mobile security & analytics: what works and what doesnt
TRANSCRIPT
Title of Presentation DD/MM/YYYY © 2015 Skycure Ltd. 1 Hadi Nahari, Chief Security Architect, NVIDIA Varun Kohli, Vice President, Skycure
September, 2015
MOBILE SECURITY & ANALYTICS: WHAT WORKS & WHAT DOESN'T
Title of Presentation DD/MM/YYYY © 2015 Skycure Ltd. 2
Meet$Your$Speakers$
Hadi$Nahari$Chief$Security$Architect,$$
Mobile$and$So<ware$Pla?orms$NVIDIA$
Varun$Kohli$VP$of$MarkeEng$
Skycure$
Title of Presentation DD/MM/YYYY © 2015 Skycure Ltd. 3
Quick$Housekeeping$
• Q&A$panel$is$available$if$you$have$any$quesEons$• There$will$be$Eme$for$Q&A$at$the$end$$• We$are$recording$this$webinar$for$future$viewing$• All$aMendees$will$receive$a$copy$of$slides/recording$
Join$the$discussion$using$#mobilethreatdefense$hashtag$on$TwiMer$$
>3,000,000,000,000'''threats'annually''''
''''''''''''''''''50%' 25%'25%'
legacy'threats'
blocked'
advanced'threats'
'''detected''''''''undetected'
1.6'B''number'of'records'lost'globally'in'2014'
$236'M'recovery'cost'of'Target'breach'(so'far)'
$110$BN$annual'price'tag'
of'cybercrime'
(avg.'$27.3'loss'per'incident)'
15'B'connected'devices'in'2015'
General'Threat'Landscape'
11'COPYRIGHT'2015,'Hadi'Nahari'
Mo2va2on'
• More'connected'devices'!'more'value'!'added'risk'
• Security'posture'hasn’t'magically'just'improved'
– In'many'cases'in'fact'it'has'regressed'
• Heterogeneous'security'paradigms'
– Device_end'data'is'processed'out'of'band'– Dubious'infrastructure'security'posture'
12'COPYRIGHT'2015,'Hadi'Nahari'
Internet'of'Things'(IoT)'
21'
• Controllers,'processors,'CPUs.'No'standard'comm.'
COPYRIGHT'2015,'Hadi'Nahari'
Internet'of'Things'(IoT)'
22'
''
'
• ~standard'comm.'stack(s):'s2ll'a''
mix'(WiFi,'BT,'NFC,'ZigBee,'etc.)'
COPYRIGHT'2015,'Hadi'Nahari'
Internet'of'Things'(IoT)'
25'
• Scaled_up'connec2on'!'mass'data'genera2on'
COPYRIGHT'2015,'Hadi'Nahari'
Connected'Vehicle'
• Infrastructure'!'VPN'to'backend'
!'1_N'exploits'
34'COPYRIGHT'2015,'Hadi'Nahari'
35'
Big'Data'&'Infrastructure'
COPYRIGHT'2015,'Hadi'Nahari'
“Big'Data'is'like'teenage'sex:'
''everyone'talks'about'it,'
''nobody'really'knows'how'to'do'it,'
''everyone'thinks'everyone'else'is'doing'it,'
''so'everyone'claims'they'are'doing'it…”'
' ' '–Dan%Ariely,%Duke%University%%
40'
Big'Data'&'Infrastructure'
• “…your'call'maybe'monitored''
'''''for'quality'purposes…”'
COPYRIGHT'2015,'Hadi'Nahari'
Pre'IoT/Big'Data'
42'
service provider (SP)
hi, I’m Eva! (eva, password123*)
is there a match? (eva, password123)
! match: issue a token ! no match: deny access
(if match, respond:) “hi Eva! here’s your token:”
… observations
(eva, password123)
×
COPYRIGHT'2015,'Hadi'Nahari'
IoT'/'Big'Data'Era'
43'
service provider
123456 password 12345678
qwerty abc123
(on avg. only five passwords per 40 online accounts per user)
Where to store token(s)???
COPYRIGHT'2015,'Hadi'Nahari'
Result'
44'
''
%
%some%noteworthy%breaches%since%this%report%was%released%
COPYRIGHT'2015,'Hadi'Nahari'
Ac2ons'• IDENTIFY'the'security%assets'in'your'system'
– Anything'that'would'be'of'any'value'to'hackers''• DEVISE'aaacks'
– Think'like'a'hacker'– Think'of'ways'to'obtain'illegal'access'to'security'assets'
• PRIORITIZE$– Assign'levels'(e.g.'1_5)'to'aaacks'and'assets'– High_priority'asset'suscep2ble'to'easy'aaack'gets'higher'priority'
• PROTECT$– Think'of'making'hackers’'life'difficult'
– Consult'with'security'professionals'• ITERATE$
– Hackers'learn'(and'they’re'good'at'it.)'Security'is'always'work_in_progress'
45'COPYRIGHT'2015,'Hadi'Nahari'
Title of Presentation DD/MM/YYYY © 2015 Skycure Ltd. 16
Ac#ons'(Cont.)'
1. IDENTIFY the security assets in your system – Anything that would be of any value to hackers
2. DEVISE attacks – Think like a hacker – Think of ways to obtain illegal access to security assets
3. PRIORITIZE – Assign levels (e.g.1-5) to attacks and assets – High-priority asset susceptible to easy attack gets higher priority
4. PROTECT – Think of making hackers’ life difficult – Consult with security professionals
5. ITERATE – Hackers learn (and they’re good at it.) Security is always work-in-progress
Title of Presentation DD/MM/YYYY © 2015 Skycure Ltd. 17
1.'Iden#fy'
• Assets + Attacks • How many mobile device in your org
experienced a threat in the last month? - What types of threats? - Where did they come from? - Who was attacked the most? - What was the impact?
Title of Presentation DD/MM/YYYY © 2015 Skycure Ltd. 18
2.'Devise'A7acks'
• Have you been breached?
92% of users click on “Continue” compromising their Exchange identity (username and password)
Continue 92%
Cancel 8%
Source:'Skycure'Threat'Intelligence'
Title of Presentation DD/MM/YYYY © 2015 Skycure Ltd. 20
4.'Protect'F>'Proac#vely'Protect'
“Waze” of Mobile Security
• “How do you know if the network you connect to is real or fake?”
• “What about the app you just
downloaded? Free? Repackaged? Malicious?
Title of Presentation DD/MM/YYYY © 2015 Skycure Ltd. 22
Skycure'–'Solu#on'Overview'
• Policy creation and enforcement • Reporting and compliance • Flexible deployment • Enterprise integrations
• 24x7 detection and protection • Network, device and app analysis • Seamless experience • Multi platform – iOS & Android
Employee IT Team
Mobile Threat Intelligence • Millions of tests per month • 500K+ networks and apps analyzed • Zero-day threats • Predictive Security
Title of Presentation DD/MM/YYYY © 2015 Skycure Ltd. 23
h7ps://maps.skycure.com'
RealFTime'Threat'Intelligence'100K+'Global'Threats'Iden#fied'in'2014'
Title of Presentation DD/MM/YYYY © 2015 Skycure Ltd. 25
Summary'
• Mobile/IOT is a low hanging fruit for attackers • Mobile security threat landscape
- Physical, Network, Malware, Vulnerabilities
• Recommendations - Focus on visibility as a
baseline to security - Be proactive. Reactive is often
too little too late - Security solutions for
personal and business needs
Title of Presentation DD/MM/YYYY © 2015 Skycure Ltd. 26
Next'Steps'
Request a FREE 30 Day Trial!
[email protected], Phone: 1-800-650-4821
https://www.skycure.com/trial
https://blog.skycure.com
@hadinahari, @SkycureSecurity, @vk_is
https://www.linkedin.com/company/skycure