isc2014 beijing keynote
DESCRIPTION
Fengmin Gong ISC2014 Beijing Keynote Innovation & Security Technology Trends -‐ Silicon Valley PerspectiveTRANSCRIPT
Target the threats that target you. Target the threats that target you.
创新与安全技术趋势 Innova1on & Security Technology Trends
-‐ Silicon Valley Perspec1ve
Dr. Fengmin Gong Co-‐Founder & Chief Architect
Topics Of Conversa1on
© Copyright 2014 Cyphort, Inc. All rights reserved. Proprietary & Confiden1al
o Sustained Compe11veness Requires Sustained Innova1on
o Building Best Tools Require Understanding Of <problem, users, environments>
o Security Threat & Technology Trends o Security Technology Innova1on Framework o Cyphort Product Example
硅谷之成功人人皆知 Silicon Valley Successes
© Copyright 2014 Cyphort, Inc. All rights reserved. Proprietary & Confiden1al
• Total of 18 investment regions in US tracked by MoneyTree Report • Silicon Valley accounts more than 54% of the total: $7.09b/$12.96b (Q2-‐2014)
创业竞争激烈 Survive The Ficest
© Copyright 2014 Cyphort, Inc. All rights reserved. Proprietary & Confiden1al
• 先烈榜样不胜枚举 -‐ for every success there are at least 9 died of quiet death • CB Insights, updated June 3, 2014, “76 Startup Failure Post Mortems”,
www.cbinsights.com/blog/startup-‐failure-‐post-‐mortem/ • CB Insights, June 14, “76 of the Biggest, Costliest Startup Failures of All Time”,
www.cbinsights.com/blog/biggest-‐startup-‐failures/
保持饥饿,不断创新
大不尽是优势 Big Is No Guarantee
© Copyright 2014 Cyphort, Inc. All rights reserved. Proprietary & Confiden1al
• 昔日英雄现熊像 -‐ Yesterday’s bulls are becoming struggling bears • Declining tradi1onal switch/router product sales • Lacking compe11ve security products for emerging environments
长江后浪推前浪,前浪自大难逃亡
创新制胜 Power Of Innova1on
© Copyright 2014 Cyphort, Inc. All rights reserved. Proprietary & Confiden1al
• Bay Area Council Economic Ins1tute & Booz Allen Joint Report 2012 • Three Innova1on Strategies
1. Need seekers: understanding problems & an1cipa1ng needs 2. Market readers: seeing demand trends & catching the wave 3. Technology drivers: building best tech & looking for market
Innova'on Strategy
Business & Innova'on Alignment
Culture for Innova'on
Be A Need Seeker
Tech Leader Report To CEO
Con'nuous Talent Refresh
Silicon Valley Co
89.3% 53.6% 46.4% 46.4% 75% 46%
Overall Survey
80.3% 14.3% 19.2% 27.7% 62.9% 26%
创新需有用 Key Innova1on Drivers
Innovative & Useful Tools
Business Evolution • Global • Mobile • Consumerization • Big Data • SaaS Cloud
IT Evolution • Blurred Intra-Extra-Internet • Unified with ICS- IoT & IoE
(Fractured Clouds) • SDx: Software-defined X
Threats Evolution • Advanced TTP • Industrialized cyber crime • State actors • Increased financial
incentives
User Awareness & Percep1on • Problems on the ground • Urgency for tools • Expecta1on for “fit”
© Copyright 2014 Cyphort, Inc. All rights reserved. Proprietary & Confiden1al
深远影响 Impact Of Security Breaches
Information and IP loss
Financial and business impact Threat resolution costs
Brand and reputation loss
用户视角IT Perspec1ve Changes
Transformed IT Landscape IT consumeriza1on & perimeter-‐less, zero-‐trust enterprise renders current solu1ons useless
Impact of Breaches Crown jewels – intellectual property, customer & business data, reputa1on, business con1nuity
New Stakeholder Dynamics CEO & Board with elevated awareness of business risk, from compliance-‐driven to risk-‐driven
© Copyright 2014 Cyphort, Inc. All rights reserved. Proprietary & Confiden1al
大趋势解读 Big Trends o Top 8 Security Buzzwords
1. Big Data 2. Machine Learning 3. Behavior Detona1on 4. Ac1onable Intelligence 5. Con1nuous Monitoring 6. Intelligence Sharing 7. Soqware Defined X 8. Security Ecosystem
© Copyright 2014 Cyphort, Inc. All rights reserved. Proprietary & Confiden1al
Big Data & Machine Learning o Big Data 大数据
o It is not about o 哪级干部每周几次公款消费方可支持我不转做大数据? o How many TB of data, or structured/non-‐structured
o It is about o How long into the past (时间) o How many sites or how many companies (空间) o How deep into the business transac1ons (深度)
o Machine Learning 机器学习 o It is not about new SVM or Decision Tree algorithms o It is about insights on
o Mapping your problems to suitable algorithms o Choosing right features for learning
© Copyright 2014 Cyphort, Inc. All rights reserved. Proprietary & Confiden1al
Con1nuous Monitoring & Mi1ga1on o Con1nuous Monitoring 无间断监控
o Why -‐ watching intrusions is neither necessary nor sufficient for controlling the damage from intrusions
o It is not about o Monitoring just the front doors o Using your AV/IDS/IPS/UTM etc.
o It is about o Monitoring all points of traversal, all the 1me o Using all methods available
o Mi1ga1on With Ac1onable Intelligence 有效动作 o Full context:what happened whom how, how bad? o Ready-‐to-‐take ac1ons for acack containment, damage control, future hardening
© Copyright 2014 Cyphort, Inc. All rights reserved. Proprietary & Confiden1al
Behavior Detona1on & Intelligence Sharing
o Behavior Detona1on 行为施放 o It is not about
o Generic sandboxing, or o Emula1on of a few OS configura1ons
o It is about o Elici1ng soqware behavior to the extent necessary for detec1on o Matching detona1on environments to protected targets
o Intelligence Sharing 情报共享 o It is not about
o Botnet CnC servers or SPAM domains o It is about
o Acack campaign: malware, TTP, targets, actors, objec1ves o Propaga1on trends and proac1ve counter measures
© Copyright 2014 Cyphort, Inc. All rights reserved. Proprietary & Confiden1al
SDX & Security Ecosystem o Soqware-‐Defined X
o It is not about o Soqware defined networks (SDN), soqware defined storage (SDS) o Or, network func1on virtualiza1on (NFV)
o It is about 长远目光 o Valuing flexibility and scalability over efficiency
o Security Ecosystem o It is not about worrying vendor’s compe11on anymore o It is about
o Elimina1ng the weakest security link 敌人是狡猾的 o Learning from enemy, unite all the defenders 团结联防
希拉里.克林顿说过,需要全村的人参与才可以养育好一个孩子。我说,需要全部的安全生态系统配合才能有效地抵御现代安全威胁。
© Copyright 2014 Cyphort, Inc. All rights reserved. Proprietary & Confiden1al
Cyphort Architecture
© Copyright 2014 Cyphort, Inc. All rights reserved. Proprietary & Confiden1al
Collector: Headquarters Web Traffic
Collector: Branch Office Web Traffic
Collector: Data Center
Collector: Email
Collect
Cyphort Global Security Services
Cyphort Core Multi-method Inspection
Machine Learning Analytics Correlation
User & Asset Data
Inspec1on
Analy1cs
Correla1on
Inspect
Infec1on Verifica1on Pack
Mi1ga1on & Enforcement
Publish Blocking Data To Exis1ng: FW, IPS and SWG
API based or manual
{ Verify infec1on on suspect endpoints before cleaning }
Act
API
API
Click to edit Master title style Reduce Your Risk, Priori1ze Your Response
© Copyright 2014 Cyphort, Inc. All rights reserved. Proprietary & Confiden1al
Scale with flexible deployment
Detection of advanced threats
that matter
Visibility across
entire attack surface
Containment with speed and
automation
Technology Finance Media & Entertainment
Utilities Retail
And More…
Awards & Recognition Winning!
© Copyright 2014 Cyphort, Inc. All rights reserved. Proprietary & Confiden1al
© Copyright 2014 Cyphort, Inc. All rights reserved. Proprietary & Confiden1al