Cyber Security in the Post-AV Era Amit Mital Chief Technology Officer General Manager, Emerging Endpoints Business Unit

Software and Data powers the world Cyber Security in the Post-AV Era 2

Coffee Shop Office Home Industrial Devices Government Data Web Transactions From a security perspective there is more and more to protect in more and more places Airport … Corporate Assets 3

Cyber Security in the Post-AV Era We’re not succeeding in solving this today… >500M identities were exposed last year 4

Cyber Security in the Post-AV Era Why? There is an asymmetry between attackers and defenders ATTACKERSDEFENDERS Can focus on one target Only need to be right once Hack can be worth millions of dollars Focus only on getting in Attackers can buy and test security products Must defend everything Need to be right every time Blocks are expected & maintain status quo Must balance defense with business impact Defenders can’t pre-test targeted malware 5

If only we could use our collective defense technologies to watch activities, determine patterns, and find anomalies. Cyber Security in the Post-AV Era To balance this, we need an asymmetric advantage of our own 6

Cyber Security in the Post-AV Era To balance this, we need an asymmetric advantage of our own ! We can … Big Data Analytics 7

It’s impossible to implement an attack without leaving a trace Cyber Security in the Post-AV Era Big Data Approach Network Server Endpoint 8

CLOUD Cyber Security in the Post-AV Era What if … Apply Context Correlate & Prioritize We could collect info from every endpoint, network device, and server We could watch this data at the enterprise level – looking for patterns and anomalies We could apply knowledge and learning from across many customers Indicators of Breach Knowledge about URLs, file hashes Attack patterns & actors Correlation across ecosystem ENTERPRISE DEVICES 9

Cyber Security in the Post-AV Era We can do those things Data analysis value comes from ability to apply intelligence on premise & in cloud Data value comes from volume & variety ENTERPRISE CLOUD DEVICES 10

Cyber Security in the Post-AV Era Trace Correlate & Prioritize Connect to actions at other Enterprises ENTERPRISE CLOUD DEVICES Apply Context Correlate & Prioritize This allows us to … Unknown source received by XXX IoCs detected on device Connected to remote server Connection attempted to other higher value targets on enterprise network Link clicked, connection established Files downloaded 11

Cyber Security in the Post-AV Era Result We can apply our asymmetric advantage against theirs 12

Cyber Security in the Post-AV Era Self-Driving CarsMedical Devices“Internet of Things” We’re reaching a critical point – New technologies will require people to feel more secure Photo by: Steve Jurvetson/Wikipedia Creative Commons 13

Thank you! Copyright © 2014 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Amit Mital “Google Car” Photo Credit: "Jurvetson Google driverless car trimmed" by Flckr user jurvetson (Steve Jurvetson). Trimmed and retouched with PS9 by Mariordo - oogle_driverless_car.jpg. Licensed under Creative Commons Attribution-Share Alike 2.0 via Wikimedia Commons - oogle_driverless_car_trimmed.jpg#mediaviewer/File: Jurvetson_Google_driverless_car_trimmed.jpg.