Presentation Title SMB Security & Cyberthreats Subtitle if applicable

Transcription

1

2 Presentation Title SMB Security & Cyberthreats Subtitle if applicable Are you at risk? Session Number 000 Michael Simmons Principle/Managing Director Presenter ROI-IT, LLC Name, Presenter Title Presenter Name, Presenter Title Presenter Name, Presenter Title

3 Ransomware Anatomy of an Attack

4 SMB is an 81% 86% organization with 500 users or less do not have a dedicated IT person do not have a dedicated security person 2017 Check Point Software Technologies Ltd.

5 $32,000 Average hacking cost on a small business source: National Small Business Association, 2016

6 Phishing most common attack vector Kelihos & Zeus Most common prevented malware YouTube Consumes x4 Bandwidth than any other app SMBs Face the Same Threats as Large Enterprises

7

8 IT Security Trends and Challenges

9 Megatrends Cloud, Mobile and IaaS driving CASB, EMM, and data protection Public/Private Sector Encryption Tensions Apple/FBI, GDPR mandates, #nobackdoors IoT Expands Attack Surfaces Devices need protections at the network level Lack of Defender Coordination Analytics showing promise as it matures from novelty to utility C-level Spear Phishing ( Whaling ) Increasing attack professionalism requires better training and detection tools Paradox of Encryption Pervasive SSL inhibits network decryption, requiring collaboration with endpoints for content visibility Ransomware and Cryptoware A $325M business, demands NGEP solutions Common-Mode Failures The internet is built on common components, vulnerabilities must be mitigated before patching can occur Cybersecurity Skills Gap Enterprises increasingly cite a shortage of security professionals, driving the need for simplicity Risk-Based Approach to Security Enterprises are learning to quantify risk, and are beginning to match controls to attack surface

10 Expanding Attack Surface Increasing Number of Mobile Devices ($bn) and Size of Internet of Things Solutions Market Phones and Ultramobiles ($bn) CAGR: 4.7% CAGR: 13% Source: Gartner Source: IDC, Worldwide and Regional Internet of Things Forecast Update by Technology Split, #252330, Nov 2014 With a Number of Operating Systems Driving Rapid Growth in Internet (IP) Usage ( 000 exabytes per month) CAGR: 20.8% Source: Cisco Increasing Number of Potential Areas of Attack

11 Increasing Worldwide Cloud Deployments Capacity (Exabytes) CAGR: 44.1% Vanished Perimeter Increasing Number of Employees Participating in BYOD Programs % of employees using a BYOD smartphone Source: IDC, Worldwide Enterprise Storage for Public and Private Cloud Forecast, #244924, December 2013 Increasing Number of Wi-Fi Hotspots Deployment of new carrier-grade public Wi-Fi hotspots by MNOs and MSOs (m) CAGR: 10.2% Source: Gartner Increasing Mobile Population Mobile workforce (m) Mobile workforce (as % of total workforce) 51.6% 67.8% Source: Maravedis Rethink Source: IDC, Western Europe Mobile Workforce Forecast Update, , April 2014

12 Increasing Attacker Sophistication Zero-day Vulnerabilities Price of Zero-day attacks in various applications or operating systems ($ 000) Adobe Reader Mac OSX Android Flash/Java MSFT Word Windows Source: Forbes Firefox / Safari Chrome / IE IOS Increasing Volume of Zero-day Vulnerabilities Zero-day vulnerabilities discovered per year Source: Symantec

13 SMB Faces Same Threats as Large Enterprise High-Profile Enterprise Breaches Sony Pictures Hackers gained access to *all* company data, from unreleased movies to sensitive s. Adobe 150,000,000 passwords stolen. Target 110 million records stolen. Home Depot 56 million credit cards and 53 million addresses stolen. UPS Store Malware on PoS systems in 24 U.S. states left customers at risk of identity theft and credit card fraud. Data Breaches by Company Size (#employees) Unknown More than 100,000 10, ,000 7% 22% 31% 20% 11% 9% ,000 Impact SMB Equally Racing Post SQL injection attack led to leaking 677,335 user accounts for this sports betting website. Signature Systems Criminals installed malware and then stole the card data of the restaurants customers. Park N Fly Website compromise exposed customer card number, name, billing address, card expiration, CVV code. Swansea Police Dept. CryptoLocker police to pay cybercriminals to decrypt department files. LaCie Online store infiltrated, exposing customer credit card numbers and contact information. At least 51% of data breaches affect organizations with fewer than 10,000 employees report, 2013 Source: Verizon data breach investigations

14 SMB IT Challenges What are the biggest IT challenges your organization faces in managing end users? Maintaining security and compliance Lack of people/resources to do everything needed Finding budget to refresh hardware/end point devices Application/OS patching and updates Supporting a wide range of devices Ranked in order with 1 being the biggest challenge Managing users across remote locations Source: Spiceworks Community Survey % of respondents who answered 1 or 2

15 The IT Practitioner Has Much to Juggle Users Are Everywhere What About Securing My Servers? Regulations & Compliance Transition to the Cloud Protect My Data Go Wireless Console Proliferation & Agent Pollution Downtime Unacceptable Corporate Owned and BYOD Can t Control Users via Brute Force Help Desk Queries

16 Complicated by Security Challenges Users Are Everywhere Polymorphic Threats Affect Everyone What About Securing My Servers? New Attack Surfaces (Android, ios) Regulations & Compliance IT Systems Are The Lifeblood for Any Size Org Console Proliferation & Agent Pollution Transition to the Cloud Macs Are No Longer Immune Downtime Unacceptable Protect My Data Not Just A Big Company Problem Go Wireless Corporate Owned and BYOD Help Desk Queries Can t Control Users via Brute Force 250,000 New Threats Will Appear Today

17 Increasing Attacks, Increasing sophistication Attack surface exponentially larger Laptops/Desktops Phones/Tablets Virtual servers/desktops Cloud servers/storage Attacks are more sophisticated than defenses Syndicated crime tools Zero day exploits Memory resident Polymorphic/metamorphic Network and endpoint integrated

18 Evolving Threats Solve the Web Security Needs of Your Mobile Workforce Customer data Intellectual property Bank account info Social media credentials Website control System availability

19 Result: Compromises are growing 42.8 million Up 48% in 2017 security incidents detected by businesses worldwide in 2014 Source: PWC, The Global State of Information Security Survey

20 The Age of Personalized Malware 400,000 SophosLabs receives and analyzes 300,000 previously unseen files each day. 75% 75% of the malicious files we detect are found only within a single organization. Source: SophosLabs

21 Cybercrime Co$t Federal Government: 2017 Budget: $89.9 Billion SMB: Incur nearly four times the per capita cybercrime costs of larger firms 60% go out of business within six months of an attack, yet 77% of SMB principals believe their companies are safe from cybersecurity breaches 50% of all cyberattacks worldwide in 2016 were against companies with less than 250 employees The global cost of cybercrime will reach $2 trillion by 2019, a threefold increase from the 2015 estimate of $500 billion. Source: CIO.com, SecurityIntelligence.com

22 60% Change is Now Change is Accelerating The percentage of businesses that have been attacked by ransomware 33X $700B How much faster data is growing than IT admins How much IT downtime costs North American businesses 2017 Unitrends 1

23 Sandboxing enterprise security tools for SMB SMB Cyber Combat Firewalls monitor and control inbound/outbound network traffic Endpoint Protection endpoint security ensures that devices follow a level of compliance before accessing network Backup/DR focuses on technology systems supporting critical business functions, which involves keeping all essential aspects of a business functioning despite significant disruptive events.

24 Sandboxing Today s threats are increasingly sophisticated and often bypass traditional malware security by masking their maliciousness Zero-Day Threats Turn into Zero Threats Sandboxing tests suspicious code or URLs in a separate, secure environment to ensure they are safe A combination of advanced detection, automated mitigation and actionable insight Exploits are caught before malware has an opportunity to deploy, evade detection and harm host machine, operating system or network resources

25 Features TODAY S FIREWALL IDENTIFIES AND CONTROLS APPLICATIONS BY USER AND SCANS CONTENT TO STOP THREATS Identity awareness Integrated security management Intrusion prevention Application control Synchronized security links your endpoints for advanced protection Unified policies Control center and on-box reporting provide unprecedented visibility

26 ENDPOINT PROTECTION METHODOLOGY OF PROTECTING THE CORPORATE NETWORK WHEN ACCESSED VIA DEVICES Features Software policies Centrally managed/monitored On premise or the cloud Removable media Advanced threat prevention Remote remediation Forensics

27 Is Data Protection or Backup/DR Really Important???

28 Backing Up Your Data Is Important, Your Recovery Is MORE Many organizations recognize the need for a disaster recovery (DR) plan; however the majority don t have one in place. Those that have a DR plan often don t test it. 80% of U.S. companies lack a DR plan 50% of small and midsized businesses (SMBs) worldwide have no DR plan 72% of SMBs worldwide that have a DR plan have never tested it 25% of reported DR tests fail So why aren t DR plans being tested or being tested more often? 40% of SMBs fear that DR testing will impact their business operations and their customers 27% of SMBs fear disruption to their sales and revenue 48% of SMBs claim that they lack the resources to test their DR plans on a regular basis

29 Recovery pointobjectives Key Questions For Your Environment How much lost data can you afford? Data size/change rate (i.e., what is feasible?) Recovery time objectives How long can you afford to be down? When was your last outage? what was the time it took to get back up? How much did that outage cost you? SLA s Determine Which Cloud Provider Depending on the recovery time, 4 different ways to choose: 3 rd Party Cloud - Amazon, Microsoft Azure, Google Replication - Data Center or Another Location DRaaS Hosted Infrastructure Guaranteed SLA s Manufacturers Cloud DR Companies to where you can send your data Hybrid On-premise and Cloud

30 Nevada Cyber Security Law On May 13, 2015, Nevada Governor Brian Sandoval (R-NV) signed into law A.B. 179 (the Bill ), which expands the definition of personal information in the state s data security law. The law took effect on July 1, Under the bill, personal information now includes: a user name, unique identifier or electronic mail address in combination with a password, access code, or security question and answer that would permit access to an online account; a medical identification or health insurance identification number; and user names, unique identifiers, or addresses in combination with passwords, access codes, or security questions and answers permitting access to an online account. a driver authorization card number. in addition, although Nevada s data security law previously excluded publicly available information... lawfully made available to the general public from the definition of personal information, the Bill narrows the scope of that exclusion, limiting it to information available from federal, state or local governmental records.

31 THANK YOU FOR YOUR TIME Michael Simmons x 1402