isc2014 beijing keynote

Target the threats that target you. Target the threats that target you.

创新与安全技术趋势 Innova1on & Security Technology Trends

-‐ Silicon Valley Perspec1ve

Dr. Fengmin Gong Co-‐Founder & Chief Architect

Topics Of Conversa1on

© Copyright 2014 Cyphort, Inc. All rights reserved. Proprietary & Confiden1al

o  Sustained Compe11veness Requires Sustained Innova1on

o  Building Best Tools Require Understanding Of <problem, users, environments>

o  Security Threat & Technology Trends o  Security Technology Innova1on Framework o  Cyphort Product Example

硅谷之成功人人皆知 Silicon Valley Successes


•  Total of 18 investment regions in US tracked by MoneyTree Report •  Silicon Valley accounts more than 54% of the total: $7.09b/$12.96b (Q2-‐2014)

创业竞争激烈 Survive The Ficest


•  先烈榜样不胜枚举 -‐ for every success there are at least 9 died of quiet death •  CB Insights, updated June 3, 2014, “76 Startup Failure Post Mortems”,

www.cbinsights.com/blog/startup-‐failure-‐post-‐mortem/ •  CB Insights, June 14, “76 of the Biggest, Costliest Startup Failures of All Time”,

www.cbinsights.com/blog/biggest-‐startup-‐failures/

保持饥饿，不断创新

大不尽是优势 Big Is No Guarantee


•  昔日英雄现熊像 -‐ Yesterday’s bulls are becoming struggling bears •  Declining tradi1onal switch/router product sales •  Lacking compe11ve security products for emerging environments

长江后浪推前浪，前浪自大难逃亡

创新制胜 Power Of Innova1on


•  Bay Area Council Economic Ins1tute & Booz Allen Joint Report 2012 •  Three Innova1on Strategies

1.  Need seekers: understanding problems & an1cipa1ng needs 2.  Market readers: seeing demand trends & catching the wave 3.  Technology drivers: building best tech & looking for market

Innova'on Strategy

Business & Innova'on Alignment

Culture for Innova'on

Be A Need Seeker

Tech Leader Report To CEO

Con'nuous Talent Refresh

Silicon Valley Co

89.3% 53.6% 46.4% 46.4% 75% 46%

Overall Survey

80.3% 14.3% 19.2% 27.7% 62.9% 26%

创新需有用 Key Innova1on Drivers

Innovative & Useful Tools

Business Evolution •  Global •  Mobile •  Consumerization •  Big Data •  SaaS Cloud

IT Evolution •  Blurred Intra-Extra-Internet •  Unified with ICS- IoT & IoE

(Fractured Clouds) •  SDx: Software-defined X

Threats Evolution •  Advanced TTP •  Industrialized cyber crime •  State actors •  Increased financial

incentives

User Awareness & Percep1on • Problems on the ground • Urgency for tools • Expecta1on for “fit”


深远影响 Impact Of Security Breaches

Information and IP loss

Financial and business impact Threat resolution costs

Brand and reputation loss

用户视角IT Perspec1ve Changes

Transformed IT Landscape IT consumeriza1on & perimeter-‐less, zero-‐trust enterprise renders current solu1ons useless

Impact of Breaches Crown jewels – intellectual property, customer & business data, reputa1on, business con1nuity

New Stakeholder Dynamics CEO & Board with elevated awareness of business risk, from compliance-‐driven to risk-‐driven


大趋势解读 Big Trends o  Top 8 Security Buzzwords

1.  Big Data 2.  Machine Learning 3.  Behavior Detona1on 4.  Ac1onable Intelligence 5.  Con1nuous Monitoring 6.  Intelligence Sharing 7.  Soqware Defined X 8.  Security Ecosystem


Big Data & Machine Learning o  Big Data 大数据

o  It is not about o 哪级干部每周几次公款消费方可支持我不转做大数据？ o How many TB of data, or structured/non-‐structured

o  It is about o How long into the past (时间) o How many sites or how many companies （空间） o How deep into the business transac1ons (深度）

o Machine Learning 机器学习 o  It is not about new SVM or Decision Tree algorithms o  It is about insights on

o Mapping your problems to suitable algorithms o  Choosing right features for learning


Con1nuous Monitoring & Mi1ga1on o  Con1nuous Monitoring 无间断监控

o Why -‐ watching intrusions is neither necessary nor sufficient for controlling the damage from intrusions

o  It is not about o Monitoring just the front doors o Using your AV/IDS/IPS/UTM etc.

o  It is about o Monitoring all points of traversal, all the 1me o Using all methods available

o Mi1ga1on With Ac1onable Intelligence 有效动作 o  Full context：what happened whom how, how bad？ o  Ready-‐to-‐take ac1ons for acack containment, damage control, future hardening


Behavior Detona1on & Intelligence Sharing

o  Behavior Detona1on 行为施放 o  It is not about

o Generic sandboxing, or o  Emula1on of a few OS configura1ons

o  It is about o  Elici1ng soqware behavior to the extent necessary for detec1on o Matching detona1on environments to protected targets

o  Intelligence Sharing 情报共享 o  It is not about

o Botnet CnC servers or SPAM domains o  It is about

o Acack campaign: malware, TTP, targets, actors, objec1ves o  Propaga1on trends and proac1ve counter measures


SDX & Security Ecosystem o  Soqware-‐Defined X

o  It is not about o  Soqware defined networks (SDN), soqware defined storage (SDS) o  Or, network func1on virtualiza1on (NFV)

o  It is about 长远目光 o  Valuing flexibility and scalability over efficiency

o  Security Ecosystem o  It is not about worrying vendor’s compe11on anymore o  It is about

o  Elimina1ng the weakest security link 敌人是狡猾的 o  Learning from enemy, unite all the defenders 团结联防

希拉里.克林顿说过，需要全村的人参与才可以养育好一个孩子。我说，需要全部的安全生态系统配合才能有效地抵御现代安全威胁。


Cyphort Architecture


Collector: Headquarters Web Traffic

Collector: Branch Office Web Traffic

Collector: Data Center

Collector: Email

Collect

Cyphort Global Security Services

Cyphort Core Multi-method Inspection

Machine Learning Analytics Correlation

User & Asset Data

Inspec1on

Analy1cs

Correla1on

Inspect

Infec1on Verifica1on Pack

Mi1ga1on & Enforcement

Publish Blocking Data To Exis1ng: FW, IPS and SWG

API based or manual

{ Verify infec1on on suspect endpoints before cleaning }

Act

API

API

Click to edit Master title style Reduce Your Risk, Priori1ze Your Response


Scale with flexible deployment

Detection of advanced threats

that matter

Visibility across

entire attack surface

Containment with speed and

automation

Technology Finance Media & Entertainment

Utilities Retail

And More…

Awards & Recognition Winning!


Target the threats that target you.

Thank You! [email protected]

CYPHORT Confidential

isc2014 beijing keynote

Engineering