CCR : Going Beyond CSR Nilesh Jain

Country Sales Director Trend Micro, India

#CLOUDSEC

HACKERS HAVE AN UNDUE ADVANTAGE

Cost of failure is low They know you, you

don’t know them Sophisticated

technology: Big Data Analytics, Machine Learning

They are organized and collaborated.

2 Copyright 2014 Trend Micro Inc.

Victim

The Boss

Mercenary

Attackers

Data Fencing

The Captain Garant

Bullet Proof Hoster

CRIME SYNDICATE (SIMPLIFIED)

$4

Victim Blackhat SEO

Attacker

$10

Attacker

Keywords

(Botherder) $2

Compromised

Sites (Hacker)

$6 $10

Programmer $10

Cryptor

$10 Virtest

$5

Worm

Exploit Kit

Bot Reseller $1 $1

$1

Traffic

Direction

System $5

Garant $10

SQL Injection

Kit

$3

Carder $4

Money Mule

Droppers $1

Card Creator $2

Bullet Proof

Hoster

$5

CRIME SYNDICATE (DETAILED)

HAVE YOU HEARD THIS NAMES ?

• Santrex

• Maccolo

• Troyak

and Many more…

They are all Bulletproof hosters

Copyright 2014 Trend Micro Inc. 5

DATA SCIENCE IS MULTIDISCIPLINARY

http://eduardoarea.blogspot.tw/2012/11/el-camino-de-un-data-scientist.html

LETS CALCULATE ROI

7 Copyright 2014 Trend Micro Inc.

ROI for deploying security to large Enteprises: around 50% to 200%

ROI for companies providing security solutions: around 40% to 200%

ROI for cyber hackers:: 1000% to 1500%

Lower Hackers ROI.

BEATING THE SMART HACKERS- REDUCING THEIR ROI

• Apart from Detection, Prevention and Remediation, focus on Intentions.

• Kill their intentions: Mostly Money

• Decrease their ROI by making their job difficult.

• Keep the system Patched.

• Continuous monitoring for systems and network.

Copyright 2014 Trend Micro Inc. 8

BATTLE IS RAGING…

Need to deploy sophisticated technology

But need to address people piece of the same.

Collaboration in cyber security space is the tool to fight.

Law enforcement agency, Security vendors, Consultants and enterprises need to work together.

This demand Corporate Cyber Responsibility

9 Copyright 2014 Trend Micro Inc.

CORPORATE CYBER RESPONSIBILITY

• CSR- company act 2013 from 1st april,2014 but CSR is yet to evolve

• Collaboration is the key- other corporates, Security consultants, Government and Law enforcement agency

• Your network is not breeding ground for bots and Malwares to infect other network

• Don’t pay ransom

• Work with Law Enforcement Agency

• Share the information with suitable forum

• Educate and train your supply chain partners too beyond employee

Copyright 2014 Trend Micro Inc. 10

11 Copyright 2014 Trend Micro Inc.

HOW TREND MICRO DOES IT ?

As a strategic partner of INTERPOL Trend Micro will collaborate

with them in the fight against cybercrimes. Trend Micro will be

committed to prevent fierce cybercrimes through the Public-

Private Partnerships (PPP), which utilizes the strengths of both

organizations.

Trend Micro is working closely with the INTERPOL with smooth

cooperative framework by providing security researchers to

support them directly.

Work with Leading Social Networking sites like Facebook to

make them safe.

Work with Local Law enforcement agencies to track down the

group of Hackers.

Monitor

Detect

Analyse

Compile

Forward

Action

Intel Repor

Member Countries

COOPERATION WITH TREND MICRO

• Lets Join hands to fight the CYBER Criminals

Confidential | Copyright 2012 TrendMicro Inc. 13

Nilesh Jain Country Sales Director Trend Micro

#CLOUDSEC