Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Loading in …3
×
1 of 38

Stay One Step Ahead of Cyber Threats - Check Point

1

Share

Download to read offline

Bob Tahmaseb, CISSP, Security Engineer Manager

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

Stay One Step Ahead of Cyber Threats - Check Point

  1. 1. Stay One Step Ahead of Cyber Threats
  2. 2. Mobile is overtaking desktop, social is beating search, messaging apps are challenging email, and everything around us is becoming connected. THE ERA OF DIGITAL TRANSFORMATION
  3. 3. ©2016 Check Point Software Technologies Ltd. 3 CIO Provide up to the second information to everyone , everywhere President How can I create value to my customer and partners? LEADERS MAKE MAJOR BUSINESS DECISIONS DAILY EVERY MAJOR DECISION EVOKES SECURITY RISKS CMO New automated campaign and demand generation will make a difference! CEO How can Technology transform my business CFO Do I comply with regulation?
  4. 4. ©2016 Check Point Software Technologies Ltd. 4 HOW TO MAKE BUSINESS DECISIONS WITHOUTCOMPROMISING SECURITY
  5. 5. ©2016 Check Point Software Technologies Ltd. 5 THERE ARE MILLIONS AND MILLIONS OF NEW CONNECTIONS CREATED EVERY SECOND THERE ARE MORE AND MORE THINGS WE DON’T CONTROL
  6. 6. ©2016 Check Point Software Technologies Ltd. 6 CHANGES CREATE NEW OPPORTUNITIES BUT NOT EVERYONE HAS GOOD INTENTIONS
  7. 7. ©2016 Check Point Software Technologies Ltd. 7 THERE ARE MORE AND MORE THINGS WE DON’T KNOW ZERO DAY, Virus CVEs Bad URLs APTS,UNKNOWN MALWARE Signatures Exploits TrojansBotnets THE GROWTH OF THE UNKNOWN MALWARE
  8. 8. ©2016 Check Point Software Technologies Ltd. 8 BC In an environment where there are more and more things THE RIGHT DECISION TO RUN THE BUSINESS? HOW DO YOU KNOW YOU ARE MAKING you DON’T CONTROL and more things you DON’T KNOW
  9. 9. HOW DO YOU INNOVATE, INSPIRE AND COMPETE WHILE REMAINING SECURED?
  10. 10. ©2016 Check Point Software Technologies Ltd. 10 80% of board members say that cybersecurity is discussed at nearly every board meeting*. But still 66% of board members are NOT CONFIDENT [Restricted] ONLY for designated groups and individuals $86B – 2016 projected global enterprise IT security spending (8.8% yearly increase) and will grow to $101B by 2018* In 2015 38% more security incidents were detected than in 2014 *
  11. 11. ©2016 Check Point Software Technologies Ltd. 11 Everybody’s talking about being secure And yet… BREACH Most security companies focus on Detection after the breach Security Industry says they can’t stop the Breach [Restricted] ONLY for designated groups and individuals​
  12. 12. ©2016 Check Point Software Technologies Ltd. 12 So, should you just detect the breach and try to clean up after? It’s true… breaches are happening everywhere [Restricted] ONLY for designated groups and individuals​
  13. 13. ©2016 Check Point Software Technologies Ltd. 13 WHY THE DISCONNECT ? Lack of an end-end security strategy 1400 security vendors in the market today – its’ complicated Cybercrime is different than conventional warfare
  14. 14. THE CYBER THREAT LANDSCAPE IS EVOLVING WITH RAPID PACE more sophisticated and more advanced
  15. 15. Most security technologies are PATCHWORK OF POINT SOLUTIONS COMPLEX SOLUTIONS WITH UNCERTAIN SECURITY COVERAGE • Looking for yesterday’s signatures • Detection instead of prevention ONE STEP BEHIND
  16. 16. THE Almost, Sort of GREAT DEBATE ? DETECT PREVENT
  17. 17. Focus on PREVENTION
  18. 18. ©2015 Check Point Software Technologies Ltd. 18 So… ONE STEP AHEAD
  19. 19. ©2016 Check Point Software Technologies Ltd. 19 BLOCK attacks before they happen! DEFEND with advanced tools that stop today, tomorrow’s threats PROTECT every frontier – from mobile to cloud ONE STEP AHEAD. THE PRINCIPLES [Restricted] ONLY for designated groups and individuals One SIMPLE system CONSOLIDATING all security solutions
  20. 20. USE SECURITY THAT PREVENTS BOTH THE KNOWN UNKNOWN THREATS
  21. 21. ©2015 Check Point Software Technologies Ltd. 21 Reconnaissance Delivery Exploitation Control ONE STEP AHEAD MEANS BLOCK/PREVENT THE ATTACK AT EVERY STAGE
  22. 22. ©2015 Check Point Software Technologies Ltd. 22 PREVENTING THE KILL CHAIN RECONNAISSANCE Prevent suspicious network activity DELIVERY Prevent malicious downloads EXPLOITATION Prevent exploitation of vulnerabilities CONTROL Prevent command & control activity
  23. 23. ©2015 Check Point Software Technologies Ltd. 23 PREVENT ATTACKS AT THE PRE-INFECTION STAGE PREVENTING THE KILL CHAIN
  24. 24. ©2015 Check Point Software Technologies Ltd. 24 ONE STEP AHEAD MEANS BLOCKING ATTACKS EVERYWHERE
  25. 25. ©2015 Check Point Software Technologies Ltd. 25 PREVENTION ACROSS ALL BUSINESS PLATFORMS ONE STEP AHEAD MEANS PREVENTING ATTACKS EVERYWHERE
  26. 26. BUILD ARCHITECTURE
  27. 27. Integrated Threat Management Efficient, Automated Operations Unified Policy Management A SINGLE MANAGEMENT PLATFORM TO CONSOLIDATE ALL YOUR SECURITY
  28. 28. 20%REDUCTION in consolidating on single architecture SECURITY SPEND 50%REDUCTION in HUMAN CAPITAL With single management platform
  29. 29. Stops exploits of known vulnerabilities IPS Prevents bot damage from infected devicesAnti-Bot Blocks download of known malware infested filesAntivirus Stops unknown zero-day malware in filesThreat Emulation Multi Layer Detection and Threat PreventionKNOWNUNKNOWN Remove Zero Day malware in Zero SecondsThreat Extraction
  30. 30. Successful Defense Components [Restricted] ONLY for designated groups and individuals​ Reconnaissance Weaponization Delivery Exploitation Installation Command & Control Act on Objectives P r e - C o m p r o m i s e C o m p r o m i s e P o s t - C o m p r o m i s e DLP Threat Intelligence Firewall Anti-Virus Anti-Bot Anti-BotIPS Firewall DLP Document Security Anti-Spam URL Filtering Threat Emulation Threat Extraction Mobile Threat Prevention IPS Threat Emulation Endpoint Security Endpoint Security Forensics Mobile Threat Prevention Document Security Firewall IPS • Extensive research • Collaboration with industry leading services • Sharing across users community • Multi-layer architecture • Evasion-resistant detection • Best catch rate • Proactive practical prevention • Effective containment • Clear visibility and insight INTELLIGENCE DETECTION PREVENTION
  31. 31. YOU ARE
  32. 32. 3 VECTORS OF Network Attacks OS ExploitsInfected Apps
  33. 33. TURN ON THE MICROPHONE TURN ON THE CAMERA TRACK DEVICE LOCATION CAPTURE EMAILS EXTRACT DATA STEAL USERNAME & PASSWORD
  34. 34. MOBILE SECURITY BUILDING BLOCKS Mobile Device Management Policy Enforcement Secure Containers Data Leakage Prevention Anti-Virus, App Reputation Known Threats Mobile Threat Prevention Unknown Threats and Zero Day
  35. 35. TODAY
  36. 36. 2016 20202014 ONE ARCHITECTURE SINGLE MANAGEMENT CLOUD DATA CENTER ENDPOINT MOBILE NETWORK IoT
  37. 37. Generations in cyber security [Protected] Non-confidential content Cyber Network & EndpointVECTORS Network, Endpoint Mobile, Datacenter & Cloud Reactive & Silo’d – focused on detection STRATEGY Proactive & Holistic – focused on prevention Point solutions, multiple consoles ARCHITECTURE One consolidated system, single management Conventional Organized & targetedBOUNDARIES Amateur & random attacks To Summarize

Editor's Notes

  • Change
  • Increase Revenue
    Reduce Costs
    Mitigate Risks
    Meet Compliance Requirements
  • People FACE - Biggest challenge for businesses today is how to make the best possible decision for the business, without compromising security; Security is a factor in almost any business decision.
  • Because there are more and more areas we don’t control,
    IT environment is more and more shared and open and less and less controlled
    With IoT, Cloud, Mobile, Software defined….
  • Because there are more and more threats and hackers we don’t know

    Threat landscape is evolving so fast with new threats, new techniques, new actors and new targets.

    Impossible to predict with certainty what the next waves of malware will look like.
  • Biggest challenge for businesses today is how to make the best possible decision for the business, without compromising security; Security is a factor in almost any business decision.
  • http://www.csoonline.com/article/2927395/data-protection/cybersecurity-on-the-agenda-for-80-percent-of-corporate-boards.html


    Alternative stat
    In 2015 almost half of boards participate in the overall security strategy of the company*
    *PWC The Global State of Information Security® Survey 2016


  • Situation: The world wants to tell that breaches are inevitable
  • Situation: breaches keep happening, that’s true, so should you just wait until it’s your turn?

    Industry says The only way to catch advanced malware like ransomware or an advanced persistent threat is to investigate after it has breached your business
  • Board down to Admins – What should we do?
  • Security technologies are embattled in constantly chasing after these threats to close the gaps.
    An overabundance of security solutions makes it more complicated and challenging for IT managers to keep up. Organizations need to constantly gain new knowledge and hire talented people to continuously understand what is going on their network.
  • Not really
  • One step ahead means a number of things:

    Prevention, Not Detection or remediation

    Prevention on each part of the kill Chain
  • One step ahead means a number of things:

    Prevention, Not Detection or remediation

    Prevention on each part of the kill Chain
  • Known GOOD instead of Known BAD
  • Instead of lots of Point solutions

    Protect your assets, data and your brand - and to do that in a way that allows the business the freedom to make the choices they need to make to run their business - without compromising security.
  • Our next generation policies provide a radically different way of approaching policy management. We’ve taken a long hard look at how daily tasks are performed and consolidated and streamlined features to make it as efficient as possible for the security admin to do his work. With R80’s automation capabilities, we are paving the way for automated security provisioning and controls. And when it comes to security visibility - we’ve fully integrated threat management into the main console so security teams can pivot quickly from policy to incidence response and have a holistic view of their security posture in one single place.
  • USERS
  • AirWatch
  • https://www.infopackets.com/news/9449/cyber-attacks-businesses-doubled-2014-report
  • ×