Antivirus Technology in State Government Kym Patterson State Chief Cyber Security Officer Department of Information Systems.

Slides:



Advertisements
Similar presentations
Presented by Nikita Shah 5th IT ( )
Advertisements

The Case for Tripwire® Nick Chodorow Sarah Kronk Jim Moriarty Chris Tartaglia.
Managed Infrastructure. 2 ©2015 EarthLink. All rights reserved. IT resources are under pressure… is it time to rethink the IT staffing model? Sources:
©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Chris Berninger, Sr. Solutions.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Project Management Methodology Procurement management.
ISecurity Complete Product Series For System i. About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System.
Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
Trend Micro Round Table May 19, Agenda Introduction – why switch? Timeline for implementation Related policies Trend Micro product descriptions.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
University of Maryland I.T. Security Gerry Sneeringer IT Security Officer
The Evolution of the Kaspersky Lab Approach to Corporate Security Petr Merkulov, Chief Product Officer, Kaspersky Lab Kaspersky Lab Cyber Conference, Cancun,
What is it? CLOUD COMPUTING.  Connects to the cloud via the Internet  Does computing tasks, or  Runs applications, or  Stores Data THE AVERAGE CLOUD.
Version 2.0 for Office 365. Day 1 Administering Office 365 Day 2 Administering Exchange Online Office 365 Overview & InfrastructureLync Online Administration.
Introducing Quick Heal Endpoint Security 5.3. “Quick Heal Endpoint Security 5.3 is designed to provide simple, intuitive centralized management and control.
Kaspersky Lab: The Best of Both Worlds Alexey Denisyuk, pre-sales engineer Kaspersky Lab Eastern Europe 5 th April 2012 / 2 nd InfoCom Security Conference.
Customized solutions. Keep It Secure Contents  Protection objectives  Endpoint and server software  Protection.
Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.
Norman Endpoint Protection Advanced security made easy.
The World's Most Secured Browsing Solution COCKPIT4i is a radically new, powerful solution that protects against the security risks posed by exposure to.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Presented by INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used?
Trend Micro Deployment Kelvin Hwang IT Services University of Windsor.
Forefront Security Exchange. Problem Meddelande system och sammarbetsprodukter är underbarar mål för elak kod och “distrubition” av äkta dynga… Viruses.
EDUCAUSE Security 2006 Internet John Brown University.
Botnets Uses, Prevention, and Examples. Background Robot Network Programs communicating over a network to complete a task Adapted new meaning in the security.
Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.
First Community Bank Prevx Safe Online Rollout & Best Practice Presentation.
IT-security in the Ubiquitous Computing World Chris Kuo, CISSP, CISA Acer eDC (e-Enabling Data Center) Acer Inc. 2007/3/27.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Information Security– SNO International Zanzibar, Tanzania Joe Beaulac, Sr. Manager – Cyber Defense Center & Risk/Vulnerability Management 23 September.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Introducing Quick Heal Endpoint Security 5.2. “Quick Heal Endpoint Security 5.2 is designed to provide simple, intuitive centralized management and control.
Hacker Zombie Computer Reflectors Target.
Virus & Anti-Virus Itthiwat Phiphopsukhawadee M.2/7 No.5 Saranpat Prasertthum M.2/7 No.17 Korakrit Laotrakul M.2/7 No.23 Pesan Kasemkitjanuwat M.2/7 No.25.
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
Endpoint Control. Module Objectives By the end of this module participants will be able to: Define application detection lists to monitor applications.
Managing and Securing Endpoints Bruce Hotte Chief Information Officer Jeff Swan Network Supervisor  The definition of “endpoint” used to be simple: a.
COMP 2903 A27 – Why Spyware Poses Multiple Threats to Security Danny Silver JSOCS, Acadia University.
OPSWAT Presentation for XXX Month Date, Year. OPSWAT & ____________ Agenda  Overview of OPSWAT  Multi-scanning with Metascan  Controlling Data Workflow.
Bots Used to Facilitate Spam Matt Ziemniak. Discuss Snort lab improvements Spam as a vehicle behind cyber threats Bots and botnets What can be done.
Topics to be covered 1. What are bots,botnet ? 2.How does it work? 4.Prevention of botnet. 3.Types of botnets.
A virus is software that spreads from program to program, or from disk to disk, and uses each infected program or disk to make copies of itself. Basically.
Introduction to Barracuda IM Firewall. Two Security Products in One Public IM Management –Manages traffic from public IM clients, including AIM, Yahoo!
10/14/2015 Introducing Worry-Free SecureSite. Copyright Trend Micro Inc. Agenda Problem –SQL injection –XSS Solution Market opportunity Target.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Sophos Live Protection. Agenda 1.Before and After Scenarios 2.Minimum Required Capabilities 3.How we do it 4.How we do it better.
How to create DNS rule that allow internal network clients DNS access Right click on Firewall Policy ->New- >Access Rule Right click on Firewall.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Basic Security Networking for Home and Small Businesses – Chapter 8.
Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.
1 Class 15 System Security. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized data access,
Report to Mining Management on: Recommendation for Anti-Spyware to be installed in six (6) Personal Computers in the Mine Site Office.
Module 11: Designing Security for Network Perimeters.
HP World September 2002 Scott S. Blake, CISSP Vice President, Information Security BindView Corporation Vulnerability Assessment and Action.
INTRUSION DETECTION SYSYTEM. CONTENT Basically this presentation contains, What is TripWire? How does TripWire work? Where is TripWire used? Tripwire.
What is it? CLOUD COMPUTING.  Connects to the cloud via the Internet  Does computing tasks, or  Runs applications, or  Stores Data THE AVERAGE CLOUD.
Infrastructure Consolidation Cloud/SaaS Web 2.0 Converged Communications Virtualization Mobile Devices.
Module  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.
1 Computer Maintenance Software Configuration: Evaluating Software Packages, Software Licensing, and Computer Protection through the Installation and Maintenance.
3/12/2013Computer Engg, IIT(BHU)1 CLOUD COMPUTING-1.
NETWORK SECURITY Definitions and Preventions Toby Wilson.
©2016 Check Point Software Technologies Ltd. 1 Latest threats…. Rolando Panez | Security Engineer RANSOMWARE.
Microsoft NDA Material Adwait Joshi Sr. Technical Product Manager Microsoft Corporation.
Security Log Visualization with a Correlation Engine: Chris Kubecka Security-evangelist.eu All are welcome in the House of Bytes English Language Presentation.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
Cosc 4765 Antivirus Approaches. In a Perfect world The best solution to viruses and worms to prevent infected the system –Generally considered impossible.
Threat Management Gateway
TRIP WIRE INTRUSION DETECTION SYSYTEM Presented by.
(With Hybrid Network Support)
Presentation transcript:

Antivirus Technology in State Government Kym Patterson State Chief Cyber Security Officer Department of Information Systems

Current World Environment 25,000 new virus samples submitted daily Antivirus vendors leaning toward whitelisting 80% of malware is motivated by money Increasingly hard to detect malware

Bot Activity Bots talking to each other in different ways No command and control servers to identify Communication between bots through peer to peer mode via encrypted web channels

Current State Network Environment SCSO tracks 150 ongoing issues each day 50 new issues identified each day More than 5,000 DNS resolutions to foreign servers daily o Most popular DNS server is in Eastern Europe Several hundred incident notifications from external organizations each year At any given time, there are 60 state computers acting as primary nodes on a peer to peer network o Three of these computers typically generate 500,000 peer to peer sessions daily

Current State Environment Purchase antivirus and endpoint protection software from 10+ vendors at several price points Run 60 versions of these types of software Some organizations don’t update signature files Organizations pose a threat to each other on the state network

Future State Limit number of AV or endpoint protection products in our environment Make wise use of state dollars by combining buying power More bandwidth and computer availability due to low infection rate Improved productivity resulting in better government service delivery Improved response time to cyber outbreaks

Advantages of Less Diverse Environment Total cost of ownership would be less o Savings could be spent on other security measures More organizations likely to buy and be protected o Less threat on the state network Better reporting and auditing Improved compliance with security mandates Shorter threat period by working with fewer vendors Manageability and scalability Increased network reliability and performance

Endpoint protection can include: Host-based intrusion prevention system Firewall Antivirus Antispyware Central management capability Data Loss Prevention Encryption

Next Steps Gather requirements from agencies and state security working group Work with Office of State Procurement to identify vendors to provide antivirus and endpoint protection products on state contract Agencies would determine migration to these products as existing software licenses expire

Possible Antivirus and Endpoint Protection Requirements Ease of use Update frequency Service and support Update distribution Audit and report capability Log On demand scanning Port control Encryption Scheduled scans Link scanner Cross browser Webmail protection Ability to run on multiple platforms Script protection Malware detection capabilities Policy management

SAMPLETIMELINESAMPLETIMELINE

Questions? Kym Patterson State Chief Cyber Security Officer Department of Information Systems

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.