Upload
others
View
12
Download
0
Embed Size (px)
Citation preview
Head Of Cyber Security, Cisco Switzerland
Bremtane Moudjeb
CyberSecurity Day
Crypto-Jacking 1.3Tbps DDoS Network Malware
145M Users Atlanta - SamSam Croatia Attacks
Another Crazy Year!
DDoS
Data Destruction
Monetary TheftPhishing
Rogue Software
Man in the MiddleTrojans
Drive by Downloads
Data Manipulation
Wiper Attacks
Botnets
RansomwareAdvanced Persistent Threats
Unpatched Software
Spyware/Malware
Data/IP Theft
Malvertising
DEFENDERSTireless
ATTACKERS
Relentlessvs
CyberSecurity Challenges
Rapid Containment
Intelligence drivenIncident Response
Threat Visibility
Workplace
desktops
Business
apps
Critical
infrastructure
Back Then… Internet
…it was all about Perimeter Security…
…and a Big Fat Firewall!
Business appsSalesforce, Office 365,
G Suite, etc.
Branch office
Critical infrastructureAmazon, Rackspace,
Windows Azure, etc.
Roaming laptops &IoT Devices
Workplace
desktops
Business
apps
Critical
infrastructure
Internet
But Now: The way we work has changed
Collapse of The Old Security ModelSymptoms of Failure
of organizations use 6 to>50 security vendors 65%
of organizations use 6to >50 security productsTB of Logs
But yet, little
visibility
500K+
Firewall Rules
80+
Security
Tools
200
Days
Average
breach
detectio
n time
100%
of
Organizations
compromised
55%
Blind To Threats
44%of alerts are NOT
investigated
49%of legitimate
alerts are NOTremediated
Malicious Binaries and Encryption
Increase
November 2016
Attackers embrace encryption to conceal their command-and-control activity
19%
12% Increase
268%70%
50%
38%
Global Encrypted Web Traffic Malicious Sandbox Binaries with Encryption
October 2017
3.6Pb 46.8K+ 4.8M+
624M+ 126 $429K+
45min to change the game
$516M
ArchitectureIntegrated
PortfolioBest of breed
IntelligenceCloud-Delivered
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
00I00 I00I0I II0I0I 0II0I I0I00I0I0 0II0I0II 0I00I0I I0 00
III00II 0II00II I0I0II0II0 I0 I0 I00 00I0 I000 0II0 00
III00II I000I0I I000I0I I000I0I II 0I00 I0I000 0II0 00
00I I0I0I0 I0I0III000 I0I00I0I 0II0I0 I00I0I0I0I 000
II0II0I0I0I I0I0I0I 0I0I0I0I 0I0I00I0 I0I0I0I 0II0I0I0I
0II00 I00I0I0 0I00I0I I00I0I0 I0I0I0I 0I0I0I 0I0I0I0
00I0I0 0I0I0I0 I0I0I00I 0I0I 0I0I 0I0I I0I0I 0I00I0I
III00II 0II00II I0I000 0II0 00I0I00 I0 I000I0I 0II 0I0I0I
II0III0I 0II0II0I II00I0I0 0I00I0I00 I0I0 I0I0 I00I0I001.5 millionDaily malware samples
600 billionDaily email messages
16 billionDaily web requests
20 billionThreats blocked daily
250+threat intel researchers; 24 – 7 – 365
Millionsof telemetry agents
4Global data centers
Over 100 Threat intelligence partners
Email Malware/Endpoint Network IntrusionsWeb/URL Network Analysis DNS/IP
Portfolio Backed by Superior Threat Intelligence
III00II I000I0I I000I0I I000I0I II 0I00 I0I000 0II0 00
00I I0I0I0 I0I0III000 I0I00I0I 0II0I0 I00I0I0I0I 000
0II00 I00I0I0 0I00I0I I00I0I0 I0I0I0I 0I0I0I 0I0I0I0
20B 250M S
4MP
1M
C
700K
FZ
800K972M
T
P
1MThreats blocked daily
Cisco’s Security Investments $6B Invested to Radically Change How the Industry
NAC addition
Messaging and Web Security Appliance
Cloud Security
UTM
Security Analytics
NGIPS / Anti-Malware
Sandbox
2004 20072009
2012
20132014
2016
Consulting
Advanced
Threat
Protection
Portcullis
Consulting
Network
As A
Sensor
Cloud Security
2017Observable
Networks
Multi-Factor
Authentication
Automated Policy
Context Awareness
Event Visibility
Threat Intel/Enforcement
Integrated Architecture
Enterprise Mobility Management
Network Traffic Security Analytics
Cloud Workload Protection
Web Security
Email Security
Advanced Threat
Secure SD-WAN / Routers
Identity and Network Access Control
Secure Internet Gateway
Switches and Access Points
Next-Gen FW/IPS
Cloud Access Security
Cisco Threat Intelligence
Cisco Platform Exchange
Cisco Threat Response
An integrated portfolio creates value for customers
Open APIs · Developer Environment · Services
Best of Breed Portfolio
EndpointNetwork Cloud
Leading Threat Intelligence
Cisco Threat ResponseDeploy Policy
InvestigateDetect Remediate
3rd Parties150
security tech
partners
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Automation: Breach Response
If malware gets in
Detection under 3.5 HOURS
Removed automatically from
endpoints
Blocked across Network, endpoints
and cloud
It Is Confirmed By The Market
Secure Mail Gateway NGIPS Network Access Ctrl
Symantec
Niche Players Visionairies
Challengers Leaders
Abili
ty to E
xecute
Completeness of VisionAs of June 2015
Microsoft
Intel SecurityTrend Micro
Mimecast
Websense
BAE Systems
Barracuda Networks
Sophos
Clearswift
Fortinet
DellTrustwave
WatchGuard Technologies
Proofpoint
Niche Players Visionairies
Challengers Leaders
Abili
ty to E
xecute
Completeness of VisionAs of December 2017
McAfeeTrend Micro
Vectra Networks
FireEyeAlert Logic
NSFOCUS
Venustech
Hillstone Networks
Niche Players Visionairies
Challengers Leaders
Abili
ty to E
xecute
Completeness of VisionAs of December 2014
Auconet
ForeScoutTechnologies
ArubaNetworks
Bradford Networks
Portnox
Impulse Point
Pulse Secure
Extreme Networks
InfoExpress
Good news…
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
of Cisco customers buy
Cisco Security
12%
Did I Really Say “Good news”?
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
GREAT Year for CyberSecurity
#1 CyberSecurity Company
Umbrella
49%Policy & Access
29%Adv. Threat Sec
40%
*Including services and products
merci
grazie
mahalo
obrigado
terima kasih
dank u
graciasobrigadatakk
ačiū
a dank
спасибоarigatôתודה
Ďakujem Дякую
chnorakaloutioun
xвала
tack
děkuji
dziękuję
Баярлалааευχαριστώ
grazzi
감사합니다
ngiyabonga
choukrane
paldieskop khun
diolch
hvala
danke
shukran
faleminderit
dankie
mulţumes
blagodariagràcies
Xièxièshukriya
tak
kiitosteşekkür ederim
nandri
köszönöm
tänan
dhanyavād
благодаря
Благодарамthank you
Secured Digital HealthCareFelix Platter© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Security Architecture
DNA + ACI + Collaboration
Digital HealthCare320 beds – 700 employees
Demo:The Architectural Advantage in Action
New 3.5h TTD!
2 Flow Analysis with Stealthwatch
3 Threat Analytics CTAFlow Collector 1
Global Threat Intelligence
ISE
Healthcare EndpointDynamic quarantine5
4 Information Sharing to ISE
The New IT RealityIt’s more difficult to establish user and device trust
1Apps are availableon-premises plusvia IaaS and SaaS
2Employees, contractors, others access these apps with BYOD and mobile devices
3
Attackers most often cause data breaches by directly accessing these apps via compromised passwords and devices
Any User, Any Device, Any Application, Any Location
New expectations for being able to deliver trust
Verify device via compliance check
and agentless inspection
Verify user via multi-factor authentication
Establish Trust
Intent-based networking
Wherever there is an access decision on your
network (on-prem or VPN) or off your network
Trust-based policy
Single sign-on to multiple apps via Cisco or 3rd-party
Adaptive AccessUsers
Devices
Apps
What’s Next?
2H FY19
Enriched capabilities
• Enhanced cloud-delivered firewall as Service
• Enhanced web proxy
• New Managed offerings
1H FY19
Deep inspection
• SD-WAN & Meraki integration
• Cloud-delivered firewall
• Full web proxy
My Commitment
TEAM SOLUTIONS SECURITY+ +
Your Commitment
PARTNERSHIP OPEN TRUST+ +
Building The Future
Lead Together