Ntxissacsc5 gold 1 mimecast e mail resiliency

29
NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5 Email Security – Growing in threats, quickening in pace Erez Haimowicz Enablement and Security Mimecast 11-10-17

Transcript of Ntxissacsc5 gold 1 mimecast e mail resiliency

Page 1: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

Email Security – Growing in threats, quickening in pace

Erez Haimowicz

Enablement and Security

Mimecast

11-10-17

NTXISSA.org
NTXISSA.org
NTXISSA.org
NTXISSA.org
Page 2: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

Email: The Ultimate App

With demanding business and user requirements

24 X 7 Email Availability

ContinuousMission-critical Mobile

.2

NTXISSA.org
NTXISSA.org
Page 3: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

Cyber Resilience

The technology that provides the best possible multi-layered

protection

MULTILAYERED SECURITY

A solution that allows you to continue to work while the issue

is resolved

CONTINUITY

The knowledge that no matter what, you can get back to the

last known good state

REMEDIATION

NTXISSA.org
NTXISSA.org
Page 4: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

Countdown to a breach

Verizon 2016 Data Breach Investigations Report (DBIR)

100 Seconds average time-to-first-click

NTXISSA.org
NTXISSA.org
Page 5: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

91% of all incidents start with a phish

Wired

NTXISSA.org
NTXISSA.org
Page 6: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

You can no longer stand in front of your board and say that you won’t have an attack.

As we all know, it’s now a case of when.

NTXISSA.org
NTXISSA.org
Page 7: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

What those attacking look like

NTXISSA.org
NTXISSA.org
Page 8: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

Your company

is at risk if

you.. • You have certain letters in your domain name

• You accept resumes on your website

• You have a team of people in finance

• You have a profile

• Your life is deemed interesting enough to be on

• Your company is at RISK if you…

NTXISSA.org
NTXISSA.org
Page 9: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

Do You Have a Page Like This On Your Website?

NTXISSA.org
NTXISSA.org
Page 10: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

NTXISSA.org
NTXISSA.org
Page 11: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

Real life examples with email

NTXISSA.org
NTXISSA.org
Page 12: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

NTXISSA.org
NTXISSA.org
Page 13: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

NTXISSA.org
NTXISSA.org
Page 14: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

Imagine being able to stop EVERY malicious file

We all know the risks

Trust your users not to click?

NTXISSA.org
NTXISSA.org
Page 15: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

NTXISSA.org
NTXISSA.org
Page 16: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

NTXISSA.org
NTXISSA.org
Page 17: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

Who Says Attacks Need to Involve Malware?

NTXISSA.org
NTXISSA.org
Page 18: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

NTXISSA.org
NTXISSA.org
Page 19: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

Compromised AccountsStolen User Credentials

Utilize Corp Web mail to spread attack internally or externally to partners/customers

Careless UsersSending sensitive data internally such as projects and PII

“Oops, sent it to the wrong Michael…”

Malicious InsidersPurposely distributing malware or malicious URLs

Internal threats!

NTXISSA.org
NTXISSA.org
Page 20: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

Flawed - The technology23% open the phish & click

Confidetial |

NTXISSA.org
NTXISSA.org
Page 21: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

• To run an attack…

• You don’t even need to know how to code

Source: Forbes.com - "Ransomware As A Service Being Offered For

$39 On The Dark Net" 7/15/16

NTXISSA.org
NTXISSA.org
Page 22: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

AND to bypass sandboxes….

FUD (Fully Undetectable) Crypting Services to avoid AV detection

• AND to bypass sandboxes…

• FUD (Fully Undetectable) Crypting Services to avoid AV Detection

NTXISSA.org
NTXISSA.org
Page 23: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

Confidential |

At Risk - The human firewall11% open the phish & run the attachment

NTXISSA.org
NTXISSA.org
Page 24: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

“HEY STRANGERS - Please send me files”

NTXISSA.org
NTXISSA.org
Page 25: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

‘Click to View’ Dupe

NTXISSA.org
NTXISSA.org
Page 26: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

You can’t fix stupid

NTXISSA.org
NTXISSA.org
Page 27: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

• Whatever we do, they’re still around and getting ‘creative’

NTXISSA.org
NTXISSA.org
Page 28: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

Your business

needs a cyber resilience strategy

ARCHIVING

SECURITY

CONTINUITY

NTXISSA.org
NTXISSA.org
Page 29: Ntxissacsc5 gold 1 mimecast e mail resiliency

NTXISSA Cyber Security Conference – November 10-11, 2017 @NTXISSA #NTXISSACSC5

29

Thank you

NTXISSA.org
NTXISSA.org

Cyber Resiliency Engineering Aid - Cyber Resiliency Techniques

Cyber Resiliency Engineering Aid - Cyber Resiliency Techniques

Ntxissacsc5 blue 3-shifting from incident to continuous response bill white

Ntxissacsc5 blue 3-shifting from incident to continuous response bill white

A Mimecast Guide

A Mimecast Guide

Integrate Mimecast Secure Email Gateway...2018/01/05  · Mimecast Secure Email Gateway users, who wish to forward events to EventTracker Manager and its monitor them using EventTracker

Integrate Mimecast Secure Email Gateway...2018/01/05  · Mimecast Secure Email Gateway users, who wish to forward events to EventTracker Manager and its monitor them using EventTracker

Ntxissacsc5 yellow 7 protecting the cloud with cep

Ntxissacsc5 yellow 7 protecting the cloud with cep

Release, Block, Permit Emails using Mimecast Digest or Portal

Release, Block, Permit Emails using Mimecast Digest or Portal

Presentation at HostingCon 2011 co-speaker Justin Pirie, Mimecast

Presentation at HostingCon 2011 co-speaker Justin Pirie, Mimecast

Extending Your Enterprise with Office 365 and Mimecast

Extending Your Enterprise with Office 365 and Mimecast

Mimecast Partner Day

Mimecast Partner Day

Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz

Ntxissacsc5 gold 1--mimecast email resiliency- erez-haimowicz

Doing Resiliency Better - StarChapter · Doing Resiliency Better: ... • While there are many positive Resiliency initiatives nationwide, Resiliency remains reactive in nature, somewhat

Doing Resiliency Better - StarChapter · Doing Resiliency Better: ... • While there are many positive Resiliency initiatives nationwide, Resiliency remains reactive in nature, somewhat

Ntxissacsc5 blue 1-nine cybersecurity habits-george_finney

Ntxissacsc5 blue 1-nine cybersecurity habits-george_finney

Mimecast - News | WTTW Chicago

Mimecast - News | WTTW Chicago

Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx

Ntxissacsc5 purple 3-cyber insurance essentials-shawn_tuma.pptx

Threat Intelligence Report · 2020. 1. 28. · The Mimecast Threat Intelligence Report: Black Hat Edition capitalizes on research conducted by the Mimecast Threat Center alongside

Threat Intelligence Report · 2020. 1. 28. · The Mimecast Threat Intelligence Report: Black Hat Edition capitalizes on research conducted by the Mimecast Threat Center alongside

Boosting the Customer Experience: The New Admin Console for Mimecast

Boosting the Customer Experience: The New Admin Console for Mimecast

Ntxissacsc5 gold 4 beyond detection and prevension remediation

Ntxissacsc5 gold 4 beyond detection and prevension remediation

Mimecast Presentation

Mimecast Presentation

Osterman Research WHITE PAPER O - Mimecast

Osterman Research WHITE PAPER O - Mimecast

RSA Conference Edition 2020i.crn.com/sites/default/files/ckfinderimages/userfiles/... · 2020. 4. 30. · In the Mimecast Threat Intelligence Report: RSA Conference Edition, Mimecast

RSA Conference Edition 2020i.crn.com/sites/default/files/ckfinderimages/userfiles/... · 2020. 4. 30. · In the Mimecast Threat Intelligence Report: RSA Conference Edition, Mimecast