Pgatss slide deck june 7, 2018
•Transferir como PPTX, PDF•
0 gostou•36 visualizações
This document discusses cybersecurity threats and strategies for protection. It begins with definitions of internal and external environments, then lists common threat vectors like email links, wireless access, and human error. The document advocates using a combination of security technologies like machine learning, sandboxing, encryption, and more. Examples are given of quick attacks on an exposed "cloud" and the need for around-the-clock protection of data. The conclusion emphasizes performing risk assessments and having a plan to address potential vulnerabilities across the network.
Recomendados
Recomendados
Mais conteúdo relacionado
Mais procurados
Mais procurados (20)
Semelhante a Pgatss slide deck june 7, 2018
Semelhante a Pgatss slide deck june 7, 2018 (20)
Mais de Greg Wartes, MCP
Mais de Greg Wartes, MCP (7)
Último
Último (20)
Pgatss slide deck june 7, 2018
- 1. 1©2018 Check Point Software Technologies Ltd.©2018 Check Point Software Technologies Ltd. Drive, Chip and ‘Down the Line’ with Cyber Security: 6.21.18
- 2. 2©2018 Check Point Software Technologies Ltd. Greg Wartes – GA Account Manager – Check Point Software Technologies • Husband | Father of 3 • Microsoft Certified Professional • Aspiring Writer • Former Golf Professional • Texas Longhorn Fanatical Fan Magazine WHITE PAPERS CASE STUDIES Published In: gwartes@checkpoint.com
- 3. 3©2018 Check Point Software Technologies Ltd. Definitions Matter:
- 4. 4©2018 Check Point Software Technologies Ltd. Definitions Matter: Someone Else’s environment/hardware
- 5. 5©2018 Check Point Software Technologies Ltd.
- 6. 6©2018 Check Point Software Technologies Ltd. Did You Know? 1. In 2016 over 50% of SMB’s were breached 2. 60% of SMB’s fold within 6 mos. of a Cyber Attack. 3. Does anyone here know a business that has been attacked? (not in the headlines) 4. There are over 1,000 threat vectors available as entry points: 1. Web – fake sites, etc. 2. Session hijacking (remote/support sessions) 3. Wireless – multiple platforms 4. Email – links, attachments, etc. 5. Mobility – cellular, tablets, laptops 6. Social – multiple platforms, etc. 7. Social Engineering 8. Malware 9. USB 10. Human Element – stolen identity
- 7. 7©2018 Check Point Software Technologies Ltd. Definitions Matter:
- 8. 8©2018 Check Point Software Technologies Ltd. Definitions Matter:
- 9. 9©2018 Check Point Software Technologies Ltd. “Best” of Breed Approach…..
- 10. 10©2018 Check Point Software Technologies Ltd.
- 11. 11©2018 Check Point Software Technologies Ltd.
- 12. 12©2018 Check Point Software Technologies Ltd.
- 13. 13©2018 Check Point Software Technologies Ltd. RENTAL CAR – YOUR CLOUD:
- 14. 14©2018 Check Point Software Technologies Ltd. What’s in Your “CAR?” YOUR
- 15. 15©2018 Check Point Software Technologies Ltd. What are you doing to protect your “CAR?”
- 16. 16©2018 Check Point Software Technologies Ltd. The Game Has Changed! Law No. 1: If There Is A Vulnerability, It Will Be Exploited Law No. 2: Everything Is Vulnerable In Some Way Law No. 3: Humans Trust Even When They Shouldn't Law No. 4: W/ Innovation Comes Opportunity For Exploitation Law No. 5: When In Doubt, See Law No. 1 : The Five Laws Of Cybersecurity
- 17. 17©2018 Check Point Software Technologies Ltd. OUR CLOUD ENVIRONMENT Internet
- 18. 18©2018 Check Point Software Technologies Ltd. WITHIN THE FIRST 15 MINUTES Houston we have a problem . . .
- 19. 19©2018 Check Point Software Technologies Ltd. AFTER 7 DAYS . . . Oh won’t you please be my neighbor . . . ~4 million attacks recorded!
- 20. 20©2018 Check Point Software Technologies Ltd. “In The Room”
- 21. 21©2018 Check Point Software Technologies Ltd.
- 22. 22©2018 Check Point Software Technologies Ltd.
- 23. 23©2018 Check Point Software Technologies Ltd. Look at YOUR Organization/Data/ Differently:
- 24. 24©2018 Check Point Software Technologies Ltd. What are you doing to protect your “CAR?”
- 25. 25©2018 Check Point Software Technologies Ltd. YOU Still have responsibility
- 26. 26©2018 Check Point Software Technologies Ltd. Protect YOUR CLOUD – YOUR DATA
- 27. 27©2018 Check Point Software Technologies Ltd.
- 28. 28©2018 Check Point Software Technologies Ltd. Time
- 29. 29©2018 Check Point Software Technologies Ltd. You Need a Small Army of Security Technologies Machine Learning CPU-Level Sandboxing
- 30. 30©2018 Check Point Software Technologies Ltd. 30©2018 Check Point Software Technologies Ltd. THIS WORKS ! YOU CAN MAKE IT POSSIBLE [Internal Use] for Check Point employees Machine Learning CPU-Level Sandboxing Threat Extraction Virtual Firewall Endpoint Detection & Response Human Behavioral Analytics Data Encryption Data Leak Prevention Anti-Bot Flash Detonation URL Filtering Firewall ICS/ SCADA Protection Machine Learning Proxy Network Encryption Anti- Ransomware Zero Phishing Mobile Threat Prevention CPU-Level Sandboxing HTTPS Inspection Intrusion Prevention Anti-Virus DDOS Hypervisor Level Security Application Control THE CYBER SECURITY ARCHITECTURE OF THE FUTURE
- 31. 31©2018 Check Point Software Technologies Ltd. 31©2018 Check Point Software Technologies Ltd. WHAT INGREDIENTS DO WE NEED ?
- 32. 32©2018 Check Point Software Technologies Ltd. 32©2018 Check Point Software Technologies Ltd. MAKING GEN V POSSIBLE SS7 ATTACK PREVENTION LARGE SCALE MANAGEMENT MOBILE MAN IN THE MIDDLE ATTACK MEMORY ANALYSIS PUBLIC-CLOUD AUTOPROVISION THREAT EXTRACTION NETWORK ENCRYPTION REST APIs ORCHESTRATION CPU LEVEL SANDBOX ADAPTIVE CLOUD SECURITY CLOUD SECURITY AUTO-SCALE
- 33. 33©2018 Check Point Software Technologies Ltd. Thank you.
- 34. 34©2018 Check Point Software Technologies Ltd.©2018 Check Point Software Technologies Ltd. Don’t be caught unprepared. Uncover potential risks on your enterprise network.
Notas do Editor
- Anyone know who this is? Seth Godin – Creator of Google Marketing, Author of NYT Best Sellers, Bizzillionare – in many of his books – he talks about the importance of definitions in business/business meetings – getting everyone on the same page…..I have adopted that methodology and would like to start there – what is the cloud?
- We can all agree that there are a wide variety of types of cloud computing: private, public, hybrid, community, etc…But are they all secure/safe by default? Does the provider hold responsibility for keeping your data safe? What makes me laugh is when people complain about the cloud when they are utililsing a FREE service…..E-Mail is the biggest one….
- The cloud has become part of our every day lives – there really isn’t a way of getting around it. You can no longer buy a CD for software, it’s delivered to you via the cloud. The 800lb. Gorrila/the mother ship/Microsoft now has included ways to save your work to the cloud as a default location. You can utilize google photos to save space on your i-phone…..for free!
- Let’s address the elephant in the room….Atlanta
- We can all agree that there are a wide variety of types of cloud computing: private, public, hybrid, community, etc…But are they all secure/safe by default? Does the provider hold responsibility for keeping your data safe? What makes me laugh is when people complain about the cloud when they are utililsing a FREE service…..E-Mail is the biggest one….
- We can all agree that there are a wide variety of types of cloud computing: private, public, hybrid, community, etc…But are they all secure/safe by default? Does the provider hold responsibility for keeping your data safe? What makes me laugh is when people complain about the cloud when they are utililsing a FREE service…..E-Mail is the biggest one….
- If you are not looking at your data differently – criminals are, and they will find the exploits/weak-spots…it’s only a matter of time.
- The game of I.T. Security has changed…..it’s no longer block and tackle.
- Who here has rented a car recently? What is the 1st thing you do…..after signing paperwork? You walk around the car with the rep, check for dents/dings, check gas level, make sure is has 4 tires, etc. They don’t check the engine with you, they don’t check the electronics, the power windows, etc. They give you a car that drives……that’s it, and you’re off.
- What do you travel with? What do you put in your car? Would you leave this in a “bad” part of town with the windows down and the doors unlocked? So why are you leaving your cloud in the bad part of town with doors unlocked and windows down?
- What are you able to put around your car? Lock the doors? Hire someone (MSP – Staff) to watch it? Put a fence around it (Technology?) Spot lights to ensure you can see it at all times (technology?)
- So, we built a cloud environment from a popular cloud service provider (CSP), deployed a server instance in our new cloud environment, and using all the native tools that were available through the CSP, connected our new “cloud service” to the Internet. In addition, for added assurance, we also deployed a Honeypot in front of our new cloud service just on the off-chance something were to slip past the native controls . . . we connected our service through our Honeypot and sat back and watched what happened . . . And almost immediately we found some “interesting” results . . .
- 149 attacks identified by our HoneyPot Ninety two (92) ssh/telnet attacks One (1) scripting attack Seven (7) attacks targeting TCP/UDP ports Forty nine (49) network based According to Distil Networks: “Bad bots made up 20% of all web traffic and are everywhere, at all times—they don’t take breaks and they don’t sleep. Even though bad bots are on all sites, larger sites were hit the hardest in 2016. Bad bots accounted for 21.83% of large website web traffic, which saw an increase of 36.43% since 2015.” Also, “Data centers were the weapon of choice for bad bots with 60.1% coming from the cloud. Amazon AWS was the top originating ISP for the third year in a row with 16.37% of all bad bot traffic—four times more than the next ISP (OVH SAS).” The challenge – these bot armies are programmed to After 7 days: 3.97 Million ssh/telnet based attempts + malware uploaded to the cloud 826 attack attemps detected by Dionaea 9 attack attempts detected by the elastic pot search engine 98 attempts detected by the web application honeypot glastopf and almost 4900 attacks detected by Honeytrap It‘s clear we have a problem – native controls aren‘t enough . . . How do cloud providers deal with this?
- It is worth noting that these figures do not contain any clean traffic. Since there are no real services behind our honeypot, everything we saw and captured were attempts to compromise our environment. In total, we witnessed: 3.97 Million ssh/telnet based attempts + malware uploaded to the cloud 826 attack attemps detected by Dionaea 9 attack attempts detected by the elastic pot search engine 98 attempts detected by the web application honeypot glastopf and almost 4900 attacks detected by Honeytrap Our test simulated a typical cloud environment, thus this is what customers are likely to see in a similar span of time – especially if they just utilize the native ACL filters available through their cloud provider. We can clearly see that cloud assets are vulnerable to the same types of attacks targeting our premises-based networks, but the key difference is that on-prem we deploy advanced security protections to safeguard our assets; we need to start doing the same thing in the cloud.
- Let’s address the elephant in the room….Atlanta
- Let’s start with the elephant in the room – the city of ATL was recently hacked – Ransomware. Orbits was also hacked with almost a million customer records leaked. This sort of stuff happens every day – it’s just the ones that carry a large recognizable logo that make the headlines – this happens even more often in the Mid-sized market place, but they don’t report it because they aren’t household names.
- Let’s start with the elephant in the room – the city of ATL was recently hacked – Ransomware. Orbits was also hacked with almost a million customer records leaked. This sort of stuff happens every day – it’s just the ones that carry a large recognizable logo that make the headlines – this happens even more often in the Mid-sized market place, but they don’t report it because they aren’t household names.
- It’s time to look at your organization differently – someone else already is!
- What are you able to put around your car? Lock the doors? Hire someone (MSP – Staff) to watch it? Put a fence around it (Technology?) Spot lights to ensure you can see it at all times (technology?)
- You have the responsibility to protect that car/cloud – it’s in good share when it was given to you – but the provider’s responsibility do in fact end there – they’ve give you the keys, now you have to manage it, protect it, ensure it stays safe…..So how do you do that?
- This is the extra security and responsibility that falls on you. Now I know what you are thinking….that is a lot of technology packed into one offering; and you are right. The next question is more than likely – how much time will it take to not only deploy, but to manage…..? Well, let’s stick with the brick and mortar/layers and icing mind set….
- Anyone know who this is? Buddy Valastro or The “Cake Boss.” He uses tools in his trade to speed up his production – here he is using a an icing bag to assist in icing a cake. If you’ve seen his show before, he can do this EXTREMELY fast.