Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
Don’t Let a Breach Make You Famous
Stephan Tallent, CISSPDirector Managed Security Service Providers
1. Threat Landscape
2. Security Trends
3. Exploits & Lessons
4. What can you do?
Ponemon Institute, 2014 Cost of Data Breach Study
2013 2014
Ponemon Institute, 2014 Cost of Data Breach Study
Ponemon Institute, 2014 Cost of Data Breach Study
• State Affiliated – 87% Espionage/Financially motivated – Mercenaries, Russia,China
Manufacturing, Pro Services, Transportation
• Organized Crime – 11% Financially motivated – Eastern Europe – Romania 28%
Finance, Retail, Hospitality
• Hacktivists – 2% PR motivated – North America 18%
Public informational
Verizon Business, 2014 Data Breach Investigation Report
• Stealthy & continuous Persistent effort to gain and maintain access
• Advanced, sophisticated techniques Zero day threats, social engineering, web and email
• Automated, targeted Pre-packaged malware -Segment, vertical or specific entity
• Land, expand & maintain access New APTs better at covering their tracks
• 40% of breaches - Malware 84% of malware was direct install
95% of malware evaded Anti-virus
• 34% email attachments Downloaded through malicious email
Phishing attacks, CryptoLocker
• 26% brute force attacks Guessed or stolen credentials
Verizon Business, 2014 Data Breach Investigation Report
1. Threat Landscape
2. Security Trends
3. Exploits & Lessons
4. What can you do?
• Blended Threats increasing Web based threats increased by 30%
Social networking sites spoofing increased 125%
• Advanced Persistent Threats 42% increase in targeted attacks
Crypto Locker, BlackPOS
• All verticals under attack 31% of all targeted attacks aimed at businesses with less
than 250 employees
Verizon Business, 2014 Data Breach Investigation Report
• Security becoming a utility Too complex and subtle for most in-house IT
More strategic and economical to outsource
• Cloud migration across verticals Security is an inhibitor and opportunity
Customers weighing cost benefits vs. potential risk
• Firewall and AV no longer sufficient Unified Threat Management leads demand
Adaptive threat protection needed against ATPs
• MSS market reached $15.8B in 2014 Revenue will in crease 40% over next 5 years
14.7% CAGR from 2012 to 2017**
• Market Segment Dynamics SME MSS double to near 50% of the market in 2013/14
Enterprises adoption expands to $6.8B by 2017***
• MSS Market Evolution Cloud MSS grows to 69% of market over next 5 years
CPE MSS dropping to 48%(from 57%) of market by 2019***
Infonetics MSS Analysis 2015
Ponemon Institute, 2014 Cost of Data Breach Study
1. Threat Landscape
2. Security Trends
3. Exploits & Lessons
4. What can you do?
Verizon Business, 2013 Data Breach Investigation Report
• Retail – 21% Financially motivated – Eastern Europe
• Manufacturing – 12.2% Espionage motivated – China 30%
• Healthcare – 10.4% ID theft motivated – North America 18%
• Attributed to North Korea, but…. New research indicates Russia mercenaries
• Wiped out hard drives Phishing - downloaded through malicious email
• Freedom of speech held hostage 1st time a cyber attack stopped a creative release
• 47K employees affected SSNs, medical records, compensation, email
• Attributed to Chinese APT (Kungfu Kittens)
Sophisticated skillsets, targeted effort, combination of exploits
• Malware bundle used to expand Likely a web application vulnerability granting access
• 79M people affected SSNs, addresses, phone numbers, etc
Verizon Business, 2014 Data Breach Investigation Report
Anti-spam
Web Filtering
Intrusion Prevention
Antivirus
App Control/
IP Reputation
SpamMaliciousEmail
Spam
Anti-spam
Web Filtering
Intrusion Prevention
Antivirus
App Control/
IP Reputation
SpamMaliciousEmail
MaliciousLink
MaliciousWeb Site
Spam
MaliciousLink
Anti-spam
Web Filtering
Intrusion Prevention
Antivirus
App Control/
IP Reputation
SpamMaliciousEmail
MaliciousLink
MaliciousWeb Site
Exploit
Spam
MaliciousLink
Exploit
Anti-spam
Web Filtering
Intrusion Prevention
Antivirus
App Control/
IP Reputation
SpamMaliciousEmail
MaliciousLink
MaliciousWeb Site
Exploit
Spam
MaliciousLink
Exploit
Anti-spam
Web Filtering
Intrusion Prevention
Antivirus
App Control/
IP Reputation
SpamMaliciousEmail
MaliciousLink
MaliciousWeb Site
Exploit
Malware
Spam
MaliciousLink
Exploit
Malware
Anti-spam
Web Filtering
Intrusion Prevention
Antivirus
App Control/
IP Reputation
SpamMaliciousEmail
MaliciousLink
MaliciousWeb Site
Exploit
Malware
Bot Commands& Stolen Data
Command &Control Center
Spam
MaliciousLink
Exploit
Malware
Bot Commands& Stolen Data
Anti-spam
Web Filtering
Intrusion Prevention
Antivirus
App Control/
IP Reputation
SpamMaliciousEmail
MaliciousLink
MaliciousWeb Site
Exploit
Malware
Bot Commands& Stolen Data
Command &Control Center
Spam
MaliciousLink
Exploit
Malware
Bot Commands& Stolen Data
San
db
ox
Anti-spam
Web Filtering
Intrusion Prevention
Antivirus
App Control/
IP Reputation
1. Threat Landscape
2. Security Trends
3. Exploits & Lessons
4. What can you do?
• Managed Security Services Reduced security TCO, threat intelligence
• Advanced Threat Protection Unified Threat Management & Sandboxing
• Strong Authentication Dual Factor Authentication
• Education Know yourself, know your employees
TRADITIONAL SOLUTIONS
Cumbersome and costly
THE FORTINET SOLUTION
Simple and cost-effective
Bad guys are getting better - zero day is tool of choice
Can’t defend what you don’t know
Defenders must adapt to stay ahead
Creates a pristine environment to let threat run course
Provides closed loop, cooperative security intelligence
Per Minute Updates Per Week
72,000Spam emails intercepted
210,000Network Intrusion Attempts resisted
68,000Malware programs neutralized
310,000Malicious Website accesses blocked
67,000Botnet C&C attempts thwarted
34 MillionWebsite categorization requests
53 MillionNew & updated spam rules
100Intrusion prevention rules
920,000New & updated AV definitions
1 MillionNew URL ratings
8,000Hours of threat research globally
FortiGuard Database
150Terabytes of threat samples
17,000Intrusion Prevention rules
5,800Application Control rules
250 MillionRated websites in 78 categories
151Zero-day threats discovered
Based on Q4 2014 data
Platform Advantage built on key innovations
• FortiGuard: industry-leading threat research
• FortiOS: tightly integrated network + security OS
• FortiASIC: custom ASIC-based architecture
• Market-leading technology: 177 patents, 146 pending
Founded 2000, 1st product shipped 2002, IPO 2009
HQ: Sunnyvale, California
Employees: 2700+ worldwide
Consistent growth, gaining market share
Strong positive cash flow, profitable
$13M
$770M
$16M
$991M
Cash
Revenue
2003 2014
2003 2014
Global presence and customer base
• Customers: 218,000+
• Units shipped: 1.8+ Million
• Offices: 30+ worldwide
Top 10
Fortune
500
Top 10
Global 500
Banks
Top 5
Global
Carriers
Awards & Certifications Partnerships & Industry
35 Awards
Founded by Fortinet additional members include Palo Alto Networks, McAfee and Symantec
FW
IPS
Baselin
e
CP 8NP 66Gbps
2Gbps
3.5Gbps
FW
VPN
IPS
40Gbps
25Gbps
FW
VPN
10Gbps
9Gbps
IPS
VPN
• 10X data center firewall performance
• 5X NGFW performance
• Security that keeps up with
growing bandwidth requirements
Description Fortinet Check Point CiscoPalo Alto
NetworksJuniper FireEye
NSS - Firewall NGFW Recommended RecommendedRecommended
& NeutralCaution Caution x
NSS - Firewall DC Recommended x x x x x
NSS - Breach Detection Recommended x Recommended x x Caution
NSS - IPS (DC) ✔ ✔ x x Caution x
NSS - IPS (Enterprise) ✔ x Recommended x Caution x
NSS - WAF Recommended x x x x x
BreakingPoint Resiliency Record High - 95 x x Poor - 53 x x
ICSA Firewall ✔ ✔ x ✔ ✔ x
ICSA IPS ✔ ✔ x x x x
ICSA Antivirus ✔ x x x x x
ICSA WAF ✔ x x x x x
VB 100 ✔ Caution x x x x
AV Comparative ✔ x x x x x
Common Criteria ✔ ✔ ✔ ✔ ✔ ✔
FIPS ✔ ✔ ✔ ✔ ✔ ✔
Contains results from the latest published NSS Labs reports as of Sept. 30 2014 X = did not participate, not certified
Position Magic
Quadrant
Application Deliver
Controller
Position Magic
Quadrant
Enterprise Firewall
Position Magic
Quadrant
Wired & Wireless
Infrastructure
Position Magic
Quadrant
Security E-Mail
Gateway
2006–2013
2010–2013
2012–2013
2005–2013
1. Threat Landscape Growing
2. Trend to targeted, sophisticated
3. Malware, phishing and web apps
4. Layered defense, actionable threat intel
Mahalo!