SlideShare ist ein Scribd-Unternehmen logo

Securing the Human (人を守るセキュリティ)

itforum-roundtable
itforum-roundtable

2012年12月5日に東京・中央区のベルサール八重洲で開催された、ITフォーラム「地方自治組織における危機管理~サイバー攻撃対応編~」(主催・経済産業新報社、後援・ブルーコートシステムズ合同会社)におけるRSAコンファレンスプログラム議長/米ブルーコートシステムズ最高セキュリティ戦略責任者 ヒュー・トンプソン(Hugh Thompson)博士による地方自治体が抱える課題と世界の先進事例紹介。 http://www.itforum-roundtable.com/

Technologie
1 von 30
Downloaden Sie, um offline zu lesen
Securing the Human: Challenges and Success Stories Dr. Hugh Thompson Chief Security Strategist and Senior Vice President © Blue Coat Systems, Inc. 2012.
© Blue Coat Systems, Inc. 2012.
© Blue Coat Systems, Inc. 2012.
The Shifting IT Environment © Blue Coat Systems, Inc. 2012.
Shift: Attackers • Attackers are becoming organized and profit-driven • Attackers are turning to a blend of technical and human attacks • An entire underground economy has been created: – Meeting place for buyers and sellers (chat rooms, auction sites, etc.) – What they are trading: vulnerabilities, botnet time, credit card numbers, PII, … – New ways to exchange of “value” anonymously and in non- sovereign currency © Blue Coat Systems, Inc. 2012.
Shift: Consumerization • Shift in technology power – from the enterprise to the individual • Employee-owned devices are now more powerful than company-provided devices • Rogue/shadow IT is large and growing as individuals now have greater choices with technology © Blue Coat Systems, Inc. 2012.
Shift: Growing complexity/credibility of attacks • It is becoming harder for users to make good security/risk choices – Bad neighborhoods online are looking like good neighborhoods online – Phishing emails use shortened URLS and are increasingly credible – Bad URLs coming in from “trusted” sources • Safety nets are eroding – Desktop AV often not present or unreliable on BYOD – New malware being generated quickly, reducing the effectiveness of AV signatures © Blue Coat Systems, Inc. 2012.
© Blue Coat Systems, Inc. 2012.
WARNING! SHARKMAGEDDON!! © Blue Coat Systems, Inc. 2012.
Behind the numbers • Worldwide shark attacks rose from 63 to 79 in 2010. • Much of the increase was due to two very angry sharks in Egypt! © Blue Coat Systems, Inc. 2012.
Hackernomics In the absence of security education or experience, people (customers, managers, developers, testers, designers) naturally make poor security decisions with technology Corollary: Systems need to be easy to use securely and difficult to use insecurely © Blue Coat Systems, Inc. 2012.
© Blue Coat Systems, Inc. 2012.
© Blue Coat Systems, Inc. 2012. 17
Haccident (hacking accident) An undesirable or unfortunate happening that occurs unintentionally by users making security mistakes when using technology. © Blue Coat Systems, Inc. 2012.
© Blue Coat Systems, Inc. 2012.
© Blue Coat Systems, Inc. 2012.
Bob door slide © Blue Coat Systems, Inc. 2012.
© Blue Coat Systems, Inc. 2012.
© Blue Coat Systems, Inc. 2012.
WebPulse Collaborative Defense Proxy Cloud Proxy Packet Cache K9 Third SG Service AV Shaper Flow Party Aware Intelligent Proactive  75 Million Users  New & Emerging Malware  Malnet Tracking Worldwide  Negative Day Defense  Multi-dimensional Ratings  One Billion Daily for Different Content Types  Web & Mobile Application Requests Controls  Real-time Web Filtering in  Consumer & Enterprise 21 Languages  Blocks 3.3M Threats Daily © Blue Coat Systems, Inc. 2012 24
Negative Day Defense Negative Day Defense Identifies Negative Day Defense Continues to Block Malnet Infrastructure and Blocks New Components UTM AV Engines Begin Detection Policy applied Active Threat Phase -30 Days 0 Day +1 Days +30 Days Infrastructure Phase New Subnet, Exploit Attack Dynamic Payload Attack IP Address Server Begins Changes Domain Ends and Host Name © Blue Coat Systems, Inc. 2012 25
Enabling the Real-Time Enterprise Single Device Multiple Devices Owned by IT Devices Owned by Employee Office-Based Users Always-on Remote & Users & on Private WAN Mobile Workers, Networks Controlled by IT Public Access Enterprise Apps Store & Enterprise Apps Applications Consumer Style Apps Sanctioned by IT Mandated by Users Securing the Securing the Perimeter Security User © Blue Coat Systems, Inc. 2012 26
No Intranet Access Choppy Video VPN Error Inaudible Voice Multiple Logins Required Malware Exposure © Blue Coat Systems, Inc. 2012.
Fast Response Time Streaming Video & Voice Seamless Access to Apps Malware Protected One, Secure Login Greater Productivity © Blue Coat Systems, Inc. 2012.
© Blue Coat Systems, Inc. 2012.
Summary • The threat landscape is changing – attackers are going after both technical vulnerabilities and human vulnerabilities • We must be proactive in stopping threats • Preventing bad user choices is a key component of a comprehensive security solution © Blue Coat Systems, Inc. 2012.

Empfohlen

MBM's InterGuard Security Suite
MBM's InterGuard Security SuiteMBM's InterGuard Security Suite
MBM's InterGuard Security SuiteCharles McNeil
 
Cloud securityperspectives cmg
Cloud securityperspectives cmgCloud securityperspectives cmg
Cloud securityperspectives cmgNeha Dhawan
 
Bapinger Network Security
Bapinger Network SecurityBapinger Network Security
Bapinger Network SecurityDjadja Sardjana
 
Cat6500 Praesentation
Cat6500 PraesentationCat6500 Praesentation
Cat6500 PraesentationSophan_Pheng
 
Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance MandatesSecure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance MandatesHyTrust
 
Presentatie mc afee emm 2011
Presentatie mc afee emm 2011Presentatie mc afee emm 2011
Presentatie mc afee emm 2011SecutecGroup Baudewijns
 
Justice Federal Credit Union Success Story
Justice Federal Credit Union Success StoryJustice Federal Credit Union Success Story
Justice Federal Credit Union Success StoryImprivata
 
Mobile Security
Mobile Security Mobile Security
Mobile Security Fresh Digital Group
 

Empfohlen

MBM's InterGuard Security Suite
MBM's InterGuard Security SuiteMBM's InterGuard Security Suite
MBM's InterGuard Security SuiteCharles McNeil
 
Cloud securityperspectives cmg
Cloud securityperspectives cmgCloud securityperspectives cmg
Cloud securityperspectives cmgNeha Dhawan
 
Bapinger Network Security
Bapinger Network SecurityBapinger Network Security
Bapinger Network SecurityDjadja Sardjana
 
Cat6500 Praesentation
Cat6500 PraesentationCat6500 Praesentation
Cat6500 PraesentationSophan_Pheng
 
Secure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance MandatesSecure and Scale Your Virtual Infrastructure While Meeting Compliance Mandates
Secure and Scale Your Virtual Infrastructure While Meeting Compliance MandatesHyTrust
 
Presentatie mc afee emm 2011
Presentatie mc afee emm 2011Presentatie mc afee emm 2011
Presentatie mc afee emm 2011SecutecGroup Baudewijns
 
Justice Federal Credit Union Success Story
Justice Federal Credit Union Success StoryJustice Federal Credit Union Success Story
Justice Federal Credit Union Success StoryImprivata
 
Mobile Security
Mobile Security Mobile Security
Mobile Security Fresh Digital Group
 
Take Control of End User Security
Take Control of End User SecurityTake Control of End User Security
Take Control of End User Securityanniebrowny
 
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...HyTrust
 
Security White Paper
Security White PaperSecurity White Paper
Security White PaperMobiWee
 
It's 2012 and My Network Got Hacked - Omar Santos
It's 2012 and My Network Got Hacked - Omar SantosIt's 2012 and My Network Got Hacked - Omar Santos
It's 2012 and My Network Got Hacked - Omar Santossantosomar
 
Best Practices for Cloud Security
Best Practices for Cloud SecurityBest Practices for Cloud Security
Best Practices for Cloud SecurityIT@Intel
 
B fujitsu uk-and_ireland_cs.en-us
B fujitsu uk-and_ireland_cs.en-usB fujitsu uk-and_ireland_cs.en-us
B fujitsu uk-and_ireland_cs.en-ustewodros13
 
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust
 
Trend micro deep security
Trend micro deep securityTrend micro deep security
Trend micro deep securityTrend Micro
 
IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...
IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...
IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...AIP Foundation
 
Im cloud workshop denver 2
Im cloud workshop denver 2Im cloud workshop denver 2
Im cloud workshop denver 2David Stephens
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...HyTrust
 
Virtela Corp Brochure
Virtela Corp BrochureVirtela Corp Brochure
Virtela Corp Brochuretmcleland
 
Enterasys Mobile IAM BYOD Brochure
Enterasys Mobile IAM BYOD BrochureEnterasys Mobile IAM BYOD Brochure
Enterasys Mobile IAM BYOD BrochureArrow ECS UK
 
DSS ITSEC Conference 2012 - Lumension Intelligent Application Whitelisting & ...
DSS ITSEC Conference 2012 - Lumension Intelligent Application Whitelisting & ...DSS ITSEC Conference 2012 - Lumension Intelligent Application Whitelisting & ...
DSS ITSEC Conference 2012 - Lumension Intelligent Application Whitelisting & ...Andris Soroka
 
Net motion wireless-and_frost-sullivan_a-new-mobilty_ps
Net motion wireless-and_frost-sullivan_a-new-mobilty_psNet motion wireless-and_frost-sullivan_a-new-mobilty_ps
Net motion wireless-and_frost-sullivan_a-new-mobilty_psAccenture
 
Securing mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentSecuring mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentK Singh
 
Security brochure 2012_ibm_v1_a4
Security brochure 2012_ibm_v1_a4Security brochure 2012_ibm_v1_a4
Security brochure 2012_ibm_v1_a4Arrow ECS UK
 
Byod+ +bring+your+own+device
Byod+ +bring+your+own+device Byod+ +bring+your+own+device
Byod+ +bring+your+own+device J
 
Trend micro - Your journey to the cloud, where are you
Trend micro - Your journey to the cloud, where are youTrend micro - Your journey to the cloud, where are you
Trend micro - Your journey to the cloud, where are youGlobal Business Events
 
2010-11 The Anatomy of a Web Attack
2010-11 The Anatomy of a Web Attack 2010-11 The Anatomy of a Web Attack
2010-11 The Anatomy of a Web Attack Raleigh ISSA
 
Infoblox Cloud Solutions - Cisco Mid-Atlantic User Group
Infoblox Cloud Solutions - Cisco Mid-Atlantic User GroupInfoblox Cloud Solutions - Cisco Mid-Atlantic User Group
Infoblox Cloud Solutions - Cisco Mid-Atlantic User GroupNetCraftsmen
 
Bluecoat Services
Bluecoat ServicesBluecoat Services
Bluecoat ServicesChessBall
 

Weitere ähnliche Inhalte

Was ist angesagt?

Take Control of End User Security
Take Control of End User SecurityTake Control of End User Security
Take Control of End User Securityanniebrowny
 
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...HyTrust
 
Security White Paper
Security White PaperSecurity White Paper
Security White PaperMobiWee
 
It's 2012 and My Network Got Hacked - Omar Santos
It's 2012 and My Network Got Hacked - Omar SantosIt's 2012 and My Network Got Hacked - Omar Santos
It's 2012 and My Network Got Hacked - Omar Santossantosomar
 
Best Practices for Cloud Security
Best Practices for Cloud SecurityBest Practices for Cloud Security
Best Practices for Cloud SecurityIT@Intel
 
B fujitsu uk-and_ireland_cs.en-us
B fujitsu uk-and_ireland_cs.en-usB fujitsu uk-and_ireland_cs.en-us
B fujitsu uk-and_ireland_cs.en-ustewodros13
 
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust
 
Trend micro deep security
Trend micro deep securityTrend micro deep security
Trend micro deep securityTrend Micro
 
IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...
IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...
IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...AIP Foundation
 
Im cloud workshop denver 2
Im cloud workshop denver 2Im cloud workshop denver 2
Im cloud workshop denver 2David Stephens
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...HyTrust
 
Virtela Corp Brochure
Virtela Corp BrochureVirtela Corp Brochure
Virtela Corp Brochuretmcleland
 
Enterasys Mobile IAM BYOD Brochure
Enterasys Mobile IAM BYOD BrochureEnterasys Mobile IAM BYOD Brochure
Enterasys Mobile IAM BYOD BrochureArrow ECS UK
 
DSS ITSEC Conference 2012 - Lumension Intelligent Application Whitelisting & ...
DSS ITSEC Conference 2012 - Lumension Intelligent Application Whitelisting & ...DSS ITSEC Conference 2012 - Lumension Intelligent Application Whitelisting & ...
DSS ITSEC Conference 2012 - Lumension Intelligent Application Whitelisting & ...Andris Soroka
 
Net motion wireless-and_frost-sullivan_a-new-mobilty_ps
Net motion wireless-and_frost-sullivan_a-new-mobilty_psNet motion wireless-and_frost-sullivan_a-new-mobilty_ps
Net motion wireless-and_frost-sullivan_a-new-mobilty_psAccenture
 
Securing mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentSecuring mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentK Singh
 
Security brochure 2012_ibm_v1_a4
Security brochure 2012_ibm_v1_a4Security brochure 2012_ibm_v1_a4
Security brochure 2012_ibm_v1_a4Arrow ECS UK
 
Byod+ +bring+your+own+device
Byod+ +bring+your+own+device Byod+ +bring+your+own+device
Byod+ +bring+your+own+device J
 
Trend micro - Your journey to the cloud, where are you
Trend micro - Your journey to the cloud, where are youTrend micro - Your journey to the cloud, where are you
Trend micro - Your journey to the cloud, where are youGlobal Business Events
 

Was ist angesagt? (19)

Take Control of End User Security
Take Control of End User SecurityTake Control of End User Security
Take Control of End User Security
 
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
Virtualize More While Improving Your Cybersecurity Risk Posture - The "4 Must...
 
Security White Paper
Security White PaperSecurity White Paper
Security White Paper
 
It's 2012 and My Network Got Hacked - Omar Santos
It's 2012 and My Network Got Hacked - Omar SantosIt's 2012 and My Network Got Hacked - Omar Santos
It's 2012 and My Network Got Hacked - Omar Santos
 
Best Practices for Cloud Security
Best Practices for Cloud SecurityBest Practices for Cloud Security
Best Practices for Cloud Security
 
B fujitsu uk-and_ireland_cs.en-us
B fujitsu uk-and_ireland_cs.en-usB fujitsu uk-and_ireland_cs.en-us
B fujitsu uk-and_ireland_cs.en-us
 
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure
 
Trend micro deep security
Trend micro deep securityTrend micro deep security
Trend micro deep security
 
IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...
IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...
IBM Mobile Foundation POT - Overview of ibm endpoint manager for mobile devic...
 
Im cloud workshop denver 2
Im cloud workshop denver 2Im cloud workshop denver 2
Im cloud workshop denver 2
 
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
Virtualize More in 2012 with HyTrust-Boost Data Center Efficiency and Consoli...
 
Virtela Corp Brochure
Virtela Corp BrochureVirtela Corp Brochure
Virtela Corp Brochure
 
Enterasys Mobile IAM BYOD Brochure
Enterasys Mobile IAM BYOD BrochureEnterasys Mobile IAM BYOD Brochure
Enterasys Mobile IAM BYOD Brochure
 
DSS ITSEC Conference 2012 - Lumension Intelligent Application Whitelisting & ...
DSS ITSEC Conference 2012 - Lumension Intelligent Application Whitelisting & ...DSS ITSEC Conference 2012 - Lumension Intelligent Application Whitelisting & ...
DSS ITSEC Conference 2012 - Lumension Intelligent Application Whitelisting & ...
 
Net motion wireless-and_frost-sullivan_a-new-mobilty_ps
Net motion wireless-and_frost-sullivan_a-new-mobilty_psNet motion wireless-and_frost-sullivan_a-new-mobilty_ps
Net motion wireless-and_frost-sullivan_a-new-mobilty_ps
 
Securing mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentSecuring mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environment
 
Security brochure 2012_ibm_v1_a4
Security brochure 2012_ibm_v1_a4Security brochure 2012_ibm_v1_a4
Security brochure 2012_ibm_v1_a4
 
Byod+ +bring+your+own+device
Byod+ +bring+your+own+device Byod+ +bring+your+own+device
Byod+ +bring+your+own+device
 
Trend micro - Your journey to the cloud, where are you
Trend micro - Your journey to the cloud, where are youTrend micro - Your journey to the cloud, where are you
Trend micro - Your journey to the cloud, where are you
 

Andere mochten auch

2010-11 The Anatomy of a Web Attack
2010-11 The Anatomy of a Web Attack 2010-11 The Anatomy of a Web Attack
2010-11 The Anatomy of a Web Attack Raleigh ISSA
 
Infoblox Cloud Solutions - Cisco Mid-Atlantic User Group
Infoblox Cloud Solutions - Cisco Mid-Atlantic User GroupInfoblox Cloud Solutions - Cisco Mid-Atlantic User Group
Infoblox Cloud Solutions - Cisco Mid-Atlantic User GroupNetCraftsmen
 
Bluecoat Services
Bluecoat ServicesBluecoat Services
Bluecoat ServicesChessBall
 
Top 5 Reasons To Consider SolarWinds IPAM Over Infoblox
Top 5 Reasons To Consider SolarWinds IPAM Over InfobloxTop 5 Reasons To Consider SolarWinds IPAM Over Infoblox
Top 5 Reasons To Consider SolarWinds IPAM Over InfobloxSolarWinds
 
DNS Security Threats and Solutions
DNS Security Threats and SolutionsDNS Security Threats and Solutions
DNS Security Threats and SolutionsInnoTech
 
Cómo mejorar la seguridad de los servicios de DNS, DHCP e IPAM
Cómo mejorar la seguridad de los servicios de DNS, DHCP e IPAMCómo mejorar la seguridad de los servicios de DNS, DHCP e IPAM
Cómo mejorar la seguridad de los servicios de DNS, DHCP e IPAMMundo Contact
 
Content Analysis System and Advanced Threat Protection
Content Analysis System and Advanced Threat ProtectionContent Analysis System and Advanced Threat Protection
Content Analysis System and Advanced Threat ProtectionBlue Coat
 
Advanced Threat Protection - Sandboxing 101
Advanced Threat Protection - Sandboxing 101Advanced Threat Protection - Sandboxing 101
Advanced Threat Protection - Sandboxing 101Blue Coat
 
DNS Security Presentation ISSA
DNS Security Presentation ISSADNS Security Presentation ISSA
DNS Security Presentation ISSASrikrupa Srivatsan
 

Andere mochten auch (12)

2010-11 The Anatomy of a Web Attack
2010-11 The Anatomy of a Web Attack 2010-11 The Anatomy of a Web Attack
2010-11 The Anatomy of a Web Attack
 
Infoblox Cloud Solutions - Cisco Mid-Atlantic User Group
Infoblox Cloud Solutions - Cisco Mid-Atlantic User GroupInfoblox Cloud Solutions - Cisco Mid-Atlantic User Group
Infoblox Cloud Solutions - Cisco Mid-Atlantic User Group
 
Bluecoat Services
Bluecoat ServicesBluecoat Services
Bluecoat Services
 
Top 5 Reasons To Consider SolarWinds IPAM Over Infoblox
Top 5 Reasons To Consider SolarWinds IPAM Over InfobloxTop 5 Reasons To Consider SolarWinds IPAM Over Infoblox
Top 5 Reasons To Consider SolarWinds IPAM Over Infoblox
 
DNS Security Threats and Solutions
DNS Security Threats and SolutionsDNS Security Threats and Solutions
DNS Security Threats and Solutions
 
Infoblox Secure DNS Solution
Infoblox Secure DNS SolutionInfoblox Secure DNS Solution
Infoblox Secure DNS Solution
 
Cómo mejorar la seguridad de los servicios de DNS, DHCP e IPAM
Cómo mejorar la seguridad de los servicios de DNS, DHCP e IPAMCómo mejorar la seguridad de los servicios de DNS, DHCP e IPAM
Cómo mejorar la seguridad de los servicios de DNS, DHCP e IPAM
 
Cyber crime v3
Cyber crime v3Cyber crime v3
Cyber crime v3
 
Content Analysis System and Advanced Threat Protection
Content Analysis System and Advanced Threat ProtectionContent Analysis System and Advanced Threat Protection
Content Analysis System and Advanced Threat Protection
 
Advanced Threat Protection - Sandboxing 101
Advanced Threat Protection - Sandboxing 101Advanced Threat Protection - Sandboxing 101
Advanced Threat Protection - Sandboxing 101
 
Advanced DNS Protection
Advanced DNS ProtectionAdvanced DNS Protection
Advanced DNS Protection
 
DNS Security Presentation ISSA
DNS Security Presentation ISSADNS Security Presentation ISSA
DNS Security Presentation ISSA
 

Ähnlich wie Securing the Human (人を守るセキュリティ)

Best practices for mobile enterprise security and the importance of endpoint ...
Best practices for mobile enterprise security and the importance of endpoint ...Best practices for mobile enterprise security and the importance of endpoint ...
Best practices for mobile enterprise security and the importance of endpoint ...Chris Pepin
 
White Paper: Securing Nomadic Workforce
White Paper: Securing Nomadic WorkforceWhite Paper: Securing Nomadic Workforce
White Paper: Securing Nomadic WorkforceCourtland Smith
 
Faster, simpler, more secure remote access to apps in aws
Faster, simpler, more secure remote access to apps in awsFaster, simpler, more secure remote access to apps in aws
Faster, simpler, more secure remote access to apps in awsZscaler
 
Undgå sikkerhedstrusler med Security Intelligence. Filip Schepers, IBM
Undgå sikkerhedstrusler med Security Intelligence. Filip Schepers, IBMUndgå sikkerhedstrusler med Security Intelligence. Filip Schepers, IBM
Undgå sikkerhedstrusler med Security Intelligence. Filip Schepers, IBMIBM Danmark
 
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas WespiIT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas WespiIBM Switzerland
 
Smarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst ServicesSmarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst ServicesChris Pepin
 
The Identity-infused Enterprise
The Identity-infused EnterpriseThe Identity-infused Enterprise
The Identity-infused EnterpriseNovell
 
Seizing the BYOD Opportunity
Seizing the BYOD OpportunitySeizing the BYOD Opportunity
Seizing the BYOD OpportunityJuniper Networks
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Managementjustinkallhoff
 
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNetAWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNetAmazon Web Services
 
Cs a multi-national oil and gas company
Cs a multi-national oil and gas companyCs a multi-national oil and gas company
Cs a multi-national oil and gas companyLiora R. Herman
 
Udi and juniper networks BYOD
Udi and juniper networks BYODUdi and juniper networks BYOD
Udi and juniper networks BYODstefriche0199
 
Cyberoam: il futuro della network security!
Cyberoam: il futuro della network security!Cyberoam: il futuro della network security!
Cyberoam: il futuro della network security!Team Sistemi
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Zscaler
 
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...Acrodex
 
Cw13 securing your journey to the cloud by rami naccache-trend micro
Cw13 securing your journey to the cloud by rami naccache-trend microCw13 securing your journey to the cloud by rami naccache-trend micro
Cw13 securing your journey to the cloud by rami naccache-trend microTheInevitableCloud
 
Top Security Trends for 2013
Top Security Trends for 2013Top Security Trends for 2013
Top Security Trends for 2013Imperva
 
Pulse 2014.mobile first.security
Pulse 2014.mobile first.securityPulse 2014.mobile first.security
Pulse 2014.mobile first.securitySreeni Pamidala
 
Fadi El Moussa Secure Cloud 2012 V2
Fadi El Moussa Secure Cloud 2012 V2Fadi El Moussa Secure Cloud 2012 V2
Fadi El Moussa Secure Cloud 2012 V2fadielmoussa
 

Ähnlich wie Securing the Human (人を守るセキュリティ) (20)

Best practices for mobile enterprise security and the importance of endpoint ...
Best practices for mobile enterprise security and the importance of endpoint ...Best practices for mobile enterprise security and the importance of endpoint ...
Best practices for mobile enterprise security and the importance of endpoint ...
 
White Paper: Securing Nomadic Workforce
White Paper: Securing Nomadic WorkforceWhite Paper: Securing Nomadic Workforce
White Paper: Securing Nomadic Workforce
 
Faster, simpler, more secure remote access to apps in aws
Faster, simpler, more secure remote access to apps in awsFaster, simpler, more secure remote access to apps in aws
Faster, simpler, more secure remote access to apps in aws
 
Undgå sikkerhedstrusler med Security Intelligence. Filip Schepers, IBM
Undgå sikkerhedstrusler med Security Intelligence. Filip Schepers, IBMUndgå sikkerhedstrusler med Security Intelligence. Filip Schepers, IBM
Undgå sikkerhedstrusler med Security Intelligence. Filip Schepers, IBM
 
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas WespiIT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
IT Security Bedrohungen optimal abwehren_Tom Turner und Andreas Wespi
 
Smarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst ServicesSmarter Commerce Summit - IBM MobileFirst Services
Smarter Commerce Summit - IBM MobileFirst Services
 
The Identity-infused Enterprise
The Identity-infused EnterpriseThe Identity-infused Enterprise
The Identity-infused Enterprise
 
Seizing the BYOD Opportunity
Seizing the BYOD OpportunitySeizing the BYOD Opportunity
Seizing the BYOD Opportunity
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Management
 
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNetAWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet
AWS Summit 2011: Cloud Compliance 101: No PhD required - SafeNet
 
Cs a multi-national oil and gas company
Cs a multi-national oil and gas companyCs a multi-national oil and gas company
Cs a multi-national oil and gas company
 
Udi and juniper networks BYOD
Udi and juniper networks BYODUdi and juniper networks BYOD
Udi and juniper networks BYOD
 
Cyberoam: il futuro della network security!
Cyberoam: il futuro della network security!Cyberoam: il futuro della network security!
Cyberoam: il futuro della network security!
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?
 
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
 
Cw13 securing your journey to the cloud by rami naccache-trend micro
Cw13 securing your journey to the cloud by rami naccache-trend microCw13 securing your journey to the cloud by rami naccache-trend micro
Cw13 securing your journey to the cloud by rami naccache-trend micro
 
Top Security Trends for 2013
Top Security Trends for 2013Top Security Trends for 2013
Top Security Trends for 2013
 
Pulse 2014.mobile first.security
Pulse 2014.mobile first.securityPulse 2014.mobile first.security
Pulse 2014.mobile first.security
 
Fadi El Moussa Secure Cloud 2012 V2
Fadi El Moussa Secure Cloud 2012 V2Fadi El Moussa Secure Cloud 2012 V2
Fadi El Moussa Secure Cloud 2012 V2
 
Lime access 2013-en
Lime access 2013-enLime access 2013-en
Lime access 2013-en
 

Mehr von itforum-roundtable

2016年9月9日開催 Security Vision 2016 名古屋 伊東氏 講演資料
2016年9月9日開催 Security Vision 2016 名古屋 伊東氏 講演資料2016年9月9日開催 Security Vision 2016 名古屋 伊東氏 講演資料
2016年9月9日開催 Security Vision 2016 名古屋 伊東氏 講演資料itforum-roundtable
 
2016年9月6日開催 Security Vision 2016 東京 伊東氏 講演資料
2016年9月6日開催 Security Vision 2016 東京 伊東氏 講演資料2016年9月6日開催 Security Vision 2016 東京 伊東氏 講演資料
2016年9月6日開催 Security Vision 2016 東京 伊東氏 講演資料itforum-roundtable
 
政府機関における情報セキュリティ対策について
政府機関における情報セキュリティ対策について政府機関における情報セキュリティ対策について
政府機関における情報セキュリティ対策についてitforum-roundtable
 
2013年の最新セキュリティ課題に組織的に対応するには?
2013年の最新セキュリティ課題に組織的に対応するには?2013年の最新セキュリティ課題に組織的に対応するには?
2013年の最新セキュリティ課題に組織的に対応するには?itforum-roundtable
 
サイバー攻撃の新たな攻撃手法と、地方自治体組織および公共サービス事業体における有効な情報セキュリティ対策の実践
サイバー攻撃の新たな攻撃手法と、地方自治体組織および公共サービス事業体における有効な情報セキュリティ対策の実践サイバー攻撃の新たな攻撃手法と、地方自治体組織および公共サービス事業体における有効な情報セキュリティ対策の実践
サイバー攻撃の新たな攻撃手法と、地方自治体組織および公共サービス事業体における有効な情報セキュリティ対策の実践itforum-roundtable
 
最近の事例におけるサイバー攻撃の傾向と対策
最近の事例におけるサイバー攻撃の傾向と対策最近の事例におけるサイバー攻撃の傾向と対策
最近の事例におけるサイバー攻撃の傾向と対策itforum-roundtable
 
サイバー攻撃の脅威が増大する中、 我が国の情報セキュリティ政策の現状
サイバー攻撃の脅威が増大する中、 我が国の情報セキュリティ政策の現状サイバー攻撃の脅威が増大する中、 我が国の情報セキュリティ政策の現状
サイバー攻撃の脅威が増大する中、 我が国の情報セキュリティ政策の現状itforum-roundtable
 

Mehr von itforum-roundtable (7)

2016年9月9日開催 Security Vision 2016 名古屋 伊東氏 講演資料
2016年9月9日開催 Security Vision 2016 名古屋 伊東氏 講演資料2016年9月9日開催 Security Vision 2016 名古屋 伊東氏 講演資料
2016年9月9日開催 Security Vision 2016 名古屋 伊東氏 講演資料
 
2016年9月6日開催 Security Vision 2016 東京 伊東氏 講演資料
2016年9月6日開催 Security Vision 2016 東京 伊東氏 講演資料2016年9月6日開催 Security Vision 2016 東京 伊東氏 講演資料
2016年9月6日開催 Security Vision 2016 東京 伊東氏 講演資料
 
政府機関における情報セキュリティ対策について
政府機関における情報セキュリティ対策について政府機関における情報セキュリティ対策について
政府機関における情報セキュリティ対策について
 
2013年の最新セキュリティ課題に組織的に対応するには?
2013年の最新セキュリティ課題に組織的に対応するには?2013年の最新セキュリティ課題に組織的に対応するには?
2013年の最新セキュリティ課題に組織的に対応するには?
 
サイバー攻撃の新たな攻撃手法と、地方自治体組織および公共サービス事業体における有効な情報セキュリティ対策の実践
サイバー攻撃の新たな攻撃手法と、地方自治体組織および公共サービス事業体における有効な情報セキュリティ対策の実践サイバー攻撃の新たな攻撃手法と、地方自治体組織および公共サービス事業体における有効な情報セキュリティ対策の実践
サイバー攻撃の新たな攻撃手法と、地方自治体組織および公共サービス事業体における有効な情報セキュリティ対策の実践
 
最近の事例におけるサイバー攻撃の傾向と対策
最近の事例におけるサイバー攻撃の傾向と対策最近の事例におけるサイバー攻撃の傾向と対策
最近の事例におけるサイバー攻撃の傾向と対策
 
サイバー攻撃の脅威が増大する中、 我が国の情報セキュリティ政策の現状
サイバー攻撃の脅威が増大する中、 我が国の情報セキュリティ政策の現状サイバー攻撃の脅威が増大する中、 我が国の情報セキュリティ政策の現状
サイバー攻撃の脅威が増大する中、 我が国の情報セキュリティ政策の現状
 

Kürzlich hochgeladen

A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditSkynet Technologies
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 

Kürzlich hochgeladen (20)

A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance Audit
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 

Securing the Human (人を守るセキュリティ)

  • 1. Securing the Human: Challenges and Success Stories Dr. Hugh Thompson Chief Security Strategist and Senior Vice President © Blue Coat Systems, Inc. 2012.
  • 2. © Blue Coat Systems, Inc. 2012.
  • 3. © Blue Coat Systems, Inc. 2012.
  • 4. The Shifting IT Environment © Blue Coat Systems, Inc. 2012.
  • 5. Shift: Attackers • Attackers are becoming organized and profit-driven • Attackers are turning to a blend of technical and human attacks • An entire underground economy has been created: – Meeting place for buyers and sellers (chat rooms, auction sites, etc.) – What they are trading: vulnerabilities, botnet time, credit card numbers, PII, … – New ways to exchange of “value” anonymously and in non- sovereign currency © Blue Coat Systems, Inc. 2012.
  • 6.
  • 7. Shift: Consumerization • Shift in technology power – from the enterprise to the individual • Employee-owned devices are now more powerful than company-provided devices • Rogue/shadow IT is large and growing as individuals now have greater choices with technology © Blue Coat Systems, Inc. 2012.
  • 8. Shift: Growing complexity/credibility of attacks • It is becoming harder for users to make good security/risk choices – Bad neighborhoods online are looking like good neighborhoods online – Phishing emails use shortened URLS and are increasingly credible – Bad URLs coming in from “trusted” sources • Safety nets are eroding – Desktop AV often not present or unreliable on BYOD – New malware being generated quickly, reducing the effectiveness of AV signatures © Blue Coat Systems, Inc. 2012.
  • 9. © Blue Coat Systems, Inc. 2012.
  • 10. WARNING! SHARKMAGEDDON!! © Blue Coat Systems, Inc. 2012.
  • 11.
  • 12.
  • 13.
  • 14. Behind the numbers • Worldwide shark attacks rose from 63 to 79 in 2010. • Much of the increase was due to two very angry sharks in Egypt! © Blue Coat Systems, Inc. 2012.
  • 15. Hackernomics In the absence of security education or experience, people (customers, managers, developers, testers, designers) naturally make poor security decisions with technology Corollary: Systems need to be easy to use securely and difficult to use insecurely © Blue Coat Systems, Inc. 2012.
  • 16. © Blue Coat Systems, Inc. 2012.
  • 17. © Blue Coat Systems, Inc. 2012. 17
  • 18. Haccident (hacking accident) An undesirable or unfortunate happening that occurs unintentionally by users making security mistakes when using technology. © Blue Coat Systems, Inc. 2012.
  • 19. © Blue Coat Systems, Inc. 2012.
  • 20. © Blue Coat Systems, Inc. 2012.
  • 21. Bob door slide © Blue Coat Systems, Inc. 2012.
  • 22. © Blue Coat Systems, Inc. 2012.
  • 23. © Blue Coat Systems, Inc. 2012.
  • 24. WebPulse Collaborative Defense Proxy Cloud Proxy Packet Cache K9 Third SG Service AV Shaper Flow Party Aware Intelligent Proactive  75 Million Users  New & Emerging Malware  Malnet Tracking Worldwide  Negative Day Defense  Multi-dimensional Ratings  One Billion Daily for Different Content Types  Web & Mobile Application Requests Controls  Real-time Web Filtering in  Consumer & Enterprise 21 Languages  Blocks 3.3M Threats Daily © Blue Coat Systems, Inc. 2012 24
  • 25. Negative Day Defense Negative Day Defense Identifies Negative Day Defense Continues to Block Malnet Infrastructure and Blocks New Components UTM AV Engines Begin Detection Policy applied Active Threat Phase -30 Days 0 Day +1 Days +30 Days Infrastructure Phase New Subnet, Exploit Attack Dynamic Payload Attack IP Address Server Begins Changes Domain Ends and Host Name © Blue Coat Systems, Inc. 2012 25
  • 26. Enabling the Real-Time Enterprise Single Device Multiple Devices Owned by IT Devices Owned by Employee Office-Based Users Always-on Remote & Users & on Private WAN Mobile Workers, Networks Controlled by IT Public Access Enterprise Apps Store & Enterprise Apps Applications Consumer Style Apps Sanctioned by IT Mandated by Users Securing the Securing the Perimeter Security User © Blue Coat Systems, Inc. 2012 26
  • 27. No Intranet Access Choppy Video VPN Error Inaudible Voice Multiple Logins Required Malware Exposure © Blue Coat Systems, Inc. 2012.
  • 28. Fast Response Time Streaming Video & Voice Seamless Access to Apps Malware Protected One, Secure Login Greater Productivity © Blue Coat Systems, Inc. 2012.
  • 29. © Blue Coat Systems, Inc. 2012.
  • 30. Summary • The threat landscape is changing – attackers are going after both technical vulnerabilities and human vulnerabilities • We must be proactive in stopping threats • Preventing bad user choices is a key component of a comprehensive security solution © Blue Coat Systems, Inc. 2012.