wittaya janmayka 8 december 2016 - enterprise it pro cyber threat... · 2016 cyber threat...
TRANSCRIPT
© Copyright Fortinet Inc. All rights reserved.
Cyber Threat Predictions for 2017Wittaya Janmayka8 December 2016
2
Expanding digital economyHigher digital footprint increases the potential attack surface
Risks all aroundEverything is a target and anything can be a weapon
Intelligent, autonomous attacksThreats are becoming intelligent, can operate autonomously, and are increasingly difficult to detect
Two attack typesAutomated attacks against groups of smaller targets and customized attacks against larger targets
Blended attacksAutomated attacks being used as a first phase, and targeted attacks as a second phase
Return of old threats, but enhancedNew technologies are making old cyber threats more sophisticated
2016 Cyber Threat Observations
Cyber Threat PredictionsTipping Point For Cybersecurity in 2017
4
Cyber Threat Prediction #1
AUTOMATED AND HUMAN-LIKE ATTACKS WILL DEMAND MORE INTELLIGENT DEFENCE
Threats getting smarter and increasingly able to operate autonomously
AI or “human-like” malware designed with adaptive, success-based learning to improve the success and efficacy of attacks
Growth of cross-platform autonomous malware designed to operate on and between a variety of mobile devices
FROM SMART TO SMARTER:
IMPACT: Autonomous malware that are designed to proactively spread between platforms can have a devastating effect on our increasing reliance on connected devices
to automate and perform everyday tasks.
5
Cyber Threat Prediction #2
IoT manufacturers will be held accountable for security breaches
IoT is a cornerstone of the digital revolution, however IoTmanufacturers have flooded the market with highly insecure devices
More IOT devices are headless, which means users can’t add a security client or even effectively update their software or firmware
Demand for creation and enforcement of security standards, from consumers, vendors and other interest groups
IMPACT: If IoT manufacturers fail to secure their devices, consumers may begin to hesitate to buy. IoT manufacturers need to take immediate and direct action, or suffer economic loss
and become targets of legislation
6
Cyber Threat Prediction #3
The weakest link in cloud security is the millions of remote devices accessing cloud resources
Increasing attacks targeting IoT devices with over 20 billion IoT devices online by 2020, versus one billion PCs
Expect to see attacks designed to compromise this trust model by exploiting endpoint devices, resulting in client side attacks that can breach cloud providers
20 billion IoT and endpoint devices are the weakest link for attacking the cloud
IMPACT: Cloud –based storage has expanded the potential attack service. Cloud providers need to design networks with Layer 2 and 3 security technologies to segment the cloud between users,
control access, and protect the cloud providers’ internal network from their public offering
7
Cyber Threat Prediction #4
Hackers will target the growing number of building automation and management systems
Like with the IoT DDoS attacks, these exploits will likely be blunt instrument attacks at first, such as shutting down a building’s systems
Attacks will grow more sophisticated – potential for holding a building for ransom by locking the doors, shutting off elevators, rerouting traffic, or turning on the alarm system
Attackers will begin to turn up the heat in smart cities
IMPACT: Potential for massive civil disruption if integrated systems are compromised.Trends point towards more interconnected critical infrastructure, such as
emergency services, traffic control, and IoT devices (such as self-driving cars)
8
Cyber Threat Prediction #5
Automated attacks introduce an economy of scale to ransomware
Hackers can cost-effectively extort small amounts of money from multiple victims simultaneously, especially by targeting online IoT devices.
Expect focused attacks against high-profile targets, such as celebrities, political figures, and large organizations
Healthcare organizations are also a key target. Patient records and human data cannot be so easily replaced as credit cards
Ransomware was just the gateway malware
IMPACT: Ransomware affects everyone. Consumers will be reluctant to adopt new connected devices if safety is not assured. Organizations must secure networks and
need to be held accountable for protecting sensitive information and human data.
9
Cyber Threat Prediction #6
The current shortage of skilled cybersecurity professionals means that many organizations looking to participate in the digital economy will do so at great risk
Predict that savvy organizations will turn to security consulting services that can guide them through the labyrinth of security
Or to managed security services providers, like MSSPs, who can provide a turnkey security solution
Technology will have to close the gap on the critical cyber skills shortage
IMPACT: In today’s digital economy, businesses need to connect online or die. But many organizations internally lack specialised staff with professional skills to protect their systems.
Security vendors need to rethink their traditional, siloed approach to developing security tools.
FortiGuard Threat IntelligenceFortinet’s Value Proposition
11
FortiGuard by the Numbers
12
ApplicationControl Service
IntrusionPrevention Service
WebFiltering Service
Anti-spamSecurity Service
WebSecurity Service
DatabaseSecurity Service
IP ReputationService
VulnerabilityManagement Service
FortiGuard Threat IntelligenceAntivirus Service
13
FortiGuard Threat Intelligence - Sources
PreprocessingDeduplication
False-positive removalPackaging
Distribution
FortiGuardIntelligence
FortiCare
Commercial Feeds FortiCloud
FortiSandbox
Community Feeds
Internal ResearchCollaboration Partnerships
14
FortiGuard Threat Intelligence - Processing
Analyze samples in sandbox
Unknown botnet protocols analyzed by AppCtrl team
Botnet C&C URLs fed to Web
Filtering teamIP addresses and domains fed to Botnet teams
Web Filtering Anti-Botnet Application Control
Antivirus
Security Without CompromiseFortinet Security Fabric for End-to-End Protection
16
THE EVOLVING DIGITAL ECONOMYTechnology is a strategic imperative
INFRASTRUCTURE EVOLUTION
EVOLVING THREAT LANDSCAPE
REGULATION, COMPLIANCE AND CERTIFICATION
17
NEW SECURITY STRATEGY: Powerful
NEW SECURITY STRATEGY: Seamless
NEW SECURITY STRATEGY: Intelligent
SECURITY WITHOUT COMPROMISESecurity strategies must change
TODAY’S NETWORK IS BORDERLESS
SLOW IS BROKEN COMPLEXITY IS THE ENEMY OF SECURITY
18
NetworkEndpoint CloudApplicationAccess
OperationsCenter
AdvancedThreat Intelligence
Fabric-Ready
THE FORTINET SECURITY FABRICThe Fortinet Security Fabric is the vision that delivers on the promise of Security without Compromise: Intelligent, Powerful and Seamless
19
Intelligent security is AWARE The Fortinet Security Fabric provides complete visibility, enabling network segmentation
VISIBILITY SEGMENTATION AUTOMATED OPERATION
Single pane of glass for full Fabric-wide policy control
Create network segments by trust level
All infrastructure including endpoints, network, data center, cloud and data
AWARE
20
Powerful security is SCALABLE The Fortinet Security Fabric scales from IoT to the cloud
ENDPOINT CLOUDACCESS BRANCH CAMPUS& DATA CENTER
EmbeddedSecurityEndpoint
Security
PrivateHybridPublic
Multi-SPUPoweredSPU
Powered
SCALABLE
SoC
NP CP
21
Seamless security is ACTIONABLE The Fortinet Security Fabric provides cooperative security alerts, recommendations and audit reports
5
Critical5
Medium4
Advisory3
Rank Severity Recommendation
Zero-Day Vulnerability
Not Connected to Fabric
Logging DisabledRegulatory Template,
i.e. PCI
FABRIC ELEMENTALERT
AUDIT REPORT
ACTIONABLE