© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Building capabilities to disrupt the adversary
Colin Gray CISSP, Sales Engineer
HP Enterprise Security Products
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 2
Research
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 3
APT - Definition
Asset
Well-funded and skilled attacker (teams) with profound knowledge about the target and a long-term infiltration strategy. Once the target is infiltrated the highest priority is to stay covert and exfiltrate as much sensible and valuable data as possible or to damage the target (organization) effectively and sustained. Due to the high stakes the attacker(s) will keep on trying until success.
Advanced Persistent Threat (APT)
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 4
Bank Hack Results in Stunning $45 Million ATM Heist
Experts Marvel At How Cyberthieves Stole $45 Million
Global Network of Hackers Steal $45 Million From ATMs
In Hours, Thieves Took $45 Million in A.T.M. Scheme
The Circuit: Hackers took $45 million in ATM heist
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
“If you know the enemy and know yourself, you need not fear the result of a hundred battles.”
—Sun Tzu, The Art of War
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Big data Mobile Cloud
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 7
I follow ISO, PCI and other security standards
Our predictability is well known
I stitch technology together across functions
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 8
Market with distinct process
Actors organize and specialize
Intelligence is bought and sold
Defining the adversary
Cybercrime
Economic Espionage
Hacktivist
The
adversary
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 9
Discovery
Organize our capability to disrupt the market
Research
Our enterprise
Their ecosystem
Infiltration
Capture
Exfiltration
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 10
Discovery
Organize our capability to disrupt the market
Research
Our enterprise
Their ecosystem
Infiltration
Capture
Exfiltration
Educating users Counter intel
Blocking access
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 11
84% of breaches occur at the application layer
68% increase in mobile application vulnerability disclosures
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 12
Discovery
Rethink our capability investments
Research
Our enterprise
Their ecosystem
Exfiltration
Capture
5X 1X
Infiltration
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 13
Discovery
Organize our capability to disrupt the market
Research
Our enterprise
Their ecosystem
Infiltration
Capture
Exfiltration
Finding them
Educating users Counter intel
Blocking access
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 14
average time to detect breach 416 days
2012 January February March April May June July August September October November December 2013 January February March April
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 15
Discovery
Organize our capability to disrupt the market
Research
Our enterprise
Their ecosystem
Infiltration
Capture
Exfiltration Planning damage mitigation
Protecting the target asset
Finding them
Educating users Counter intel
Blocking access
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 16
of breaches are reported by a 3rd party 94%
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 17
We are here to help
1. SOC Consulting Services
2. Security Information and Event Management a. ArcSight
3. Application vulnerability protection a. TippingPoint IPS / NGFW
b. Fortify Application Assurance
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Make it matter.
Thank you
Top Related