Embed Size (px)
Citation preview
© 2017 Aetna Inc.
Strategy and Tactics for Securing Mobile Devices in Financial Organizations
© 2017 Aetna Inc.
Quick Housekeeping
•There will be time for Q&A at the end•Ask questions using the GTW chat pane•The webinar is being recorded•All attendees will receive a copy of the slides/recording
Join the discussion #MobileThreatDefense
© 2017 Aetna Inc.
Meet Your Speaker
Brian HeemsothDirector of Software & Mobile Security
Aetna
© 2017 Aetna Inc.
Mobile Threat Landscape
?Phys
ical
Mal
war
e
Vuln
erab
ilitie
s
Net
wor
k
© 2017 Aetna Inc.
Physical ThreatsAddressed by MDM, MAM & Containerization Platforms
Phys
ical
Mal
war
e
Vuln
erab
ilitie
s
Net
wor
k
© 2017 Aetna Inc.
MalwareGot 200+ devices? You probably have malware!
Phys
ical
Mal
war
e
Vuln
erab
ilitie
s
Net
wor
k
iOS MalwarePegasus | Malicious Profiles | AceDeceiver | YiSpecter | XcodeGhost
Android MalwareQuadrooter | Stagefright | Hummingbad | Accessibility Clickjacking
Targeted MalwareExaspy, Ransomware, Repackaged Apps
Annoying MalwareAdware
1 in 5 of your devices allow installation from third-party app stores
Third-party stores are
72xmore likely to
deliver malware
Malware as a Percentage of Downloaded Apps
Google Play Store
Samsung
Amazon
Aptoid
0.06% (1 in 1600 apps)
0.11% (1 in 900 apps)
0.77% (1 in 130 apps)
4.41% (1 in 23 apps)
© 2017 Aetna Inc.
MalwareGot 200+ devices? You probably have malware!
Phys
ical
Mal
war
e
Vuln
erab
ilitie
s
Net
wor
kMan in the Middle
WifigatePineapplearpspoofdnsspoof
SSL stripping
SSL decryption
Content manipulation
92%of users click on
“Continue”compromising their
Exchange identity (username and password)
Source: Skycure Threat Intelligence
32.5 PERCENTof executive deviceswere exposed to network attackwithin a quarter
© 2017 Aetna Inc.
VulnerabilitiesOrganized & directed effort from hackers
Phys
ical
Mal
war
e
Vuln
erab
ilitie
s
Net
wor
kdo not have latest OS version installed
33% of Devices with Stored Sensitive Info
Do you know which of your devices are upgradable? - Without relying on Apple or Google? - How much risk can be averted by simply updating?
??
?
© 2017 Aetna Inc.
Pain Points in Regulated Industries• Data accessed outside corporate firewalls
− Greater use of mobile devices− Flexible working hours and locations
• Accessing regulated data on unmanaged devices
− Agents/Doctors manage their own devices− Better access to customer data means better
service in the field
• New regulations
NEWS ITEM:
New York State Imposes New Cybersecurity
Regulation for Financial Services
New requirements:1. Employ a CISO2. Annual reports
© 2017 Aetna Inc.
Customer Data at Risk
Source: Skycure Source: Skycure
1 in 5 organizations suffered a mobile security breach
8% of all healthcare breaches came from mobile devices
16% of all financial breaches came from mobile devices
© 2017 Aetna Inc.
Mobility @ Aetna• Approximately 10k mobile devices
− 60% BYOD; 40% corporate-owned/managed− Phones, tablets, iPods
• Use cases:− Mobile productivity (email, calendar)− Chat/collaboration− Enterprise managed third-party applications− Internally developed employee applications
• Established MDM & MAM Platforms
© 2017 Aetna Inc.
Aetna: Key Risk Factors
Compromise of data in
containerized applications by
“screen scraping” iOS/Android
malware
Compromised Aetna
Credentials & Data
(malicious networks)
Malware on BYOD & Corporate
Devices
Unpatched OS Vulnerabilities
Device Currency
Pegasus
AceDeceiver
SVPENG
© 2017 Aetna Inc.
Aetna’s Solution• Implemented Skycure Mobile Threat Platform • Deployed to all BYOD & Corporate Devices• Mandated compliance dates• Integrated monitoring into Security Operations Center• Phase 2: Integration into MDM platforms to allow for
proactive management of access to Aetna resources from impacted devices (in progress)
Title of Presentation DD/MM/YYYY© 2017 Skycure Inc. 14
9,314 Devices
53,612,964 Network Tests Performed
523,143 Access Points53,458 Networks
9,724 Active Users
4,097,982 Apps Scanned
Title of Presentation DD/MM/YYYY© 2017 Skycure Inc. 15
24 High criticality malware infectionsmitigated
460 Instances of credentials/data protected on high risk networks
701 Total malware infections mitigated
23.97 High risk vulnerabilities addressedper-device
© 2017 Aetna Inc.
Risk Visibility
The Foundation to addressing risk is having Visibility
Source: Screenshots from the Skycure platform at Aetna
© 2017 Aetna Inc.
Malware Security 3,365,558 Android Apps Scanned
Source: Screenshots from the Skycure platform at Aetna
Installed from unknown third party application store
Since implementation 14 critical severity malicious Android applications have been identified.
Unauthorized system setting modification, process manipulation, audio recording
© 2017 Aetna Inc.
Network Security
30,105,599Networks Tests Performed on
34,918Networks, Accessed From
319,338Access Points
3,607 devices connected to a network which posed a threat (6.4% of the networks). These network threats include secure traffic description, content manipulation, suspicious/fake hotspots, and unknown threats (suspicious network behavior).
Skycure automatically opens a VPN and adds another layer of encryption when applicable.
Source: Screenshots from the Skycure platform at Aetna
61%
39%
39% of Aetna’s devices were exposed to network threats
32685
2233
Safe NetworksThreatning Networks
September 2, 20163,607 of 9,304 devices were exposed (39%)
© 2017 Aetna Inc.
Network Incidents Map
The above map shows the distribution of tests that concluded with network threats according to the geolocation associated with the network.
Source: Skycure
© 2017 Aetna Inc.
Vulnerabilities
1,941 devices are running an operating system with high risk. We use CVSS - open standard for scoring vulnerabilities. You can see the reasoning for each of those in the system.
Most of Aetna’s devices are iOS, which is usually better when it comes to security updates. However, we still see many of them running OS versions with major known vulnerabilities
Source: Screenshots from the Skycure platform at Aetna
© 2017 Aetna Inc.
Total & Overall Risk Trends
While we are managing to maintain less than 10 devices at risk at any given time, we are also constantly improving the overall risk by
decreasing the total number of medium risk devices. In the following graph you can see that decrease (Medium-risk devices are
marked with Orange).
We constantly collect device risk and at the peak time (April 3rd) we had 9 devices at high risk – Currently we have 0 devices with
high risk, as we are constantly addressing these.
Source: Screenshots from the Skycure platform at Aetna
Skycure Overview
© 2017 Aetna Inc.
New York Life Testimonial
Steve JohnsonHead of Data Protection & Cybersecurity ServicesEnterprise Technology Group
"Our people need access to data and other corporate resources on mobile devices, but we are mindful of the need
to protect our systems, especially regulated data," said Johnson.
"Our agents can securely access a client’s information before a meeting, which allows them to make smarter policy recommendations,"
Johnson explained.
© 2017 Aetna Inc.
Skycure Mobile Threat Defense
• Always ON protection
• Whole device, all vectors
• No “Sideloading”
Seamlessexperience
Privacy
Minimalfootprint
• Advanced security• Risk-based mgmnt• Automation and
integration
Security
Visibility
IT Satisfaction
PUBLIC APP
CLOUDSERVER
• Crowd-sourced• Threat aggregation
from third parties• Skycure research
1 Million+ Global Threats Identified
https://maps.skycure.com
THREATINTELLIGENCE
© 2017 Aetna Inc.
Skycure – High Level Overview
Leading Product & ResearchCustomers
#1 Mobile Threat Defense SolutionStrategic Partners
CONSUMER GOODS RETAILMANUFACTURING TECHNOLOGY
FORTUNE 50 PHARMACEUTICAL
COMPANY
250+TV channelsFORTUNE 100 HEALTHCARE
COMPANY
FORTUNE 500 FINANCIAL SERVICES
COMPANIES
© 2017 Aetna Inc.
Q & A
