Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Getting Beyond Standalone Antivirus to Advanced Threat Protection Eric Schwake Sr. Product Marketing

Published byImogen Joseph Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Getting Beyond Standalone Antivirus to Advanced Threat Protection Eric Schwake Sr. Product Marketing"— Presentation transcript:

1 1 Getting Beyond Standalone Antivirus to Advanced Threat Protection Eric Schwake Sr. Product Marketing Manager @lombar77

2 2 Targeted Attack Trends 1 Organizations Struggling to Keep Up 2 A Methodology for Better Protection 3 How Symantec Can Help 4 Q & A 5

3 Targeted Attacks 3

4 Targeted Attacks Defined 4 End goal is most commonly to capture and extract high value information, to damage brand, or to disrupt critical systems Broad term used to characterize threats targeted to a specific entity or set of entities Often crafted and executed to purposely be covert and evasive, especially to traditional security controls

5 How Targeted Attacks Happen 5 Send an email to a person of interest Spear Phishing Infect a website and lie in wait for them Watering Hole Attack

6 Targeted Attack Trends 6 2013 2012 +91 % Increase in targeted attack campaigns 201120122013 Email per Campaign Recipient/Campaign Campaigns Duration of Campaign 78 122 29 61 111 23 165 408 779 4 days 3 days8.3 days Top 10 Industries Targeted in Spear-Phishing Attacks, 2013 Source: Symantec Public Administration (Gov.) Services – Professional Services – Non-Traditional Manufacturing Finance, Insurance & Real Estate Transportation, Gas, Communications, Electric Wholesale Retail Mining Construction 16% 15 14 13 6 5 2 1 1 Spear Phishing Attacks by Size of Targeted Organization, 2011 - 2013 Source: Symantec 50% 39% 18% 31% 30% 100% 0 201120122013 1,501 to 2,500 1,001 to 1,500 501 to 1,000 251 to 500 1 to 250 2,501+ Employees 50% 61%

7 Organizations are Struggling to Keep Up 7

8 Reliance on Silver Bullet Technologies A single point product won’t identify all threats Most frequent Silver Bullet monitoring technologies: – IDP / IPS – Anomaly detection (on the rise) Individual technologies lack a comprehensive vantage point to detect today’s threats. 8 32% Average % of incidents detected by IDP / IPS technologies

9 Incomplete Enterprise Coverage Companies fail to effectively assess (and update) the scope of their Enterprise Enterprise technology trends further challenge scope – Mobile – Cloud – BYOD 9

10 Underestimate SIEM Complexity Companies frequently underestimate effort and cost to implement – Technical architecture frequently under scoped – Time to implement can take year+ Struggle to sustain capability – Turnover of “the SIEM expert” – Focus / Expertise Required 10 35% Too many false positive responses 72% Collect 1TB of security data or more on a monthly basis

11 Lack of Sufficient Staff / Expertise Increasing Sophistication ≠ More Resources 11 “We’re at 100% employment in IT security” – Chief Security Officer Health Care Organization 83% of enterprise organizations say it’s extremely difficult or somewhat difficult to recruit/hire security professionals

12 Can’t Keep up with Evolving Threats Detection program must be evolve as threats evolves – Analyst training / awareness – SIEM tuning – Detection methods – Response tactics Varied tactics to keep up with threats: – Open source – Working groups (ISACs) – Commercial 12 28% Sophisticated security events have become too hard to detect for us 35% Do not use external threat intelligence for security analytics

13 A Methodology for Better Protection 13

14 The Attack Waterfall 14 ProtectionDetectionResponse 256 Billion Attacks 350,000 Security Events The ‘Maybe’s 3,000 Incidents Readiness 100+ Security Ops staff

15 15 IdentifyProtectDetectRespondRecover 100+ Security Staff 256B attacks 350K events 3000 incidents

16 Identify or Readiness 16 Threat Intelligence Asset Management Policy Practice

17 17 IdentifyProtectDetectRespondRecover 100+ Security Staff 256B attacks 350K events 3000 incidents

18 Proactive Protection Technologies 18 All Control Points More than AV Test URLs in Email

19 19 IdentifyProtectDetectRespondRecover 100+ Security Staff 256B attacks 350K events 3000 incidents

20 Detect 20 Correlate Control Points Identify Anomalies Monitor & Test Everything

21 21 IdentifyProtectDetectRespondRecover 100+ Security Staff 256B attacks 350K events 3000 incidents

22 Respond 22 Automate Correlation Incident Response

23 How Symantec Can Help 23

24 Symantec Advanced Threat Protection Managed Adversary Service Insight, SONAR, Thread injection protection Secure App Service Security Simulation Disarm, Link following, Skeptic Incident Response Service MSS-ATP Advanced Threat Protection Solution Cynic Synapse ProtectionDetectionResponse 256 Billion Attacks 350,000 Security Events The ‘Maybe’s 3,000 Incidents Readiness 100+ Security Ops staff 24

25 Thank you! Copyright © 2014 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. 25 Eric Schwake Eric_schwake@symantec.com +1 541 520 6015 @lombar77

Download ppt "1 Getting Beyond Standalone Antivirus to Advanced Threat Protection Eric Schwake Sr. Product Marketing"

Similar presentations

Smart Identity Protection That Works for You and Your Users 2 Petri Ala-Annala Senior Principal, CISSP-ISSAP, CISA, CISM.

Smart Identity Protection That Works for You and Your Users 2 Petri Ala-Annala Senior Principal, CISSP-ISSAP, CISA, CISM.
Symantec Education Skills Assessment SESA 3.0 Feature Showcase

Symantec Education Skills Assessment SESA 3.0 Feature Showcase
IT Analytics for Symantec Endpoint Protection

IT Analytics for Symantec Endpoint Protection
‘Changing environment – changing security’ - Cyber-threat challenges today – Budapest, September 17-18, 2012 1 Industry and the fight against cybercrime.

‘Changing environment – changing security’ - Cyber-threat challenges today – Budapest, September 17-18, Industry and the fight against cybercrime.
1 Online Self-Defense: Avoiding Email Scams Chau Mai December 5, 2013.

1 Online Self-Defense: Avoiding Scams Chau Mai December 5, 2013.
© 2014 Microsoft Corporation. All rights reserved.

© 2014 Microsoft Corporation. All rights reserved.
Threat Intelligence Use in Information Security: History, Theory and Practice Tim Gallo Cyber Security Field Engineering 1.

Threat Intelligence Use in Information Security: History, Theory and Practice Tim Gallo Cyber Security Field Engineering 1.
1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC

1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC
Bill McClanahan – Principal Business Consultant LPS Integration.

Bill McClanahan – Principal Business Consultant LPS Integration.
© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.

© 2013 AT&T Intellectual Property. All rights reserved. AT&T, the AT&T logo and all other AT&T marks contained herein are trademarks of AT&T Intellectual.
Ilias Chantzos Senior Director, Government Affairs - EMEA Symantec Cyber-security & cyber-resilience: Policy implications in smart cities.

Ilias Chantzos Senior Director, Government Affairs - EMEA Symantec Cyber-security & cyber-resilience: Policy implications in smart cities.
Security for Today’s Threat Landscape Kat Pelak 1.

Security for Today’s Threat Landscape Kat Pelak 1.
Symantec Tech Symposium Randy Cochran, Vice Present Channel Sales – Americas August 17, 2009.

Symantec Tech Symposium Randy Cochran, Vice Present Channel Sales – Americas August 17, 2009.
Backup Modernization with NetBackup Appliances

Backup Modernization with NetBackup Appliances
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Security Services Svetlana.

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Security Services Svetlana.
The Changing Face of Endpoint Security K Varadarajan Regional Manager, Enterprise Sales, Symantec Security Conference 2010_Bangalore.

The Changing Face of Endpoint Security K Varadarajan Regional Manager, Enterprise Sales, Symantec Security Conference 2010_Bangalore.
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.

Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.
1 When Cloud Networking meets Cloud Computing: Software-Defined Networking (SDN) Customer Application Faan DeSwardt Infrastructure Architecture Manager.

1 When Cloud Networking meets Cloud Computing: Software-Defined Networking (SDN) Customer Application Faan DeSwardt Infrastructure Architecture Manager.
Практические аспекты аутсорсинга ИБ Алексей Чередниченко Ведущий консультант, Symantec Services Group 28 апреля 2009.

Практические аспекты аутсорсинга ИБ Алексей Чередниченко Ведущий консультант, Symantec Services Group 28 апреля 2009.

Similar presentations

Ads by Google