SlideShare a Scribd company logo

201408 fire eye korea user event press roundtable

JunSeok Seo
JunSeok Seo

Threat and Response Combatting Advanced Attacks and Cyber Espionage Dave Merkel, CTO

Technology
1 of 32
Download to read offline
1 Threat and Response Combatting Advanced Attacks and Cyber Espionage Dave Merkel, CTO August 2014 ReimaginedSecurity
2 Insecurity By the Numbers
3 Around the Enterprise in 229 Days 3 Months 6 Months 9 Months 229 Days Median # of days attackers are present on a victim network before detection. Initial Breach of Companies Learned They Were Breached from an External Entity THREAT UNDETECTED REMEDIATION Source: M-Trends Report 2014
4 Broad Sector Targeting • Extremely broad targeting • IP-intensive businesses continually a focus • International business dealings • Increase in Finance and Media/Entertainment is notable
5 The Malware Lifespan: Two Hours 0 50000 100000 150000 200000 250000 300000 350000 0 1 2 3 4 5 6 7 2012 2013 Source: FireEyeLabs MalwareSamples Hours
6 Of Malware Only Exists Once Of Malware Disappears After One Hour 6 Ghost Hunting with Antivirus
7 Maginot Line Report • 1,216 Organizations Reviewed from October 2013 – March 2014 • Sectors Included: Government, Financial Services, Chemicals and Manufacturing, High-tech, Consulting, Energy, Retail, and Healthcare
8 Maginot Line Report • 97% of Organizations Breached • 27% of Attacks Consistent with APT Tools and Tactics • An Average of Over 120 Malware Payloads Bypassed Other Defenses
9 A Global Threat… 1. United States 2. South Korea 3. Canada 4. Japan 5. United Kingdom 6. Germany 7. Switzerland 8. Taiwan 9. Saudi Arabia
10 1 Year After APT1… • APT1 and APT12 threat groups paused operations following the public release of Mandiant’s report • Both groups changed operational infrastructure, replacing what had been exposed in the APT1 report. • Despite specific warnings by the Obama administration, China-based APT activity indicates that the PRC has no intention of abandoning its cyber campaign. Mandiant report, providing evidence linking China-based cyber threat group to the People’s Republic of China (PRC)
11 1 Year After APT1…
12 Anything Working?
13 Wartime vs. Peacetime Mindsets
14 Defense in Depth A military strategy; it seeks to delay rather than prevent the advance of an attacker…Rather than defeating an attacker with a single, strong defensive line, [it] relies on the tendency of an attack to lose momentum over a period of time…Once an attacker has lost momentum…defensive counter- attacks can be mounted on the attacker's weak points [to] drive the attacker back to its original starting position.
15 Defense in Depth A military strategy; it seeks to delay rather than prevent the advance of an attacker…Rather than defeating an attacker with a single, strong defensive line, [it] relies on the tendency of an attack to lose momentum over a period of time…Once an attacker has lost momentum…defensive counter- attacks can be mounted on the attacker's weak points [to] drive the attacker back to its original starting position. Presumes the defensive measure limits or reduces momentum.
16 Defense in Depth – IT Translation An information assurance (IA) concept in which multiple layers of security controls (defense) are placed throughout an information technology (IT) system. Its intent is to provide redundancy in the event a security control fails or a vulnerability is exploited that can cover aspects of personnel, procedural, technical and physical for the duration of the system's life cycle.
17 Defense in Depth – IT Translation An information assurance (IA) concept in which multiple layers of security controls (defense) are placed throughout an information technology (IT) system. Its intent is to provide redundancy in the event a security control fails or a vulnerability is exploited that can cover aspects of personnel, procedural, technical and physical for the duration of the system's life cycle. Presumes the defensive measure was effective in the first place.
18 Defense in Depth FW
19 Defense in Depth FWIDS
20 Defense in Depth FWIDSSIEM
21 Defense in Depth FWIDSSIEMAV
22 Defense in Depth FWIDSSIEMAV Same Model, No Momentum Reduction
23 Defense in Shallow AV FW IDS SIEM
24 Defense in Depth AV FW IDS SIEM Expertise and Forensics? Analytics? Behavior?
25 Multiple approaches to identify attacks at earliest stage Detect Prevent Prevent what you can prevent…it will never be 100% Remediation support and threat intelligence to recover and improve risk posture Resolve Analyze Containment, forensic investigation and kill chain reconstruction REAL TIME The Continuous Threat Prevention Process
26 Multiple approaches to identify attacks at earliest stage Detect Prevent Prevent what you can prevent…it will never be 100% Remediation support and threat intelligence to recover and improve risk posture Resolve Analyze Containment, forensic investigation and kill chain reconstruction REAL TIME The Continuous Threat Prevention Process Make sure executives understand it’s not just “Detect and Prevent” Make sure executives understand you’re dealing with humans attacking you…not malware Make sure executives understand this is continuous…it’s not going away…and may never go away
27 So What’s Working? • War-time Mindset: Acceptance of the New Normal • Beyond Compliance: Look at Efficacy vs. Real Threats and Aligning Budget • Resilience: Ability to Operate Through the Breach
28 Why FireEye?
29 Virtual Machine-Based Model of Detection Purpose-Built for Security Hardened Hypervisor Scalable Portable SECURITY Needs To Be To Address The New Threat Landscape FINDS KNOWN/ UNKNOWN CYBER-ATTACKS IN REALTIMEACROSSALLVECTORS
30 FireEye Managed Defense The FireEye MVX Architecture NETWORK EMAIL ENDPOINT MOBILE CONTENT ANALYTICS FORENSICS Dynamic Threat Intelligence Threat Prevention Platforms Powered by MVX TechnologyPowered by MVX Technology
31 Multiple approaches to identify attacks at earliest stage Detect Prevent Prevent what you can prevent…it will never be 100% Remediation support and threat intelligence to recover and improve risk posture Resolve Analyze Containment, forensic investigation and kill chain reconstruction REAL TIME The Continuous Threat Prevention Process
Copyright © 2014, FireEye, Inc. All rights reserved. 32 ReimaginedSecurity ReimaginedSecurity Thank You

Recommended

Understanding Cyber Attack - Cyber Kill Chain.pdf
Understanding Cyber Attack - Cyber Kill Chain.pdfUnderstanding Cyber Attack - Cyber Kill Chain.pdf
Understanding Cyber Attack - Cyber Kill Chain.pdfslametarrokhim1
 
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...Outpost24
 
Responding to and recovering from sophisticated security attacks
Responding to and recovering from sophisticated security attacksResponding to and recovering from sophisticated security attacks
Responding to and recovering from sophisticated security attacksIBM
 
Iso27001 Risk Assessment Approach
Iso27001 Risk Assessment ApproachIso27001 Risk Assessment Approach
Iso27001 Risk Assessment Approachtschraider
 
Ransomware 2020 Report
Ransomware 2020 ReportRansomware 2020 Report
Ransomware 2020 ReportFortis
 
The Economics of Cyber Security
The Economics of Cyber SecurityThe Economics of Cyber Security
The Economics of Cyber SecurityJohn Gilligan
 
Top Level Cyber Security Strategy
Top Level Cyber Security Strategy Top Level Cyber Security Strategy
Top Level Cyber Security Strategy John Gilligan
 
Information Secuirty Vulnerability Management
Information Secuirty Vulnerability ManagementInformation Secuirty Vulnerability Management
Information Secuirty Vulnerability Managementtschraider
 

Recommended

Understanding Cyber Attack - Cyber Kill Chain.pdf
Understanding Cyber Attack - Cyber Kill Chain.pdfUnderstanding Cyber Attack - Cyber Kill Chain.pdf
Understanding Cyber Attack - Cyber Kill Chain.pdfslametarrokhim1
 
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...
Outpost24 webinar - Differentiating vulnerabilities from risks to reduce time...Outpost24
 
Responding to and recovering from sophisticated security attacks
Responding to and recovering from sophisticated security attacksResponding to and recovering from sophisticated security attacks
Responding to and recovering from sophisticated security attacksIBM
 
Iso27001 Risk Assessment Approach
Iso27001 Risk Assessment ApproachIso27001 Risk Assessment Approach
Iso27001 Risk Assessment Approachtschraider
 
Ransomware 2020 Report
Ransomware 2020 ReportRansomware 2020 Report
Ransomware 2020 ReportFortis
 
The Economics of Cyber Security
The Economics of Cyber SecurityThe Economics of Cyber Security
The Economics of Cyber SecurityJohn Gilligan
 
Top Level Cyber Security Strategy
Top Level Cyber Security Strategy Top Level Cyber Security Strategy
Top Level Cyber Security Strategy John Gilligan
 
Information Secuirty Vulnerability Management
Information Secuirty Vulnerability ManagementInformation Secuirty Vulnerability Management
Information Secuirty Vulnerability Managementtschraider
 
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk SummitThe Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk SummitShawn Tuma
 
sophos-four-key-tips-from-incident-response-experts.pdf
sophos-four-key-tips-from-incident-response-experts.pdfsophos-four-key-tips-from-incident-response-experts.pdf
sophos-four-key-tips-from-incident-response-experts.pdfDennis Reyes
 
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply ChainSFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply ChainSouth Tyrol Free Software Conference
 
Cyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentCyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentDavid Sweigert
 
IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015Andreanne Clarke
 
M-Trends® 2011: When Prevention Fails
M-Trends® 2011: When Prevention Fails M-Trends® 2011: When Prevention Fails
M-Trends® 2011: When Prevention Fails FireEye, Inc.
 
M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat FireEye, Inc.
 
M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent Threat M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent ThreatFireEye, Inc.
 
Vendor Cybersecurity Governance: Scaling the risk
Vendor Cybersecurity Governance: Scaling the riskVendor Cybersecurity Governance: Scaling the risk
Vendor Cybersecurity Governance: Scaling the riskSarah Clarke
 
Vulnerability Management Program
Vulnerability Management ProgramVulnerability Management Program
Vulnerability Management ProgramDennis Chaupis
 
DataShepherd Security
DataShepherd SecurityDataShepherd Security
DataShepherd SecurityJason Newell
 
Big data Propels SIEM into the era of Security Analytics
Big data Propels SIEM into the era of Security Analytics Big data Propels SIEM into the era of Security Analytics
Big data Propels SIEM into the era of Security Analytics EMC
 
Security Maxim
Security MaximSecurity Maxim
Security Maximguest57ee2a2
 
securitymaxims
securitymaximssecuritymaxims
securitymaximsguest61f9c1
 
OSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the UnionOSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the UnionIvanti
 
Information security
Information securityInformation security
Information securityRohit Gir
 
Ch01 overview nemo
Ch01 overview nemoCh01 overview nemo
Ch01 overview nemoMrNitinJainSETAssist
 
Threat Intelligence Tweaks That'll Take Your Security to the Next Level
Threat Intelligence Tweaks That'll Take Your Security to the Next LevelThreat Intelligence Tweaks That'll Take Your Security to the Next Level
Threat Intelligence Tweaks That'll Take Your Security to the Next LevelRecorded Future
 
Cybersecurity - Whose responsibility is it?
Cybersecurity - Whose responsibility is it?Cybersecurity - Whose responsibility is it?
Cybersecurity - Whose responsibility is it?Armor
 
Improve Your Threat Intelligence Strategy With These Ideas
Improve Your Threat Intelligence Strategy With These IdeasImprove Your Threat Intelligence Strategy With These Ideas
Improve Your Threat Intelligence Strategy With These IdeasRecorded Future
 
Embedded government espionage
Embedded government espionageEmbedded government espionage
Embedded government espionageMuts Byte
 
Cyber Espionage: A Digital License To Kill?
Cyber Espionage: A Digital License To Kill?Cyber Espionage: A Digital License To Kill?
Cyber Espionage: A Digital License To Kill?F-Secure Corporation
 

More Related Content

What's hot

The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk SummitThe Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk SummitShawn Tuma
 
sophos-four-key-tips-from-incident-response-experts.pdf
sophos-four-key-tips-from-incident-response-experts.pdfsophos-four-key-tips-from-incident-response-experts.pdf
sophos-four-key-tips-from-incident-response-experts.pdfDennis Reyes
 
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply ChainSFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply ChainSouth Tyrol Free Software Conference
 
Cyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentCyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentDavid Sweigert
 
IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015Andreanne Clarke
 
M-Trends® 2011: When Prevention Fails
M-Trends® 2011: When Prevention Fails M-Trends® 2011: When Prevention Fails
M-Trends® 2011: When Prevention Fails FireEye, Inc.
 
M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat FireEye, Inc.
 
M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent Threat M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent ThreatFireEye, Inc.
 
Vendor Cybersecurity Governance: Scaling the risk
Vendor Cybersecurity Governance: Scaling the riskVendor Cybersecurity Governance: Scaling the risk
Vendor Cybersecurity Governance: Scaling the riskSarah Clarke
 
Vulnerability Management Program
Vulnerability Management ProgramVulnerability Management Program
Vulnerability Management ProgramDennis Chaupis
 
DataShepherd Security
DataShepherd SecurityDataShepherd Security
DataShepherd SecurityJason Newell
 
Big data Propels SIEM into the era of Security Analytics
Big data Propels SIEM into the era of Security Analytics Big data Propels SIEM into the era of Security Analytics
Big data Propels SIEM into the era of Security Analytics EMC
 
OSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the UnionOSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the UnionIvanti
 
Information security
Information securityInformation security
Information securityRohit Gir
 
Threat Intelligence Tweaks That'll Take Your Security to the Next Level
Threat Intelligence Tweaks That'll Take Your Security to the Next LevelThreat Intelligence Tweaks That'll Take Your Security to the Next Level
Threat Intelligence Tweaks That'll Take Your Security to the Next LevelRecorded Future
 
Cybersecurity - Whose responsibility is it?
Cybersecurity - Whose responsibility is it?Cybersecurity - Whose responsibility is it?
Cybersecurity - Whose responsibility is it?Armor
 
Improve Your Threat Intelligence Strategy With These Ideas
Improve Your Threat Intelligence Strategy With These IdeasImprove Your Threat Intelligence Strategy With These Ideas
Improve Your Threat Intelligence Strategy With These IdeasRecorded Future
 

What's hot (20)

The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk SummitThe Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
The Legal Case for Cyber Risk Management - InfoSec World Privacy & Risk Summit
 
sophos-four-key-tips-from-incident-response-experts.pdf
sophos-four-key-tips-from-incident-response-experts.pdfsophos-four-key-tips-from-incident-response-experts.pdf
sophos-four-key-tips-from-incident-response-experts.pdf
 
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply ChainSFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
SFScon 21 - Matteo Falsetti - Cybersecurity Management in the Supply Chain
 
Cyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public CommentCyber Incident Response Team - NIMS - Public Comment
Cyber Incident Response Team - NIMS - Public Comment
 
IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015
 
M-Trends® 2011: When Prevention Fails
M-Trends® 2011: When Prevention Fails M-Trends® 2011: When Prevention Fails
M-Trends® 2011: When Prevention Fails
 
M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat M-Trends® 2012: An Evolving Threat
M-Trends® 2012: An Evolving Threat
 
M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent Threat M-Trends® 2010: The Advanced Persistent Threat
M-Trends® 2010: The Advanced Persistent Threat
 
Vendor Cybersecurity Governance: Scaling the risk
Vendor Cybersecurity Governance: Scaling the riskVendor Cybersecurity Governance: Scaling the risk
Vendor Cybersecurity Governance: Scaling the risk
 
Vulnerability Management Program
Vulnerability Management ProgramVulnerability Management Program
Vulnerability Management Program
 
DataShepherd Security
DataShepherd SecurityDataShepherd Security
DataShepherd Security
 
Big data Propels SIEM into the era of Security Analytics
Big data Propels SIEM into the era of Security Analytics Big data Propels SIEM into the era of Security Analytics
Big data Propels SIEM into the era of Security Analytics
 
Security Maxim
Security MaximSecurity Maxim
Security Maxim
 
securitymaxims
securitymaximssecuritymaxims
securitymaxims
 
OSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the UnionOSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the Union
 
Information security
Information securityInformation security
Information security
 
Ch01 overview nemo
Ch01 overview nemoCh01 overview nemo
Ch01 overview nemo
 
Threat Intelligence Tweaks That'll Take Your Security to the Next Level
Threat Intelligence Tweaks That'll Take Your Security to the Next LevelThreat Intelligence Tweaks That'll Take Your Security to the Next Level
Threat Intelligence Tweaks That'll Take Your Security to the Next Level
 
Cybersecurity - Whose responsibility is it?
Cybersecurity - Whose responsibility is it?Cybersecurity - Whose responsibility is it?
Cybersecurity - Whose responsibility is it?
 
Improve Your Threat Intelligence Strategy With These Ideas
Improve Your Threat Intelligence Strategy With These IdeasImprove Your Threat Intelligence Strategy With These Ideas
Improve Your Threat Intelligence Strategy With These Ideas
 

Viewers also liked

Embedded government espionage
Embedded government espionageEmbedded government espionage
Embedded government espionageMuts Byte
 
Cyber Espionage: A Digital License To Kill?
Cyber Espionage: A Digital License To Kill?Cyber Espionage: A Digital License To Kill?
Cyber Espionage: A Digital License To Kill?F-Secure Corporation
 
China all up in your business: Annoying Persistant Threat - Dave Ockwell-Jenn...
China all up in your business: Annoying Persistant Threat - Dave Ockwell-Jenn...China all up in your business: Annoying Persistant Threat - Dave Ockwell-Jenn...
China all up in your business: Annoying Persistant Threat - Dave Ockwell-Jenn...OWASP Ottawa
 
Tracking GhostNet: Investigating a Cyber Espionage Network
Tracking GhostNet: Investigating a Cyber Espionage NetworkTracking GhostNet: Investigating a Cyber Espionage Network
Tracking GhostNet: Investigating a Cyber Espionage Networkguesta33b66
 
XML Attack Surface - Pierre Ernst (OWASP Ottawa)
XML Attack Surface - Pierre Ernst (OWASP Ottawa)XML Attack Surface - Pierre Ernst (OWASP Ottawa)
XML Attack Surface - Pierre Ernst (OWASP Ottawa)OWASP Ottawa
 
Security Code Review for .NET - Sherif Koussa (OWASP Ottawa)
Security Code Review for .NET - Sherif Koussa (OWASP Ottawa)Security Code Review for .NET - Sherif Koussa (OWASP Ottawa)
Security Code Review for .NET - Sherif Koussa (OWASP Ottawa)OWASP Ottawa
 
Taming worms, rats, dragons & more
Taming worms, rats, dragons & moreTaming worms, rats, dragons & more
Taming worms, rats, dragons & moreChristiaan Beek
 

Viewers also liked (7)

Embedded government espionage
Embedded government espionageEmbedded government espionage
Embedded government espionage
 
Cyber Espionage: A Digital License To Kill?
Cyber Espionage: A Digital License To Kill?Cyber Espionage: A Digital License To Kill?
Cyber Espionage: A Digital License To Kill?
 
China all up in your business: Annoying Persistant Threat - Dave Ockwell-Jenn...
China all up in your business: Annoying Persistant Threat - Dave Ockwell-Jenn...China all up in your business: Annoying Persistant Threat - Dave Ockwell-Jenn...
China all up in your business: Annoying Persistant Threat - Dave Ockwell-Jenn...
 
Tracking GhostNet: Investigating a Cyber Espionage Network
Tracking GhostNet: Investigating a Cyber Espionage NetworkTracking GhostNet: Investigating a Cyber Espionage Network
Tracking GhostNet: Investigating a Cyber Espionage Network
 
XML Attack Surface - Pierre Ernst (OWASP Ottawa)
XML Attack Surface - Pierre Ernst (OWASP Ottawa)XML Attack Surface - Pierre Ernst (OWASP Ottawa)
XML Attack Surface - Pierre Ernst (OWASP Ottawa)
 
Security Code Review for .NET - Sherif Koussa (OWASP Ottawa)
Security Code Review for .NET - Sherif Koussa (OWASP Ottawa)Security Code Review for .NET - Sherif Koussa (OWASP Ottawa)
Security Code Review for .NET - Sherif Koussa (OWASP Ottawa)
 
Taming worms, rats, dragons & more
Taming worms, rats, dragons & moreTaming worms, rats, dragons & more
Taming worms, rats, dragons & more
 

Similar to 201408 fire eye korea user event press roundtable

Strategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksStrategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksMatthew Rosenquist
 
Defending Against Advanced Threats-Addressing the Cyber Kill Chain_FINAL
Defending Against Advanced Threats-Addressing the Cyber Kill Chain_FINALDefending Against Advanced Threats-Addressing the Cyber Kill Chain_FINAL
Defending Against Advanced Threats-Addressing the Cyber Kill Chain_FINALMichael Bunn
 
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie AheadRethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie AheadOpenDNS
 
Introduction to Computer Security
Introduction to Computer SecurityIntroduction to Computer Security
Introduction to Computer SecurityKamal Acharya
 
Symantec cyber-resilience
Symantec cyber-resilienceSymantec cyber-resilience
Symantec cyber-resilienceSymantec
 
Connecting the Dots Between Your Threat Tntelligence Tradecraft and Business ...
Connecting the Dots Between Your Threat Tntelligence Tradecraft and Business ...Connecting the Dots Between Your Threat Tntelligence Tradecraft and Business ...
Connecting the Dots Between Your Threat Tntelligence Tradecraft and Business ...SurfWatch Labs
 
Outsmarting the Attackers A Deep Dive into Threat Intelligence.docx
Outsmarting the Attackers A Deep Dive into Threat Intelligence.docxOutsmarting the Attackers A Deep Dive into Threat Intelligence.docx
Outsmarting the Attackers A Deep Dive into Threat Intelligence.docxmanas23pgdm157
 
Enterprise security management II
Enterprise security management IIEnterprise security management II
Enterprise security management IIzapp0
 
Proactive Security - Principled Aspiration or Marketing Buzzword?
Proactive Security - Principled Aspiration or Marketing Buzzword?Proactive Security - Principled Aspiration or Marketing Buzzword?
Proactive Security - Principled Aspiration or Marketing Buzzword?nathan816428
 
Preparing for future attacks. Solution Brief: Implementing the right securit...
Preparing for future attacks. Solution Brief: Implementing the right securit...Preparing for future attacks. Solution Brief: Implementing the right securit...
Preparing for future attacks. Solution Brief: Implementing the right securit...Symantec
 
Cyber Security Audit.pdf
Cyber Security Audit.pdfCyber Security Audit.pdf
Cyber Security Audit.pdfVograce
 
Future Cyber Attacks & Solution - Symantec
Future Cyber Attacks & Solution - SymantecFuture Cyber Attacks & Solution - Symantec
Future Cyber Attacks & Solution - SymantecCheapSSLsecurity
 
Preparing for future attacks - the right security strategy
Preparing for future attacks - the right security strategyPreparing for future attacks - the right security strategy
Preparing for future attacks - the right security strategyRapidSSLOnline.com
 
What is Managed Detection and Response (MDR) Security Services?
What is Managed Detection and Response (MDR) Security Services?What is Managed Detection and Response (MDR) Security Services?
What is Managed Detection and Response (MDR) Security Services?SafeAeon Inc.
 
Best Open Threat Management Platform in USA
Best Open Threat Management Platform in USABest Open Threat Management Platform in USA
Best Open Threat Management Platform in USACompanySeceon
 
Ransomware: Can you protect against attacks?
Ransomware: Can you protect against attacks?Ransomware: Can you protect against attacks?
Ransomware: Can you protect against attacks?Osirium Limited
 
Module 3 - Information Assurance Concepts.pdf
Module 3 - Information Assurance Concepts.pdfModule 3 - Information Assurance Concepts.pdf
Module 3 - Information Assurance Concepts.pdfPercivalAdao7
 
CROs must be part of the cybersecurity solution by david x martin
CROs must be part of the cybersecurity solution by david x martinCROs must be part of the cybersecurity solution by david x martin
CROs must be part of the cybersecurity solution by david x martinDavid X Martin
 

Similar to 201408 fire eye korea user event press roundtable (20)

Strategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity RisksStrategic Leadership for Managing Evolving Cybersecurity Risks
Strategic Leadership for Managing Evolving Cybersecurity Risks
 
Defending Against Advanced Threats-Addressing the Cyber Kill Chain_FINAL
Defending Against Advanced Threats-Addressing the Cyber Kill Chain_FINALDefending Against Advanced Threats-Addressing the Cyber Kill Chain_FINAL
Defending Against Advanced Threats-Addressing the Cyber Kill Chain_FINAL
 
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie AheadRethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
 
Introduction to Computer Security
Introduction to Computer SecurityIntroduction to Computer Security
Introduction to Computer Security
 
Symantec cyber-resilience
Symantec cyber-resilienceSymantec cyber-resilience
Symantec cyber-resilience
 
Connecting the Dots Between Your Threat Tntelligence Tradecraft and Business ...
Connecting the Dots Between Your Threat Tntelligence Tradecraft and Business ...Connecting the Dots Between Your Threat Tntelligence Tradecraft and Business ...
Connecting the Dots Between Your Threat Tntelligence Tradecraft and Business ...
 
Outsmarting the Attackers A Deep Dive into Threat Intelligence.docx
Outsmarting the Attackers A Deep Dive into Threat Intelligence.docxOutsmarting the Attackers A Deep Dive into Threat Intelligence.docx
Outsmarting the Attackers A Deep Dive into Threat Intelligence.docx
 
Enterprise security management II
Enterprise security management IIEnterprise security management II
Enterprise security management II
 
Threat Hunters
Threat HuntersThreat Hunters
Threat Hunters
 
Proactive Security - Principled Aspiration or Marketing Buzzword?
Proactive Security - Principled Aspiration or Marketing Buzzword?Proactive Security - Principled Aspiration or Marketing Buzzword?
Proactive Security - Principled Aspiration or Marketing Buzzword?
 
Preparing for future attacks. Solution Brief: Implementing the right securit...
Preparing for future attacks. Solution Brief: Implementing the right securit...Preparing for future attacks. Solution Brief: Implementing the right securit...
Preparing for future attacks. Solution Brief: Implementing the right securit...
 
Cyber Security Audit.pdf
Cyber Security Audit.pdfCyber Security Audit.pdf
Cyber Security Audit.pdf
 
Future Cyber Attacks & Solution - Symantec
Future Cyber Attacks & Solution - SymantecFuture Cyber Attacks & Solution - Symantec
Future Cyber Attacks & Solution - Symantec
 
Preparing for future attacks - the right security strategy
Preparing for future attacks - the right security strategyPreparing for future attacks - the right security strategy
Preparing for future attacks - the right security strategy
 
Cyberwarfare
CyberwarfareCyberwarfare
Cyberwarfare
 
What is Managed Detection and Response (MDR) Security Services?
What is Managed Detection and Response (MDR) Security Services?What is Managed Detection and Response (MDR) Security Services?
What is Managed Detection and Response (MDR) Security Services?
 
Best Open Threat Management Platform in USA
Best Open Threat Management Platform in USABest Open Threat Management Platform in USA
Best Open Threat Management Platform in USA
 
Ransomware: Can you protect against attacks?
Ransomware: Can you protect against attacks?Ransomware: Can you protect against attacks?
Ransomware: Can you protect against attacks?
 
Module 3 - Information Assurance Concepts.pdf
Module 3 - Information Assurance Concepts.pdfModule 3 - Information Assurance Concepts.pdf
Module 3 - Information Assurance Concepts.pdf
 
CROs must be part of the cybersecurity solution by david x martin
CROs must be part of the cybersecurity solution by david x martinCROs must be part of the cybersecurity solution by david x martin
CROs must be part of the cybersecurity solution by david x martin
 

More from JunSeok Seo

Brocade EMC vdx connectrix 발표자료 20150212
Brocade EMC vdx connectrix 발표자료 20150212Brocade EMC vdx connectrix 발표자료 20150212
Brocade EMC vdx connectrix 발표자료 20150212JunSeok Seo
 
알카텔-루슨트 재난안전망 솔루션 소개
알카텔-루슨트 재난안전망 솔루션 소개알카텔-루슨트 재난안전망 솔루션 소개
알카텔-루슨트 재난안전망 솔루션 소개JunSeok Seo
 
2015 01-27 f5코리아 기자간담회 발표자료
2015 01-27 f5코리아 기자간담회 발표자료2015 01-27 f5코리아 기자간담회 발표자료
2015 01-27 f5코리아 기자간담회 발표자료JunSeok Seo
 
Intel 2014 Business Review & IoT Tech Leadership
Intel 2014 Business Review & IoT Tech LeadershipIntel 2014 Business Review & IoT Tech Leadership
Intel 2014 Business Review & IoT Tech LeadershipJunSeok Seo
 
Vision+ tv 그리고 미디어 발표장표 에릭슨엘지
Vision+ tv 그리고 미디어 발표장표 에릭슨엘지Vision+ tv 그리고 미디어 발표장표 에릭슨엘지
Vision+ tv 그리고 미디어 발표장표 에릭슨엘지JunSeok Seo
 
Tv 그리고 미디어 컨슈머랩 리포트 에릭슨엘지
Tv 그리고 미디어 컨슈머랩 리포트 에릭슨엘지Tv 그리고 미디어 컨슈머랩 리포트 에릭슨엘지
Tv 그리고 미디어 컨슈머랩 리포트 에릭슨엘지JunSeok Seo
 
바른손이앤에이 배틀리그 기자간담회 PPT
바른손이앤에이 배틀리그 기자간담회 PPT바른손이앤에이 배틀리그 기자간담회 PPT
바른손이앤에이 배틀리그 기자간담회 PPTJunSeok Seo
 
THE US’s NATIONWIDE PUBLIC SAFETY LTE NETWORK THE GLOBAL ADOPTION OF LTE FOR ...
THE US’s NATIONWIDE PUBLIC SAFETY LTE NETWORK THE GLOBAL ADOPTION OF LTE FOR ...THE US’s NATIONWIDE PUBLIC SAFETY LTE NETWORK THE GLOBAL ADOPTION OF LTE FOR ...
THE US’s NATIONWIDE PUBLIC SAFETY LTE NETWORK THE GLOBAL ADOPTION OF LTE FOR ...JunSeok Seo
 
Device to Intelligence, IOT and Big Data in Oracle
Device to Intelligence, IOT and Big Data in OracleDevice to Intelligence, IOT and Big Data in Oracle
Device to Intelligence, IOT and Big Data in OracleJunSeok Seo
 
Citrix Mobile Work Space
Citrix Mobile Work SpaceCitrix Mobile Work Space
Citrix Mobile Work SpaceJunSeok Seo
 
에릭슨엘지 Networked society day 2014 기자간담회 ceo ppt
에릭슨엘지 Networked society day 2014 기자간담회 ceo ppt에릭슨엘지 Networked society day 2014 기자간담회 ceo ppt
에릭슨엘지 Networked society day 2014 기자간담회 ceo pptJunSeok Seo
 

More from JunSeok Seo (12)

Brocade EMC vdx connectrix 발표자료 20150212
Brocade EMC vdx connectrix 발표자료 20150212Brocade EMC vdx connectrix 발표자료 20150212
Brocade EMC vdx connectrix 발표자료 20150212
 
알카텔-루슨트 재난안전망 솔루션 소개
알카텔-루슨트 재난안전망 솔루션 소개알카텔-루슨트 재난안전망 솔루션 소개
알카텔-루슨트 재난안전망 솔루션 소개
 
2015 01-27 f5코리아 기자간담회 발표자료
2015 01-27 f5코리아 기자간담회 발표자료2015 01-27 f5코리아 기자간담회 발표자료
2015 01-27 f5코리아 기자간담회 발표자료
 
Intel 2014 Business Review & IoT Tech Leadership
Intel 2014 Business Review & IoT Tech LeadershipIntel 2014 Business Review & IoT Tech Leadership
Intel 2014 Business Review & IoT Tech Leadership
 
Vision+ tv 그리고 미디어 발표장표 에릭슨엘지
Vision+ tv 그리고 미디어 발표장표 에릭슨엘지Vision+ tv 그리고 미디어 발표장표 에릭슨엘지
Vision+ tv 그리고 미디어 발표장표 에릭슨엘지
 
Tv 그리고 미디어 컨슈머랩 리포트 에릭슨엘지
Tv 그리고 미디어 컨슈머랩 리포트 에릭슨엘지Tv 그리고 미디어 컨슈머랩 리포트 에릭슨엘지
Tv 그리고 미디어 컨슈머랩 리포트 에릭슨엘지
 
바른손이앤에이 배틀리그 기자간담회 PPT
바른손이앤에이 배틀리그 기자간담회 PPT바른손이앤에이 배틀리그 기자간담회 PPT
바른손이앤에이 배틀리그 기자간담회 PPT
 
THE US’s NATIONWIDE PUBLIC SAFETY LTE NETWORK THE GLOBAL ADOPTION OF LTE FOR ...
THE US’s NATIONWIDE PUBLIC SAFETY LTE NETWORK THE GLOBAL ADOPTION OF LTE FOR ...THE US’s NATIONWIDE PUBLIC SAFETY LTE NETWORK THE GLOBAL ADOPTION OF LTE FOR ...
THE US’s NATIONWIDE PUBLIC SAFETY LTE NETWORK THE GLOBAL ADOPTION OF LTE FOR ...
 
Device to Intelligence, IOT and Big Data in Oracle
Device to Intelligence, IOT and Big Data in OracleDevice to Intelligence, IOT and Big Data in Oracle
Device to Intelligence, IOT and Big Data in Oracle
 
Ci
CiCi
Ci
 
Citrix Mobile Work Space
Citrix Mobile Work SpaceCitrix Mobile Work Space
Citrix Mobile Work Space
 
에릭슨엘지 Networked society day 2014 기자간담회 ceo ppt
에릭슨엘지 Networked society day 2014 기자간담회 ceo ppt에릭슨엘지 Networked society day 2014 기자간담회 ceo ppt
에릭슨엘지 Networked society day 2014 기자간담회 ceo ppt
 

Recently uploaded

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 

Recently uploaded (20)

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 

201408 fire eye korea user event press roundtable

  • 1. 1 Threat and Response Combatting Advanced Attacks and Cyber Espionage Dave Merkel, CTO August 2014 ReimaginedSecurity
  • 3. 3 Around the Enterprise in 229 Days 3 Months 6 Months 9 Months 229 Days Median # of days attackers are present on a victim network before detection. Initial Breach of Companies Learned They Were Breached from an External Entity THREAT UNDETECTED REMEDIATION Source: M-Trends Report 2014
  • 4. 4 Broad Sector Targeting • Extremely broad targeting • IP-intensive businesses continually a focus • International business dealings • Increase in Finance and Media/Entertainment is notable
  • 5. 5 The Malware Lifespan: Two Hours 0 50000 100000 150000 200000 250000 300000 350000 0 1 2 3 4 5 6 7 2012 2013 Source: FireEyeLabs MalwareSamples Hours
  • 6. 6 Of Malware Only Exists Once Of Malware Disappears After One Hour 6 Ghost Hunting with Antivirus
  • 7. 7 Maginot Line Report • 1,216 Organizations Reviewed from October 2013 – March 2014 • Sectors Included: Government, Financial Services, Chemicals and Manufacturing, High-tech, Consulting, Energy, Retail, and Healthcare
  • 8. 8 Maginot Line Report • 97% of Organizations Breached • 27% of Attacks Consistent with APT Tools and Tactics • An Average of Over 120 Malware Payloads Bypassed Other Defenses
  • 9. 9 A Global Threat… 1. United States 2. South Korea 3. Canada 4. Japan 5. United Kingdom 6. Germany 7. Switzerland 8. Taiwan 9. Saudi Arabia
  • 10. 10 1 Year After APT1… • APT1 and APT12 threat groups paused operations following the public release of Mandiant’s report • Both groups changed operational infrastructure, replacing what had been exposed in the APT1 report. • Despite specific warnings by the Obama administration, China-based APT activity indicates that the PRC has no intention of abandoning its cyber campaign. Mandiant report, providing evidence linking China-based cyber threat group to the People’s Republic of China (PRC)
  • 11. 11 1 Year After APT1…
  • 14. 14 Defense in Depth A military strategy; it seeks to delay rather than prevent the advance of an attacker…Rather than defeating an attacker with a single, strong defensive line, [it] relies on the tendency of an attack to lose momentum over a period of time…Once an attacker has lost momentum…defensive counter- attacks can be mounted on the attacker's weak points [to] drive the attacker back to its original starting position.
  • 15. 15 Defense in Depth A military strategy; it seeks to delay rather than prevent the advance of an attacker…Rather than defeating an attacker with a single, strong defensive line, [it] relies on the tendency of an attack to lose momentum over a period of time…Once an attacker has lost momentum…defensive counter- attacks can be mounted on the attacker's weak points [to] drive the attacker back to its original starting position. Presumes the defensive measure limits or reduces momentum.
  • 16. 16 Defense in Depth – IT Translation An information assurance (IA) concept in which multiple layers of security controls (defense) are placed throughout an information technology (IT) system. Its intent is to provide redundancy in the event a security control fails or a vulnerability is exploited that can cover aspects of personnel, procedural, technical and physical for the duration of the system's life cycle.
  • 17. 17 Defense in Depth – IT Translation An information assurance (IA) concept in which multiple layers of security controls (defense) are placed throughout an information technology (IT) system. Its intent is to provide redundancy in the event a security control fails or a vulnerability is exploited that can cover aspects of personnel, procedural, technical and physical for the duration of the system's life cycle. Presumes the defensive measure was effective in the first place.
  • 22. 22 Defense in Depth FWIDSSIEMAV Same Model, No Momentum Reduction
  • 24. 24 Defense in Depth AV FW IDS SIEM Expertise and Forensics? Analytics? Behavior?
  • 25. 25 Multiple approaches to identify attacks at earliest stage Detect Prevent Prevent what you can prevent…it will never be 100% Remediation support and threat intelligence to recover and improve risk posture Resolve Analyze Containment, forensic investigation and kill chain reconstruction REAL TIME The Continuous Threat Prevention Process
  • 26. 26 Multiple approaches to identify attacks at earliest stage Detect Prevent Prevent what you can prevent…it will never be 100% Remediation support and threat intelligence to recover and improve risk posture Resolve Analyze Containment, forensic investigation and kill chain reconstruction REAL TIME The Continuous Threat Prevention Process Make sure executives understand it’s not just “Detect and Prevent” Make sure executives understand you’re dealing with humans attacking you…not malware Make sure executives understand this is continuous…it’s not going away…and may never go away
  • 27. 27 So What’s Working? • War-time Mindset: Acceptance of the New Normal • Beyond Compliance: Look at Efficacy vs. Real Threats and Aligning Budget • Resilience: Ability to Operate Through the Breach
  • 29. 29 Virtual Machine-Based Model of Detection Purpose-Built for Security Hardened Hypervisor Scalable Portable SECURITY Needs To Be To Address The New Threat Landscape FINDS KNOWN/ UNKNOWN CYBER-ATTACKS IN REALTIMEACROSSALLVECTORS
  • 30. 30 FireEye Managed Defense The FireEye MVX Architecture NETWORK EMAIL ENDPOINT MOBILE CONTENT ANALYTICS FORENSICS Dynamic Threat Intelligence Threat Prevention Platforms Powered by MVX TechnologyPowered by MVX Technology
  • 31. 31 Multiple approaches to identify attacks at earliest stage Detect Prevent Prevent what you can prevent…it will never be 100% Remediation support and threat intelligence to recover and improve risk posture Resolve Analyze Containment, forensic investigation and kill chain reconstruction REAL TIME The Continuous Threat Prevention Process
  • 32. Copyright © 2014, FireEye, Inc. All rights reserved. 32 ReimaginedSecurity ReimaginedSecurity Thank You