3 Ways to Prevent and Protect Your Clients from a Cyber-Attack. George Anderson Product Marketing Director Business October 31 st 2017

Transcription

1 3 Ways to Prevent and Protect Your Clients from a Cyber-Attack George Anderson Product Marketing Director Business October 31 st 2017

2 Agenda One ounce of prevention is worth a pound of protection 01 Aiming for a multi-layered cybersecurity strategy 02 People, Process and Technology 03 The Role of Security Awareness 04 The Role of DNS Protection 05 The Role of Endpoint Protection 06 The Bottom Line 2 October 30, 2017

3 Aiming for a Multi-Layered Cybersecurity Strategy 69%* of MSPs don t feel fully confident about handling an attack Stop Threats Before They Reach Clients Strong Backup Policies Deploy Multi-Layered Cybersecurity Practice Good Hygiene Lean on Education 3 October 30, 2017 *Source: Webroot 2017 MSP Cybersecurity Trends

4 Practice Good Hygiene 80% of risks reduced by simple, continuous maintenance Maintain initial processes and controls Include a strong firewall Always Patch Applications and OS in a timely way Consider network segmentation 4 October 30,

5 Strong Backup Policies Plan for worst scenario total data loss Maximize data recovery, minimize downtime Systems data in at least 3 places Consider mirrors in cloud-based BDR 5 October 30, 2017

6 People, Process & Technology The 3 Pillars of Cybersecurity key to an adequate defense-in-depth approach Data Application Host Internal Network Perimeter Physical Security Cybersecurity = People, Process (Procedures) and Technology 6 October 30, 2017

7 The Role of Security Awareness

8 The Problem 90% 55% 70% 78% of successful data breaches caused by user error of SMBs experienced a cyberattack in past year of MSPs are not confident about stopping ransomware of MSPs encountered ransomware in past year 8 October 30, 2017

9 For MSPs - User Error is now a Big Issue 95% \\ of all successful cyber attacks is caused by human error Necessary: People are the weakest link in the security chain Proven: Educating employees can reduce security risk Best Practice: Security Awareness Training is a best practice or requirement for many industries Source: IBM Cyber Security Intelligence Index

10 Compliance Regulations 01 Financial services Healthcare (HIPAA) Retail (PCI) Privacy (GDPR) Energy (PUC)

11 Security Awareness Overview One centralized solution for ongoing awareness training Phishing Simulator Training Courses Reporting/Compliance Raise awareness Test and measure end-users Integrated with training courses Relevant multi-course library including several compliance courses Easy administration One click user launch Integrated reporting center Meets compliance requirements

12 The Role of Security Awareness Reduce Risk + Meet Compliance Requirements + Make More Money Improve behavior + Share security responsibility + Reduce business risk Achieve a best practice + Meet compliance objectives Increase revenue with new service + Reduce MSP costs and infection rates 12 10/30/2017

13 The Role of DNS Protection

14 Network Threat Challenges 67% 95% 21% 60% experience multi-vector attacks experience applicationlayer attacks experience 50+ attacks / month see APT as the #1 threat Worldwide Infrastructure Security Report, Vol XI: 14 Public

15 DNS Security is Crucial 01 76% subject to a DNS attack 02 Networks exploited by: - Botnet Command and Control (C&C) - Advanced Persistent Threat (APTs) - Drive-by-downloads - Phishing 03 Ports 80 & 443 are generally open 15 Public

16 Primary DNS Risks 01 APTs Botnet Malware DNS Changer Trojans Ransomware Web users 16 Public

17 Doesn t a NGFW/UTM do the Same? DNS Protection NGFW or UTM Security:» Secures ALL Internet Traffic» Secured DNS connection prevents DNS attacks (Cache poisoning, APT exfiltration, Botnet etc. Usability/Deployment:» Quick and easy to setup» Low operational cost» Policy deployment flexibility and granularity to User level» Custom/Template based Reporting Security:» Quick, easy low cost setup» Policy and deployment flexibility and granularity User level» Custom/Template based Reports Usability/Deployment :» Varied setup by HW vendor and extra $$» Single policy preferred by hardware vendor no customization, Network based» Basic Reporting 17 October 30, 2017 Public

18 The Role of DNS Protection Stops DNS attacks by protecting the DNS connection Gives visibility of web access / usage Filters high-risk sites with zero latency Enforces acceptable web access Reduces the number of malware threats that infect the network by up to 90% Helps maintain staff productivity Lowers risk, infections, and remediation costs 18 Public

19 The Role of Endpoint Protection

20 Predicts and Prevents Malware Cloud Predictive Intelligence GOOD and BAD New File Endpoint New File Endpoint Execute File Hash Block File Hash Yes! Good. Seen before? Yes! Bad. Seen before? GOOD BAD Eliminates ~98% of event data from the Admin/Security analysts view Known File Hash DB Behaviors DB Other Threat DBs Accounts for 0.2% of overall Endpoint event data Known File Hash DB Behaviors DB Other Threat DBs 20 October 30, 2017

21 Contains and Remediates Malware Cloud Predictive Intelligence UNKNOWN 1 New File Monitored pseudo execution on local machine. Analyze categories of behaviors Endpoint ~2% of overall Endpoint event data for the Admin/Security analyst to review Block Behavioral Analysis & Categorization Pseudo execution File Hash Yes! Bad. Has cloud-based threat intelligence seen this behavior? No! Unknown. Has cloud-based threat intelligence seen this file before? Known File Hash DB Behaviors DB Other Threat DBs

22 Multi-Vector, Multi-Stage Approach Attack Vector Stage , web browsers, display ads, hyperlinks, files, social media apps, external devices like DVD or USB drives. Payload Delivery Stage Adware, spyware, ransomware, phishing attacks, keyloggers, viruses, and rootkits. Infection/Remediation No one can prevent all infections instantly. So it s critical that remediation is easy, fast and complete. Webroot Endpoint Protection Provides this and more Web threat shield Identity shield USB shield Infrared shield Smart firewall Self-protection shield Real-Time Anti-Phishing Real-time system shield Offline shield Rootkit shield Zero-day shield Behavior shield Core system shield Monitoring & journaling Quarantine Rollback & auto-remediation

23 The Role of Endpoint Protection 1 st. of the truly next-gen endpoint security solutions (Launched 2011) Efficacy Manageability Cost of Ownership» Highly automated» 99.7%+ av. efficacy» Unique, unknown category approach» Protects User and Device - MVP» Multi-tenant» GSM purpose-built for MSPs» High Automation» Unity API personalization» Large range of RMM/PSA integrations» Fast, easy, no conflict deployment» No on-premise servers» No definitions or tuning» Powerful remote Agent Commands» Auto roll-back remediation

24 Thank you! Questions welcome.