1 Getting Beyond Standalone Antivirus to Advanced Threat Protection Eric Schwake Sr. Product Marketing

Slides:

Advertisements

Similar presentations

Smart Identity Protection That Works for You and Your Users 2 Petri Ala-Annala Senior Principal, CISSP-ISSAP, CISA, CISM.

Advertisements

Symantec Education Skills Assessment SESA 3.0 Feature Showcase

IT Analytics for Symantec Endpoint Protection

‘Changing environment – changing security’ - Cyber-threat challenges today – Budapest, September 17-18, Industry and the fight against cybercrime.

1 Online Self-Defense: Avoiding Scams Chau Mai December 5, 2013.

© 2014 Microsoft Corporation. All rights reserved.

Threat Intelligence Use in Information Security: History, Theory and Practice Tim Gallo Cyber Security Field Engineering 1.

1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC

Bill McClanahan – Principal Business Consultant LPS Integration.

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

Ilias Chantzos Senior Director, Government Affairs - EMEA Symantec Cyber-security & cyber-resilience: Policy implications in smart cities.

Security for Today’s Threat Landscape Kat Pelak 1.

Symantec Tech Symposium Randy Cochran, Vice Present Channel Sales – Americas August 17, 2009.

Backup Modernization with NetBackup Appliances

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Security Services Svetlana.

The Changing Face of Endpoint Security K Varadarajan Regional Manager, Enterprise Sales, Symantec Security Conference 2010_Bangalore.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.

1 When Cloud Networking meets Cloud Computing: Software-Defined Networking (SDN) Customer Application Faan DeSwardt Infrastructure Architecture Manager.

Практические аспекты аутсорсинга ИБ Алексей Чередниченко Ведущий консультант, Symantec Services Group 28 апреля 2009.

President’s Forum and WSML 2012 INDSTRAT 02 Mobile Market Dynamics Brian Duckering, Deborah Clark, Evan Quinn “A Day in the Life of Mobile” 1.

InformationWeek 2014 Strategic Security Survey Research Findings © 2014 Property of UBM Tech; All Rights Reserved.

1© Copyright 2012 EMC Corporation. All rights reserved. Getting Ahead of Advanced Threats Advanced Security Solutions for Trusted IT Chezki Gil – Territory.

Adversary Defense: Past, Present, Future Presenter’s Name Here Presenter’s Title Here.

Symantec Managed Security Services The Power To Protect Duncan Evans Director, Cyber Security Services 1.

The 2009 HIMSS Security Survey: Insights into the Status of Healthcare Security Implementation sponsored by Symantec Meeting of the HIT Standards Committee,

Asif Jinnah Microsoft IT – United Kingdom. Security Challenges in an ever changing landscape Evolution of Security Controls: Microsoft’s Secure Anywhere.

1 Safely Using Shared Computers Amanda Grady December 2013.

Faulkner provides in-depth technology information services to public and private sector organizations worldwide. We report on the events and trends that.

President’s Forum and WSML 2012 Mobile Market Dynamics Deborah Clark, Dawn Davis, Brian Duckering, Marie Pettersson 1 “A Day in the Life of a Mobile Family”

Symantec Targeted Attack Protection 1 Stopping Tomorrow’s Targeted Attacks Today iPuzzlebiz

The Changing World of Endpoint Protection

Next Generation Partner Program Fady Iskander Symantec Corp.

GPS 2011 Slide - 1 MS CERT KIT Microworld Nova. GPS 2011 Slide - 2 Presentation of Microworld Nova The MS Cert Kit MS Cert Kit presentation The backend.

Quick Thoughts on PGP Use Cases for KMIP 1 Michael Allen Sr. Technical Director.

The current state of Cybersecurity Targeted and In Your Pocket Dale “Dr. Z” Zabriskie CISSP CCSK Symantec Evangelist.

Visit our Focus Rooms Evaluation of Implementation Proposals by Dynamics AX R&D Solution Architecture & Industry Experts Gain further insights on Dynamics.

President’s Forum and WSML 2012 SYMSTRAT 03: Enterprise Sales Conversations for Virtualization Todd Zambrovitz with guest appearance by Kevin Fiedler 1.

WLAN Auditing Tools and Techniques Todd Kendall, Principal Security Consultant September 2007.

Innovation From the Ground Up Fred Hollowood, Martin Roche.

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. State of Network Security.

What’s new in SEP Presenter’s Name Here Presenter’s Title Here.

Copy to Tape TOI. 2 Copy to Tape TOI Agenda Overview1 Technical Feature Implementation2 Q&A3.

Ellis Paul Technical Solution Specialist – System Center Microsoft UK Operations Manager Overview.

ARAMA TECH D A T A P R O T E C T I O N P R O F E S S I O N A L S VISION & STRATEGY.

INNOVATE THROUGH MOTIVATION Mobile Computing & Your Business KEVIN KIRKPATRICK – OWNER, MSP INC LOGO.

Optimized Synthetics 1 OpenStorage Optimized Synthetics.

Partner Proctored Assessment Registration Process Ajit Jha 1 Partner Assessment.

OST Virtual Synthetics 1. Synthetics Overvier Definitions – Catalog – Image – Extent Process Overview (today) – Extent map derivation – Read agenda –

Cyber Security in the Post-AV Era Amit Mital Chief Technology Officer General Manager, Emerging Endpoints Business Unit.

Infrastructure for the People-Ready Business. Presentation Outline POINT B: Pro-actively work with your Account manager to go thru the discovery process.

APIs related to NBU AIR Feature 1 OST APIs Related to NBU AIR Feature.

Devices 10 billion Internet- connected devices by 2016 People 1 billion+ people use social media services today Cloud 30 % of data will live in or pass.

Maximize Profits Through Stronger Security Brook Chelmo Product Marketing

Microsoft Ignite /1/ :41 PM BRK3249

Proactive Incident Response

The time to address enterprise mobility is now

Deployment Planning Services

Information Security Program

Comprehensive Security and Compliance at an Affordable Price.

VP Business Development Durable Cloud SBA Certified HUBZone-EDWOSB

THR2099 What to do BEFORE all hell breaks loose: Building a modern cybersecurity strategy.

12/5/2018 2:50 AM How to secure your front door with real-time risk assessments of your logons Jan Ketil Skanke COO and Principal Cloud Architect CloudWay.

Office 365 Security & Compliance: Exchange Online Protection

Strategic threat assessment

MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further

Microsoft Data Insights Summit

In the attack index…what number is your Company?

Presentation transcript:

1 Getting Beyond Standalone Antivirus to Advanced Threat Protection Eric Schwake Sr. Product Marketing

2 Targeted Attack Trends 1 Organizations Struggling to Keep Up 2 A Methodology for Better Protection 3 How Symantec Can Help 4 Q & A 5

Targeted Attacks 3

Targeted Attacks Defined 4 End goal is most commonly to capture and extract high value information, to damage brand, or to disrupt critical systems Broad term used to characterize threats targeted to a specific entity or set of entities Often crafted and executed to purposely be covert and evasive, especially to traditional security controls

How Targeted Attacks Happen 5 Send an to a person of interest Spear Phishing Infect a website and lie in wait for them Watering Hole Attack

Targeted Attack Trends % Increase in targeted attack campaigns per Campaign Recipient/Campaign Campaigns Duration of Campaign days 3 days8.3 days Top 10 Industries Targeted in Spear-Phishing Attacks, 2013 Source: Symantec Public Administration (Gov.) Services – Professional Services – Non-Traditional Manufacturing Finance, Insurance & Real Estate Transportation, Gas, Communications, Electric Wholesale Retail Mining Construction 16% Spear Phishing Attacks by Size of Targeted Organization, Source: Symantec 50% 39% 18% 31% 30% 100% ,501 to 2,500 1,001 to 1, to 1, to to 250 2,501+ Employees 50% 61%

Organizations are Struggling to Keep Up 7

Reliance on Silver Bullet Technologies A single point product won’t identify all threats Most frequent Silver Bullet monitoring technologies: – IDP / IPS – Anomaly detection (on the rise) Individual technologies lack a comprehensive vantage point to detect today’s threats. 8 32% Average % of incidents detected by IDP / IPS technologies

Incomplete Enterprise Coverage Companies fail to effectively assess (and update) the scope of their Enterprise Enterprise technology trends further challenge scope – Mobile – Cloud – BYOD 9

Underestimate SIEM Complexity Companies frequently underestimate effort and cost to implement – Technical architecture frequently under scoped – Time to implement can take year+ Struggle to sustain capability – Turnover of “the SIEM expert” – Focus / Expertise Required 10 35% Too many false positive responses 72% Collect 1TB of security data or more on a monthly basis

Lack of Sufficient Staff / Expertise Increasing Sophistication ≠ More Resources 11 “We’re at 100% employment in IT security” – Chief Security Officer Health Care Organization 83% of enterprise organizations say it’s extremely difficult or somewhat difficult to recruit/hire security professionals

Can’t Keep up with Evolving Threats Detection program must be evolve as threats evolves – Analyst training / awareness – SIEM tuning – Detection methods – Response tactics Varied tactics to keep up with threats: – Open source – Working groups (ISACs) – Commercial 12 28% Sophisticated security events have become too hard to detect for us 35% Do not use external threat intelligence for security analytics

A Methodology for Better Protection 13

The Attack Waterfall 14 ProtectionDetectionResponse 256 Billion Attacks 350,000 Security Events The ‘Maybe’s 3,000 Incidents Readiness 100+ Security Ops staff

15 IdentifyProtectDetectRespondRecover 100+ Security Staff 256B attacks 350K events 3000 incidents

Identify or Readiness 16 Threat Intelligence Asset Management Policy Practice

17 IdentifyProtectDetectRespondRecover 100+ Security Staff 256B attacks 350K events 3000 incidents

Proactive Protection Technologies 18 All Control Points More than AV Test URLs in

19 IdentifyProtectDetectRespondRecover 100+ Security Staff 256B attacks 350K events 3000 incidents

Detect 20 Correlate Control Points Identify Anomalies Monitor & Test Everything

21 IdentifyProtectDetectRespondRecover 100+ Security Staff 256B attacks 350K events 3000 incidents

Respond 22 Automate Correlation Incident Response

How Symantec Can Help 23

Symantec Advanced Threat Protection Managed Adversary Service Insight, SONAR, Thread injection protection Secure App Service Security Simulation Disarm, Link following, Skeptic Incident Response Service MSS-ATP Advanced Threat Protection Solution Cynic Synapse ProtectionDetectionResponse 256 Billion Attacks 350,000 Security Events The ‘Maybe’s 3,000 Incidents Readiness 100+ Security Ops staff 24

Thank you! Copyright © 2014 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. 25 Eric Schwake