Managing security threats in today’s enterprise
Download as PPTX, PDF•0 likes•824 views
The document discusses the growing threats to cybersecurity in enterprises, particularly the rise of advanced persistent threats (APTs) which target organizations by circumventing their defenses. It highlights the challenges faced by small and medium-sized businesses (SMBs) in implementing effective security measures due to resource constraints and emphasizes the necessity for comprehensive security strategies and awareness. Solutions include leveraging managed service providers and security information and event management (SIEM) systems to enhance threat detection and prioritization.
Managing security threats in today’s enterprise
- 1. Managing Security Threats in Today’s Enterprise
- 2. Agenda 1) Today’s enterprise scenario 2) Rise of Advanced Persistent Threats & Other Risks 3) Triangle of Use.x 4) User Awareness 5) One single point of observation 6) Security appliances have to work out-of-the-box 7) Q&A
- 3. • Consistent growth in number of malwares & cyber crime incidents • No Platform/OS is 100% immune from threat • Exponential growth of highly sophisticated and advanced global cyber criminals’ community • Sophisticated cyber crooks want your intellectual property, confidential information, financial data, trade secrets etc. • Attacks are more persistent, pervasive, and in some cases more targeted than ever before…! Today’s enterprise Scenario
- 4. Rise of Advanced Persistent Threats & Other Risks Advanced Persistent Threats (APTs) are targeted cyber-attacks designed to dodge an organization’s technical countermeasures. APTs are specifically designed to bypass firewalls, intrusion detection systems, and anti- malware programs. Source: PWC 3.4 million 9.4 million 22.7 million 24.9 million 28.9 million 42.8 million 2009 2010 2011 2012 2013 2014 Total number of Security Incidents to grow 66% CAGR
- 5. Page 4 Cloud External factors to consider Big Data Mobility Security and Risk 738 25% 7.22 60% Number of cloud services that a company uses on average. By 2016, 25% of global firms will adopt big data analytics for security and fraud detection. Number of mobile devices around the world today in BILLIONS. By 2020, 60% of enterprise security budgets will be allocated for rapid detection and response strategies.
- 6. Attacks in News!! • NSA implants software into 100,000 computers • This allows them to reach non-connected machines through supply chain attack vectors • NSA calls this ‘active defense’
- 7. SECURITY (INCREASES) FUNCTIONALITY(DECREASES) EASE OF USE(DECREASES) Triangle of Use
- 8. How it is done?
- 9. Today’s SMB & Enterprise Challenges • Security Information and Event Management (SIEM) is an essential cyber security technology. • SMBs face the same cyber threats as their enterprise counterparts; however, SMBs cannot typically apply the same security professional resources to the issue. • While SIEM platforms are built to scale up, the challenges to scale down an enterprise-scale SIEM for SMB are challenging and costly.
- 10. Lack of dedicated Network Security Professional • In the vast majority of SMB, network security is treated as a subset of IT. • Demand for cybersecurity tools and resources has doubled since 2014, but a lack of skills and dedicated resources are the main obstacles to implementing them • In SMB Security function are managed by lower IT Admin staff & Due to Lack of training & knowledge its unable to understand the network security requirement. • Budgets allocated for IT security are one of the big challenges . Solution:- • We analyzed all the network setup & extended awareness of security in general. • Identified policy and compliance issues originating from networks.
- 11. One single point of observation In most of SMB Assuming that the IT Director could purchase several cyber security tools, Managing & Monitor the all the security incident at single console is challenge. Detecting threat & prioritizing it is a big challenge Solution Provides real-time visibility for threat detection and prioritization, delivering surveillance throughout the entire IT infrastructure. Produces detailed data access and user activity reports to help manage compliance. Managed Service Providers helps deliver cost-effective security intelligence using a single console that supports multiple sites & customer.
- 12. Advanced Most of the targeted attacks have the ability to evade detection and the capability to gain and maintain access to well protected networks and sensitive information. Written by highly technical and motivated group of malware writers. Persistent Uses advanced root-kit /stealth technologies to be persistent in nature, very difficult to sense the presence. Threat Everything is at risk…! Most Infamous APTs: Stuxnet, Ghostnet, Duqu, Flame, Shamoon, Wiper APT: Not just another malware category!
- 13. Important factors behind successful Targeted Attack Technology Factor: • Bypassing Traditional Security with limited capabilities • Software Design/Architecture Flaws: Vulnerable Systems • Outdated/Unpatched Operating Systems OR Outdated Antivirus Human Factor: • Highly sophisticated and extremely organized cyber criminals • Unaware/Irresponsible Insider • Application developers not following Secure SDLC • IT Admin Team’s Incompetence: Inefficient Configuration Important Factors: Technology & Human
- 14. Security appliances have to work out-of-the-box SMB don’t have dedicated personnel that can write rules for incident detection, create inputs for compliance reporting, and write scripts to connect platforms via application program interfaces (API). In this case the IT Admin is constrained by time and practical network security expertise. Solution • Collect, retain, search, alert and report on logs throughout your infrastructure • Providing compliance focused analysts and auditors • Automated mechanisms and advanced correlation • Pre-Built Compliance Reports as per Industry Standard
- 15. • Design good security strategy: Understand the threat landscape relevant to your computing environment and have good security strategy and policies with periodic auditing and revision • Develop efficient security Infrastructure: Your Infrastructure’s ability to rapidly discover the presence of the threat and respond to it,will help you to mitigate advanced and targeted threats • Observe and track every smallest activity to sense any anomaly: Early Discovery-> Early Reaction ->Lesser the Impact • Security in the culture: Security education, awareness and common sense will play crucial role DDOS: Mantra for best enterprise security
- 16. Write to us at: [email protected] Follow us on: Facebook: www.facebook.com/seqrite Twitter: www.twitter.com/seqrite Google Plus: http://bit.ly/SeqriteGooglePlus LinkedIn: https://www.linkedin.com/company/seqrite YouTube: http://bit.ly/SeqriteYouTube Visit us: Website: www.seqrite.com Share your feedback with us
- 17. THANK YOU.