Getting over Ransomware - Plan your Strategy for more Advanced Threats

Similar documents
EMPLOYEE SKILLS TRAINING PLATFORM. On-access skills training and measurement for all employees

KASPERSKY ENDPOINT SECURITY FOR BUSINESS

Massive Attack WannaCry Update and Prevention. Eric Kwok KL.CSE

Kaspersky Enterprise Cybersecurity. Employee Skills Training Platform. #truecybersecurity

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Security Gaps from the Field

BUFFERZONE Advanced Endpoint Security

9 Steps to Protect Against Ransomware

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

DHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1

Cyber Security Stress Test SUMMARY REPORT

Borderless security engineered for your elastic hybrid cloud. Kaspersky Hybrid Cloud Security. #truecybersecurity

How Breaches Really Happen

Kaspersky Open Space Security

CYBER SECURITY. formerly Wick Hill DOCUMENT* PRESENTED BY I nuvias.com/cybersecurity I

Building Resilience in a Digital Enterprise

Symantec Ransomware Protection

BUFFERZONE Advanced Endpoint Security

with Advanced Protection

ANATOMY OF AN ATTACK!

Review Kaspersky Internet Security - multi-device 2015 online software downloader ]

Securing the SMB Cloud Generation

Endpoint Protection : Last line of defense?

3 Ways to Prevent and Protect Your Clients from a Cyber-Attack. George Anderson Product Marketing Director Business October 31 st 2017

Kaspersky Security Network

Introducing KASPERSKY ENDPOINT SECURITY FOR BUSINESS

IT & DATA SECURITY BREACH PREVENTION

Security Aspects Control Rationale Best Practices Self-Assessment (Click all that applicable) 1. Security Policy and Security Management

CloudSOC and Security.cloud for Microsoft Office 365

Agenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options

2018 IT Priorities: Cybersecurity, Cloud Outsourcing & Risk Management. Follow Along

AKAMAI CLOUD SECURITY SOLUTIONS

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

Kaspersky Cloud Security for Hybrid Cloud. Diego Magni Presales Manager Kaspersky Lab Italia

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

Symantec & Blue Coat Technical Update Webinar 29. Juni 2017

Cybersecurity The Evolving Landscape

Kaspersky Industrial CyberSecurity. Kaspersky Industrial CyberSecurity: solution overview #truecybersecurity

2017 Annual Meeting of Members and Board of Directors Meeting

Florida Government Finance Officers Association. Staying Secure when Transforming to a Digital Government

KASPERSKY ANTI-MALWARE PROTECTION SYSTEM BE READY FOR WHAT S NEXT. Kaspersky Open Space Security

Tackling Cybersecurity with Data Analytics. Identifying and combatting cyber fraud

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Maximum Security with Minimum Impact : Going Beyond Next Gen

Security & Phishing

IBM Security Network Protection Solutions

SECURITY PLATFORM FOR HEALTHCARE PROVIDERS

Guide to Cyber Security Compliance with GDPR

Carbon Black PCI Compliance Mapping Checklist

How Cyber-Criminals Steal and Profit from your Data

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Prevx 3.0 v Product Overview - Core Functionality. April, includes overviews of. MyPrevx, Prevx 3.0 Enterprise,

Today s Security Threats: Emerging Issues Keeping CFOs Up at Night Understanding & Protecting Against Information Security Breaches

Critical Hygiene for Preventing Major Breaches

ACM Retreat - Today s Topics:

A MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE

Cyber Essentials Questionnaire Guidance

PrecisionAccess Trusted Access Control

Seqrite Endpoint Security

Annexure E Technical Bid Format

VIETNAM CYBER-SAVVINESS REPORT 2015 CYBERSECURITY: USER KNOWLEDGE, BEHAVIOUR AND ATTITUDES IN VIETNAM

Best Practices in Securing a Multicloud World

ABB Ability Cyber Security Services Protection against cyber threats takes ability

IT Security Training MS-500: Microsoft 365 Security Administration. Upcoming Dates. Course Description. Course Outline $2,

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Managing Microsoft 365 Identity and Access

A Strategic Approach to Industrial CyberSecurity. Kaspersky Industrial CyberSecurity

Censornet. CensorNet Unified Security Service (USS) FREEDOM. VISIBILITY. PROTECTION. Lars Gotlieb Regional Manager DACH

KASPERSKY FRAUD PREVENTION FOR ENDPOINTS

How to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption

Automated Context and Incident Response

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

May the (IBM) X-Force Be With You

10 FOCUS AREAS FOR BREACH PREVENTION

MESSAGING SECURITY GATEWAY. Solution overview

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

Synchronized Security

RANSOMWARE PROTECTION. A Best Practices Approach to Securing Your Enterprise

EBOOK. Stopping Fraud. How Proofpoint Helps Protect Your Organization from Impostors, Phishers and Other Non-Malware Threats.

ENDPOINT SECURITY FOR BUSINESS: TECHNOLOGY IN ACTION

mhealth SECURITY: STATS AND SOLUTIONS

Perimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN

Kaspersky Security for Windows Server

Next Generation Endpoint Security Confused?

RANSOMWARE. All Locked Up and No Place to Go. Mark

Aligning with the Critical Security Controls to Achieve Quick Security Wins

Chapter 10: Security. 2. What are the two types of general threats to computer security? Give examples of each.

GUIDE. MetaDefender Kiosk Deployment Guide

NORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers

CERTIFIED SECURE COMPUTER USER COURSE OUTLINE

INTERNET SAFETY IS IMPORTANT

The Credential Phishing Handbook. Why It Still Works and 4 Steps to Prevent It

About Lavasoft. Contact. Key Facts:

Online Security and Safety Protect Your Computer - and Yourself!

Surprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS

A GUIDE TO CYBERSECURITY METRICS YOUR VENDORS (AND YOU) SHOULD BE WATCHING

BOLSTERING DETECTION ABILITIES KENT KNUDSEN JUNE 23, 2016

THE ACCENTURE CYBER DEFENSE SOLUTION

Transcription:

Getting over Ransomware - Plan your Strategy for more Advanced Threats Kaspersky Lab Hong Kong Eric Kwok General Manager Lapcom Ltd.

BEYOND ANTI-VIRUS: TRUE CYBERSECURITY FROM KASPERSKY LAB 20 years ago Today Kaspersky Lab PROTECTS PCS FROM VIRUSES using SIGNATURES, delivered with database updates Kaspersky Lab delivers SECURITY SOLUTIONS that PREDICT, DETECT AND RESPOND to cyber threats effectively, flexibly and reliably Always at the defensive edge

TARGETED SOLUTIONS FOR YOUR SPECIFIC SECURITY NEEDS Endpoint Security Virtualization Security Mobile Security Anti Targeted Attack Platform DDoS Protection Security Intelligence Services Security Solutions for Data Centers Fraud Prevention Industrial CyberSecurity

What We See Today

What We See Today 310 000 New endpoint threats per day Web threats 31.9% of attacked users 758 000 000 malicious online attacks Vulnerabilities 4 347 966 attacked users Threat reports Mobile threats 8 526 221 malicious installation packages Cyber Incidents Investigatio n Ransomware 5% or ~ 1 500 000 unique attacked users. x4 growth/per year Data theft 64 000 confirmed data breaches Targeted attacks $891 000 average total impact of a data breach at an enterprise

What We See Today I m too small target I have no time for Security Malware Attack? Who care, Just restore my system

Not Only Ransomware Microsoft s August Patch Tuesday update that included 48 patches in all 25 of them critical The most serious RCE vulnerability (CVE-2017-8620) Windows Search handles objects in memory Attacker who successfully exploited this vulnerability could take control of the affected system

Gamefish Do you remember EternalBlue? Download a malicious document masquerading as a hotel reservation form Steal credentials from business travelers APT28 USING ETERNALBLUE TO ATTACK HOTELS IN EUROPE, MIDDLE EAST 12 hours the victim s business network was compromised by someone using same credentials infomation

Banker Trojan Stealing and sending text messages Overlaying various applications with phishing windows Hunts for the user s call history, contacts and GPS location. Key Logger

Kaspersky New Generation Endpoint Technologies

Kaspersky Next Generation Endpoint Technologies Application Whitelisting System Watcher (Behavioral analysis & Rollback ) Kaspersky Security Network Anti-Cryptor for Shared Folders Anti-malware Engine/ Heuristic Kaspersky Security Network

Kaspersky Security Network

Kaspersky Security Network Global Security Intelligent Service Global cloud network - threat related information from 60 million+ users KASPERSKY SECURITYNETWORK Dynamic Whitelist with over 2.2 billions whitelisted object Application Reputations & Categorize Continuously feeds new data to protection components KASPERSKY GLOBAL USERS 5

System Watcher

System Watcher Logs application activity using data data received received from: from: KES Anti-Virus engine Firewall component System Watcher Blocks dangerous activity Rolls back malware actions Zero Day Attack place to backup *.EXE AV System Watcher Behavioral analysis Stop Malware Action Log Object Activity Real time backup Roll backup rollback backup modified original

Application Privilege Control

Application Privilege Control Programs are categorized (KSN, heuristic and manually): Trusted Low Restricted High Restricted Untrusted Limitations are specified for each category: File access Registry access Interaction with other programs New! Audio/Video Control High Restricted Application Privilege Control Application Privilege Control

Application Control and Whitelisting

APPLICATION STARTUP CONTROL SCENARIOS Default deny Only apps from a safe whitelist can run Default allow All apps can run except those on the blacklist Maximum security Easier to manage Requires a lot of administration Application Privilege Control Can Vulnerability compromise security Monitor Available for both servers and workstations Powered by Kaspersky Lab Dynamic Whitelisting +1M Files/day 1.3+ billion files In-house Whitelisting Lab Constantly updated safe apps database Minimizes attack options for malicious apps with default deny

Application Startup Control Whitelist Steps to configure: 1. Define a list of allowed apps from Dynamic Whitelist 2. Define a list of allowed users (for IT support specialists) 3. Enable Whitelist in KES policy Apps Whitelist User Whitelist Application Whitelisting

Vulnerability Assessment - Exploit Prevention and Patch Management

EXPLOIT PREVENTION THE PROBLEM: exploitation of vulnerabilities in applications facilitates infection Monitors popular applications to prevent exploitation Fully automatic no configuration needed No performance and compatibility issues RESULT: blocking of cyber attack spearhead, including zero days, to prevent infection

MONITORING AND PATCHING VULNERABILITIES THE PROBLEM: vulnerabilities in apps can be exploited by malware to penetrate your network Detect and prioritize vulnerabilities in apps and OS 30+ vendors150+ apps, 800+ software versions supported Automated patches and updates distribution RESULT: a better security posture through elimination of exploitable vulnerabilities

Kaspersky Systems Management Vulnerability Assessment and Patch Management Vulnerability detection & prioritization Distribution of patches & updates Patch delivery status reports Inventory & License Control Hardware & software inventories License management & compliance Software Distribution Multicast technology supported Policies for automatic distribution OS Deployment Easy image creation & deployment Store, update & deploy Post-installation editing support SIEM Integration All SIEMs via Syslog (RFC 5424) Native HP ArcSight, IBM QRadar and Splunk support Centralized Management Remote troubleshooting Role-Based Access Control Enterprise-level reporting

Summary KASPERSKY LAB MULTI-LAYERED PROTECTION in Unified Platform Network Attack Blocker Behavioural detection (System Watcher) Automatic Exploit Prevention Cloud-based protection Heuristics (structure and emulation) Precise detection technologies

Kaspersky Cyber Security Awareness Online Training Platform

EMPLOYEES ONLINE TRAINING PLATFORM => CYBER HYGIENE SKILLS Skills training modules + For all employees Simulated phishing attacks Knowledge Assessment Analytics and Reporting Check demo at www.kaspersky.com/demo-sa

SECURITY DOMAINS COVERED (LIST OF INTERACTIVE MODULES) Anti-Phishing Phil Learn how to spot phishing attacks by identifying fraudulent URLs Anti-Phishing Phyllis Learn how to recognize phishing emails by identifying red flags Data Protection and Destruction Use portable storage safety and properly discard sensitive data Email Security Learn to identify phishing emails, dangerous attachments, and other email scams Mobile Device Security Use important physical and technical safeguards to protect your devices and your data Mobile App Security Learn how to judge the safety of mobile apps PII Passwords Physical Security Protected Health Information Safe Social Networks PCI DSS Protect confidential information about yourself, your employer and your customers Learn how to create and manage strong passwords Learn how to protect people and property Learn why and how you should safeguard Protected Health Information (PHI) Learn how to use social networks safely and responsibly Recognize warning signs and improve security of credit card data Safer Web Browsing Security Beyond the Office Security Essentials Security Essentials Executives Social Engineering URL Training Stay safe on the Internet by avoiding risky behavior and common traps Avoid common security mistakes while working at home or on the road Recognize security issues commonly encountered in daily job Recognize and avoid threats encountered by senior managers at work and at home Recognize and avoid social engineering scams Learn how to spot fraudulent URLs Check www.kaspersky.com/demo-sa for demo.

EMPLOYEE SKILLS TRAINING PLATFORM For all employees Employee Skills Training Platform is available in 27 languages, and this count is growing. Check www.kaspersky.com/demo-sa for demo.

LET S TALK? Lapcom Ltd. Sole Distributor of Kaspersky Lab Hong Kong www.kaspersky.com.hk Eric Kwok Eric.kwok@lapcom.com.hk https://threatpost.com/ https://securelist.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback