8 Threats your antivirus won’t stop
Outline
Current threat landscape
8 threats AV won’t stop
Wrap up
2
Threats changing,
still increasing
Data everywhere, regulations
growing
Users everywhere,
using everything
Changing threat landscapeWhat’s causing you pain
3
How data is lost
4
Devices Hacked
Web/Virus Documents
Fraud
Source: DatalossDB.org
Anatomy of an attackA hijacked website or an unwanted email with a malicious link
Initial malware redirects based on what it’s working with (Windows/Mac, IE/Safari, etc.)
Exploit pack attempts to leverage a number of vulnerabilities in apps & plugins
Download of a malicous payload to log keys, steal data, or convert the system into a botnet
Malware calls home with sensitive data
Entry point
Malware Distribution
Exploitvulnerabilities
Infection
Execution
Outline
Current threat landscape
8 threats AV won’t stop
Wrap up
6
Evolution of AV
• Signature based anti-virus protection
• HIPS (Host Intrusion Prevention System)
• Behavioral analysis
• Client firewall
• Application control
• Device control
• Endpoint Protection
• Web Protection
• Email Protection
• Network Protection
• Data Protection
• Mobile Protection
• Signature based anti-virus protection
• Signature based anti-virus protection
• HIPS (Host Intrusion Prevention System)
SignatureAV
SignatureAV + HIPS
EndpointSecurity
CompleteSecurity
8 threats AV won’t stop
8
Human error:
1. Misdirected email
2. Infected USB device
Facts of life:
3. Working offsite
4. Working on the web
IT issues:
5. Unpatched PC’s
6. Uncontrolled apps
Malicious intent:
7. Stolen Laptops
8. Zero-day threat
1. Misdirected emailIf it hasn’t happened to you, it will
9
Data Control
Email encryption
2. The infected USB device75% fail the lollipop test
10
Device Control
Data Control
Encryption
3. Working offsite & 4. on the webToday’s primary source of FakeAV
11
Endpoint Web Protection
URL Filtering
5. Unpatched & 6. Uncontrolled appsIs your company data circulating on Bit-Torrent?
12
PatchManagement
ApplicationControl
7. Stolen laptopsIt’s only a matter of time
13
Email encryption
Encryption for cloud
Full Disk Encryption
8. The zero-day threatExploiting unknown vulnerabilities
14
Intrusion prevention
Anti-malware with behavioural analysis
Live Protection
Outline
Current threat landscape
8 threats AV won’t stop
Wrap up
15
Evolution of AV
• Signature based anti-virus protection
• HIPS (Host Intrusion Prevention System)
• Behavioral analysis
• Client firewall
• Application control
• Device control
• Endpoint Protection
• Web Protection
• Email Protection
• Network Protection
• Data Protection
• Mobile Protection
• Signature based anti-virus protection
• Signature based anti-virus protection
• HIPS (Host Intrusion Prevention System)
SignatureAV
SignatureAV + HIPS
EndpointSecurity
CompleteSecurity
Entry point
Malware Distribution
Exploitvulnerabilities
Infection
Execution
URLFiltering
Anti-spam
PatchManager
ApplicationControl
Data Control
Encryption
Reduce attacksurface
LiveProtection
Intrusion prevention
Firewall
Anti-malware
Stop attacksand breaches
Pro
tect everywh
ereK
eep p
eop
le wo
rkingComplete Security at Work
LiveProtection
Layered Protection
8 Questions to ask your vendor…
1. How do we stop sensitive data from falling into the wrong hands?
2. How can we ensure staff is not leaking data out of our organization?
3. How can we prevent users from infecting themselves with USB sticks?
4. How do you protect offsite users from malicious websites?
5. How can we control applications such as VoIP, IM, P2P or games?
6. How can you help ensure systems are patched and up to date?
7. How does your solution help protect us from new and unknown threats?
8. How often do you publish new threat intelligence and how do we get it?
18
Clean up
Automation
Visibility Local self-help
WiFi security
Keep people working
Technical support
Access control
Intrusion prevention
Anti-malware User education
Data Control
Stop attacks and breaches
Firewall
Email encryption
Complete security
Email Data Endpoint Mobile Web Network
Virtualization
Endpoint Web Protection
Mobile Control
Secure branch offices
Encryption for cloud
Free Home use
Mobile app security
Protect everywhere
Web ApplicationFirewall
URL Filtering
Anti-spam Patch Manager
ApplicationControl
Encryption
Device Control
Reduce attack surface
VPN Performance
Better protection, better efficiency, and better value
Small updates
Live ProtectionTamper protection
Complete securityBetter protection, better efficiency, and better value
21
US and Canada 1-866-866-2802
UK and Worldwide + 44 1235 55 9933
nakedsecurity.sophos.com
Staying ahead of the curveStaying ahead of the curve
facebook.com/securitybysophos
twitter.com/Sophos_News
Sophos on Google+
linkedin.com/company/sophos
Top Related