Security @WorkMathan Kasilingam, CISSP

Principal Solution Architect

2

Four Key Trends

Internet Security Threat Report, Vol. 17

Malware Attacks81% ↑

Targeted Attacks Expand

Mobile Threats

Expose All

Data Breaches on Rise

3

Security never sleeps

Threat & Risk Visibility

Information Protection

Identity Protection

Systems Management

Infrastructure Protection

Security Intelligence

Reconn

Incursion

Discovery

Capture

Exfiltrate

4

Portrait of a Cyber-Crime

Smith Inc Small company – BIG ideas

5

Attack #1: Port Scan

6

Attack methodology: Company target identified

The target Company

The Hacker – individual, organisation or Government

7

Port Scan – probe for vulnerabilities

Look for an entry

Weak points

Defence alignments

System vulnerabilities

Open doors

8

No entry

Security Incident & Event Management

Threat & Risk Visibility

Information Protection

Identity Protection

Systems Management

Infrastructure Protection

Security Intelligence

Reconn

Incursion

Discovery

Capture

Exfiltrate

9

Attack #2: Social Engineering

10

Company employee target identified

Simon: The target employee

11

Social Engineering

Simon: The target employee

Facebookprofile

Home address

Workinghours

Mobile Devices

Passwords

12

Tracking the target

13

Capturing the device

14

No entry

Device Encryption Technology

Threat & Risk Visibility

Information Protection

Identity Protection

Systems Management

Infrastructure Protection

Security Intelligence

Reconn

Incursion

Discovery

Capture

Exfiltrate

15

Attack #3: Spear Phishing

16

Desktop targeted via Malicious email

17

Even if Desktop Protection fails

18

DLP (Data Loss Prevention) can prevent the data from leaving the network

19

No entry

Data Loss Prevention

Threat & Risk Visibility

Information Protection

Identity Protection

Systems Management

Infrastructure Protection

Security Intelligence

Reconn

Incursion

Discovery

Capture

Exfiltrate

20

Attack #4: Buffer Overflow Attack

21

Buffer Overflow Attack

22

Detecting system vulnerabilities and apply patches

Identify areas of concern

23

No entry

Automated Compliance Management SolutionCritical System Protection (Host FW / IPS / Sys

Baseline)

Threat & Risk Visibility

Information Protection

Identity Protection

Systems Management

Infrastructure Protection

Security Intelligence

Reconn

Incursion

Discovery

Capture

Exfiltrate

24

Attack #5: Password Hacking Attack

25

Advanced Persistent Threat

Simon’s mumMrs LeeL E E

26

No entry

Identity & Access Management Solution

Threat & Risk Visibility

Information Protection

Identity Protection

Systems Management

Infrastructure Protection

Security Intelligence

Reconn

Incursion

Discovery

Capture

Exfiltrate

27

Attack #6: Attacking mobile devices

28

Anti theft – Mobility solutions (Device Management Solution)

29

No entry

Mobile Device Security

Threat & Risk Visibility

Information Protection

Identity Protection

Systems Management

Infrastructure Protection

Security Intelligence

Reconn

Incursion

Discovery

Capture

Exfiltrate

30

Defence against threats

Multiple layers of Security

31

Complete Protection

Security Incident & Event Management

Encryption Technology

Data Loss Prevention

Automated Compliance Management

Critical System Protection

Identity & Access Management

Mobile Device Security

32

Where should you go from here

33

Symantec’s Information-Centric Approach

INFORMATION

Intelligence

Governance

InfrastructureStoreManageDedupeProtectRecover

DiscoverClassifyOwnershipAssess

RemediateCompliance

IdentifyAuthenticatePolicy RISK

COST VALUE

MobileVirtualisation

Cloud

Physical

34

Stay Informed - Internet Security Threat Report

www.symantec.com/threatreport

Security Response Website

Twitter.com/threatintel

Stay Informed

Internet Security Threat Report, Vol. 17

www.symantec.com/threatreport

Security Response Website

Twitter.com/threatintel

35

Copyright © 2012 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.

36

Thank You