Think Big Data Analytics can't help you with your security? Do these stats make you nervous?
Attackers Moving Faster, defenses are not; 5 out of 6 large companies attacked; a 40% increase over 2013
More than 317 million new pieces of malware created last year; 1 million new threats created daily
60% of all targeted attacks struck small- and medium-sized organizations
Retail Remains Hot Spot for Identities: 1 billion stolen in the last 2 years; 59% of all identities exposed in 2014 came from the retail sector
Top 5 zero-days left companies without a patch for 295 days
Digital extortion on the rise: 113% increase in ransomeware; 45 times more people had their devices held hostage by vicious crypto-ransomeware
Malware gets smarter -- 28% of all malware was “virtual machine aware “
2014 had an all-time high of 24 discovered zero-day vulnerabilities
4. Security
Analy5cs
Market|
Focus
Shi`ing
from
SIEMs
to
Analy5cs
Plahorms
4
A#acks
are
More
Sophis5cated
Breaches
and
a9acks
(external
or
insider)
are
ever
more
sophis6cated,
polymorphic,
and
go
undetected
for
extremely
long
periods
of
6me
Tradi5onal
Methods
Do
Not
Scale
Tradi6onal
rules,
signatures,
preven6on,
access
management,
and
even
more
recent
sandboxing
approaches
are
not
sufficient
Analyst
Fa5gue
is
Rampant
Analysts
are
suffering
from
too
many
alerts
and
false
posi6ves,
and
companies
are
unable
to
scale
the
skills
and
personnel
needed
Rise
of
Security
Analy5cs
Increasingly
organiza6ons
are
seeking
big
data,
analy6cs,
and
machine
learning
to
address
the
scale,
a9ack
sophis6ca6on,
and
skill
set
shortage
5. C L O U D
5
What
if
…
Apply
Context
Correlate
&
Priori6ze
• We
could
collect
info
from
every
endpoint,
network
device,
and
server
• We
could
watch
this
data
looking
for
pa9erns
and
anomalies
• We
could
apply
knowledge
and
learning
from
across
global
repositories
of
telemetry
and
intelligence
in
real-‐6me
Indicators
of
Breach
Knowledge
about
URLs,
file
hashes
A9ack
pa9erns
&
actors
Correla6on
across
ecosystems
B U S I N E S S
D E V I C E S
7. Symantec
Speaking
Sessions
• Vendor
User
Roundtable
• Title:
How
Be#er
Analy5cs
will
make
you
a
Security
Rock
Star
• Date
&
Time:
Tuesday,
June
9th
-‐
4:15
pm
–
5:00
pm
in
Chesapeake
D
• Show
Floor
Theater
Session
• Title:
Embrace
Cloud
Security
–
Protect
the
Data,
Kill
the
Password
• Date
&
Time:
Wednesday,
June
10th
-‐
12:45
pm
-‐
1:10
pm
in
Theater
C,
Prince
George's
Hall
C
• CISO
Boardroom
Sessions
• Title:
The
Future
State
of
Adversary
Defense
and
Incident
Response
• Date
&
Time:
Monday,
June
8th:
4:45
pm
–
5:15
pm
&
Wednesday,
June
10th
–
9:15
am
–
9:45am
in
Chesapeake
4
&
5
• Title:
Securing
Informa5on
Any5me
and
Everywhere
• Date
&
Time:
Tuesday,
June
9th:
9:15
am
–
9:45
am
&
Tuesday,
June
9th
–
4:15
pm
–
4:45pm
in
Chesapeake
8
&
9
7