Embed Size (px)
DESCRIPTION
The latest in IT security for the modern day
Citation preview
The latest in IT security for the modern day
The proliferation of botnets, has led to a massive increase of Distributed Denial of Service (DDoS) attacks. At the same time DDoS attacks have evolved to a higher level of sophistication by targeting the web application layer.
Fortinet provides enterprises with the protection techniques that are required to stop these attacks by using multiple protection layers incorporating both a negative and security model and leverage sophisticated DDoS protection techniques that help identify real users from malicious botnet activity.
To find our more about Fortinet’s DDoS solutions, visit www.fortinet.com today.
3
INTRODUCTION
The transition from cyber-vandalism to cybercrime has had a significant impact on the current security landscape, according to David Emm, senior security researcher at Kaspersky Lab.!
“In the ‘good old days’, malware was designed to disrupt a computer.!By contrast, the focus of cybercrime is to steal information that can be used to make money.! So the last thing a cybercriminal wants to do is to disrupt the victim’s system - their business depends on my computer running normally.! At one level, the job of security companies remains the same – i.e. block malicious code.! But the focus on maintaining the integrity of someone’s data, and securing their online identity, has
led to the inclusion of technologies that go beyond simply looking for malicious code.! So today’s comprehensive Internet security suites include virtual keyboards, application sandboxing, white listing and more,” he says.
Emm adds, “It’s not just the shift in motivation that has widened the array of technologies used in anti-malware solutions.! We’ve seen an explosion in the number of malicious programs in recent years.! Just five years ago, our virus lab received around 200 new samples per day.! Today, our analysts receive 125,000 unique malware samples every day!! And there are tens of millions of samples in our collection.! One of the reasons for this is the decreased ‘shelf-life’ of
malware.! In the 1990s viruses were comparatively slow to spread, but once they reached ‘critical mass’ they might circulate for many years.! Today, an individual variant might last no more than a week.! So many of the samples we see are variants of existing malware families - churned out by cybercriminals to refresh earlier versions.”
According to executives at Kaspersky Lab, 2011 was a pivotal year in the development of mobile malware. The company saw the same volume of threats in 2011 alone as it did in the period from 2004 through till 2010.! “Currently there are more than 20,000 mobile malware threats - that’s a rate of around five per hour.! The fastest
Gearing upResearchers at Kaspersky Lab highlight the radical change in security attacks and the simultaneous opportunity this creates for security vendors to create solutions that help enterprises stay ahead of the game.
The proliferation of botnets, has led to a massive increase of Distributed Denial of Service (DDoS) attacks. At the same time DDoS attacks have evolved to a higher level of sophistication by targeting the web application layer.
Fortinet provides enterprises with the protection techniques that are required to stop these attacks by using multiple protection layers incorporating both a negative and security model and leverage sophisticated DDoS protection techniques that help identify real users from malicious botnet activity.
To find our more about Fortinet’s DDoS solutions, visit www.fortinet.com today.
4
INTRODUCTION
growing area of development is malware aimed at Android.! That’s because it’s popular, it’s easy to create software for it and there’s a ready-made distribution mechanism in the form of Google Play [formerly the Android Market Place].! Almost 89% of threats target this operating system.!The increasing use of smartphones, the mix of personal and business data on mobile devices - and the BYOD trend in business - makes them an increasingly attractive target for cybercriminals.! And the more personal data that is stored on mobile devices, and the more we use them to log in to online services, the more they will be targeted,” Emm explains.
The sudden surge in the numbers and variety of security threats combined with media publicity surrounding the advent of recent security breaches such as those of the PlayStation Network and Saudi’s Aramco has resulted in enterprises and individuals being a lot more aware of cyber security vulnerabilities. In a kind of snowball e"ect, investments in IT security have increased, encouraging vendors to pump more R&D resources in order to create ‘smart’ solutions that are capable of proactively blocking the threats of tomorrow.
!He says that while signatures were never the only mechanism used to detect malware, the upsurge in numbers in the mid-2000s gave a massive impetus to the development of proactive detection technologies - including behavioural analysis and real-time use of cloud-based infrastructures.!!
“On top of this, today’s advanced Internet security products employ a wide range of other technologies designed to secure people’s online activities.! They can alert you to
vulnerabilities that exist in any applications you use.! They can secure your online transactions.! They can block spam.! They can secure children’s online activities – not only blocking undesirable content, but also preventing children from posting sensitive information online].! They can encrypt your data.! They can even create complex passwords for each of your online accounts, storing them securely and entering them automatically for you when you login.! They can also secure banking transactions from cybercriminal activities like keylogging,” he says.
Still as technology proliferates and cyber scammers and criminals continue to put their minds behind the creation of even more intelligent scams and malware, many vendors believe the worst is yet to come.
As Emm says, “Over the last year or so, cybercriminals have made use of stone digital certificates to sign their malware, giving it a stamp of authenticity and it’s likely that this will increase in the future as cybercriminals
seek to sneak in ‘under the radar’. It is also clear that the increasing storage of data in the cloud, and the use of other cloud-based services, will add a new dimension to the threat landscape - specifically, attacks on ‘the cloud’.! This is, of course, related to the rise in targeted attacks - the di"erence being that the aggregation of data in a single place o"ers a ‘one-stop-shop’ for cybercriminals. The use of anti-malware solutions is already considered by most businesses to be an essential tool yet as the Internet becomes more and more central to commerce of all kinds, it will become increasingly important to defend employees – and in particular the data they access – wherever they go and whatever devices they use to conduct business.”
The interviews that follow give us some insight into the regional dynamics and how security vendors are leveraging the region’s channel community to e"ectively help enterprises across the region arm themselves against the dynamic threats of the future.
The presentation will cover...
Why Should You Attend?
Over-reliance on Inherently Handicapped Signaturebased Tools:
Juggling Disparate Products:
Lack of Collaboration:
AccessData cordially invites you to attend a live briefing to learn how the cyber security paradigm is shifting towards integrated response capabilities...
and to see CIRT 2.0 (Cyber Intelligence & Response Technology) in action.
Concerns over recent GCC malware attacks?
The Dubai CIRT Briefing on 16 October at The Capital Club, DIFC
PLEASE REGISTER NOW
www.eventbrite.com/event/3914789240
Interested in becoming an AccessData Reseller? Attend our ‘RESELLER BRIEFING DAY’
Location:
6
ACCESSDATA
How has the security landscape changed over the last few years? How have these changes a"ected the demand for security solutions?
We only need to consider events in this region in the last month of malware targeting critical national infrastructure. Take Shamoon for example; It has had a massive impact. Exploits have become dramatically more sophisticated, there has been a great increase in nation-sponsored cyber attacks, and the average
Pioneering defences
employee is far more cyber savvy than even just a couple years ago. All of this results in the exponential growth of unknown threats and zero-day attacks.
The days of relying solely on signature-based preventative and alerting solutions is over. Anti-virus, firewalls, intrusion detection systems (IDS) and data leakage prevention (DLP) tools are only able to detect what you tell them to look for. Though they will remain a critical piece of the
AccessData is leveraging its flagship computer forensics technology to create intelligent security solutions that help monitor, block and mitigate the challenges posed by the evolving security landscape.
cyber security infrastructure, they are not able to protect you against unknown threats and savvy malicious insiders. It is imperative for organisations to have visibility into all that is happening across the enterprise and optimise their response capabilities to be able to stop the bleeding much faster.
Please list out your line up of security solutions? Have you added any new products in the last 12-18 months?
AccessData provides solutions to address digital investigations of any kind, including computer and mobile device forensics, e-discovery and of course incident response and information assurance.
Forensic Toolkit (FTK), the flagship computer forensics technology and the foundation for most of AccessData’s solutions, is best known for having an advanced Apple OS analysis as well as the most comprehensive volatile data and memory analysis. It also enables distributed processing providing the fastest forensic-level processing on the market
Cyber Intelligence and Response Technology (CIRT) is a new o"ering, which AccessData claims to be the first and only platform to integrate computer forensics, network forensics, malware analysis, large-scale data auditing, and remediation within a single interface. This solution gives an organisation visibility into everything happening across the enterprise, as well as the laptops of travelling employees, including internet activity and removable device usage. Even if an employee is not logged into the organisation’s network, CIRT is able to monitor all activity, which is a great advantage over relying on other network forensics or enterprise investigations tools.
Jason Mical, director of Network Forensics at AccessData
7
ACCESSDATA
The greatest benefit of using CIRT is the ability to detect unknown threats. You can easily correlate network and host data to more quickly identify anomalies and use the platform’s “Cerberus” malware analysis technology to automatically identify suspect binaries and determine behavior and intent without a sandbox or signature-based tools. With this capability, organisations can detect malware that has not yet been defined and would therefore be missed by conventional tools.
Finally, CIRT is not just another platform that delivers a mound of data you need to sift through. It actually has built in batch remediation capabilities. So once a threat is detected, you can quickly perform root cause analysis – getting critical data in seconds that would normally take hours or days – and then you can remediate all a"ected nodes immediately.
How are you helping your channel partners leverage the demand for the latest security products and solutions?
We provide a rigorous sales and technical training programme for our partners, as well as marketing assistance as needed. Our technology is very di"erent to the traditional security solutions on o"er in the region so we have to adjust the mind set a little. We are keen to recruit
more partners across the region to extend our reach. We plan to hold a reseller briefing breakfast in Dubai soon.
With so much competition on the horizon how do you di"erentiate your products and services from your competitors? How do you help your resellers di"erentiate their o"erings?
We can see with the fall out of Flame, Stuxnet and Shamoon to name a few that customers are not being protected su#ciently. The description of CIRT’s capabilities above details several di"erentiators for us. In reality, there are no direct competitors for the CIRT platform. Other companies are only able to do one thing, whether that’s network analysis or computer forensics. No other company has developed the breadth of technology AccessData has delivered, and certainly no other company has integrated the functionality as we have in CIRT.
How is the security landscape set to change in the next 12-18 months? How will this impact the demand for security solutions?
We can expect to see continued exponential growth in the number and sophistication of cyber exploits. Various countries are increasing investment not just in cyber defence, but cyber o"ence. In addition, we
can expect to see new exploits specifically for mobile devices.
Organisations will become increasingly vulnerable to attacks and data loss, because the “Bring Your Own Device” (BYOD) trend is increasing in popularity. Organisations are allowing employees to use their own mobile devices and even laptops, because it saves money. However, there was a recent poll of employees in which over 60% of them felt that their companies should not have access to the personal devices they are using for work, and that employees using their own devices should be responsible for their own data security. The ignorance around the issue is actually quite alarming. Unfortunately companies aren’t able to simply implement a policy that ensures them access to employees’ personal devices. This would be even more di#cult in European countries that have much more stringent privacy laws.
Organisations are now beginning to see the need for greater visibility into their enterprises, in order to be able to detect unknown threats and take a more proactive approach to defending their assets. For this reason we are seeing a great deal of interest in our CIRT platform.
In addition, technology will continue to develop around defending mobile devices from cyber attacks.
8
How would you describe your line up of security solutions?
Fortinet was created on the vision of integrated security as the way to increase protection and control, while optimising performance, simplifying management and reducing costs.
Fortinet’s flagship FortiGate product line (850,000 units shipped to date) was built from the ground up to deliver the highest levels of performance and the broadest security to help protect against application and network threats. Every FortiGate platform integrates multiple layers of threat protection – including Firewall, Anti-virus, Anti-spam, Application Control, Intrusion Prevention, Web Filtering, VPN, Data Leakage Prevention and tra#c shaping, etc. The FortiGate product line is powered by Fortinet’s FortiOS, a proprietary security-hardened, purpose-built operating system, which, coupled with FortiASIC processors, is designed to help customers achieve extremely high throughput and exceptionally low latency.
Beyond its FortiGate network security product line, Fortinet has a large range of solutions that help enterprises secure their extended network, from endpoints and mobile devices, to their perimeter and their core including databases (FortiDB), messaging (FortiMail), web applications (FortiWeb).
In 2011, Fortinet introduced a major release of the FortiWeb Web application firewall (WAF) family for enterprises, application service, software-as-a-service (SaaS) and
Pioneering security
managed security service providers (MSSPs). The release integrates features such a web vulnerability scanner and advanced application load balancing in a single device to significantly reduce deployment times and resource utilisation while improving application performance.
In 2012, Fortinet launched its new FortiDDoS products line to detect and help protect against today’s most sophisticated DDoS attacks. The appliances feature custom ASICs that are capable of mitigating DDoS attacks while maintaining incredibly-low latency (less than 26 microseconds), preventing loss of availability to critical systems, servers and applications.
In the current technology and business landscape, what do you believe poses the largest threat to an IT network? How can organisations e"ectively tackle these challenges?
The major issue is related to the evolution in work practices that makes the organisation network boundaries become fuzzy: on the IT side, the adoption of cloud-based applications and services IaaS, SaaS, private or public cloud pose new challenges, while on the user side, the workers’ increasing mobility, practice of BYOD, home o#ce, also make the enterprise more vulnerable.
For example, BYOD provides the ability to access enterprise networks from anywhere, anytime. A worldwide survey commissioned by Fortinet and conducted in 15 countries, focused on graduate
employees in their twenties. This group represents the first generation to enter the workplace with an understanding and expectation of own-device use. They also represent tomorrow’s influencers and decision makers.
Within this younger employee group, BYOD is predominantly considered a right rather than a privilege, with over half (55%) of people sharing an expectation that they should be allowed to use their own devices in the workplace or for work purposes. With this expectation comes the very real risk that employees feel so strongly they will consider ignoring company policy banning the use of own devices. More than a third (36%) of people polled admitted that they have or would contravene such a policy. In UAE, they were 30%.
The survey shows the considerable challenge that organisations face in controlling what is happening on its network and to its data.
Global visibility becomes paramount and businesses should thus review their security strategy to take a centralised approach in analysing security threats and risks. The ability for various security capabilities to communicate and synergise intelligently with one another onto an integrated platform becomes key to ensure security and control of the networks, data, users, applications and devices.
As IT security is moving into an era, characterised by the
Fortinet is gearing up for more complex demands for IT security, believing the current scenario to be ‘the tip of the iceberg’
FORTINET
9
FORTINET
growing IT consumerisation and the business migration to the web - there is a greater need for IT security to move away from its traditional focus of simply securing IT assets to look at protecting and enhancing business functions, while being able to adapt to a dynamic user environment and sustain manageability.
How are you helping your channel partners leverage the demand for the latest security products and solutions?
Fortinet’s channel strategy is based on its selective FortiPartner Programme (FPP), based on gold, silver, bronze and MSSP levels. This programme aims at driving value and commitment for Fortinet’s distributors and resellers by focusing on channel profitability, technology leadership and a strong certification programme, through the recruitment of Authorised Training Centres in each country.
As part of the FPP, Fortinet o"ers many tools and services to help its channel partners provide the best security solutions to the market
and keep up with the technology evolution. Some of these initiatives include training and education sessions designed for the club members, which are available via webinar series, access to the Fortinet Authorised Training Centres (ATCs) programme that is designed to provide additional sales benefits to existing ATCs and foster the presence of ATCs at the local level, a Renewal Asset Tracking tool, a Web-based interface, designed to help resellers identify renewal income opportunities and a series of marketing tools among many others.
Partners can also leverage our in-house FortiGuard Labs’ global team of threat researchers, who continuously monitor the evolving threat landscape. The team of over 125 FortiGuard Lab researchers provide around the clock coverage to ensure a network stays protected. It delivers original research, rapid product updates and detailed security knowledge, providing protection from new and emerging threats.
100% security focused, Fortinet’s products are regularly setting the norm in terms of cost/performance
ratio and reliability. With a cumulative R&D investment of $273 million at the end of 2011 and around 600 engineers, Fortinet continues to push the barriers of performance, functionality and innovation. Our technology has been fully developed in-house and the company has total control over the design of its products, making no compromises on quality, performance and reliability.
How is the security landscape set to change in the next 12-18 months? How will this impact the demand for security solutions?
We expect the security landscape to continue to evolve with the adoption of mobility and IT consumerisation (BYOD and BYOA), Cloud-based services and the growth of bandwidth demand driving the increased exposure and risk factor to Internet threats.
Furthermore, the current economic downturn and end-user increased attention towards TCO, brings forward many opportunities and security challenges through trends such as the increased outsourcing of applications or infrastructure management and heavy data centre virtualisation. Another trend we see is that the managed security service providers will continue investing in delivering Security as a Service which proved to be a successful model for organisations seeking to reduce cost without compromising their defences. In addition, the demand for Unified Threat Management (UTM) integrated security solutions shall continue to increase as this model proved to have the broadest functionalities o"ering (Firewall, VPN, intrusion prevention, application control, Web filtering, anti-virus, anti-spam and DLP among others) and the easiest to operate and maintain.
Bashar Bashaireh, regional director for the Middle East at Fortinet
10
SOPHOS
How has the security landscape changed over the last few years?
IT security has become more and more complex over the past few years, so preventing security capabilities from taking a backward step as organisations adopt new technologies and ways of working has been a challenge.! As well as the continuing trend of BYOD, and a growth in remote working (either at home or on the road), IT teams have had to manage an increasing array of security products, monitor new apps and social media, as well as consider implementing new technologies like HTML5 and IPv6.
Cloud continues to throw up uncertainty. Consumer cloud storage solutions like Dropbox cause potential issues for IT departments as employees use them as a means of sharing and storing business files, outside of IT’s control, despite multiple security issues over the past year or so.! In general cloud services have seen a resurgence, which means more focus on encrypting data wherever it flows, rather than just protecting the device or the network.
Lastly, we continue to see sharp growth in the number of threats, with more targeted attacks and hacktivism in recent times.! Within the security market, we have seen a great deal of consolidation as vendors acquire other vendors and merge in the quest to broaden their security solutions.
The upshot is that businesses need a reliable defence that protects all routes of attack. Many organisations are!therefore looking for a company that!can provide complete security solutions,
Comprehensive ReinforcementsSecurity vendor Sophos is working with resellers to communicate their message of ‘complete security’ to the customers.
Sophos o"ers a broad variety of complete security solutions that address all aspects of protecting businesses: solution sets include Endpoint, Encryption, Web Security, Email Security, Mobile Security (including mobile device management), Network Protection and Unified Threat Management (UTM).
!How can organisations e"ectively tackle the challenges of the current environment?
Organisations need to put in place both policies and technologies that minimise the risk and protect the network at
André Sche"knecht, VP, NEEMEA, Sophos
identify gaps in their defences, and provide them with flexible solutions to plug those gaps. Sophos’ products and services are well suited to this, providing ‘complete security without complexity’ to customers in the region. While technology is a business enabler, di"erent business environments have di"erent security needs, so Sophos works with customers to ensure they get protection that works for them.
!Please list out your line up of security solutions? Have you added any new products in the last 12-18 months?
11
SOPHOS
all points. Many companies take a very restrictive approach by applying Web filtering to block access to Web storage providers or by applying application controls to prevent cloud storage applications from being installed. The best way to protect against a data breach is to apply data encryption everywhere, encrypting data in a way that it stays encrypted until the business needs it. At Sophos we call this ‘persistent encryption’ or data protection by default. That way, if a user places a company file in a public cloud tool like Dropbox, the data remains encrypted. What every organisation needs to remember is that user education is key to an e"ective security policy, so clear communication of do’s and don’ts with the employees is a must.
!How are you helping your channel partners leverage the demand for the latest security products and solutions?
Sophos provides partner enablement by o"ering free online training as well as classroom training in conjunction with our distributors.!In the region we
are running brand awareness initiatives through PR as well as focused advertising, and we help partners with their marketing by not only providing co-funded marketing campaigns but also by helping with bespoke initiatives.! We also distribute the leads that are generated by global marketing campaigns to partners for follow up, helping partners engage with more end users.
!!How do you help your resellers di"erentiate their o"erings?
At Sophos, we’ve taken a di"erent approach to IT security. We call it ‘complete security, without complexity’. Resellers who o"er Sophos to their customers can provide a complete set of security solutions designed specifically to protect businesses across their entire network. From endpoint, encryption to network protection and unified threat management (UTM), Sophos’ vision is to give customers a single security system for the entire organisation in order to provision a unified view of the security system so they can quickly see when something is wrong and can easily fix it.
It’s a compelling message for resellers to take to customers and allows them to spend less time supporting customers themselves, deriving!benefits in terms of both operational costs and happy customers. Sophos operates as a 100% channel business.!
!How is the security landscape set to change in the next 12-18 months?
We can expect to see more of the same as businesses continue to get to grips with issues like mobile, cloud etc. With mobile, we can expect to see an even greater move from the traditional endpoint to mobile devices. Businesses need to prepare for this. And we’ll see businesses finally putting their infrastructure in the cloud – expect to see security becoming a key feature in customers’ demands.
We will likely see more consolidation in the market, plus a continued increase in the volume of threats targeting users. Layers of defence will become a bigger deal as more businesses recognise the gaps in their security – with more combined threats, businesses can be attacked through multiple routes into the network (email, web etc.). As such, vendors that can o"er a broad range of complete security solutions will be well placed to help customers.
Latest launches:
Mobile security in the enterprise:
12
HP
Rooted in securityTrend Micro has seen the security business change and grow more complex. Today, the company prides itself on its technical skill and experience with this industry.
TREND MICRO
How has the security landscape changed over the last few years?
Threat landscape has evolved over past couple of years to be more sophisticated, targeted and financially motivated. Data breaches are highly visible and put tremendous pressure on IT departments of organisations to ensure they implement the right levels of protection. This also puts a lot of stress on both customers and channel to maintain optimum technical skill sets to support the infrastructure. Organisations are demanding 24/7 local services especially for security solutions by trained personnel. This creates opportunity for channel as well as vendors.
Another security challenge is around ‘securing’ virtualised infrastructure whilst protecting the investment made in virtual infrastructure and maintaining the ROI. Trend Micro is best positioned to protect these customers through its latest o"ering of ‘Deep Security’
In today’s 24x7 business world, mobility is essential. Employees are accessing and sharing data anytime and from any device. It’s becoming a challenge for! IT to maintain the visibility and control the data on devices to keep the information safe from theft or losses
Please list out your line up of security solutions? Have you added any new products in the last 12-18 months?
Trend Micro has a complete range of security solutions right from endpoint, mail server and gateway. Cloud, data centre, threat and vulnerability management, support services
Partners can boast of a local l sales and technical team that covers small to very large customers which can be o"ered by very few security vendors in the region.
Most importantly, our distributors do not compete with partners, i.e. they do not sell directly to end users. As an organisation we are fully committed to two tier channel structure so business never by-passes a partner or distributor.
How is the security landscape set to change in the next 12-18 months?
Virtualisation is becoming more prevalent and customers are making their forays into private cloud computing. Because of them being more comfortable with cloud environment they will also start to become more comfortable with the benefits of cloud security services. And therefore, customers need to rethink securing their virtual network. The security choices will not only a"ect the operational costs!but also the organisation’s reputation.
There will be more high profile targeted attacks and APT’s in future and the amount of malwares will continue to grow at an exponential level. Traditional security solutions will increasingly become a burden on organisations networks, PCs and productivity. Malware is being specifically crafted for given and persistent attacks.
Mobile security is becoming prevalent. People are doing business wherever, whenever and on any device. This is the mobile age and it’s going to catch many people unaware unless they have the right security solutions and policies to protect themselves.
The ME will continue to see increased evidence of targeted cyber attacks but many will go unreported. Looking at the GCC as a whole there are a large number of bot infected systems (2.3 Million). These are systems which have been compromised often by inadequate security solutions. However, there are a very few admitted security breaches.
Sushma Kajaria, channel sales manager at Trend Micro
(pre and post sales through channel) security.
How do partners stand to benefit from signing with Trend Micro?
Since 1988, Trend Micro has pioneered innovative technologies and security services that protect users against threats that target new and emerging platforms and devices and we continue that tradition today. We help customers and our channel understand how to balance the risks against the gains of consumerisation so employees can safely use their own devices and share files and data inside and outside of the enterprise. Product lines are easy to understand and sell with or without support services. 24x7 Support services further enhances partners and customers confidence in Trend Micro.
Trend Micro runs sales and technical trainings for channel partners through the year which is directly delivered by our employees. There are focussed customer events and workshops along with our Gold partners that are co funded. !
13
Services for security EMPA, a regional value added distributor chooses its vendor portfolio based on its ability to provide a range of support services to go beyond trading in security.
How has the security landscape changed over the last few years?
Over the past decade, the security landscape has been definitely transformed in terms of both magnitude and nature. With mobility and cloud high on the agenda, the need to deploy solutions that enable personal security while enabling remote access to data has skyrocketed.! In chorus, the cyber-threat landscape has also evolved, with refined targeted attacks on a number of devices that entail legitimate access to corporate and personal networks. This increasing complexity of IT products and solutions robotically raises the challenge-level for their supporting security.
This scenario has translated into a wave of opportunity for security vendors and
products a vendor carries should complement and improve our existing portfolio with no or minimum cannibalisation on the existing product lines we carry.
What do you believe are the elements that di"erentiate your o"erings from those of your competitors?
Every security product or solution has both common and unique features as compared to its competition. Fundamentally, such features should be comprehensive, multi-layered and proactive. Some of the elements that our security o"erings include our “Host-Based Intrusion Prevention System” to block unauthorised alterations to programs installed on devices and “Cloud Enhanced White listing” to enable faster and precise malware detection.
How is the adoption of cloud and virtualisation set to a"ect the security landscape and how are you preparing to leverage this change?
Undoubtedly, the e"ect on the security landscape has been and will continue to be tremendous. Simply put the significant burden and enormous responsibility of managing the complex IT requirements now moves from the end-user side to the vendor side. While security of the infrastructure remains a top prioroty, the protection of the actual communication channel connecting the end-user and the host-vendor are now also of vital importance. Both distributors and integrators must adapt by at least altering part of their security products and solutions to make their o"erings more relevant to this new state of play.
Nicholas Argyrides, MD at EMPA
EMPA
Security vendor portfolio: ESET, Intel, Fujitsu, and Toshiba No. of certified network security specialists/engineers: 5 (based in the UAE and KSA)
distributors as revenues from security related solutions have simultaneously increased.
How do you go about selecting the vendor portfolio? Please list out your line up of security products and solutions?
We consider a variety of factors when deciding to partner with a vendor such as the vendor’s reputation and record; pricing strategy and policies for handling various business aspects such as customer service, returns, guarantees and technical support. Last but not least, the
HP SOURCEFIRE
Walls on moneyMaher Jadallah, regional manager, MEA at Sourcefire recommends three security considerations for financials services
Perhaps no industry has a greater need for network and data security than the financial services industry. Widely considered to be ‘critical infrastructure,’ not only are banking and financial market networks handling the life savings of individuals, but the lifeblood of the global economy.
According to a statement by the FBI Cyber Division before the House Financial Services Committee, the number and sophistication of malicious incidents against financial institutions has increased dramatically over the past five years and is expected to continue to grow. Account takeovers, third-party payment processor breaches, securities and market trading exploitation and mobile banking schemes are just a few of the recent and damaging cybercriminal exploits the FBI identifies.
In less than three months the Middle East has experienced some complex cyber security threats that include Flame and Mahdi. The geographical spread of these attacks centred on a number of regional countries. It is important for the region to focus on increasing cyber security measures to reduce risk and defend against todays emerging threats not only within the financial sector but also in key infrastructural facilities.
Security technologies that are agile and can deliver high performance and low latency are a sound investment for any financial services institution.
So what should financial services firms look for to ensure a
appliances that include specialised acceleration technology to speed flow and packet handling as well as multiple processors to expedite acquisition and classification of network tra#c and application and control plane processing o"er the massively parallel processing power to handle demanding throughput requirements.
Low Latency: Real-time financial services applications, such as high-frequency trading and transaction processing, are extremely sensitive to latency. Microseconds can translate into billions of dollars gained, or lost. One way to reduce latency is to consolidate security functionality on a single device. Multiple point solutions each with their own device introduce their own latency that soon compounds. However, simply consolidating security functionality on a single device can still introduce delay and increase latency if each security solution has its own engine. Instead, devices that o"er a single-pass engine are designed for minimal latency. By sharing processing across multiple security applications (i.e., monitoring and assembling data packets for security processing and inspection) a single-pass engine a"ords e#cient application of multiple security functions (access control, threat detection and inspection, behavior analysis, host profiling, etc.) while maintaining high throughput performance.
The financial services industry embodies the term “time equals money.” In a sector in which many of the products are commodities, customer experience, confidence, trust, productivity and protection are critical to success. Security technologies that leverage the latest advances in design and engineering to deliver agility, high performance and low latency without compromising protection can mean the di"erence between profits and problems.
Maher Jadallah, Regional Manager, MEA for Sourcefire
security technology can address these three areas?
Agility: Traditional security tools were designed for stable, slow changing environments. They weren’t built to deal with changing conditions and new attacks. In order to be agile, modern security technologies must be able to do four things: see everything in the environment including assets and users on the network and attacks against them, learn by applying security intelligence to this data, adapt defences automatically and act in real time for the fastest possible protection. Through a continuous process of see, learn, adapt and act, security technologies that are agile can deliver more e"ective protection for financial services firms because they have the ability to respond to continuous change.
High Performance: Performance is critical to financial services networks. Security
You’
re s
afer
in o
ur w
orld
Co
mpl
ete
IT s
ecur
ity p
rote
ctin
g ev
ery
part
of y
our b
usin
ess
Mob
ile C
ontr
olSe
cure
, mon
itor a
nd c
ontr
ol iP
hone
, iPa
d,
Andr
oid
and
Win
dow
s M
obile
dev
ices
.
Web
Pro
tect
ion
Mak
e w
eb a
cces
s sa
fe a
nd p
rodu
ctiv
e w
ith
a re
mot
ely-
mon
itore
d ap
plia
nce.
Net
wor
k Pr
otec
tion
Keep
you
r net
wor
k in
fras
truc
ture
saf
e w
ith
com
plet
e ne
twor
k se
curit
y.
Emai
l Pro
tect
ion
Secu
re y
our e
mai
l with
our
sof
twar
e so
lutio
ns,
or c
hoos
e a
rem
otel
y-m
onito
red
appl
ianc
e.
Uni
fi ed
Prot
ectio
n (U
TM)
One
app
lianc
e th
at e
limin
ates
the
com
plex
ity o
f mul
tiple
poi
nt
solu
tions
. It g
ives
you
com
plet
e se
curit
y to
sto
p th
e vi
ruse
s,
spam
and
hac
kers
that
thre
aten
to c
ompr
omis
e yo
ur b
usin
ess.
Endp
oint
Pro
tect
ion
Giv
es y
ou e
very
thin
g yo
u ne
ed to
sto
p m
alw
are
and
prot
ect y
our d
ata
in o
ne c
onso
le.It
’s fa
st, e
ffect
ive
and
com
plet
e se
curit
y fo
r you
r use
rs, w
here
ver t
hey
are.
Data
Pro
tect
ion
Your
con
fi den
tial d
ata
need
s pr
otec
tion,
and
you
hav
e to
pr
ove
it’s
prot
ecte
d to
the
regu
lato
rs. O
ur e
ncry
ptio
n an
d da
ta lo
ss p
reve
ntio
n (D
LP) s
tops
dat
a br
each
es a
nd le
ts
your
use
rs s
ecur
ely
acce
ss, s
hare
, sto
re a
nd re
cove
r dat
a.
Soph
os M
iddl
e Ea
st |
Offi
ce 2
05-E
IB 5
| Al
pha
Build
ing
| PO
Box
500
469
| Dub
ai In
tern
et C
ity |
Duba
i | U
AEEm
ail:
sale
smea
@so
phos
.com
| Te
l: +9
71 4
375
4332
| www.sophos.com
soph
os-c
ompl
ete-
secu
rity-
ad-u
k_A5
.indd
124
.08.
2012
13:
35:5
6
