rethinking cyber-security: 7 key strategies for the challenges that lie ahead
DESCRIPTION
Practice makes perfect. And unfortunately for security professionals, attackers have realized that persistence is a powerful approach to breaching an organization's defenses. Focusing on prevention alone is no longer a sufficient strategy for securing your organization against the business risks of a breach. Our current security environment demands an approach less centered on ideal prevention and more focused on reality. During this webcast, we discussed key strategies that limit your risk and exposure to unrelenting threats. Some highlighted topics include: - How the shift in attacker motivations has impacted today's threat landscape - Why preventative techniques alone can no longer ensure a secure environment - Which strategies need to be considered for a holistic approach to security - What next steps you can take towards identifying your best strategy against attacksTRANSCRIPT
![Page 1: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/1.jpg)
1
Key Strategies for the Challenges that Lie Ahead
![Page 2: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/2.jpg)
Agenda
2
1 how the shift in motivations has impacted today’s threat landscape
2 why preventative
techniques alone can no longer ensure a secure
environment
3 which strategies need to be considered for a
holistic approach to security
4 next steps can you take towards identifying your best strategies against
cyber-attacks
![Page 3: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/3.jpg)
They Just Need to Be Effective Once. Any Time.
3
![Page 4: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/4.jpg)
You Must Be Right and Fast All The Time.
4
![Page 5: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/5.jpg)
Motivations Have Shifted & Converged
5
![Page 6: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/6.jpg)
Motivations Have Shifted & Converged
6
CYBER- ESPIONAGE
CYBER- MANIPULATION
CYBER- CRIME
CYBER- WARFARE
HACK- TIVISM CYBER-
TERRORISM
CYBER- MERCERNARY
![Page 7: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/7.jpg)
Sources: National Institute of Standards and Technology | Trend Micro, June 2013 | Peter Singer and Allan Friedman of the Brookings Institution
Targeted Attacks are More Pervasive, But Not Always Persistent
9
1
Exponential Threats Every second… new pieces
of malware discovered
new threats targeting SMBs
Emboldened Attackers NIST’s De�nition of APT:
ü “It pursues its objectives repeatedly over an extended period of time”
ü “It adapts to defenders’ efforts to resist it”
ü “It is determined to maintain the level of interaction needed to execute its objectives”
7
![Page 8: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/8.jpg)
49% are effective in
detecting APTs
44% are effective in
containing APTs
39% are effective in
preventing APTs
Customers Are Not Staying Ahead of The Attacks
APT survey by ICASA, Feb 2013 | State of Advanced Persistent Threats survey by Ponemon Institute, Dec 2013
8
![Page 9: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/9.jpg)
Security Pros, Execs & The Board Know There’s a Problem, Just Not How To Solve It
9 APT survey by ICASA, Feb 2013 | State of Advanced Persistent Threats survey by Ponemon Institute, Dec 2013
are the most used solutions to address APTs according to recent surveys by ICASA and Ponemon AV & FW / IDS
96% security practitioners are
at least somewhat familiar with APTs
53% security practitioners do not believe APTs differ from traditional threats
13% non-IT execs are
fully aware of APTs and their impact
![Page 10: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/10.jpg)
72% evade
detection by IDS
76% evade
prevention by AV
56% evade detection or
containment by endpoint -based sandboxes
Exploits and Malware Evolve and Evade Current Solutions
State of Advanced Persistent Threats survey by Ponemon Institute, Dec 2013
“While these controls are pro�cient for defending against traditional attacks, they are probably not as suited for preventing APTs” -- ICASA
10
![Page 11: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/11.jpg)
Let’s Stop The Insanity
11
Stop Reacting So-called “best-of-breed” solutions are failing to stop sophisticated cyber-attackers, and the latest "magic box” is not going to outsmart them
Start Thinking Deeply & Acting Broadly ü Analyze our risks:
who will attack us, why & where?
ü Assess our investments: are we measuring their success?
ü Craft a multi-tiered strategy
![Page 12: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/12.jpg)
Predictive Defense & Prevention
Reduce the risk of security breaches by:
ü Reducing the attack surface
ü Layering threat protection 12
![Page 13: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/13.jpg)
Implement The “Least Privilege” Principle
13
Systems may be exploited via phishing user credentials or software vulnerabilities
But ultimately, what enables the breach is by
exploiting trust
![Page 14: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/14.jpg)
SMBs Become The New Trojan Horse In A Supply Chain Attack
14
Why storm the castle walls, when you can be invited in.
36% of targeted attacks impact
SMBs as of 1H2012; 2x more than in 2011
Source: Symantec
![Page 15: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/15.jpg)
15
75% used apps with a
known vulnerability but without a viable patch
64% used apps with a known
vulnerability and hadn’t deployed a
viable patch 65% hadn’t deployed
viable patches due to the cost of
downtime
Best Practices Aren’t Always Practical and They’re Never Enough
52% believed patching effectively stopped most opportunistic
attacks
31% believed patching effectively stopped
most targeted attacks
APT survey by ICASA, Feb 2013 | State of Advanced Persistent Threats survey by Ponemon Institute, Dec 2013
15
![Page 16: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/16.jpg)
16
Implement Security Enforcement On and Off Network
52% say you can’t solely
protect networks against adv. malware, must also
protect endpoints
Sources: APT survey by ICASA, Feb 2013 | State of Advanced Persistent Threats survey by Ponemon Institute, Dec 2013
![Page 17: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/17.jpg)
17
Implement Security Enforcement On and Off Network
51% use endpoint-
based sandboxing technologies
52% report that its dif�cult to
manage 43% report that it negatively affects UX
Sources: APT survey by ICASA, Feb 2013 | State of Advanced Persistent Threats survey by Ponemon Institute, Dec 2013
![Page 18: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/18.jpg)
18
Implement Security Enforcement On and Off Network
Sources: APT survey by ICASA, Feb 2013 | State of Advanced Persistent Threats survey by Ponemon Institute, Dec 2013
![Page 19: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/19.jpg)
Quick Detection & Containment
Reduce the impact of security breaches by:
ü Obtaining coverage and visibility ü Monitoring network activity ü Sharing security intelligence
Sources: APT survey by ICASA, Feb 2013 | State of Advanced Persistent Threats survey by Ponemon Institute, Dec 2013
65% believe you can’t prevent
adv. malware from infecting networks & devices; focus
more on detection vs. prevention
19
![Page 20: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/20.jpg)
Obtain Coverage & Visibility
20
Get an eye in the sky to see everything that accesses your data and infrastructure
![Page 21: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/21.jpg)
Monitor Network Activity
21
Establish a baseline to detect anomalous patterns
![Page 22: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/22.jpg)
Share Security Intelligence
22
Forewarned is Forearmed
![Page 23: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/23.jpg)
Proactive Education & Complication
Increase the effort required to breach security by:
ü Raising security awareness
ü Employing mitigation methods
![Page 24: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/24.jpg)
Raise Security Awareness
24
![Page 25: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/25.jpg)
Employ Mitigation Methods
Confusing attackers, may keep less determined
attackers at bay
25
![Page 26: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/26.jpg)
Realign Your Security Investments
26
7. Have you taken measures to reduce your overall attack surface?
8. Have you applied consistently high security standards throughout your organization?
9. Do you have visibility into cloud and DNS activity that could affect your network, your system, your data?
10. Have you made suf�cient investments in education and training among your employees and partners?
11. Based on your assessments of the above, which tactics/techniques would be most likely to minimize and/or mitigate the impact of an attack?
“Before we know about any new virus, somebody has to be a sacri�cial lamb and die and tell us about it. It's an awful way of doing things.” -- CTO of McAfee’s Endpoint Solution Division
1. Given the nature of your organization, why would you be attacked?
2. Which of your assets align to attacker motives?
3. Where are the vulnerabilities among your assets, supply chain vendors, partners, services providers and customers?
4. How secure are your assets in the cloud or on the devices your employees use?
5. How might these vulnerabilities be exploited?
6. What preventive tactics are currently in place and how effective are they?
![Page 27: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/27.jpg)
Enterprise Threat Protection.
Unlike Any Other.
27
![Page 28: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/28.jpg)
The World’s Leader for Cloud-Delivered Network Security
FFuullllyy--SSttaaffffeedd SSeeccuurriittyy RReesseeaarrcchh TTeeaamm DDeecceemmbbeerr 22001122
NNeettwwoorrkk SSeeccuurriittyy BBeeyyoonndd tthhee PPeerriimmeetteerr NNoovveemmbbeerr 22001122
SSeeccuurreess OOvveerr 5500MM DDaaiillyy--AAccttiivvee UUsseerrss MMaayy 22001122
PPaarrttnneerrss wwiitthh TThhrreeaatt FFeeeedd PPrroovviiddeerrss SSeepptteemmbbeerr 22000099
WWoorrlldd’’ss LLaarrggeesstt IInntteerrnneett SSeeccuurriittyy NNeettwwoorrkk JJuullyy 22000066
we're
FFiirrsstt AAnnttii--PPhhiisshhiinngg CClleeaarriinngghhoouussee OOccttoobbeerr 22000066
DDaattaa AAnnaallyyttiiccss PPrreeddiicctt TThhrreeaattss FFeebbrruuaarryy 22001133
TThhrreeaatt PPrrootteeccttiioonn BBeeyyoonndd DDNNSS JJuullyy 22001133
EEmmppllooyyeeeess
160+ Across San Francisco & Vancouver
IInnvveessttoorrss
Greylock Sequoia
Sutter Hill
10,000+ Businesses
CCuussttoommeerrss
28
![Page 29: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/29.jpg)
29 ASIA-PACIFIC EUROPE, MIDDLE EAST & AFRICA AMERICAS
Acquires data from
2% of the Internet
1M+ events per second
50M+ daily-active users
160+ countries
22 data centers (and more coming)
![Page 30: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/30.jpg)
30
• any port
Connect with con�dence. Anywhere. Anytime. On any device.
Every day, we block
80M+ security events over
• any protocol • any app
![Page 31: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/31.jpg)
Predictive security. Panoramic visibility. Enforcement everywhere.
Service Security Graph Umbrella
Platform intelligence enforcement
Purpose predict threats
before they happen using big data analytics
prevents infections or contains breaches
on or beyond the network
Manageability
0: net new latency 100%: global network uptime
<30min: to complete provisioning <1min: to update actionable intelligence
0: maintenance required to keep up to date
Service Security Graph Umbrella
Platform intelligence enforcement
Purpose predict threats
before they happen using big data analytics
prevents infections or contains breaches
on or beyond the network
Service Security Graph
Platform intelligence
Purpose predict threats
before they happen using big data analytics
31
![Page 32: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/32.jpg)
32
Them: Catch up.
Them Us
network-centric cloud-centric
ponderous nimble
reactive proactive
need evidence see patterns
fragmented holistic
Us: Evolve.
![Page 33: Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead](https://reader035.vdocuments.us/reader035/viewer/2022062702/554bd160b4c9058f6c8b4c45/html5/thumbnails/33.jpg)
OpenDNS
• Leverage the World’s largest Internet security network to block threats no other vendor covers.
• Set up our free, instant trial in under 30 minutes.
Connect with con�dence.
33