robert potter vice president americas symantec · symantec endpoint encryption web application...

Copyright 2016, Symantec Corporation

Robert PotterVice President AmericasSymantec

1


CYBER CRIME

CYBER ESPIONAGE

HACKING

CYBER WARFARE

TODAY’S ADVANCED ADVERSARY


Notable Targeted Attack Groups Active in 2015

Black VineCN based attacks on primarily aerospace and healthcare, including Anthem and OPM in search of intellectual property and identities

Rocket KittenIran based state-sponsored espionage attacks on journalists, human rights activists, and scientists

DukeState-sponsored attacks against Western state organizations

Emissary PandaAttacks against aerospace, intelligence, telecommunications, energy, and nuclear engineering industries in search of intellectual property

TurlaRU-based espionage attacks against government institutions and embassies

ButterflyAttacks against multi-billion dollar corporations in IT, pharmaceuticals, commodities and includes Facebook and Apple for insider trading

2016 Internet Security Threat Report Volume 21 3


In 2009 there were

2,361,414new piece of malware created.

That’s

1 Million 179 ThousandA DAY!

In 2015 that number was

430,555,582

4


AN ESCALATING THREAT LANDSCAPE

RECORD HIGH NUMBERS

429M total identities exposed

9 mega breaches, up

125%

191M identifies exposed in one

breach

431M new malware created

all-time high

Top 5 unpatched for

295 days

54Healthcare

120 security incidents

Government17 security incidents

Financial30 security incidents

Education 20 security

incidents

Retail33 security incidents

35% increase in crypto-

ransom ware

992 devices held hostage

each day

DIGITAL EXTORTION ON THE RISE

76% of websites had

vulnerabilities

WEBSITES

ZERO-DAY THREATS

MANY SECTORSUNDER ATTACK

Copyright 2016, Symantec Corporation 6

SectorNumber

of Incidents

% of

Incidents

1 Services 200 65.6%

2 Finance, Insurance, & Real Estate 33 10.8%

3 Retail Trade 30 9.8%

4 Public Administration 17 5.6%

5 Wholesale Trade 11 3.6%

6 Manufacturing 7 2.3%

7 Transportation & Public Utilities 6 2.0%

8 Construction 1 0.3%

Top 10 Sectors Breached by Number of Incidents

Top 10 Expanded Sectors Breached by Number of Incidents

SectorNumber

of Incidents

% of

Incidents

1 Health Services 120 39.3%

2 Business Services 20 6.6%

3 Educational Services 20 6.6%

4 Insurance Carriers 17 5.6%

5 Hotels & Other Lodging Places 14 4.6%

6 Wholesale Trade - Durable Goods 10 3.3%

7 Eating & Drinking Places 9 3.0%

8 Executive, Legislative, & General 9 3.0%

9 Depository Institutions 8 2.6%

10 Social Services 6 2.0%


Endpoint Devices

Content &Collaboration

Applications

Data

Network

Identity

Compute & StorageInfrastructure

Symantec Endpoint Protection

Symantec Endpoint Encryption

Symantec Data Loss Prevention

Asset Mgmt/ServiceNow

License Mgmt.

Mobile Device Mgmt.

Symantec Access Manager

Symantec VIP 2-Factor

Provision & De-provisioning

Symantec MPKI

On Guard (Lenel)

Picture Perfect (GE)

SymPass SAFE

Identity and Access Mgmt.

Encryption in Transport

Assurance CM (SERT)

Assurance NM (SIREN)

Openfire Incident Response Chat


Secure Data Collaboration

Instant Messaging Protection

Symantec Products Third Party Products Policy RequiredCapability Gap

Cenzic Application Scan


Web Application Firewall

HP Fortify



Symantec EV. Cloud & Enterprise Vault

Secure / Sharing Un-structured Data Data Enrichment File Analysis


Symantec Email Gateway

Firewalls – Cisco, Juniper

Red Seal

SecureW2 – WifiSecurity

SourceFire IDS

QualysGuard

Airmagnet– WifiSecurity

SafeNet

Layer 7 Filtering

Symantec Certificates

Symantec DLP

QualysGuard

Control Compliance Suite

Critical Systems Security

Clearwell Manager

eDiscovery

Enterprise Vault

Data Retention

Encase Product Suite

Monitoring & Analysis

Syslog

Splunk

Symantec MSS

Arcsight

GSO Security Ops Center

Co3 Systems

OTRS SOC Ticketing

User Behavior Analysis

CHALLENGE IN BUILDING A SECURITY ARCHITECTURE…

GSO Tool \ Service

Services

Symantec Incident Response

DeepSight

Managed Security Services

Akami

Symantec Device Mgmt. (ITMS)

Email – MS Exchange Protection

Web Gateway

7


The Boundaries Continue to Expand…Creating Moving Targets

8

Cloud

Hackers

Authentication & Encryption

Virtualization

Cyber Threats

Compliance

Remote Offices/Workers

Mobile Devices

Malicious & Well-meaning Users

Social Media

Advanced Persistent Attacks


CRITICAL CRITERIA TO BUILDING YOUR SECURITY POSTURE…

9

INTELLIGENCE OF TELEMETRY & TECHNIQUE

ABILITY TO ENGAGE,

RESPOND, AND REMEDIATE,

TRUST

CAPABILITIES & INNOVATION

FRAMEWORK & ARCHITECTURE


Organizations Defining/Following Frameworks…


Organizations now reling on Defining Risk and Trust Models…

RISK

THREATS & INTELLIGENCE

VULNERABILIITES

CONSEQUENCES

11


Leveraging and Building Intelligence and KnowledgeDangerous Threats – Actors – Telemetry - Techniques

12

UNIQUE VISIBILITY

• Hundreds of millions of URLs, domains and IP addresses monitored

• 10 trillion logs/year collected

ANALYST CONTEXT

Analysts leverage Symantec’s Managed Adversary Threat

Intelligence about threat actors to provide tailored insights on what’s happening in your environment.

THREAT INTELLIGENCE TEAMS

500+ Threat Researchers Across

6 Global SOCs

BIG DATA

Massive Security Data Archive

GLOBAL INTELLIGENCE

NETWORK


57M attack sensors in 156 countries

175Mendpoints

182M web attacks

blocked last year

7.6T rows of telemetry200K rows added/second

8 threat response centers, with 500+ security analysts

30% of world’s email traffic scanned/day

Scale is critical in offering UNIQUE THREAT VISIBILITY…


Why do you still need to worry about Threats & Vulnerabilities?

14

You Leverage A Framework, Invested in Intelligence, Invested in Innovative

Capabilities…


Criminals Have Become Increasingly Active!

15

There are those who have been caught…and those who have not…


Zero-Days

16


2006

14

2007 2008 2009 2010 2011 20120

2

4

6

8

10

12

14

16

13

15

9

12

14

8

Zero-Day Vulnerabilities

2013 2014

2423

2015

54

17


Targeted Phishing Attacks

18


OrgSize

2015 Risk Ratio

2015 Risk Ratio as Percentage

Attacksper Org

Large Enterprises

2,500+ Employees

1 in 2.7 38% 3.6

Medium Business

251–2,500Employees

1 in 6.8 15% 2.2

Small Business

(SMB) 1–250

Employees

1 in 40.5 3% 2.1

Spear-Phishing Attacks by Size of Targeted Organization


Ransomware

20


Growing Dominance of Crypto-Ransomware

MISLEADING APP FAKE AV LOCKER RANSOMWARE CRYPTO RANSOMWARE


35% Increase in Crypto-Ransomware Attacks

22

35%


Consequences

23


Total Identities Exposed Through Breaches

+23%

500

+30%

ESTIMATED


Professionalization of Cyber Crime&

Consumer Scams

25


TeslaCrypt Ransomware – Technical Support Available

26


Why Retr3at and the Educational Concepts of Montreat College’s Cyber Ethics is critical?

Thank you!

Copyright © 2016 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.

Robert PotterVice President [email protected]

www.Symantec.com/ThreatReport

mailto:[email protected]

robert potter vice president americas symantec · symantec endpoint encryption web application...

Documents