CYBER ATTACKS DON T DISCRIMINATE. Michael Purcell, Systems Engineer Manager

Transcription

1 CYBER ATTACKS DON T DISCRIMINATE Michael Purcell, Systems Engineer Manager

2 THREAT LANDSCAPE IS HUGE AND ORGANIZED $8 TRILLION Will be cost of fighting cybercrime in 2022 (JuniperResearch) 14.5 BILLION Malware-bearing s sent in 2017 (AppRiver)

3 NOT ENOUGH GOOD GUYS 3.5 MIILLION Unfilled security jobs by 2021 (Cybersecurity Ventures)

4 4 MOST CRITICAL PAIN POINTS OF IT PROFESSIONALS 43% Cyber crime continues to develop faster than security tools 36% IoT growth is increasing the risk of a breach 35% There is a skills shortage within many organizations 34% Organizations lack visibility into threats 69% say that current cybersecurity solutions aren t delivering on their promises. The cyber threat landscape is ever changing, and organizations are performing a juggling act in trying to deal with the wide variety of cybersecurity demands. Source: Vanson Bourne Survey Adaptive Cybersecurity A Necessity for Business Continuity

5 THE POWER OF UNITY SHARED CYBER THREAT INTELLIGENCE, TOGETHER, WE ARE STRONGER.

6 MOST VALUED SECURITY CAPABILITIES 44% 41% 37% 36% 35% Greater speed of threat detection Automated threat remediation Advanced Threat Protection (ATP) A.I. Machine Learning Advanced Analytics Market Trends 86% Respondents agree that cybersecurity tools with artificial intelligence and machine learning capabilities would be of great benefit to their organization. 35% Over the next three years, cloud and virtualization trends are set to become more of a pain point for organizations Source: Vanson Bourne Survey Adaptive Cybersecurity A Necessity for Business Continuity

7 IF YOUR NOT THINKING ABOUT AUTOMATION, YOU CANT BE SECURE 75% Three quarters of respondents agree that the 24/7 always on nature of cybercrime puts a great strain on their security personnel. Benefits of adopting security tools with Automation 55% Reduction in operating costs 55% Reduction in personnel costs 59% Reduction in false positives Source: Vanson Bourne Survey Adaptive Cybersecurity A Necessity for Business Continuity

8 AUSTRALIAN ORGANIZATIONS UNDER ATTACK Quarterly Statistics Report, Q (July 2018 September 2018) Number of breaches reported under the Notifiable Data Breaches Scheme Feb-18* 8 Mar Total received for the quarter: 245 Apr-18 May Total received last quarter: 242 Total received YTD: 550 Jun Jul Aug Sept * The NDB Scheme commenced on 22 Feb 2018

9 AUSTRALIAN ORGANIZATIONS UNDER ATTACK Quarterly Statistics Report, Q (July 2018 September 2018) Source of Reported Data Breaches System Fault 6% Human Error 37% Top 5 Industry Sectors that reported breaches (Q3) Top 5 industry sectors NDBs received Health service providers 45 Finance (incl. superannuation) 35 Legal, Accounting & Management services 34 Education 16 Business and Professional Associations 13 Type of personal information breached Kinds of personal information % of data breaches Contact information 85% Malicious Attack 57% Financial details 45% Identity information 35% Health information 22% TFN 22% Other sensitive information 7%

10 JUNIPER ADVANCED THREAT PREVENTION (JATP) 2 Threat Behavior Analytics Detection On-premise solution that can detect advanced threats across web, and lateral traffic Machine learning + behavior analysis + threat feeds 1 Advanced Malware Detection Juniper ATP Appliance 3 One-Touch Mitigation Analytics Improve productivity of SOC and IR teams by automating manual activities Timeline view of all security events that have occurred on a host or user Mitigation Leverage existing security infrastructure to mitigate threats Automatically block malicious IPs, URLs and infected hosts

11 JATP OPEN ECOSYSTEM Endpoint Firewall & SWG SIEM CASB NAC & Identity Others

12 JATP - PRIMARY THREAT VECTORS Perimeter Malicious Internet ANALYTICS ENGINE Malicious Web Collectors continuously ingest web and traffic to the smart analytics engine including cloud (O365/Gmail)

13 JATP OPEN ECOSYSTEM INFECTED HOST AND MALWARE RISK TREND

14 THREAT OVERVIEW AND LATERAL PROGRESSION

15 KILL CHAIN EVENT CORRELATION

16 JATP - KILL CHAIN Exploit Download Install C&C Lateral Activity JATP Chain Heuristics JATP Static, Behavior, Reputation Engines JATP IVP tool JATP Correlation engine JATP Lateral engine Correlated lateral and perimeter traffic with combined web and visibility

17 JATP ONE TOUCH MITIGATION JATP CORE Mitigation & Enforcement Publish Blocking Data To Existing: FW, IPS and SWG API based or manual ANALYTICS ENGINE Verification & Containment Verify infection on suspect endpoints before cleaning (Carbon-Black, Tanium, Crowdstrike, Bradford)

18 CALL TO ACTION Download a 14-Day free trial of JATP. Engage with the Juniper team to find out more about the Juniper Unified Cybersecurity Platform and Secure SD-WAN. Read What is the most sophisticated piece of software/code ever written? John Byrd (Quora) Security should be built-in, not bolted-on. REMEMBER! Reduce your attack surface streamline your policies and get your apps under control. Use automation Machine vs Machine is the ONLY way to win.

19