection

  25. Sophos: Trusted globally to protect 100K+ small and medium global enterprises 6M+ teachers and students, 2M+ government users Powering branded security solutions, wide range of technology partners & global enterprises Endorsed by analysts

  26. Complete security Covering the entire security lifecycle • Complete security keeps you protected around the clock • Best in-class security solutions and SophosLabs protection • Consolidates your security budget so you get more value for your dollar

  27. Two paths to Complete Security Mid – Large Endpoint/DP/mobile driven Small – Mid UTM driven

  28. Note: We recommend you choose either this slide or slide 8 to talk about the detail behind the products . Using both likely to be too much. This slide animates so the text on the right is obscured when not in show mode - separate slides are included at the end of the deck. Complete Security Everything you need to stay protected Network Unified Data Endpoint Mobile Email Web Prevent web threats and make web access safe and productive -everywhere. Fast, effective antivirus and complete security for your users – wherever they are. • Mobile • Allows remote lock or wipe in case of lost or theft • Controls which devices can access company email • Manages, deploys, removes installed apps • Simple to use self-service portal • Web • Provides malware protection, URL filtering, and content control • Detects anonymizing proxies • Filters encrypted HTTPS traffic • Includes remote “heartbeat” monitoring • Endpoint • Protects Windows, Mac, Linux, UNIX andvirtualplatforms • Controls applications, devicesandnetworkaccess • Integrates web protection, data controlandencryption • Includes FREE home use foryouremployees • Data • Secures Windows and Mac with full-disk encryption • Protects USB sticks and DVDs with removable media encryption • Manages Microsoft Bitlocker • Enables secure data sharing with key management • Email • Stops spam, phishing, malware and dataloss • Protects Exchange, UNIX, and Notes servers • Eliminatesorautomatesmaintenancetasks • Unified • Unified protection for your business with one central management interface • Comprehensive enterprise-class security applications including firewall, VPN, IPS, antivirus, antispam, email encryption, web filter, application control, web application firewall, secure wireless connections and endpoint security • Scalable solution that grows with your needs and allows you to shape the level of protection that is right for your business • Network • Protect your infrastructure with Firewall and Intrusion Prevention Systems • Secure your communication with branch offices and remote workers through encrypted VPN • Extend protection capabilities easily into wireless LANs Keep your network infrastructure safe andsecurely connect branch offices, remote workers and wireless LANs. Secure your email to prevent spam, malware and data loss Encryption options to help you comply, and let your users securely access, share and recover data. Secure, monitor and control iPhone, iPad, Android and Windows Mobile devices. Eliminate the complexity of multiple point solutions with one integrated solution. It gives you complete security to protect endpoint computers as well as network, web, and email.

  29. The Sophos Difference Sophos Secure Protection Suites Endpoint Web Protection Patch • Encryption

  30. The Sophos Difference Better Protection and Reducing IT Costs • The Sophos Protection Suite • School District IT Director saves $35k • “THANK YOU for looking out for us … Currently we have a deficit of about $3 million due to the fact that the state keeps cutting us… So thanks to you, • you saved a job…. Because of this bundle, we now will be able to reduce our expenditures about 35K”

  31. Two paths to complete security Mid – Large Endpoint/DP/mobile driven Small – Mid UTM driven

  32. Sophos UTM Sophos Complete Security within a single Appliance Network Protection Firewall, Intrusion Prevention, VPN & Wireless Protection at the perimeter Web and Email Protection Optional features for flexible UTM protection at the perimeter Endpoint Protection and Mobile Control Protect communication and data directly at the endpoint

  33. Better Protection Working better together Today: • Web protection everywhere • Data protection everywhere • Desktops & Laptops everywhere • Stopping Advanced Persistent Threats (APT’s) • Network security everywhere: across central office, remote offices, wireless, VPN • Managing personal smartphones/tablets – BYOD Even better soon … Protection Suites for: • Government • Higher Ed • K-12 • Enterprise

  34. Staying ahead of the curve http://nakedsecurity.sophos.com http://www.youtube.com/SophosLabs @chetwisniewski on Twitter

More Related