[Name / Title]

[Date]

Effective Threat Protection Strategies

Agenda1. The Business Challenge

2. Changing Threat Landscape

3. Effective Threat Protection Strategy

4. The Four Principles

5. Getting It Right

Agenda1. The Business Challenge

2. Changing Threat Landscape

3. Effective Threat Protection Strategy

4. The Four Principles

5. Getting It Right

The business challenges

Increase in usage of internet means greater exposure to threats

Growing number of threats from cybercriminals

Costs of security breaches

Protecting business continuity

Maintaining regulatory compliance

Organizations are still getting infected

Source: Ponemon Institute Security, Mega trends survey 2009

The cost

Average cost of a data breach

$204 per record compromised

Average loss due to security incident

$234,244 per respondent

Agenda1. The Business Challenge

2. Changing Threat Landscape

3. Effective Threat Protection Strategy

4. The Four Principles

5. Getting It Right

Changing threat landscape

The paths to threat exposure are also multiplying:

Social network use by businesses, customers and employees

Infected web pages

Email and IM spam

Regulatory and compliance riskComply with a growing body of government regulations and industry standards, such as:

National and state regulations

Payment Card Industry Data Security Standard

Health Insurance Portability and Accountability Act

Agenda1. The Business Challenge

2. Changing Threat Landscape

3. Effective Threat Protection Strategy

4. The Four Principles

5. Getting It Right

Effective threat protection strategy

Balancing business needs with threats and regulations

Protecting against the threats

Enabling your business to operation efficiently

Four key principles

1. Prevention

2. Proactive

3. Performance and productivity

4. Simplicity

Agenda1. The Business Challenge

2. Changing Threat Landscape

3. Effective Threat Protection Strategy

4. The Four Principles

5. Getting It Right

1. Prevention

Close the security gaps by addressing the sources of infection,preventing threats from getting in, and creating a secure IT environment

Look at implementing interlocking layers of protection

Firewall - secure the computers perimeter

Application Control - prevent unwanted applications

Device Control – allow on clean authorized devices

Network Access Control – ensure computers comply with policy

Email filtering – keep email free of spam and malware

Web security - protect users from accessing malicious websites

Patch management – keep computers protected with latest patches

2. Proactive

Protect against previously unseen attacks before a signature is available

Technologies that deliver:

Behaviour-based detection – stopping code from performing suspicious actions

Host-based Intrusion Prevention Systems (HIPS)

Buffer Overflow Protection Systems (BOPS)

Cloud-based reputation protection – providing latest information online

Live Anti-Virus

Live URL Filtering

3. Performance... and productivity

IT security should help protect productivity

Users will turn off security software if it slows down the performance

A security solution should not get in the way of business itself

Balance protection with productivity

4. Simplicity

Security safeguards have to be simple and manageable to get the job done

Understand the incremental benefit over the security already in place

Assess the effect of proposed threat protection measures

Do as much as you can with the smallest number of products

Avoid products that require an expert to manage

Account for the cost of maintaining security products

Agenda1. The Business Challenge

2. Changing Threat Landscape

3. Effective Threat Protection Strategy

4. The Four Principles

5. Getting It Right

Security solutions with the greatest business flexibility, least operational effort and lowest investment

Comprehensive security & control

Simplicity & manageability

Pre-packaged intelligence

Unrivalled support

Security that frees IT managers to concentrate on their business.

The Sophos Approach

Comprehensive security and data protection

Simplicity and manageability

Simplification Manageability

Best security

with least investment

Single agent

Widest platform support

Integrated management

Intelligent policy updating

Appliance monitoring

Automatic protection

Easy to use management

Integrated data protection

Remote monitoring

Anonymizing proxy detection

Delivers consistent protection

Puts our expertise in your hands

Reduces agent pollution

Eliminates end user impact

Ensures lowest operating costs

Pre-packaged intelligence from SophosLabs™

Unrivalled visibility

Integrated expertiseAutomated analysis

Monitoredregulations

Reduces need for specialist

security expertise

Penalty backedSLAs

Unrivalled support and services

“Overall, Sophos, which places customer support as the cornerstone of its business, was the best. We were greatly impressed by the troubleshooting skills of its technicians, whose knowledge about their product and Windows is solid.”

Infosecurity Magazine Scorecard: AV Vendors Tech Support , Ed Skoudis

"I have always received outstanding attention from your support team.” Sal Serafino, Cold Spring Harbor Laboratory, US

"Sophos has continually demonstrated dedication to both technical support and customer service."Neil Barnes, calfordseaden, UK

24 / 7 support as standard

Exceptionalservice levels

Our staffin

our offices

Breadth ofknowledge,

cross platformissue resolution

Worldwidecoverage

Direct access toexperts speaking

local language

Enhancedsupport servicesto maximise ROI

Summary

1. Review your current security against your business needs

2. Deploy layers of protection to close the security gaps

3. Measure each technology choice against the four principles