Caught in the Crosshairs of Evolving Endpoints and Malware Sophistication Moderator: Kari Ann Sewell

Transcription

1 Caught in the Crosshairs of Evolving Endpoints and Malware Sophistication Moderator: Kari Ann Sewell Symantec Endpoint Protection

2 Caught in the Cross-Hairs Complexity. High Stakes. Pressure. 2

3 Real World Customer Perspectives Jennings Aske VP of Information Security Frank McGinnis VP of Corporate Information Technology Greg Anderson SCS STS Certified Symantec Endpoint Protection Manager 3

4 Audience Poll: What are You MOST Concerned With? Text a CODE to Evolution of endpoints Fragmented environments and solutions Rapid growth and acquisition Growing regulations and compliance Retaining security expertise

5 Agenda Customer Challenges Approaches to Security Mitigating Risk and Reducing Pressure Caught in the Cross-Hairs SYMANTEC VISION

6 What you don t know can hurt you. Customer Challenges 6

7 Sophisticated Threats Are Making Their Way Downstream Long-term campaigns targeting multiple vulnerabilities Seeking data, IP, and system controls APTs Targeted Attacks up 91%, lasted 3x longer Tool-kits enable mainstream malware authors Targeted Attacks Large-scale deployments, including mutating malware Opportunistic smash-and-grab techniques Mass Malware 7

8 People Will Always Introduce Risk 8

9 Growing Internal Complexity In-house and outsourced IT Isolated endpoint management Layered protection Introducing virtualization, BYOD, Macs and more 9

10 Internal complexity and advanced threats require more than antivirus. Protection is layering and using security intelligence. 10

11 Approaches to Security 11

12 People Strategy Apply the Right Level of Defense-in-Depth Process 12

13 People A risk-based approach to information security: Review incident response capabilities Establish governance mechanisms Process Align with and engage management Create a culture of security Define a road map based on risks Strategy 13

14 Layered Protection from Endpoint to End-User Product Process Strong perimeter with Firewall, IDS and IPS Patch and vulnerability management Entitlement management Threat intelligence strategy Defense-in-Depth Education Policy 14

15 Sample Process: Stop Advanced Targeted Attacks Using Symantec Endpoint Protection Set the Firewall to stop communicating by tuning the IPS Build an application rule to stop the propagation Built Host Integrity rules to do mitigation Quarantine group blocked shared piece Caught in the Cross-Hairs SYMANTEC VISION

16 Mitigating Risk Reducing Pressure 16

17 Bring Business Value Through Security Security involved in discussions Stay ahead of emerging threats Understand how modern risk relates to the business Become a trusted advisor Security education both internally and externally People WANT to hear from security Look beyond your own environment and share your expertise 17

18 Hands-On Vision Labs Are You Harnessing the Full Protection Power of SEP 12? Best Practices for Deploying SEP 12 for VDI Protecting Solusell: An Interactive Case Study in Policybased Endpoint Protection Endpoint Protection Break/Fix Lab Best Practices For Migrating From SEP 11 to SEP Best Practices for Deploying SEP 12 on Embedded Devices 18

19 Thank you! YOUR FEEDBACK IS VALUABLE TO US! Please take a few minutes to fill out the short session survey available on the mobile app the survey will be available shortly after the session ends. Watch for and complete the more extensive post-event survey that will arrive via a few days after the conference. To download the app, go to or search for Vision 2014 in the itunes or Android stores. 19