New World, New IT, New Security

Similar documents
Table of Content Security Trend

Operationalizing the Three Principles of Advanced Threat Detection

SANGFOR NGAF FIREWALL PLATFORM

ANATOMY OF AN ATTACK!

BUILDING AND MAINTAINING SOC

Cyber-Threats and Countermeasures in Financial Sector

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

RSA Advanced Security Operations Richard Nichols, Director EMEA. Copyright 2015 EMC Corporation. All rights reserved. 1

Table of Content. Market Trend

Gujarat Forensic Sciences University

Securing Digital Transformation

EFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave

Managing an Active Incident Response Case. Paul Underwood, COO

IBM Future of Work Forum

It s About the Data, Stupid.

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

B.Y.O.D Bring Your Own Device

FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?

Business Strategy Theatre

F5 comprehensive protection against application attacks. Jakub Sumpich Territory Manager Eastern Europe

3 Ways to Prevent and Protect Your Clients from a Cyber-Attack. George Anderson Product Marketing Director Business October 31 st 2017

Rethinking Security: The Need For A Security Delivery Platform

Smart Attacks require Smart Defence Moving Target Defence

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

Cloud-Enable Your District s Network For Digital Learning

Security

WHITEPAPER. How to secure your Post-perimeter world

Application Whitelisting and Active Analysis Nick Levay, Chief Security Officer, Bit9

RSA NetWitness Suite Respond in Minutes, Not Months

Enterprise D/DoS Mitigation Solution offering

Cisco Cyber Range. Paul Qiu Senior Solutions Architect

THE ACCENTURE CYBER DEFENSE SOLUTION

Author: Tonny Rabjerg Version: Company Presentation WSF 4.0 WSF 4.0

Simplify Your Network Security with All-In-One Unified Threat Management

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group

We b Ap p A t ac ks. U ser / Iden tity. P hysi ca l 11% Other (VPN, PoS,infra.)

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

A Comprehensive Guide to Remote Managed IT Security for Higher Education

The Value of Automated Penetration Testing White Paper

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief

Securing Today s Mobile Workforce

Identity-Based Cyber Defense. March 2017

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Prescriptive Security Operations Centers. Leveraging big data capabilities to build next generation SOC

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches

Outwit Cyber Criminals with Comprehensive Malware and Exploit Protection.

CPTE: Certified Penetration Testing Engineer

Computer Information Systems (CIS) CIS 105 Current Operating Systems/Security CIS 101 Introduction to Computers

Securing Cloud Applications with a Distributed Web Application Firewall Riverbed Technology

An Aflac Case Study: Moving a Security Program from Defense to Offense

Agile Security Solutions

HOSTED SECURITY SERVICES

SECURITY TESTING. Towards a safer web world

Advanced Endpoint Protection

Computer Information Systems (CIS) CIS 105 Current Operating Systems/Security CIS 101 Introduction to Computers

AUTHENTICATION. Do You Know Who You're Dealing With? How Authentication Affects Prevention, Detection, and Response

Automating the Top 20 CIS Critical Security Controls

Securing Your Amazon Web Services Virtual Networks

Principles of ICT Systems and Data Security

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

EBOOK What attacks aren t you seeing? Why you should consider adding DNS-layer security as your first line of defense against threats

Combating Cyber Risk in the Supply Chain

Managing IT Risk: What Now and What to Look For. Presented By Tina Bode IT Assurance Services

Surprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

Cisco Security Exposed Through the Cyber Kill Chain

Streamline IT with Secure Remote Connection and Password Management

hidden vulnerabilities

A Guide to Closing All Potential VDI Security Gaps

IT Security: Managing a New Reality

PLANNING AZURE INFRASTRUCTURE SECURITY - AZURE ADMIN ACCOUNTS PROTECTION & AZURE NETWORK SECURITY

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

Web Applications Part 1 The Weak Link in Information Security Your Last Line of Defense

SIEMLESS THREAT DETECTION FOR AWS

Protecting organisations from the ever evolving Cyber Threat

Table of Contents Table of Contents...2 Introduction...3 Mission of IT...3 Primary Service Delivery Objectives...3 Availability of Systems...

Cisco ASA 5500-X NGFW

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Understanding Perimeter Security

Arbor Networks Spectrum. Wim De Niel Consulting Engineer EMEA

MOBILE SECURITY OVERVIEW. Tim LeMaster

THE CRITICAL COMMUNICATIONS COMPANY CYBER SECURITY AS A SERVICE

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

Perimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN

An Aflac Case Study: Moving a Security Program from Defense to Offense

2013 InterWorks, Page 1

MOBILE SECURITY 2017 SPOTLIGHT REPORT. Information Security PRESENTED BY. Group Partner

Cyber Security Technologies

CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n

Teradata and Protegrity High-Value Protection for High-Value Data

How NOT To Get Hacked

Securing Your Microsoft Azure Virtual Networks

Sangfor Solution for Education

Simplifying Endpoint Management and Security For an Evolving and Complex Mobile Workforce

Imperva Incapsula Website Security

Building Resilience in a Digital Enterprise

Transcription:

SESSION ID: GPS1-R08 New World, New IT, New Security Jackie Chen Chief Product & Marketing Officer Sangfor Technologies (HQ) #RSAC

New World, New IT, New Security Internet of Things BYOD Cloud Estimated 200 billion objects in 2020! Source 1: IDC, Intel, United Nations. Source 2: IDC & Gartner Source 3: RightScale's Market Survey Mobile Worker Population 1.3 million in 2015. Tablets forecasted to reach 468 million in 2017. Smartphones forecasted to reach 2.1 billion in 2017. 93% of organizations are running applications or experimenting with infrastructure-as-a-service. 3

The reality of cyber attacks Hacking of Hong Kong's VTech may prove worst cybersecurity breach of 2015 in Asia! LinkedIn Lost 167 Million Account Credentials in Data Breach! 55 million voters' details leaked in Philippines! Bangladesh bank governor resigns after $81m hack! Cyber attack could kill people directly! 2

Cyber security challenges Average number of reported alerts per week is 16,937, only about 4% of them are Investigated¹. Average 200 Days to detect Security breach and 80 Days to Contain it². Average of 1.27 million US$ annually wasted¹. 16,937 alerts 200 days 1.27 million Source 1: http://www.ponemon.org/local/upload/file/damballa%20malware%20containment%20final%203.pdf Source 2: https://blogs.windows.com/windowsexperience/2016/03/01/announcing-windows-defender-advanced-threat-protection/ 5

Attack methods are shifting Gartner estimates that 75% of attacks now take place at the application layer! 90% of sites are vulnerable to application attacks. Application security is no longer a choice. Gartner continually hears from clients that are seeing a 90% firewall CPU utilization after they enabled Web or email antivirus on the same platform. This impacts the user experience, with noticeably increased latency and reduced throughput. Source 1: Watchfire Source 2: OWASP Source 3: Gartner, NGFW & UTM 2015 Report 7

Traditional Security Model doesn t work any more 8

Experience sharing: Thailand Knowledge Park #RSAC Thailand Knowledge Park focuses on developing the learning opportunities and managing intellectual capital of Thailand. They create content in the form of digital books, videos and audios. Challenges: Existing UTM Firewall doesn t offer enough performance when enable app security No Protection for their online websites but too expensive to have dedicated WAF device for website protection Gateway + WAF

Experience Sharing: K.WAH Group, Hong Kong #RSAC Founded in 1955, K. Wah Group is an international company with market presence spanning Mainland China, Hong Kong, Macau, Southeast Asia and major cities in the US. Challenges: Gateway with Vul. Visibility Existing firewall provides poor security reporting tool for operation Concerns on new and emerging threats Business system vulnerabilities are not visible but risks are getting higher

Experience sharing: Shen Zhen University #RSAC CERNET INTERNET Challenges: Internet Access APP Server Don t know real security situation 30,000 students and teachers. 45,000 endpoints 400 servers, Web servers, App servers. Web Portal Forum Web Server VDC/VMS Library 8K+ logs and alerts weekly, almost no investigation Only few IT staff, most of them are junior professionals Campus Core Teaching System Lots of attacks from internal network registration portal got tampered several times LAN WLAN WLAN AP VDI VPN

Key aspects of new security Security Visibility Rapid Response Simplified Security Key Elements Visibility Real-time Detection Pre&Post-event detection Easy Deployment configuration wizard Intelligent Analyzing Management Visibility Business risks detection Rapid Response Automatic policy enforcement Solution synergy and Correlation Security expertise as a service straightforward policy layout Simple O&M Intuitive security reporting Presented as security event Convergence L7 High-Performance Hardware and software architecture Efficient algorithm

Visibility is the Foundation Many Invisible Security Risk in the Network Certified Users are not all Legal Normal users Users Lurked hackers Illegal users Normal users Normal traffic New attack/abnormal traffic 0-day attack Attack using the new vuln. Behaviors Attack in the normal traffic Normal traffic Info. stealing/abnormal behavior Traffic to C&C server Access to new domain Non-compliance information leakage DNS get packet ERP Website OA Supply Chain System Backdoor Vuln. Assets Vuln. 0- day Traffic through the Firewall are not all Safe! 12

Broader visibility, better security accurate detect and defense efficient security O&M Effective Analysis and Presentation Risk Positioning Analysis of Data Graphical Display Broader Visibility User ID User Visibility Behavior Visibility Business Visibility Endpoints Access Traffic System Location Packet App Location Vuln. Data mode Content Log Info

Real-Time Detection, fight to the death Reconnaissance Weaponization Delivery Exploitation Installation Command and Control Actions on Intent Reconnoiter Port scan Vuln. scan Social Engineering Web attack App vuln. attack System vuln. Cache flushing 0-day Privilege escalation Get Permissions Script Modification Web shell Malicious software Zombie Trojans Back door Crack Hash RDP Exploit Remote control Springboard attack Multi-hop attack Data Leak Data Destruction Clear traces Pre-Event Detection Post-Event Detection 14

Conclusion New world and New IT demand New Security Real Time Security Visibility as the foundation Fast response to cut loss Simplify security operation through convergence and intelligent automation Application layer Security is the new security 18

Apply What You Have Learned Today #RSAC Following this presentation you should: Understand what are the key aspects of new security Next week you should: Better understand your current security design and gaps with new security model Within 3 months, you should: Start to fill in the gaps for better defense of cyber criminal 19

Thank you! Jackie Chen Chief Product & Marketing Officer jackie.chen@sangfor.com 20

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback