Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Similar documents
Symantec & Blue Coat Technical Update Webinar 29. Juni 2017

CloudSOC and Security.cloud for Microsoft Office 365

Symantec Ransomware Protection

Building an Effective Threat Intelligence Capability. Haider Pasha, CISSP, C EH Director, Security Strategy Emerging Markets Office of the CTO

2018 Cyber Security Predictions

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

Cybersecurity Auditing in an Unsecure World

AKAMAI CLOUD SECURITY SOLUTIONS

with Advanced Protection

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

From Managed Security Services to the next evolution of CyberSoc Services

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

Copyright 2011 Trend Micro Inc.

Best Practices in Securing a Multicloud World

Ο ρόλος της τεχνολογίας στο ταξίδι της συμμόρφωσης με τον Γενικό Κανονισμό. Αντιγόνη Παπανικολάου & Νίκος Αναστόπουλος

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

to protect the well-being of citizens. Fairfax is also home to some Fortune 500 and large

Securing Your Most Sensitive Data

Building an Integrated Security Platform for the Future

SYMANTEC DATA CENTER SECURITY

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Challenges 3. HAWK Introduction 4. Key Benefits 6. About Gavin Technologies 7. Our Security Practice 8. Security Services Approach 9

The Oracle Trust Fabric Securing the Cloud Journey

Threat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ

CipherCloud CASB+ Connector for ServiceNow

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

Symantec Endpoint Protection Family Feature Comparison

Security Monitoring. Managed Vulnerability Services. Managed Endpoint Protection. Platform. Platform Managed Endpoint Detection and Response

Encryption Vision & Strategy

Ransomware A case study of the impact, recovery and remediation events

Security+ SY0-501 Study Guide Table of Contents

FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?

Office 365 Buyers Guide: Best Practices for Securing Office 365

Cyber Security Technologies

Ransomware A case study of the impact, recovery and remediation events

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

Security by Default: Enabling Transformation Through Cyber Resilience

align security instill confidence

SECURITY SERVICES SECURITY

MITIGATE CYBER ATTACK RISK

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

A MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Cyber Information Sharing

Securing Office 365 with Symantec

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

Zero Trust with Okta: A Modern Approach to Secure Access from Anywhere. How Okta enables a Zero Trust solution for our customers

CYBER SECURITY EFFECTIVENESS FOR THE RESOURCE-CONSTRAINED ORGANIZATION

Robert Potter Vice President Americas Symantec. Copyright 2016, Symantec Corporation

GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ

McAfee MVISION Cloud. Data Security for the Cloud Era

Cybersecurity Roadmap: Global Healthcare Security Architecture

Altitude Software. Data Protection Heading 2018

How do you decide what s best for you?

Background FAST FACTS

Data Management and Security in the GDPR Era

Kaspersky Cloud Security for Hybrid Cloud. Diego Magni Presales Manager Kaspersky Lab Italia

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE

Accelerate GDPR compliance with the Microsoft Cloud Agustín Corredera

Securing Data in the Cloud: Point of View

CyberEdge. End-to-End Cyber Risk Management Solutions

Defending Against Unkown Automation is the Key. Rajesh Kumar Juniper Networks

Gladiator Incident Alert

Microsoft Security Management

IT Security Training MS-500: Microsoft 365 Security Administration. Upcoming Dates. Course Description. Course Outline $2,

DFARS Compliance. SLAIT Consulting SECURITY SERVICES. Mike D Arezzo Director of Security Services. SLAITCONSULTING.com

THE ACCENTURE CYBER DEFENSE SOLUTION

Le sfide di oggi, l evoluzione e le nuove opportunità: il punto di vista e la strategia IBM per la Sicurezza

SIEMLESS THREAT MANAGEMENT

Security

Run the business. Not the risks.

Supercharge Your SIEM: How Domain Intelligence Enhances Situational Awareness

Security Diagnostics for IAM

How to Apply a Zero-Trust Model to Cloud, Data and Identity

IBM Security Network Protection Solutions

Proteggere Office365 e Cloud file sharing in meno di un minuto Tiberio Molino Sr.Sales Engineer Trend Micro

Security and Compliance for Office 365

The Evolution of : Continuous Advanced Threat Protection

Introduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview

IMPLEMENTING A SOLUTION FOR ASSURING KEYS AND CERTIFICATES

Cisco Firepower NGFW. Anticipate, block, and respond to threats

AT&T Endpoint Security

Juniper Sky Advanced Threat Prevention

External Supplier Control Obligations. Cyber Security

IT Security Mandatory Solutions. Andris Soroka 2nd of July, RIGA

Enterprise & Cloud Security

JUNIPER SKY ADVANCED THREAT PREVENTION

SIEM: Five Requirements that Solve the Bigger Business Issues

CA Security Management

How Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity

Security, compliance and GDPR and Google Cloud

Synchronized Security

COMPLIANCE, THE PRIVACY BY DESIGN APPROACH TO PROTECT PERSONAL DATA. European Union General Data Protection Regulation (GDPR)

Cybowall Solution Overview

locuz.com SOC Services

SECOPS: NAVIGATE THE NEW LANDSCAPE FOR PREVENTION, DETECTION AND RESPONSE

WHITE PAPER. Operationalizing Threat Intelligence Data: The Problems of Relevance and Scale

Transcription:

Delivering Integrated Cyber Defense for the Generation Darren Thomson Vice President & CTO, EMEA Region Symantec

In 2009 there were 2,361,414 new piece of malware created. In 2015 that number was 430,555,582 That s 1 Million 179 Thousand a day. 2

TARGETED ATTACKS 150 1,500 122 120 1,200 Average Number of Email Attacks Per Campaign Recipients per Campaign 90 111 900 Campaigns 60 600 30 29 25 300 23 18 12 11 2012 2013 2014 2015 3

Attack Surfaces Spear-Phishing attacks Negligent Employee Other Network & Endpoints Email Advanced Malware Malicious sites Spam Ransomware 4

Building Integrated Cyber Defense For The Generation 5

It Starts With Data What Do We Know? Global Intelligence Network (GIN) 6

Intelligence Integration Press Release Copyright 2016 2017 Symantec Corporation 7

Innovation for the Generation: Protecting Against Advanced Threats Global Intelligence Network Discovered 430 million new unique pieces of malware last year 1B malicious emails stopped last year 100M social engineering scams blocked last year 12,000+ applications discovered and protected 182M web attacks blocked last year Global Intelligence Sourced From: 1 Billion previously unseen web requests scanned daily 2 Billion emails scanned per day 175M Consumer and Enterprise endpoints protected 9 global threat response centers with 3000 Researchers and Engineers 8

The Power of Combined Intelligence 1. ProxySG discovers a brand new malicious file/url 2. Telemetry sent to cloud 3. All SEP and Norton endpoints now block the file/url Copyright 2017 Symantec Corporation Copyright 2016 Symantec Corporation 9

The Power of Combined Intelligence 3. All ProxySG installations now block the file/url 2. Telemetry sent to cloud 1. SEP or Norton discover a brand new file/url Copyright 2017 Symantec Corporation Copyright 2016 Symantec Corporation 10

The Problems At Hand & Architectural Approach 11

Complex User Definition Evolving Data Attack Surface Expanding Perimeter Multi-Phased, Multi-Staged Attacks 12

It s About Termination Points Proxy Endpoint Mail Gateway 13

And Correlation Across the Critical Domains Messaging Users 14

Critical Domains for Correlated Threat Threat Global Intelligence Network Messaging Users 15

The fourth security domain Information Information Messaging Users 16

Core Technologies Data Loss Prevention Proxy SG / CASB Email SEP 17

The Integrated Cyber Defence Platform 18

ON PREMISES CLOUD File URL Whitelist Blacklist Certificate Machine Learning Third Party Ecosystem Endpoint Secure Gateway VIP Identity DLP Email CASB Managed PKI Data Center Sandbox site Encryption Data SOC Workbench Cyber Services Secure Gateway DLP Encrypted Traffic Analytics IT System Malware Analysis Application Firewall Risk Insight Local Intelligence Endpoint EDR Content Analysis Encryption Data Center Performance Optimization Compliance Advanced Threat Secure Mail Gateway SIEM Integration 19

Endpoint (User) integrations Symantec Endpoint (SEP) As A Core

ON PREMISES CLOUD File URL Whitelist Blacklist Certificate Machine Learning Third Party Ecosystem Endpoint Secure Gateway VIP Identity DLP Email CASB Managed PKI Data Center Sandbox site Encryption Data SOC Workbench Cyber Services Secure Gateway DLP Encrypted Traffic Analytics IT System Malware Analysis Application Firewall Risk Insight Local Intelligence Endpoint EDR Content Analysis Encryption Data Center Performance Optimization Compliance Advanced Threat Secure Mail Gateway SEP integration Today SIEM Integration 21

ON PREMISES CLOUD File URL Whitelist Blacklist Certificate Machine Learning Third Party Ecosystem Endpoint Secure Gateway VIP Identity DLP Email CASB Managed PKI Data Center Sandbox site Encryption Data SOC Workbench Cyber Services Secure Gateway DLP Encrypted Traffic Analytics IT System Malware Analysis Application Firewall Risk Insight Local Intelligence Endpoint EDR Content Analysis Encryption Data Center Performance Optimization Compliance Advanced Threat Secure Mail Gateway SEP integration Today Expected H1 2017 SIEM Integration 22

Information integrations Symantec Data Loss Prevention (DLP) As A Core

ON PREMISES CLOUD File URL Whitelist Blacklist Certificate Machine Learning Third Party Ecosystem Endpoint Secure Gateway VIP Identity DLP Email CASB Managed PKI Data Center Sandbox site Encryption Data SOC Workbench Cyber Services Secure Gateway DLP Encrypted Traffic Analytics IT System Malware Analysis Application Firewall Risk Insight Local Intelligence Endpoint EDR Content Analysis Encryption Data Center Performance Optimization Compliance Advanced Threat Secure Mail Gateway DLP Integration Today SIEM Integration 24

ON PREMISES CLOUD File URL Whitelist Blacklist Certificate Machine Learning Third Party Ecosystem Endpoint Secure Gateway VIP Identity DLP Email CASB Managed PKI Data Center Sandbox site Encryption Data SOC Workbench Cyber Services Secure Gateway DLP Encrypted Traffic Analytics IT System Malware Analysis Application Firewall Risk Insight Local Intelligence Endpoint EDR Content Analysis Encryption Data Center Performance Optimization Compliance Advanced Threat Secure Mail Gateway DLP Integration Today Expected H1 2017 SIEM Integration 25

Leveraging The Platform To Solve Higher Order Problems.. 26

Information Risk & GDPR Preparation Privacy Privacy Operational Lifecycle ISO 27001 NIST Cyber Framework Assess Plan Identify Recover Protect Respond Protect Act Do Sustain Check Respond Detect PREPARE PROTECT DETECT RESPOND 27 27

Symantec & Information Risk Reducing Risk from Preparation to Response PREPARE PROTECT DETECT RESPOND Understand Personal Data & Risk Posture Protect Personal Data From Malicious Attack & Misuse Provide Rapid Detection Understand Impact of Breach Respond Efficiently & Effectively to be Compliant Mitigate Risk Data Discovery and Privacy Impact Assessments Data Loss Prevention / Data Insight Information and Governance Data Loss Prevention / Encryption / Authentication Monitoring, Threat Intelligence and Cyber Expertise Cyber Services Crisis and Incident Response Cyber Services Risk Posture Assessment and Remediation Control Compliance Suite / Endpoint Threat SEP / DCS / ATP / Email / Advanced Persistent Threat Detection ATP / Unified Analytics Cyber Insurance Unified Analytics Data Risk Posture Assessment Elastica Data Encryption & Tokenization ProxySG, Data Advanced Persistent Threat Detection SSL Visibility, CAS/MA, Analytics Incident Response and Network Forensics Analytics 28

PREPARE PROTECT DETECT RESPOND Symantec & Information Risk Understand Data Risk DLP Data Insight CASB Audit Personal Data Everywhere VIP / MPKI DLP Encryption Advanced Breach Detection, Remediation, & Notification Endpoint Email Server / CASB Technology Risk CCS EPM CASB CDP ATP Analytics Understand, Report, and Remediate Compliance Cyber Services Unparalleled Threat Intelligence Endpoint 175M endpoints protected 12,000 cloud applications secured Email 2Bm emails scanned/day 1.2Bn web requests secured/day Physical & Virtual Workloads 64K Datacenters protected 29

Information Risk Solution Architecture 30

Information Risk User Risk Partner Dashboard/Reporting Monitoring Event Detection & Alerting Education & Awareness Behavioural Analytics People and Process Policy Policy Enforcement System Build & Remediation Operational Risk Configuration, Audit & Assessment Data Policy / Summary Risk Profile Infrastructure Information Governance Information /Prevention Encryption Classification & Discovery Storage Network Endpoint Application Tokenisation Standards Vulnerability Network Servers Endpoints Messaging 31

Data Loss Prevention/UBA/ Simulation/VIP User Risk Education & Awareness Behavioural Analytics Policy Enforcement IT Suite System Build & Remediation CCS Vulnerability Manager Vulnerability Operational CCS Vendor Manager Partner People and Process CCS Risk / Policy Manager Risk CCS Standards Manager Configuration Audit & Assessment SSL Visibility Network Performance DCS/CSP Workload Control Compliance Suite Dashboard/Reporting Policy Data Policy / Summary Risk Profile Infrastructure Endpoint EDR Secure Gway SSL Monitoring Information Governance Information /Prevention Encryption Tokenisation PGP/ Data SOC Email.cloud Messaging Gway Event Detection & Response Managed Deepsight Incident Response ATP / Analytics Data Loss Prevention/UBA/ Simulation Classification & Discovery Storage Network Endpoint Application Data Loss Prevention SOC Content Analysis Network Servers Endpoints Messaging 32

Enterprise Integrated Cyber Defense Platform Stay ahead of advanced threats through superior threat intelligence and integrated offerings Secure sensitive information and critical documents on premise or in the cloud Promote customer confidence with superior encryption and code signing Copyright 2017 Symantec Corporation Copyright 2016 Symantec Corporation 33

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback