the modern threat landscape marius baczynski · Data A Security Executives’ business challenges...
Transcript of the modern threat landscape marius baczynski · Data A Security Executives’ business challenges...
![Page 1: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/1.jpg)
The Modern Threat Landscape HOW TO MANAGE CYBERSECURITY RISK
Marius BaczynskiHead of CyberSecurity Sales
EMEAR-CENTRAL
CISCO
Ljubljana, 20/04/2016
![Page 2: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/2.jpg)
“In the world there are two types of organisations: those, who have been hacked and those, who don’t know about it”
John Chambers
![Page 3: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/3.jpg)
Nation State
Political
Insider
Criminal Confidential
Data
A Security Executives’ business challengesWho, What, Where, When…
Game the
Stock Price
Steal Customer Data
Damage
the Brand
Fraud
Industrial Espionage
Pivot Through Us To
Attack Customers
Exploit the
Network
Steal IP
HOW
![Page 4: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/4.jpg)
The Industrialization of Hacking
20001990 1995 2005 2010 2015 2020
Viruses1990–2000
Worms2000–2005
Spyware and Rootkits2005–Today
APTs CyberwareToday +
Hacking Becomesan Industry
Sophisticated Attacks, Complex Landscape
Phishing, Low Sophistication
![Page 5: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/5.jpg)
Welcome to the Hackers’ Economy
There is a multi-billion dollar global industry targeting your prized assets
$450 Billionto
$1 TrillionSocial
Security$1
MobileMalware
$150
$Bank
Account Info>$1000 depending
on account type and balance
FacebookAccounts$1 for an
account with 15 friends
Credit CardData
$0.25-$60
MalwareDevelopment
$2500(commercial
malware)
DDoS
DDoS asA Service~$7/hour
Spam$50/500K
emails MedicalRecords
>$50
Exploits$1000-$300K
© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
![Page 6: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/6.jpg)
Direct Attacks Generate Big ProfitsMore efficient and more lucrative
![Page 7: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/7.jpg)
The Security Problem
Maintaining Security and Compliance as business models change (Agility)
Staying ahead in a very dynamic threat
landscape
Reducing complexity and fragmentation
of security solutions
![Page 8: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/8.jpg)
Living in Dangerous Times
![Page 9: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/9.jpg)
Over 2400
Respondents
• CSOs 45%
SecOps 55%
• Large Enterprise 13%
Enterprise 38%
Midmarket 49%
Cisco’s 2015 Security Capabilities Benchmark Study
Conducted
over the
Summer of 2015
Study Included
12 Countries
US
Mexico
Brazil
UK
France
Germany
Italy
Russia
India
Australia
China
Japan
![Page 10: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/10.jpg)
Security Weighs on the Minds of Executives
Of Executives Very Concerned
About Security
Agreed More Information
Will Be Expected
48%
92%
Much More Concerned
Than 3 Years Ago41%
![Page 11: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/11.jpg)
Attack Awareness Fades Confidence
59% confident in having the latest technology
51% have strong confidence in ability to detect a security weakness in advance
54% have strong confidence in ability to defend against attacks
45% have strong confidence in ability to scope and contain an attack
54% have strong confidence in ability to verify an attack
56% review security policies on a regular basis
-5% 0% -4%
-1% +0% +0%
![Page 12: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/12.jpg)
DNS: Doth Protest Too Much
91.3% of malware uses DNS
68% of organizations
don’t monitor it
A blind spot for attackers to gain command and control, exfiltrate data, and redirect traffic
![Page 13: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/13.jpg)
Browser Infections: The Pest That Persists
More than
85% of the companies studied were affected each month
![Page 14: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/14.jpg)
“Patchwork Complexity” Breeds Complacency
Of devices surveyed across the
Internet were running known
vulnerabilities with an average
of 26 each
Of devices surveyed across the
Internet were End of Service
Of devices surveyed across the
Internet were End of Life
92%
31%
5%
![Page 15: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/15.jpg)
Encrypted Traffic: A Sign of the Times
Individual Privacy Government Compliance
Organization Security
Encrypted Traffic is Increasing
It represents over 50% of bytes transferred
https://
The growing trend of web encryption creates false sense of security and blind spots for defenders
![Page 16: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/16.jpg)
Security Awareness and Training
Formal Written Policies
Outsource Audit and Consulting
Outsource Incident Response
Outsource Threat Intelligence
Increased Awareness Drives EffortMore organizations are taking actions to become more prepared for what’s going to happen.
90%
66%
52%
42%
39%
+1%
+7%
+1%
+7%
N/A
![Page 17: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/17.jpg)
Constraints: Budget, Compatibility, and Certification
Security teams may be limited in their ability to carry out their plans
![Page 18: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/18.jpg)
VERIZONAnnual Data Breach Report
![Page 19: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/19.jpg)
If you KNEW you were going to be compromised, what would you do differently?
![Page 20: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/20.jpg)
Today there is no such thing
as a ‘magic box’ to solve your
CyberSecurity challenge.
Information Superiority is a
PREREQUISITE for enabling
organisations to defend
themselves.
![Page 21: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/21.jpg)
100 TB
Intelligence
1.6M sensors
150 million+
endpoints
35%
email worldwide
FireAMP™, 3+
million
13B web req
AEGIS™ & SPARK
Open Source
Communities
180,000+ Files per
Day
1B SBRS Queries
per Day
3.6PB Monthly
through CWS
Advanced Industry Disclosures
Outreach Activities
Dynamic Analysis
Threat Centric Detection Content
SEU/SRU
Sandbox
VDB
Security Intelligence
Email & Web Reputation
Email Endpoints Web Networks IPS Devices
WWW
10I000 0II0 00 0III000 II1010011 101 1100001 110
110000III000III0 I00I II0I III0011 0110011 101000 0110 00
I00I III0I III00II 0II00II I0I000 0110 00
101000 0II0 00 0III000 III0I00II II II0000I II0
1100001110001III0 I00I II0I III00II 0II00II 101000 0110 00
100I II0I III00II 0II00II I0I000 0II0 00
ResearchResponse
Threat
Intelligence
Threat Focused
![Page 22: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/22.jpg)
Time to Detection: Reducing Malicious Actors’ Unconstrained Operational Space
17.535.3 VSHOURSHOURS
June (Median) October (Median)
Cisco far outpaces the current industry estimate of 100 to 200 days
![Page 23: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/23.jpg)
Network-Integrated,
Broad Sensor Base,
Context and Automation
Continuous Advanced Threat
Protection, Cloud-Based
Security Intelligence
Agile and Open Platforms,
Built for Scale, Consistent
Control, Management
The ‘Secret Sauce’
Network Endpoint Mobile Virtual Cloud
Visibility-Driven Threat-Focused Architecture Focused
![Page 24: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/24.jpg)
The New Security Model
BEFOREDiscover
Enforce
Harden
AFTERScope
Contain
Remediate
Attack Continuum
Network Endpoint Mobile Virtual Cloud
Detect
Block
Defend
DURING
Point in Time Continuous
![Page 25: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/25.jpg)
1. Don’t focus on compliance – identify and manage YOUR critical risk.
2. Don’t focus on IT assets – protect BUSINESS OUTCOMES.
3. Treat CyberSecurity as ‘FACILITATION’, not ‘limitation’.
4. People are the weakest link – make CyberSecurity PEOPLE-centric.
5. There is no such thing as ‘perfect’ – you WILL be compromised:
Do what you can to MAKE IT MORE DIFFICULT for cybercryminals to ‘breach the hull’.
Invest in TECHNOLOGY, POLICY and SERVICES to detect and manage compromise.
Invest in RETROSPECTION to ensure the same compromise will not happen twice.
How to Manage CyberSecurity Risk?...
![Page 26: the modern threat landscape marius baczynski · Data A Security Executives’ business challenges ... Email & Web Reputation Email Endpoints Web Networks IPS Devices WWW 10I000 0II0](https://reader033.fdocuments.us/reader033/viewer/2022060407/5f0f8d417e708231d444b9e9/html5/thumbnails/26.jpg)
Thank You.2016 Annual Security Report
www.cisco.com/go/asr2016