SlideShare ist ein Scribd-Unternehmen logo

RSA 2010 Francis De Souza

Symantec
Symantec

Francis De Souza's presentation at RSA 2010. Session ID: SPO1-107; Session Classification: Intermediate

TechnologieNews & Politik
1 von 32
Downloaden Sie, um offline zu lesen
Today’s IT Attacks: An Title of Presentation IT Security Strategy To Protect Your Assets Francis deSouza Symantec Session ID: SPO1-107 Session Classification: Intermediate
Agenda Sources of a Breach Security Market Drivers Breach Analysis Security Strategy 2
A CRIME IS COMMITTED Secure EVERY ¼ OF A SECOND Endpoints ON THE WEB 3
Secure 1 IN 5 Endpoints WILL BE A VICTIM OF CYBER CRIME 4
100% Secure Endpoints OF ENTERPRISES HAVE EXPERIENCED CYBER LOSSES 5
CYBER ATTACKS COST COMPANY’S AN Secure Endpoints AVERAGE OF $2 MILLION ANNUALLY 6
$75% Secure OF ALL ENTERPRISES Endpoints HAVE EXPERIENCED CYBER ATTACKS IN THE PAST 12 MONTHS 7
43% Secure Endpoints OF COMPANIES LOST CONFIDENTIAL DATA IN 2009 8
ENTERPRISE SECURITY IS Secure Endpoints BECOMING MORE DIFFICULT 9
Sources Of A Breach Organized Organized Well Well Well Malicious Malicious Malicious Targeted Meaning Insider Criminal Criminal Meaning Meaning Insider Insider Insider Attackers Insider Insider 10
History of Targeted Attacks US Government: January 12: Systems in the Department of Google announces they Solar Sunrise: Defense, State, Commerce, have been a victim of a Attacks stealing passwords Energy, and NASA all comprised targeted attack from DoD systems and terabytes of information conducted by 2 Californian confirmed stolen. and 1 Israeli teenager 1998|1999|2000|2001|2002|2003|2004|2005|2006|2007|2008|2009|2010 Ghostnet: Moonlight Maze: Titan Rain: Attacks on Tibetan Organized Organized Attacks targeting US Well Well Coordinated attacks on Malicious Malicious organizations and Criminal military secrets reported Criminal Meaningmilitary US government Meaning Insider many embassies of Insider to be conducted by Russia Insider installations and private EMEA countries, and Insider contractors NATO systems. 11
Anatomy Of A Breach Anatomy Of A Breach > Incursion > Discovery > Capture Organized Organized Well Well Malicious Malicious Criminal Criminal Meaning Meaning Insider Insider Insider > Exfiltration Insider 12
Mass Attack vs Targeted Attack Phase Mass Attack Targeted Attack Incursion Generic social engineering Handcrafted and personalized By-chance infection methods of delivery Discovery Typically no discovery, Examination of the infected resource, assumes content is in a monitoring of the user to determine predefined and predictable additional accessible resources, location and network enumeration Capture Predefined specific data or Manual analysis and inspection of the data which matches a data predefined pattern such as a credit card number Well Malicious Exfiltration Organized Organized Well Information sentMeaning to a dump Malicious Information sent back directly to the Insider Criminal site often with little Criminal Meaning Insider attacker Insider stored in a known and not Insider protection and dump site location for an extended period serves as long term storage 13
IncursionIncursion Security Market Drivers In 2009 spam accounted for 90% of all email traffic In 2008, Symantec documented 5,471 vulnerabilities, 80% of which were easily exploitable 90% of incidents wouldn’t have happened if systems were patched In 2009 we found 47,000 active bot-infected computers per day 14
DiscoveryDiscovery Security Market Drivers 91% of records compromised in 2008 involved organized crime targeting corporate information 81% of attacked companies were non-compliant in PCI 67% of breaches were aided by insider negligence 15
Capture Capture Security Market Drivers 285 million records were stolen in 2008, compared to 230 million between 2004 and 2007 Credit card detail accounts for 19% of all goods advertised on underground economy servers IP theft costs companies $600 billion globally 16
Exfiltration Exfiltration Security Market Drivers “Hackers Targeted Source Code of More Than 30 Companies” Jan 13, Wired.com “SS Numbers Of Californians Accidently Disclosed” Feb 9 KTLA.com “HSBC Bank Reports Lost Client Data From Swiss Private Bank” Dec 9, Reuters “Gov’t Posts Sensitive List of US Nuclear Sites” Associated Press 17
Dissecting Hydraq 18
Dissecting Hydraq Hi Francis, I met you at the Malware Conference last month. Wanted to let you know I Incursion got this great shot of you doing your presentation. I posted it here: Attacker Breaks into the networkOrganized by delivering Organized Well Well Malicious Malicious targeted malware to Criminal Criminal Meaning Meaning Insider Insider vulnerable systems and Insider Insider employees 19
Dissecting Hydraq Discovery Hacker Maps Organizations Defenses Organized Organized From the Inside and Well Well Malicious Malicious Criminal Criminal Meaning Meaning Insider Insider Creates a Battle Plan Insider Insider 20
Dissecting Hydraq Capture Attacker Accesses Data on Unprotected Systems Organized Organized and Installs Malware to Criminal Criminal Secretly Acquire Crucial Data 21
Dissecting Hydraq Hydraq Victim Exfiltration Confidential Data Sent Back to Enemy’s “Home Base” for Organized Exploitation Organized Well Well Malicious Malicious Criminal Meaning Insider and FraudCriminal Meaning Insider Insider Insider Attacker 72.3.224.71:443 22
Prelude to a Poorly Enforced IT Policies Breach 1 Poorly Enforced IT Policies Organized Organized Criminal Criminal Well Well Meaning Meaning Insider Insider Malicious Malicious Insider Insider 23
Poorly Protected Prelude to a Information Breach 2 Poorly Protected Information Organized Organized Criminal Criminal Well Well Meaning Meaning Insider Insider Malicious Malicious Insider Insider 24
Prelude to a Breach Poorly Managed Systems 3 Poorly Managed Systems Organized Organized Criminal Criminal Well Well Meaning Meaning Insider Insider Malicious Malicious Insider Insider 25
Poorly Protected Prelude to a Infrastructure Breach 4 Poorly Protected Infrastructure Organized Organized Criminal Criminal Well Well Meaning Meaning Insider Insider Malicious Malicious Insider Insider 26
The Challenge Develop and Enforce IT Policies Protect The Information Manage Systems Organized Organized Well Well Malicious Malicious Criminal Criminal Meaning Meaning Insider Insider Insider Insider Protect The Infrastructure 27 27
A Comprehensive Security Strategy Is Required Risk Based and Policy Driven IT Governance, Risk and Compliance Information - Centric Information Risk Management Organized Organized Well Well Malicious Malicious Criminal Well Meaning Insider Criminal Managed Infrastructure Meaning Insider Insider Insider Infrastructure Protection and Management 28
New Threats Require New Technologies Integrated Security Platform Open Console Security Dynamic Platform Unification Intelligence Protection Develop & Enforce IT Policies Manage Systems • IT Risk Management • Workflow • Compliance Process Automation • Application Streaming • Information-Centric Policy • Portable Personalities Protect the Information Protect the Infrastructure Organized Organized Well Well Malicious Malicious • Data Ownership Criminal Criminal Meaning • Reputation Based Security Meaning Insider Insider Insider • Automated Content Classification • Mobile and Server Security Insider • Content Aware Endpoint Security • Encryption 29
Symantec Focuses on Meeting These Challenges Develop and Enforce > Control Compliance Suite IT Policies Protect the > Data Loss Prevention Suite Information Manage Systems > IT Management Suite Organized Organized Well Well Malicious Malicious Criminal Criminal Meaning Meaning Insider Insider Protect the Insider Insider Infrastructure > Symantec Protection Suite 30
Addressing Important Security Questions > Can you enforce IT policies and remediate deficiencies? > Do you know where your sensitive information resides? > Can you easily manage the lifecycle of your IT assets? > Can you improve your security posture by rationalizing your security portfolio? Organized Organized Well Well Malicious Malicious Criminal Criminal Meaning Meaning Insider Insider Insider Insider 31
Thank You Organized Organized Well Well Malicious Malicious Criminal Criminal Meaning Meaning Insider Insider Insider Insider 32

Empfohlen

Smarter Safety: Flere data, færre kriminelle handlinger, Mauritz Gilberg & St...
Smarter Safety: Flere data, færre kriminelle handlinger, Mauritz Gilberg & St...Smarter Safety: Flere data, færre kriminelle handlinger, Mauritz Gilberg & St...
Smarter Safety: Flere data, færre kriminelle handlinger, Mauritz Gilberg & St...IBM Danmark
 
F-Secure Security Threat Report, H1 2012
F-Secure Security Threat Report, H1 2012F-Secure Security Threat Report, H1 2012
F-Secure Security Threat Report, H1 2012F-Secure Corporation
 
Securing Internet Payment Systems
Securing Internet Payment SystemsSecuring Internet Payment Systems
Securing Internet Payment SystemsDomenico Catalano
 
Sophos a-to-z
Sophos a-to-z Sophos a-to-z
Sophos a-to-z Cheng Olayvar
 
Secret Service
Secret ServiceSecret Service
Secret ServicePoliceUSA
 
News Bytes - December 2012
News Bytes - December 2012News Bytes - December 2012
News Bytes - December 2012n|u - The Open Security Community
 
Cyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreCyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreJamie Moore
 
Computer crimes
Computer crimesComputer crimes
Computer crimesHarshith Reddy
 

Empfohlen

Smarter Safety: Flere data, færre kriminelle handlinger, Mauritz Gilberg & St...
Smarter Safety: Flere data, færre kriminelle handlinger, Mauritz Gilberg & St...Smarter Safety: Flere data, færre kriminelle handlinger, Mauritz Gilberg & St...
Smarter Safety: Flere data, færre kriminelle handlinger, Mauritz Gilberg & St...IBM Danmark
 
F-Secure Security Threat Report, H1 2012
F-Secure Security Threat Report, H1 2012F-Secure Security Threat Report, H1 2012
F-Secure Security Threat Report, H1 2012F-Secure Corporation
 
Securing Internet Payment Systems
Securing Internet Payment SystemsSecuring Internet Payment Systems
Securing Internet Payment SystemsDomenico Catalano
 
Sophos a-to-z
Sophos a-to-z Sophos a-to-z
Sophos a-to-z Cheng Olayvar
 
Secret Service
Secret ServiceSecret Service
Secret ServicePoliceUSA
 
News Bytes - December 2012
News Bytes - December 2012News Bytes - December 2012
News Bytes - December 2012n|u - The Open Security Community
 
Cyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreCyber Warfare - Jamie Reece Moore
Cyber Warfare - Jamie Reece MooreJamie Moore
 
Computer crimes
Computer crimesComputer crimes
Computer crimesHarshith Reddy
 
About cyber war
About cyber warAbout cyber war
About cyber wareugenvaleriu
 
RSA 2012 Presentation: Information Protection
RSA 2012 Presentation: Information ProtectionRSA 2012 Presentation: Information Protection
RSA 2012 Presentation: Information ProtectionSymantec
 
Cyberterror & ciberwarfare - SILVA JR., Nelmon J.
Cyberterror & ciberwarfare - SILVA JR., Nelmon J.Cyberterror & ciberwarfare - SILVA JR., Nelmon J.
Cyberterror & ciberwarfare - SILVA JR., Nelmon J.Autônomo
 
Spiritualists, magicians and security vendors
Spiritualists, magicians and security vendorsSpiritualists, magicians and security vendors
Spiritualists, magicians and security vendorsChris Hammond-Thrasher
 
Communicating with third party security teams
Communicating with third party security teamsCommunicating with third party security teams
Communicating with third party security teamsFrankSobotka
 
Countering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryCountering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryTrend Micro
 
The Custom Defense Against Targeted Attacks
The Custom Defense Against Targeted AttacksThe Custom Defense Against Targeted Attacks
The Custom Defense Against Targeted AttacksTrend Micro
 
Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ssMaira Asif
 
Cyber war
Cyber warCyber war
Cyber warPraveen
 
Cyber War ( World War 3 )
Cyber War ( World War 3 )Cyber War ( World War 3 )
Cyber War ( World War 3 )Sameer Paradia
 
Mahindra Represented at The Mobile VAS SUMMIT 2009 by Virtue Insight
Mahindra Represented at The Mobile VAS SUMMIT 2009 by Virtue InsightMahindra Represented at The Mobile VAS SUMMIT 2009 by Virtue Insight
Mahindra Represented at The Mobile VAS SUMMIT 2009 by Virtue InsightParitosh Sharma
 
Getting users to care about security
Getting users to care about securityGetting users to care about security
Getting users to care about securityAlison Gianotto
 
2011-10 The Path to Compliance
2011-10 The Path to Compliance 2011-10 The Path to Compliance
2011-10 The Path to Compliance Raleigh ISSA
 
Ransomware is Here: Fundamentals Everyone Needs to Know
Ransomware is Here: Fundamentals Everyone Needs to KnowRansomware is Here: Fundamentals Everyone Needs to Know
Ransomware is Here: Fundamentals Everyone Needs to KnowJeremiah Grossman
 
Ids
IdsIds
Idsfangjiafu
 
Port security
Port securityPort security
Port securityborepatch
 
SLASH-Seminar-security awareness-v1-0-20121212
SLASH-Seminar-security awareness-v1-0-20121212SLASH-Seminar-security awareness-v1-0-20121212
SLASH-Seminar-security awareness-v1-0-20121212Haris Tahir
 
Is Information Security Worth It?
Is Information Security Worth It?Is Information Security Worth It?
Is Information Security Worth It?martin_lee1969
 
A comprehensive survey ransomware attacks prevention, monitoring and damage c...
A comprehensive survey ransomware attacks prevention, monitoring and damage c...A comprehensive survey ransomware attacks prevention, monitoring and damage c...
A comprehensive survey ransomware attacks prevention, monitoring and damage c...RSIS International
 
Defense In Depth Using NIST 800-30
Defense In Depth Using NIST 800-30Defense In Depth Using NIST 800-30
Defense In Depth Using NIST 800-30Kevin M. Moker, CFE, CISSP, ISSMP, CISM
 
Information Systems Security & Strategy
Information Systems Security & StrategyInformation Systems Security & Strategy
Information Systems Security & StrategyTony Hauxwell
 
IBM Security Strategy Overview
IBM Security Strategy OverviewIBM Security Strategy Overview
IBM Security Strategy Overviewxband
 

Weitere ähnliche Inhalte

Was ist angesagt?

RSA 2012 Presentation: Information Protection
RSA 2012 Presentation: Information ProtectionRSA 2012 Presentation: Information Protection
RSA 2012 Presentation: Information ProtectionSymantec
 
Cyberterror & ciberwarfare - SILVA JR., Nelmon J.
Cyberterror & ciberwarfare - SILVA JR., Nelmon J.Cyberterror & ciberwarfare - SILVA JR., Nelmon J.
Cyberterror & ciberwarfare - SILVA JR., Nelmon J.Autônomo
 
Spiritualists, magicians and security vendors
Spiritualists, magicians and security vendorsSpiritualists, magicians and security vendors
Spiritualists, magicians and security vendorsChris Hammond-Thrasher
 
Communicating with third party security teams
Communicating with third party security teamsCommunicating with third party security teams
Communicating with third party security teamsFrankSobotka
 
Countering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryCountering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryTrend Micro
 
The Custom Defense Against Targeted Attacks
The Custom Defense Against Targeted AttacksThe Custom Defense Against Targeted Attacks
The Custom Defense Against Targeted AttacksTrend Micro
 
Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ssMaira Asif
 
Cyber War ( World War 3 )
Cyber War ( World War 3 )Cyber War ( World War 3 )
Cyber War ( World War 3 )Sameer Paradia
 
Mahindra Represented at The Mobile VAS SUMMIT 2009 by Virtue Insight
Mahindra Represented at The Mobile VAS SUMMIT 2009 by Virtue InsightMahindra Represented at The Mobile VAS SUMMIT 2009 by Virtue Insight
Mahindra Represented at The Mobile VAS SUMMIT 2009 by Virtue InsightParitosh Sharma
 
Getting users to care about security
Getting users to care about securityGetting users to care about security
Getting users to care about securityAlison Gianotto
 
2011-10 The Path to Compliance
2011-10 The Path to Compliance 2011-10 The Path to Compliance
2011-10 The Path to Compliance Raleigh ISSA
 
Ransomware is Here: Fundamentals Everyone Needs to Know
Ransomware is Here: Fundamentals Everyone Needs to KnowRansomware is Here: Fundamentals Everyone Needs to Know
Ransomware is Here: Fundamentals Everyone Needs to KnowJeremiah Grossman
 
Port security
Port securityPort security
Port securityborepatch
 
SLASH-Seminar-security awareness-v1-0-20121212
SLASH-Seminar-security awareness-v1-0-20121212SLASH-Seminar-security awareness-v1-0-20121212
SLASH-Seminar-security awareness-v1-0-20121212Haris Tahir
 
Is Information Security Worth It?
Is Information Security Worth It?Is Information Security Worth It?
Is Information Security Worth It?martin_lee1969
 
A comprehensive survey ransomware attacks prevention, monitoring and damage c...
A comprehensive survey ransomware attacks prevention, monitoring and damage c...A comprehensive survey ransomware attacks prevention, monitoring and damage c...
A comprehensive survey ransomware attacks prevention, monitoring and damage c...RSIS International
 

Was ist angesagt? (19)

About cyber war
About cyber warAbout cyber war
About cyber war
 
RSA 2012 Presentation: Information Protection
RSA 2012 Presentation: Information ProtectionRSA 2012 Presentation: Information Protection
RSA 2012 Presentation: Information Protection
 
Cyberterror & ciberwarfare - SILVA JR., Nelmon J.
Cyberterror & ciberwarfare - SILVA JR., Nelmon J.Cyberterror & ciberwarfare - SILVA JR., Nelmon J.
Cyberterror & ciberwarfare - SILVA JR., Nelmon J.
 
Spiritualists, magicians and security vendors
Spiritualists, magicians and security vendorsSpiritualists, magicians and security vendors
Spiritualists, magicians and security vendors
 
Communicating with third party security teams
Communicating with third party security teamsCommunicating with third party security teams
Communicating with third party security teams
 
Countering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep DiscoveryCountering the Advanced Persistent Threat Challenge with Deep Discovery
Countering the Advanced Persistent Threat Challenge with Deep Discovery
 
The Custom Defense Against Targeted Attacks
The Custom Defense Against Targeted AttacksThe Custom Defense Against Targeted Attacks
The Custom Defense Against Targeted Attacks
 
Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ss
 
Cyber war
Cyber warCyber war
Cyber war
 
Cyber War ( World War 3 )
Cyber War ( World War 3 )Cyber War ( World War 3 )
Cyber War ( World War 3 )
 
Mahindra Represented at The Mobile VAS SUMMIT 2009 by Virtue Insight
Mahindra Represented at The Mobile VAS SUMMIT 2009 by Virtue InsightMahindra Represented at The Mobile VAS SUMMIT 2009 by Virtue Insight
Mahindra Represented at The Mobile VAS SUMMIT 2009 by Virtue Insight
 
Getting users to care about security
Getting users to care about securityGetting users to care about security
Getting users to care about security
 
2011-10 The Path to Compliance
2011-10 The Path to Compliance 2011-10 The Path to Compliance
2011-10 The Path to Compliance
 
Ransomware is Here: Fundamentals Everyone Needs to Know
Ransomware is Here: Fundamentals Everyone Needs to KnowRansomware is Here: Fundamentals Everyone Needs to Know
Ransomware is Here: Fundamentals Everyone Needs to Know
 
Ids
IdsIds
Ids
 
Port security
Port securityPort security
Port security
 
SLASH-Seminar-security awareness-v1-0-20121212
SLASH-Seminar-security awareness-v1-0-20121212SLASH-Seminar-security awareness-v1-0-20121212
SLASH-Seminar-security awareness-v1-0-20121212
 
Is Information Security Worth It?
Is Information Security Worth It?Is Information Security Worth It?
Is Information Security Worth It?
 
A comprehensive survey ransomware attacks prevention, monitoring and damage c...
A comprehensive survey ransomware attacks prevention, monitoring and damage c...A comprehensive survey ransomware attacks prevention, monitoring and damage c...
A comprehensive survey ransomware attacks prevention, monitoring and damage c...
 

Andere mochten auch

Information Systems Security & Strategy
Information Systems Security & StrategyInformation Systems Security & Strategy
Information Systems Security & StrategyTony Hauxwell
 
IBM Security Strategy Overview
IBM Security Strategy OverviewIBM Security Strategy Overview
IBM Security Strategy Overviewxband
 
Information security management
Information security managementInformation security management
Information security managementUMaine
 
Build an Information Security Strategy
Build an Information Security StrategyBuild an Information Security Strategy
Build an Information Security StrategyAndrew Byers
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security RoadmapElliott Franklin
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITYAhmed Moussa
 

Andere mochten auch (7)

Defense In Depth Using NIST 800-30
Defense In Depth Using NIST 800-30Defense In Depth Using NIST 800-30
Defense In Depth Using NIST 800-30
 
Information Systems Security & Strategy
Information Systems Security & StrategyInformation Systems Security & Strategy
Information Systems Security & Strategy
 
IBM Security Strategy Overview
IBM Security Strategy OverviewIBM Security Strategy Overview
IBM Security Strategy Overview
 
Information security management
Information security managementInformation security management
Information security management
 
Build an Information Security Strategy
Build an Information Security StrategyBuild an Information Security Strategy
Build an Information Security Strategy
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security Roadmap
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITY
 

Ähnlich wie RSA 2010 Francis De Souza

Insider Attacks: Theft of Intellectual and Proprietary Data
Insider Attacks: Theft of Intellectual and Proprietary DataInsider Attacks: Theft of Intellectual and Proprietary Data
Insider Attacks: Theft of Intellectual and Proprietary DataLindsey Landolfi
 
S nandakumar
S nandakumarS nandakumar
S nandakumarIPPAI
 
SEC 573 Project 1 2.22.15
SEC 573 Project 1 2.22.15SEC 573 Project 1 2.22.15
SEC 573 Project 1 2.22.15haney888
 
IBM Cyber Threat Analysis
IBM Cyber Threat AnalysisIBM Cyber Threat Analysis
IBM Cyber Threat AnalysisIBM Government
 
Anatomy of an Attack
Anatomy of an AttackAnatomy of an Attack
Anatomy of an Attackspoofyroot
 
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docxalinainglis
 
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Global Business Events
 
UN Presentation - 10-17-2018 - Maccaglia
UN Presentation - 10-17-2018 - MaccagliaUN Presentation - 10-17-2018 - Maccaglia
UN Presentation - 10-17-2018 - MaccagliaStefano Maccaglia
 
4598 cybercrime
4598 cybercrime4598 cybercrime
4598 cybercrimeravikanthh
 
Cyber crimes (By Mohammad Ahmed)
Cyber crimes (By Mohammad Ahmed)Cyber crimes (By Mohammad Ahmed)
Cyber crimes (By Mohammad Ahmed)Mohammad Ahmed
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscapeyohansurya2
 
Cyber Espionage: A Digital License To Kill?
Cyber Espionage: A Digital License To Kill?Cyber Espionage: A Digital License To Kill?
Cyber Espionage: A Digital License To Kill?F-Secure Corporation
 
LIFARS - Financial Cybercrime
LIFARS - Financial CybercrimeLIFARS - Financial Cybercrime
LIFARS - Financial CybercrimeLIFARS
 
Growing cyber crime
Growing cyber crimeGrowing cyber crime
Growing cyber crimeAman Kumar
 

Ähnlich wie RSA 2010 Francis De Souza (20)

Insider Attacks: Theft of Intellectual and Proprietary Data
Insider Attacks: Theft of Intellectual and Proprietary DataInsider Attacks: Theft of Intellectual and Proprietary Data
Insider Attacks: Theft of Intellectual and Proprietary Data
 
S nandakumar
S nandakumarS nandakumar
S nandakumar
 
SEC 573 Project 1 2.22.15
SEC 573 Project 1 2.22.15SEC 573 Project 1 2.22.15
SEC 573 Project 1 2.22.15
 
Apresentação Allen ES
Apresentação Allen ESApresentação Allen ES
Apresentação Allen ES
 
Public Private Partnership - Combating CyberCrime
Public Private Partnership - Combating CyberCrime Public Private Partnership - Combating CyberCrime
Public Private Partnership - Combating CyberCrime
 
IBM Cyber Threat Analysis
IBM Cyber Threat AnalysisIBM Cyber Threat Analysis
IBM Cyber Threat Analysis
 
Anatomy of an Attack
Anatomy of an AttackAnatomy of an Attack
Anatomy of an Attack
 
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docx
 
Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?Trend Micro - Targeted attacks: Have you found yours?
Trend Micro - Targeted attacks: Have you found yours?
 
NCSO
NCSONCSO
NCSO
 
CyberCrime attacks on Small Businesses
CyberCrime attacks on Small BusinessesCyberCrime attacks on Small Businesses
CyberCrime attacks on Small Businesses
 
Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?Targeted Attacks: Have you found yours?
Targeted Attacks: Have you found yours?
 
UN Presentation - 10-17-2018 - Maccaglia
UN Presentation - 10-17-2018 - MaccagliaUN Presentation - 10-17-2018 - Maccaglia
UN Presentation - 10-17-2018 - Maccaglia
 
4598 cybercrime
4598 cybercrime4598 cybercrime
4598 cybercrime
 
Cyber crimes (By Mohammad Ahmed)
Cyber crimes (By Mohammad Ahmed)Cyber crimes (By Mohammad Ahmed)
Cyber crimes (By Mohammad Ahmed)
 
Corporate threat vector and landscape
Corporate threat vector and landscapeCorporate threat vector and landscape
Corporate threat vector and landscape
 
Cyber Espionage: A Digital License To Kill?
Cyber Espionage: A Digital License To Kill?Cyber Espionage: A Digital License To Kill?
Cyber Espionage: A Digital License To Kill?
 
LIFARS - Financial Cybercrime
LIFARS - Financial CybercrimeLIFARS - Financial Cybercrime
LIFARS - Financial Cybercrime
 
Growing cyber crime
Growing cyber crimeGrowing cyber crime
Growing cyber crime
 
DNS Cybersecurity in 2012-2015
DNS Cybersecurity in 2012-2015DNS Cybersecurity in 2012-2015
DNS Cybersecurity in 2012-2015
 

Mehr von Symantec

Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec
 

Mehr von Symantec (20)

Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of Broadcom
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own IT
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat Report
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat Report
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB Projects
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year On
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front Lines
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
 

Kürzlich hochgeladen

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 

Kürzlich hochgeladen (20)

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 

RSA 2010 Francis De Souza

  • 1. Today’s IT Attacks: An Title of Presentation IT Security Strategy To Protect Your Assets Francis deSouza Symantec Session ID: SPO1-107 Session Classification: Intermediate
  • 2. Agenda Sources of a Breach Security Market Drivers Breach Analysis Security Strategy 2
  • 3. A CRIME IS COMMITTED Secure EVERY ¼ OF A SECOND Endpoints ON THE WEB 3
  • 4. Secure 1 IN 5 Endpoints WILL BE A VICTIM OF CYBER CRIME 4
  • 5. 100% Secure Endpoints OF ENTERPRISES HAVE EXPERIENCED CYBER LOSSES 5
  • 6. CYBER ATTACKS COST COMPANY’S AN Secure Endpoints AVERAGE OF $2 MILLION ANNUALLY 6
  • 7. $75% Secure OF ALL ENTERPRISES Endpoints HAVE EXPERIENCED CYBER ATTACKS IN THE PAST 12 MONTHS 7
  • 8. 43% Secure Endpoints OF COMPANIES LOST CONFIDENTIAL DATA IN 2009 8
  • 9. ENTERPRISE SECURITY IS Secure Endpoints BECOMING MORE DIFFICULT 9
  • 10. Sources Of A Breach Organized Organized Well Well Well Malicious Malicious Malicious Targeted Meaning Insider Criminal Criminal Meaning Meaning Insider Insider Insider Attackers Insider Insider 10
  • 11. History of Targeted Attacks US Government: January 12: Systems in the Department of Google announces they Solar Sunrise: Defense, State, Commerce, have been a victim of a Attacks stealing passwords Energy, and NASA all comprised targeted attack from DoD systems and terabytes of information conducted by 2 Californian confirmed stolen. and 1 Israeli teenager 1998|1999|2000|2001|2002|2003|2004|2005|2006|2007|2008|2009|2010 Ghostnet: Moonlight Maze: Titan Rain: Attacks on Tibetan Organized Organized Attacks targeting US Well Well Coordinated attacks on Malicious Malicious organizations and Criminal military secrets reported Criminal Meaningmilitary US government Meaning Insider many embassies of Insider to be conducted by Russia Insider installations and private EMEA countries, and Insider contractors NATO systems. 11
  • 12. Anatomy Of A Breach Anatomy Of A Breach > Incursion > Discovery > Capture Organized Organized Well Well Malicious Malicious Criminal Criminal Meaning Meaning Insider Insider Insider > Exfiltration Insider 12
  • 13. Mass Attack vs Targeted Attack Phase Mass Attack Targeted Attack Incursion Generic social engineering Handcrafted and personalized By-chance infection methods of delivery Discovery Typically no discovery, Examination of the infected resource, assumes content is in a monitoring of the user to determine predefined and predictable additional accessible resources, location and network enumeration Capture Predefined specific data or Manual analysis and inspection of the data which matches a data predefined pattern such as a credit card number Well Malicious Exfiltration Organized Organized Well Information sentMeaning to a dump Malicious Information sent back directly to the Insider Criminal site often with little Criminal Meaning Insider attacker Insider stored in a known and not Insider protection and dump site location for an extended period serves as long term storage 13
  • 14. IncursionIncursion Security Market Drivers In 2009 spam accounted for 90% of all email traffic In 2008, Symantec documented 5,471 vulnerabilities, 80% of which were easily exploitable 90% of incidents wouldn’t have happened if systems were patched In 2009 we found 47,000 active bot-infected computers per day 14
  • 15. DiscoveryDiscovery Security Market Drivers 91% of records compromised in 2008 involved organized crime targeting corporate information 81% of attacked companies were non-compliant in PCI 67% of breaches were aided by insider negligence 15
  • 16. Capture Capture Security Market Drivers 285 million records were stolen in 2008, compared to 230 million between 2004 and 2007 Credit card detail accounts for 19% of all goods advertised on underground economy servers IP theft costs companies $600 billion globally 16
  • 17. Exfiltration Exfiltration Security Market Drivers “Hackers Targeted Source Code of More Than 30 Companies” Jan 13, Wired.com “SS Numbers Of Californians Accidently Disclosed” Feb 9 KTLA.com “HSBC Bank Reports Lost Client Data From Swiss Private Bank” Dec 9, Reuters “Gov’t Posts Sensitive List of US Nuclear Sites” Associated Press 17
  • 19. Dissecting Hydraq Hi Francis, I met you at the Malware Conference last month. Wanted to let you know I Incursion got this great shot of you doing your presentation. I posted it here: Attacker Breaks into the networkOrganized by delivering Organized Well Well Malicious Malicious targeted malware to Criminal Criminal Meaning Meaning Insider Insider vulnerable systems and Insider Insider employees 19
  • 20. Dissecting Hydraq Discovery Hacker Maps Organizations Defenses Organized Organized From the Inside and Well Well Malicious Malicious Criminal Criminal Meaning Meaning Insider Insider Creates a Battle Plan Insider Insider 20
  • 21. Dissecting Hydraq Capture Attacker Accesses Data on Unprotected Systems Organized Organized and Installs Malware to Criminal Criminal Secretly Acquire Crucial Data 21
  • 22. Dissecting Hydraq Hydraq Victim Exfiltration Confidential Data Sent Back to Enemy’s “Home Base” for Organized Exploitation Organized Well Well Malicious Malicious Criminal Meaning Insider and FraudCriminal Meaning Insider Insider Insider Attacker 72.3.224.71:443 22
  • 23. Prelude to a Poorly Enforced IT Policies Breach 1 Poorly Enforced IT Policies Organized Organized Criminal Criminal Well Well Meaning Meaning Insider Insider Malicious Malicious Insider Insider 23
  • 24. Poorly Protected Prelude to a Information Breach 2 Poorly Protected Information Organized Organized Criminal Criminal Well Well Meaning Meaning Insider Insider Malicious Malicious Insider Insider 24
  • 25. Prelude to a Breach Poorly Managed Systems 3 Poorly Managed Systems Organized Organized Criminal Criminal Well Well Meaning Meaning Insider Insider Malicious Malicious Insider Insider 25
  • 26. Poorly Protected Prelude to a Infrastructure Breach 4 Poorly Protected Infrastructure Organized Organized Criminal Criminal Well Well Meaning Meaning Insider Insider Malicious Malicious Insider Insider 26
  • 27. The Challenge Develop and Enforce IT Policies Protect The Information Manage Systems Organized Organized Well Well Malicious Malicious Criminal Criminal Meaning Meaning Insider Insider Insider Insider Protect The Infrastructure 27 27
  • 28. A Comprehensive Security Strategy Is Required Risk Based and Policy Driven IT Governance, Risk and Compliance Information - Centric Information Risk Management Organized Organized Well Well Malicious Malicious Criminal Well Meaning Insider Criminal Managed Infrastructure Meaning Insider Insider Insider Infrastructure Protection and Management 28
  • 29. New Threats Require New Technologies Integrated Security Platform Open Console Security Dynamic Platform Unification Intelligence Protection Develop & Enforce IT Policies Manage Systems • IT Risk Management • Workflow • Compliance Process Automation • Application Streaming • Information-Centric Policy • Portable Personalities Protect the Information Protect the Infrastructure Organized Organized Well Well Malicious Malicious • Data Ownership Criminal Criminal Meaning • Reputation Based Security Meaning Insider Insider Insider • Automated Content Classification • Mobile and Server Security Insider • Content Aware Endpoint Security • Encryption 29
  • 30. Symantec Focuses on Meeting These Challenges Develop and Enforce > Control Compliance Suite IT Policies Protect the > Data Loss Prevention Suite Information Manage Systems > IT Management Suite Organized Organized Well Well Malicious Malicious Criminal Criminal Meaning Meaning Insider Insider Protect the Insider Insider Infrastructure > Symantec Protection Suite 30
  • 31. Addressing Important Security Questions > Can you enforce IT policies and remediate deficiencies? > Do you know where your sensitive information resides? > Can you easily manage the lifecycle of your IT assets? > Can you improve your security posture by rationalizing your security portfolio? Organized Organized Well Well Malicious Malicious Criminal Criminal Meaning Meaning Insider Insider Insider Insider 31
  • 32. Thank You Organized Organized Well Well Malicious Malicious Criminal Criminal Meaning Meaning Insider Insider Insider Insider 32