INFINITY: THE CYBERSECURITY ARCHITECTURE OF THE FUTURE - IN A DIGITAL WORLD Nathan Shuchami VP of Emerging Products 2017 Check Point Software Technologies Ltd. 1
WE LIVE IN AN AMAZING WORLD
age WE LIVE LONGER LIFE EXPECTANCY Source: ourworldindata.org
WE HAVE BETTER LIVING STANDARDS EXTREME POVERTY % of population living in poverty Source: ourworldindata.org
WE GET BETTER EDUCATION LITERACY % of literate population Source: ourworldindata.org
And did you know? OZONE LAYER APPEARS TO BE HEALING!
Why? Why Now? EXPONENTIAL GROWTH OF TECHNOLOGIES
WHERE WE THINK WE ARE
WE ARE HERE EXPONENTIAL TECHNOLOGY
TAKE 30 LINEAR PACES 4 3 2 1 5 6 7 8 9 30 Meters
TAKE 30 EXPONENTIAL Steps 26X Around the Earth! 1,073,741,824 Meters
THE FUNDAMENTAL OF EXPONENTIAL TECHNOLOGY Moore's law 1951 2 Transistors 1971 Intel 4004 2300 Transistors $1 2012 Nvidia GPU 7.1 B Transistors $0.0000001
By David.Monniaux, CC BY-SA 2.0, https://commons.wikimedia.org/w/index.php?curid=185007 2016 1985 = Apple Watch 2X Cray-2 Supercomputer Source: dailymail.co.uk
(Global population (Billions) THE CONNECTED WORLD 5 BILLION NEW MINDS % world population using the Internet 8 7 6 5 4 3 2 1 0 6% 23% 66% 2000 2010 2020 Connected Total Population Source: PHD Ventures, Inc.
IMAGINE WHAT 5 BILLION NEW MINDS WILL CREATE, DISCOVER, CONSUME, INVENT.
AUTONOMOUS CARS
3D PRINTED FOOD
REVOLUTIONIZING DELIVERY SERVICES
DISRUPTIVE BUSINESS MODELS #1 Taxi company owns no cars #1 Accommodation company owns no real estate #1 Media provider creates no content #1 Fastest growing TV network lays no cables #1 Valuable retailer has no inventory
NEW POSSIBILITIES
USERS ARE CHANGING IT IS ABOUT FAST AND AGILE EVERY 9 MONTHS 2013 Source: 2016 State of DevOps Report, puppet.com Time to deliver new app: EVERY 48 HOURS 2015 EVERY 6 HOURS 2016
THE INFRASTRUCTURE IS CHANGING NOW
Security is the biggest barrier to IoT adoption Security concerns continue amid Cloud adoption ITPRO InformationWeek Cybersecurity is biggest risk of Autonomous Cars Bloomberg
PUBLIC CLOUD SERVERS HACKED Exposing 1.5 million Americans private health records SEPT 2015 Source: theregister.co.uk
HACKERS STRUCK POWER GRID in Ukraine leaving 230,000 residents in the dark. DEC 2015 Source: wired.com
WIKILEAKS CIA uses zero day exploits on Samsung TVs turning them into covert microphones MAR 2017 Source: wikileaks.org
CONNECTED DOLL HACKED FEB 2017 Source: euronews.com
MAY 2017 WANNACRY RANSOMWARE ATTACK One of the biggest ransomware attacks ever; Tens of thousands of infected computers in nearly 100 countries.
WHAT SHOULD WE EXPECT THIS YEAR? ATTACKS WILL CONTINUE TO GROW. WE ARE ALL TARGETS. ADVANCED THREATS Our networks will still be targeted! CLOUDIFICATION The shift is accelerating MOBILITY Fundamental part of each business 2017 Check Point Software Technologies Ltd. 29
A R E W E R E A D Y F O R I T? ARE WE TAKING THE RIGHT APPROACH? 2017 Check Point Software Technologies Ltd. 30
A global cyber attack just happened again! PETYA 27 June 2017 WannaCry May 2017 Ukraine Russia United States Denmark Criminals are using superpower technology This attack could have been avoided! Germany Advanced threat prevention tools exist, but are STILL insufficiently used 2017 Check Point Software Technologies Ltd. 31
HOW DO YOU INNOVATE, INSPIRE AND COMPETE WHILE REMAINING SECURE?
THE TRADITIONAL APPROACH Virus Anti-Virus Malicious Websites URL Filtering Intrusion Intrusion Detection Botnet Anti-Bot High Risk Applications Application Control
Most security technologies today stay ONE STEP BEHIND Looking for yesterday s signatures Detection instead of prevention PATCHWORK OF POINT SOLUTIONS. COMPLEX SOLUTIONS WITH UNCERTAIN SECURITY COVERAGE.
NOW IMAGINE THE FUTURE OF CYBER SECURITY
EFFECTIVE SECURITY
4.9 MONTHS is the average time to detect a data breach in an organization. 8 months 8 months 8 months ~1 year ~1 year ~1 year Source: infocyte.com
PREVENTION IN WHICH THREATS ARE BEING BLOCKED BEFORE THEY DAMAGE YOUR NETWORKS AND SYSTEMS
SECURITY THAT PREVENTS BOTH THE KNOWN UNKNOWN THREATS
ONE STEP AHEAD MEANS BLOCK THE ATTACK AT EVERY STAGE Reconnaissance Delivery Exploitation Control
PREVENTING THE KILL CHAIN RECONNAISSANCE Block suspicious network activity DELIVERY Block malicious download EXPLOITATION Block exploitation of vulnerabilities CONTROL Block command & control activity
SECURITY EVERYWHERE
ATTACKS CAN BEGIN FROM ANYWHERE Stuxnet started with USB Aug 2010 Target started with air conditioning Fed 2014 Pawn storm, APT ios Espionage App started from Mobile Jan 2017 91% of cyber attacks start with a phishing e-mail
ARCHITECTURE THAT PROVIDES SECURITY EVERYWHERE Combining enforcement points, threat intelligence and management MANAGEMENT Indicators of Compromise (IOCs) THREAT PREVENTION ENDPOINT SECURITY NETWORK SECURITY GATEWAY MOBILE SECURITY VIRTUAL SYSTEMS CLOUD SECURITY
EFFICIENT SECURITY
BIGGER INVESTMENT DOES NOT MEAN BETTER SECURITY $84B $72B $76B 41% 34% 31% 2014 2015 2016
[Restricted] ONLY for designated groups and individuals Security Consolidation FROM - complex - monolithic TO - simple - modular FW IPS Threat Prevention Zero Day End Point Mobile Data security
SIMPLE 20% REDUCTION in SECURITY SPEND consolidating on single architecture IPS VPN URLF Firewall DDos Mobile Security IPS VPN URLF App Control Anti Virus Anti Spam Firewall DDos Mobile Security Anti Bot Sandboxing App Control Anti Bot Anti Virus Sandboxing Anti Spam
SCALABLE BIG DATA GLOBAL KNOWLEDGE MACHINE LEARNING OFFLOAD Security inspection to the cloud SHARED IOCs NEW PROTECTIONS UPDATE IN NEAR REAL TIME PERFORMANCE OFFLOAD IPS VPN URLF App Control Anti Virus Anti Spam Firewall DDos Mobile Security Anti Bot Sandboxing
SINGLE MANAGEMENT SINGLE MANAGEMENT 50% REDUCTION in HUMAN INVESTMENT with single management platform
THE SECURITY YOU DESERVE Effective Efficient Everywhere
LET S LOOK AT WHAT CUSTOMERS USE TODAY 100% NOT PROTECTED 50% 93% 99% 98% PROTECTED 0% ADVANCED THREAT PREVENTION MOBILE SECURITY CLOUD SECURITY 2017 Check Point Software Technologies Ltd. 53
THE EXPLANATIONS IT S TOO COMPLICATED I DIDN T REALIZE IT WAS SUCH A PROBLEM TOO MANY POINT PRODUCTS NOT ENOUGH TRAINED PEOPLE I DIDN T THINK IT COULD HURT US 2017 Check Point Software Technologies Ltd. 54
It s time for us to step up! WE MUST INVEST IN THE FUTURE OF CYBER SECURITY! 2017 Check Point Software Technologies Ltd. 55
THE THREAT LANDSCAPE PLAYERS TARGET MOTIVATION CYBER CRIMINALS CONSUMERS AND ENTERPRISES Mass infection, the more the better MAKE MONEY STATE SPONSORED CYBER AGENCIES CRITICAL INFRASTRUCTURE, LARGE ENTERPRISES, C-LEVEL MANAGERS Targeted attacks CYBER WARFARE, CYBER TERRORISM, CYBER SUBVERSION, ESPIONAGE THREATS GENERIC ZERO-DAY SOPHISTICATION LEVEL MEDIUM VERY HIGH, WEAPON SYSTEMS INVESTMENT LOW NATIONAL LEVEL BUDGETS EXAMPLES 2017 Check Point Software Technologies Ltd. ATTACK ON SAN FRANCISCO MTA, NOV 2016 SPEAR PHISHING ATTACK ON UKRAINE POWER GRID, DEC 2015 56
THE THREAT LANDSCAPE PROLIFERATION OF KNOWLEDGE e.g. The Shadow Brokers PLAYERS TARGET CYBER CRIMINALS CONSUMERS AND ENTERPRISE Mass infection, the more the better STATE SPONSORED CYBER AGENCIES CRITICAL INFRASTRUCTURE, LARGE ENTERPRISES, C-LEVEL MANAGERS Targeted attacks MOTIVATION THE OUTCOME: MAKE MONEY CYBER WARFARE, CYBER TERRORISM, CYBER SUBVERSION, ESPIONAGE MORE THREATS, MORE GENERIC SOPHISTICATION ZERO-DAY SOPHISTICATION LEVEL MEDIUM VERY HIGH, WEAPON SYSTEMS INVESTMENT LOW NATIONAL LEVEL BUDGETS EXAMPLES 2017 Check Point Software Technologies Ltd. ATTACK ON SAN FRANCISCO MTA, NOV 2017 SPEAR PHISHING ATTACK ON UKRAINE POWER GRID, DEC 2015 57
TRADITIONAL SECURITY PRODUCTS ARE NOT ENOUGH Only 45% of malware attacks can be detected by Antivirus* Attackers bypass signature based security products by using unknown threats Polymorphic engines, permutations etc Cyber agencies evasive techniques bypass 1st generation sandboxes Time triggers, extended sleep, sandbox exposure, fast flux etc 2017 Check Point Software Technologies Ltd. *Source: www.theguardian.com 58
ORGANIZATIONS ARE BREACHED BY MULTIPLE ATTACK VECTORS EMAIL WEB MOBILE DEVICES Malicious attachment Malicious links Malware Phishing Malicious apps Malicious Networks Phishing 2017 Check Point Software Technologies Ltd. 59
THE PATH TO YOUR CROWN JEWEL HAS SEVERAL STEPS 1 Gain admin permissions to run a shellcode on victim s endpoint (laptop, desktop, mobile) in order to download or install malware or encrypt/damage the endpoint 2 Then by lateral movements to gain access to the crown jewel! Phishing attacks do not require any download of malicious code BREACHED TO GAIN ACCESS TO Laptop Mobile SCADA server Data center/servers Desktop 2017 Check Point Software Technologies Ltd. Social security data base 60
THE ATTACK SURFACE IS ALSO EXPANDING ENTERPRISE NETWORK + Virtual Data Centers Employees connected to corporate network using mail and web REMOTE EMPLOYEES Employees connected from home using laptop, personal mail and web CLOUD 3 rd party cloud business services such as Microsoft Office 365 MOBILE Employees connected using mobile devices especially BYOD 2017 Check Point Software Technologies Ltd. 61
CONCLUSION 1 Protecting the enterprise from advanced threats requires security that covers ANY ATTACK SURFACE When connected to corporate network Remote employees: At home using your endpoint Using cloud business services Inside or outside corporate network using mobile device 2017 Check Point Software Technologies Ltd. 62
CONCLUSION 2 Protecting the enterprise from advanced threats requires security that covers ALL ATTACK VECTORS EMAIL WEB MOBILE DEVICES Attachments, web based malware and phishing websites 2017 Check Point Software Technologies Ltd. 63
SUCCESSFUL PROTECTION NEEDS TO HAVE 3 LINES OF DEFENSE 1 DETECT & PREVENT 2 CONTAIN 3 FORENSIC ANALYSIS It is critical to use the best detection engine together with real prevention capabilities Contain attacks as soon as possible. Once infected the cost of the attack will just keep on rising Effectively respond and remediate. Address the real business impact Make sure the infection doesn t come back 2017 Check Point Software Technologies Ltd. 64
ADVANCED THREATS PREVENTION: PROTECTING ALL SURFACES network remote employees cloud mobile FROM ANY ATTACK VECTOR email web mobile threats WITH 3 LINES OF DEFENSE NGTX GATEWAYS SANDBLAST AGENT SANDBLAST CLOUD SANDBLAST MOBILE 2017 Check Point Software Technologies Ltd. 65
Check Point INFINITY for the cloud ONE SECURITY PLATFORM FOCUS ON THREAT PREVENTION CONSOLIDATED MANAGEMENT 2017 Check Point Software Technologies Ltd. 66
THE CHECK POINT ADVANTAGE 500,000,000+ malicious activities detected daily The world s largest IoC database Real-time inputs from traffic across 100K customer s security gateways world wide 11,000,000 malware signatures 250,000,000 addresses analyzed for bot discovery per year 2017 Check Point Software Technologies Ltd. 67
UNIFIED MANAGEMENT ACROSS ALL CHECK POINT'S SECURITY OFFERINGS POWERED BY: USERS DEVICES APPLICATIONS DATA GATEWAYS PRIVATE CLOUD PUBLIC CLOUD VIRTUAL GW 2017 Check Point Software Technologies Ltd. 68
A SINGLE VIEW INTO SECURITY RISK POWERED BY: 2017 Check Point Software Technologies Ltd. 69
NWP NATIONWIDE PROTECTION SYSTEM ThreatCloud 250 MILLION BOT ADDRESSES 11 MILLION MALWARE SIGNATURES 5.5 MILLION INFECTED WEBSITES Intelligence POD Private STIX Feeds Analyst CSOC Operation & System Maintenance SENSE ANALYZE PREVENT Sentry Sentry Sentry Sentry Sentry Delegate reports & Controls to Site and / or Sector POWERED BY: IPS, Anti Virus, Anti BOT, Threat Emulation
W E L C O M E T O T H E F U T U R E O F C Y B E R S E C U R I T Y! CLOUD MOBILE THREAT PREVENTION CONSOLIDATED SYSTEM THE FIRST CONSOLIDATED SECURITY ACROSS NETWORKS, CLOUD, AND MOBILE, PROVIDING THE HIGHEST LEVEL OF THREAT PREVENTION 2017 Check Point Software Technologies Ltd. 71
THANK YOU 2017 Check Point Software Technologies Ltd. 72