SlideShare a Scribd company logo
1 of 21
Download to read offline
8 Threats your antivirus won’t stop
Outline

       Current threat landscape

       8 threats AV won’t stop

       Wrap up




2
Changing threat landscape
    What’s causing you pain




                                Threats            Data
                               changing,       everywhere, r
                                  still         egulations
                              increasing         growing


                                          Users
                                       everywhere,
                                          using
                                        everything




3
How data is lost
    Source: DatalossDB.org




                             Devices     Hacked


                             Web/Virus   Documents


                             Fraud




4
Anatomy of an attack
                       A hijacked website or an
 Entry point           unwanted email with a
                       malicious link


                       Initial malware redirects
  Malware              based on what it’s working
 Distribution          with
                       (Windows/Mac, IE/Safari, e
                       tc.)

                       Exploit pack attempts to
   Exploit             leverage a number of
vulnerabilities        vulnerabilities in apps &
                       plugins


                       Download of a malicous
                       payload to log keys, steal
  Infection            data, or convert the system
                       into a botnet


                       Malware calls home with
  Execution            sensitive data
Outline

       Current threat landscape

       8 threats AV won’t stop

       Wrap up




6
Evolution of AV

      Signature                 Signature                Endpoint                 Complete
         AV                     AV + HIPS                Security                 Security

• Signature based         • Signature based         • Signature based         • Endpoint Protection
  anti-virus protection     anti-virus protection     anti-virus protection   • Web Protection
                          • HIPS (Host              • HIPS (Host              • Email Protection
                            Intrusion Prevention      Intrusion Prevention
                            System)                   System)                 • Network Protection
                                                    • Behavioral analysis     • Data Protection
                                                    • Client firewall         • Mobile Protection
                                                    • Application control
                                                    • Device control
8 threats AV won’t stop
    Human error:
    1. Misdirected email
    2. Infected USB device
    Facts of life:
    3. Working offsite
    4. Working on the web
    IT issues:
    5. Unpatched PC’s
    6. Uncontrolled apps
    Malicious intent:
    7. Stolen Laptops
    8. Zero-day threat


8
1. Misdirected email
    If it hasn’t happened to you, it will




                                            Data Control




                                               Email
                                             encryption




9
2. The infected USB device
     75% fail the lollipop test




             Device Control




              Data Control




               Encryption

10
3. Working offsite & 4. on the web
     Today’s primary source of FakeAV




                                        URL Filtering




                                        Endpoint Web
                                         Protection




11
5. Unpatched & 6. Uncontrolled apps
     Is your company data circulating on Bit-Torrent?




                                                        Application
                                                         Control




                                                          Patch
                                                        Management




12
7. Stolen laptops
     It’s only a matter of time




                                   Full Disk
                                  Encryption




                                    Email
                                  encryption




                                  Encryption
                                   for cloud
13
8. The zero-day threat
     Exploiting unknown vulnerabilities




          Anti-malware with
         behavioural analysis




             Intrusion
             prevention




           Live Protection


14
Outline

         Current threat landscape

         8 threats AV won’t stop

         Wrap up




15
Evolution of AV

      Signature                 Signature                Endpoint                 Complete
         AV                     AV + HIPS                Security                 Security

• Signature based         • Signature based         • Signature based         • Endpoint Protection
  anti-virus protection     anti-virus protection     anti-virus protection   • Web Protection
                          • HIPS (Host              • HIPS (Host              • Email Protection
                            Intrusion Prevention      Intrusion Prevention
                            System)                   System)                 • Network Protection
                                                    • Behavioral analysis     • Data Protection
                                                    • Client firewall         • Mobile Protection
                                                    • Application control
                                                    • Device control
Layered Protection   Complete Security at Work

                                    Reduce attack
 Entry point




                                                     Protect everywhere
                      Anti-spam     surface


                         URL
                       Filtering
  Malware
 Distribution                        Stop attacks
                        Live         and breaches
                     Protection




   Exploit           Application
                                       Intrusion
                      Control
vulnerabilities                        prevention




                                                     Keep people working
                       Patch
                      Manager         Anti-malware



  Infection
                                          Live
                                       Protection
                     Data Control




                                        Firewall
  Execution          Encryption
8 Questions to ask your vendor…
     1.   How do we stop sensitive data from falling into the wrong hands?
     2.   How can we ensure staff is not leaking data out of our organization?
     3.   How can we prevent users from infecting themselves with USB sticks?
     4.   How do you protect offsite users from malicious websites?
     5.   How can we control applications such as VoIP, IM, P2P or games?
     6.   How can you help ensure systems are patched and up to date?
     7.   How does your solution help protect us from new and unknown threats?
     8.   How often do you publish new threat intelligence and how do we get it?




18
Complete security
Better protection, better efficiency, and better value




      Endpoint                      Web                      Email                 Data                         Mobile                 Network


Reduce attack surface                     Protect everywhere                Stop attacks and breaches                    Keep people working




 URL Filtering    Web Application         Endpoint Web     Encryption           Data Control   Access control            Automation     WiFi security
                     Firewall              Protection       for cloud



   Anti-spam      Patch Manager           Mobile Control   Virtualization       Anti-malware   User education             Visibility   Local self-help




                    Application                             Mobile app                                                    Clean up        Technical
 Device Control                           Secure branch                          Intrusion        Firewall
                     Control                                 security                                                                      support
                                             offices                             prevention




   Encryption        Tamper                  Free                                  Email       Live Protection                              Small
                    protection             Home use            VPN                                                       Performance       updates
                                                                                 encryption
Complete security
Better protection, better efficiency, and better value
Staying ahead of the curve
Staying ahead of the curve
                                         US and Canada
      facebook.com/securitybysophos     1-866-866-2802
                                      NASales@sophos.com

      Sophos on Google+


                                       UK and Worldwide
      linkedin.com/company/sophos
                                        + 44 1235 55 9933
                                       Sales@sophos.com

      twitter.com/Sophos_News


      nakedsecurity.sophos.com


                                                    21

More Related Content

What's hot

Endpoint Protection
Endpoint ProtectionEndpoint Protection
Endpoint ProtectionSophos
 
Consider Sophos - Security Made Simple
Consider Sophos - Security Made SimpleConsider Sophos - Security Made Simple
Consider Sophos - Security Made SimpleDavid Fuchs
 
4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint SettingsSophos
 
Endpoint Security Evasion
Endpoint Security EvasionEndpoint Security Evasion
Endpoint Security EvasionInvincea, Inc.
 
What's cooking at Sophos - an introduction to Synchronized Security
What's cooking at Sophos - an introduction to Synchronized SecurityWhat's cooking at Sophos - an introduction to Synchronized Security
What's cooking at Sophos - an introduction to Synchronized SecuritySophos Benelux
 
2013 Security Threat Report Presentation
2013 Security Threat Report Presentation2013 Security Threat Report Presentation
2013 Security Threat Report PresentationSophos
 
Sophos Complete Security
Sophos Complete SecuritySophos Complete Security
Sophos Complete SecurityCTI Group
 
Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014Sophos Benelux
 
The next generation of IT security
The next generation of IT securityThe next generation of IT security
The next generation of IT securitySophos Benelux
 
Sophos Next-Generation Enduser Protection
Sophos Next-Generation Enduser ProtectionSophos Next-Generation Enduser Protection
Sophos Next-Generation Enduser ProtectionGiovanni Giovannelli
 
White Paper: Defense In Breadth
White Paper: Defense In BreadthWhite Paper: Defense In Breadth
White Paper: Defense In BreadthCourtland Smith
 
Wireless Networking
Wireless NetworkingWireless Networking
Wireless NetworkingGulshanAra14
 
Navigating the Zero Trust Journey for Today's Everywhere Workplace
Navigating the Zero Trust Journey for Today's Everywhere WorkplaceNavigating the Zero Trust Journey for Today's Everywhere Workplace
Navigating the Zero Trust Journey for Today's Everywhere WorkplaceIvanti
 
Introduction - Trend Micro Deep Security
Introduction - Trend Micro Deep SecurityIntroduction - Trend Micro Deep Security
Introduction - Trend Micro Deep SecurityAndrew Wong
 
Importance of Using Firewall for Threat Protection
Importance of Using Firewall for Threat ProtectionImportance of Using Firewall for Threat Protection
Importance of Using Firewall for Threat ProtectionHTS Hosting
 

What's hot (20)

Endpoint Protection
Endpoint ProtectionEndpoint Protection
Endpoint Protection
 
Consider Sophos - Security Made Simple
Consider Sophos - Security Made SimpleConsider Sophos - Security Made Simple
Consider Sophos - Security Made Simple
 
4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings4 Steps to Optimal Endpoint Settings
4 Steps to Optimal Endpoint Settings
 
Endpoint Security Evasion
Endpoint Security EvasionEndpoint Security Evasion
Endpoint Security Evasion
 
What's cooking at Sophos - an introduction to Synchronized Security
What's cooking at Sophos - an introduction to Synchronized SecurityWhat's cooking at Sophos - an introduction to Synchronized Security
What's cooking at Sophos - an introduction to Synchronized Security
 
2013 Security Threat Report Presentation
2013 Security Threat Report Presentation2013 Security Threat Report Presentation
2013 Security Threat Report Presentation
 
XG Firewall
XG FirewallXG Firewall
XG Firewall
 
Sophos Complete Security
Sophos Complete SecuritySophos Complete Security
Sophos Complete Security
 
BYOD and Your Business
BYOD and Your BusinessBYOD and Your Business
BYOD and Your Business
 
Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014
 
The next generation of IT security
The next generation of IT securityThe next generation of IT security
The next generation of IT security
 
Sophos Next-Generation Enduser Protection
Sophos Next-Generation Enduser ProtectionSophos Next-Generation Enduser Protection
Sophos Next-Generation Enduser Protection
 
White Paper: Defense In Breadth
White Paper: Defense In BreadthWhite Paper: Defense In Breadth
White Paper: Defense In Breadth
 
Sophos Utm Presentation 2016
Sophos Utm Presentation 2016Sophos Utm Presentation 2016
Sophos Utm Presentation 2016
 
Cyber security
Cyber securityCyber security
Cyber security
 
Wireless Networking
Wireless NetworkingWireless Networking
Wireless Networking
 
MID_SIEM_Boubker_EN
MID_SIEM_Boubker_ENMID_SIEM_Boubker_EN
MID_SIEM_Boubker_EN
 
Navigating the Zero Trust Journey for Today's Everywhere Workplace
Navigating the Zero Trust Journey for Today's Everywhere WorkplaceNavigating the Zero Trust Journey for Today's Everywhere Workplace
Navigating the Zero Trust Journey for Today's Everywhere Workplace
 
Introduction - Trend Micro Deep Security
Introduction - Trend Micro Deep SecurityIntroduction - Trend Micro Deep Security
Introduction - Trend Micro Deep Security
 
Importance of Using Firewall for Threat Protection
Importance of Using Firewall for Threat ProtectionImportance of Using Firewall for Threat Protection
Importance of Using Firewall for Threat Protection
 

Similar to 8 Threats Your Anti-Virus Won't Stop

Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec
 
McAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesMcAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesIşınsu Akçetin
 
Defending Behind the Mobile Device
Defending Behind the Mobile DeviceDefending Behind the Mobile Device
Defending Behind the Mobile DeviceTyler Shields
 
F5's IP Intelligence Service
F5's IP Intelligence ServiceF5's IP Intelligence Service
F5's IP Intelligence ServiceF5 Networks
 
Real-Time Protection From Every Malware Infection
Real-Time Protection From Every Malware InfectionReal-Time Protection From Every Malware Infection
Real-Time Protection From Every Malware InfectionWebroot
 
RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012Symantec
 
The New Mobile Landscape - OWASP Ireland
The New Mobile Landscape - OWASP IrelandThe New Mobile Landscape - OWASP Ireland
The New Mobile Landscape - OWASP IrelandTyler Shields
 
F5 - BigIP ASM introduction
F5 - BigIP ASM introductionF5 - BigIP ASM introduction
F5 - BigIP ASM introductionJimmy Saigon
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Anindya Ghosh,
 
Cyber security-briefing-presentation
Cyber security-briefing-presentationCyber security-briefing-presentation
Cyber security-briefing-presentationsathiyamaha
 
Offensive malware usage and defense
Offensive malware usage and defenseOffensive malware usage and defense
Offensive malware usage and defenseChristiaan Beek
 
Complete Security with Sophos and Softchoice
Complete Security with Sophos and SoftchoiceComplete Security with Sophos and Softchoice
Complete Security with Sophos and SoftchoiceSoftchoice Corporation
 
Introduction to the advanced persistent threat and hactivism
Introduction to the advanced persistent threat and hactivismIntroduction to the advanced persistent threat and hactivism
Introduction to the advanced persistent threat and hactivismGlobal Micro Solutions
 
Spiceworld 2011 - AppRiver breakout session
Spiceworld 2011 - AppRiver breakout sessionSpiceworld 2011 - AppRiver breakout session
Spiceworld 2011 - AppRiver breakout sessionShane Rice
 
Weaponised Malware & APT Attacks: Protect Against Next-Generation Threats
Weaponised Malware & APT Attacks: Protect Against Next-Generation ThreatsWeaponised Malware & APT Attacks: Protect Against Next-Generation Threats
Weaponised Malware & APT Attacks: Protect Against Next-Generation ThreatsLumension
 
Vulnerability in Security Products
Vulnerability in Security ProductsVulnerability in Security Products
Vulnerability in Security ProductsDaveEdwards12
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS   ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...DSS   ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...Andris Soroka
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS   ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS   ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...Andris Soroka
 

Similar to 8 Threats Your Anti-Virus Won't Stop (20)

Symantec Endpoint Protection 12
Symantec Endpoint Protection 12Symantec Endpoint Protection 12
Symantec Endpoint Protection 12
 
McAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded DevicesMcAffee_Security and System Integrity in Embedded Devices
McAffee_Security and System Integrity in Embedded Devices
 
Defending Behind the Mobile Device
Defending Behind the Mobile DeviceDefending Behind the Mobile Device
Defending Behind the Mobile Device
 
F5's IP Intelligence Service
F5's IP Intelligence ServiceF5's IP Intelligence Service
F5's IP Intelligence Service
 
Real-Time Protection From Every Malware Infection
Real-Time Protection From Every Malware InfectionReal-Time Protection From Every Malware Infection
Real-Time Protection From Every Malware Infection
 
RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012
 
The New Mobile Landscape - OWASP Ireland
The New Mobile Landscape - OWASP IrelandThe New Mobile Landscape - OWASP Ireland
The New Mobile Landscape - OWASP Ireland
 
F5 - BigIP ASM introduction
F5 - BigIP ASM introductionF5 - BigIP ASM introduction
F5 - BigIP ASM introduction
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1
 
Cyber security-briefing-presentation
Cyber security-briefing-presentationCyber security-briefing-presentation
Cyber security-briefing-presentation
 
Offensive malware usage and defense
Offensive malware usage and defenseOffensive malware usage and defense
Offensive malware usage and defense
 
Complete Security with Sophos and Softchoice
Complete Security with Sophos and SoftchoiceComplete Security with Sophos and Softchoice
Complete Security with Sophos and Softchoice
 
Nebezpecny Internet Novejsi Verze
Nebezpecny Internet Novejsi VerzeNebezpecny Internet Novejsi Verze
Nebezpecny Internet Novejsi Verze
 
NetWitness
NetWitnessNetWitness
NetWitness
 
Introduction to the advanced persistent threat and hactivism
Introduction to the advanced persistent threat and hactivismIntroduction to the advanced persistent threat and hactivism
Introduction to the advanced persistent threat and hactivism
 
Spiceworld 2011 - AppRiver breakout session
Spiceworld 2011 - AppRiver breakout sessionSpiceworld 2011 - AppRiver breakout session
Spiceworld 2011 - AppRiver breakout session
 
Weaponised Malware & APT Attacks: Protect Against Next-Generation Threats
Weaponised Malware & APT Attacks: Protect Against Next-Generation ThreatsWeaponised Malware & APT Attacks: Protect Against Next-Generation Threats
Weaponised Malware & APT Attacks: Protect Against Next-Generation Threats
 
Vulnerability in Security Products
Vulnerability in Security ProductsVulnerability in Security Products
Vulnerability in Security Products
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS   ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...DSS   ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS   ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS   ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
 

More from Sophos

Sophos Wireless Protection Overview
Sophos Wireless Protection OverviewSophos Wireless Protection Overview
Sophos Wireless Protection OverviewSophos
 
Your Money or Your File! Highway Robbery with Blackhole and Ransomware
Your Money or Your File! Highway Robbery with Blackhole and RansomwareYour Money or Your File! Highway Robbery with Blackhole and Ransomware
Your Money or Your File! Highway Robbery with Blackhole and RansomwareSophos
 
Sophos EndUser Protection
Sophos EndUser ProtectionSophos EndUser Protection
Sophos EndUser ProtectionSophos
 
2013 Security Threat Report
2013 Security Threat Report2013 Security Threat Report
2013 Security Threat ReportSophos
 
When Malware Goes Mobile
When Malware Goes MobileWhen Malware Goes Mobile
When Malware Goes MobileSophos
 
IT Security DOs und DON’Ts (Italian)
IT Security DOs und DON’Ts (Italian)IT Security DOs und DON’Ts (Italian)
IT Security DOs und DON’Ts (Italian)Sophos
 
IT Security DOs and DON'Ts
IT Security DOs and DON'Ts IT Security DOs and DON'Ts
IT Security DOs and DON'Ts Sophos
 

More from Sophos (7)

Sophos Wireless Protection Overview
Sophos Wireless Protection OverviewSophos Wireless Protection Overview
Sophos Wireless Protection Overview
 
Your Money or Your File! Highway Robbery with Blackhole and Ransomware
Your Money or Your File! Highway Robbery with Blackhole and RansomwareYour Money or Your File! Highway Robbery with Blackhole and Ransomware
Your Money or Your File! Highway Robbery with Blackhole and Ransomware
 
Sophos EndUser Protection
Sophos EndUser ProtectionSophos EndUser Protection
Sophos EndUser Protection
 
2013 Security Threat Report
2013 Security Threat Report2013 Security Threat Report
2013 Security Threat Report
 
When Malware Goes Mobile
When Malware Goes MobileWhen Malware Goes Mobile
When Malware Goes Mobile
 
IT Security DOs und DON’Ts (Italian)
IT Security DOs und DON’Ts (Italian)IT Security DOs und DON’Ts (Italian)
IT Security DOs und DON’Ts (Italian)
 
IT Security DOs and DON'Ts
IT Security DOs and DON'Ts IT Security DOs and DON'Ts
IT Security DOs and DON'Ts
 

Recently uploaded

IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDELiveplex
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfJamie (Taka) Wang
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Brian Pichman
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXTarek Kalaji
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 

Recently uploaded (20)

IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )Building Your Own AI Instance (TBLC AI )
Building Your Own AI Instance (TBLC AI )
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 

8 Threats Your Anti-Virus Won't Stop

  • 1. 8 Threats your antivirus won’t stop
  • 2. Outline Current threat landscape 8 threats AV won’t stop Wrap up 2
  • 3. Changing threat landscape What’s causing you pain Threats Data changing, everywhere, r still egulations increasing growing Users everywhere, using everything 3
  • 4. How data is lost Source: DatalossDB.org Devices Hacked Web/Virus Documents Fraud 4
  • 5. Anatomy of an attack A hijacked website or an Entry point unwanted email with a malicious link Initial malware redirects Malware based on what it’s working Distribution with (Windows/Mac, IE/Safari, e tc.) Exploit pack attempts to Exploit leverage a number of vulnerabilities vulnerabilities in apps & plugins Download of a malicous payload to log keys, steal Infection data, or convert the system into a botnet Malware calls home with Execution sensitive data
  • 6. Outline Current threat landscape 8 threats AV won’t stop Wrap up 6
  • 7. Evolution of AV Signature Signature Endpoint Complete AV AV + HIPS Security Security • Signature based • Signature based • Signature based • Endpoint Protection anti-virus protection anti-virus protection anti-virus protection • Web Protection • HIPS (Host • HIPS (Host • Email Protection Intrusion Prevention Intrusion Prevention System) System) • Network Protection • Behavioral analysis • Data Protection • Client firewall • Mobile Protection • Application control • Device control
  • 8. 8 threats AV won’t stop Human error: 1. Misdirected email 2. Infected USB device Facts of life: 3. Working offsite 4. Working on the web IT issues: 5. Unpatched PC’s 6. Uncontrolled apps Malicious intent: 7. Stolen Laptops 8. Zero-day threat 8
  • 9. 1. Misdirected email If it hasn’t happened to you, it will Data Control Email encryption 9
  • 10. 2. The infected USB device 75% fail the lollipop test Device Control Data Control Encryption 10
  • 11. 3. Working offsite & 4. on the web Today’s primary source of FakeAV URL Filtering Endpoint Web Protection 11
  • 12. 5. Unpatched & 6. Uncontrolled apps Is your company data circulating on Bit-Torrent? Application Control Patch Management 12
  • 13. 7. Stolen laptops It’s only a matter of time Full Disk Encryption Email encryption Encryption for cloud 13
  • 14. 8. The zero-day threat Exploiting unknown vulnerabilities Anti-malware with behavioural analysis Intrusion prevention Live Protection 14
  • 15. Outline Current threat landscape 8 threats AV won’t stop Wrap up 15
  • 16. Evolution of AV Signature Signature Endpoint Complete AV AV + HIPS Security Security • Signature based • Signature based • Signature based • Endpoint Protection anti-virus protection anti-virus protection anti-virus protection • Web Protection • HIPS (Host • HIPS (Host • Email Protection Intrusion Prevention Intrusion Prevention System) System) • Network Protection • Behavioral analysis • Data Protection • Client firewall • Mobile Protection • Application control • Device control
  • 17. Layered Protection Complete Security at Work Reduce attack Entry point Protect everywhere Anti-spam surface URL Filtering Malware Distribution Stop attacks Live and breaches Protection Exploit Application Intrusion Control vulnerabilities prevention Keep people working Patch Manager Anti-malware Infection Live Protection Data Control Firewall Execution Encryption
  • 18. 8 Questions to ask your vendor… 1. How do we stop sensitive data from falling into the wrong hands? 2. How can we ensure staff is not leaking data out of our organization? 3. How can we prevent users from infecting themselves with USB sticks? 4. How do you protect offsite users from malicious websites? 5. How can we control applications such as VoIP, IM, P2P or games? 6. How can you help ensure systems are patched and up to date? 7. How does your solution help protect us from new and unknown threats? 8. How often do you publish new threat intelligence and how do we get it? 18
  • 19. Complete security Better protection, better efficiency, and better value Endpoint Web Email Data Mobile Network Reduce attack surface Protect everywhere Stop attacks and breaches Keep people working URL Filtering Web Application Endpoint Web Encryption Data Control Access control Automation WiFi security Firewall Protection for cloud Anti-spam Patch Manager Mobile Control Virtualization Anti-malware User education Visibility Local self-help Application Mobile app Clean up Technical Device Control Secure branch Intrusion Firewall Control security support offices prevention Encryption Tamper Free Email Live Protection Small protection Home use VPN Performance updates encryption
  • 20. Complete security Better protection, better efficiency, and better value
  • 21. Staying ahead of the curve Staying ahead of the curve US and Canada facebook.com/securitybysophos 1-866-866-2802 NASales@sophos.com Sophos on Google+ UK and Worldwide linkedin.com/company/sophos + 44 1235 55 9933 Sales@sophos.com twitter.com/Sophos_News nakedsecurity.sophos.com 21

Editor's Notes

  1. This presentation reviews the current threat landscape and what’s driving change in IT security. It also dives into 8 threats your traditional AV can’t stop, and wraps up with some questions you can ask your prospective vendor to make sure you’re getting the protection you need.
  2. The threat landscape is continually evolving, but today there are really four sources of pain…1. Users are more mobile than ever and using a broader array of devices to do their work, from laptops, to tablets, to smart phones.2. The threats themselves are evolving rapidly in an ever escalating arms race to try and evade your security and victimize your users.3. There’s the problem of data being everywhere, increasing regulations and the fact that your sensitive data is what the bad guys are targeting.4. Security is taking too much of your time and its impacting not only your productivity but that of your users too.
  3. Here is some data from datalossdb.org that tracks a variety of data loss incidents. The number one source of lost data is a stolen laptop, device or other form or removable media noted in the chart by blue.The next major type of data breach was due to hacks and improperly secured servers and databases. It’s a challenging vector to address, but there are a number of best practices you should be looking at implementing to safeguard yourself. Certainly web server protection being top on the list.Then comes Web, Email and Virus type attacks which account for 15% of data loss breaches.Good old fashioned printed documents either lost, stolen or improperly disposed of actually accounted for about 13% of data breaches.
  4. Web and virus attacks account for a significant percentage of data breaches. A typical web or email attack can be broken down into a series of phases:Entry point - This is typically a hijacked website or perhaps an email with a malicious link in it. These hijacked sites change quickly and spread like wild-fire when new exploits in servers are discovered making it difficult for traditional URL filtering to provide a meaningful defense.If a threat slips past this first level of defense, the initial malware will do a quick assessment of the system to see what kind of operating system, browser, plugins and apps it’s dealing with and then redirect the malware accordingly to an appropriate malware hosting site. These malware traffic distribution systems utilize new servers all the time often using fast-flux DNS to stay ahead of the game.Once an attack manages to slip through to the next phase, it will usually involve a commercially available exploit pack that attempts to leverage any number of vulnerabilities in apps and plugins. This is usually easy picking for malware as there are often dozens of browser and applications running all ripe with exploits.Should an attack successfully exploit a vulnerability, it will then download a malicious payload to infect the system to log keys, steal data, or covert the system into a botnet or malware hosting site. This is pretty much your last line of defense and you’re now relying on detecting sophisticated virus and malware code.Should this malware be successful in taking hold, it will then start calling home with sensitive data or information about the infected system so it can be exploited further.
  5. The Evolution of AV.Anti-virus started out many years ago as a signature based form of protection. Every virus was identified by a unique signature and as new variants appeared, new signatures were required. As these threats started to evolve more quickly to the level we have today, where tens of thousands of new variants can appear daily, it’s simply not scalable or reliable to depend on signature based detection. So most AV companies added a capability called HIPS to their security software that can detect malicious behavior and stop it before it can cause too much damage. More recently, the concept of Endpoint security has gotten more sophisticated with technologies that use better behavioral analysis to detect suspicious code and other technologies designed to reduce the surface area of attack… firewalls, application control, and device control all help in this regard by reducing vulnerabilities.Today we seem to be in the next-generation in the evolution of IT security… which goes far beyond essential AV… combining technologies that work better together across threat vectors to provide endpoint, web, email, network, data and mobile protection… or what we like to call complete security.
  6. 8 threats your AV won’t stop youcan be broken down into four types of issues:Human errorFacts of lifeIT issuesMalicious intent
  7. Everyone has accidentally sent an email to the wrong person or “replied-all” on a note that was intended only for one person.No AV solution is going to help you here, but there’s little need for this kind of problem anymore with affordable, simple email encryption and data loss prevention that can either stop sensitive data from leaving the organization or ensure it’s encrypted and protected from falling into the wrong hands.
  8. In a recent security audit at a credit union, it was found that 15 employees out of 20 that found a USB stick in the parking lot or elsewhere near their office, had plugged them into their computer. This is how many organizations are targeted today. In fact, this is rumored to be the way an Israli worm was propagated within Iran to thwart their Nuclear program. This problem is crying out for a solution, and you don’t really want to have to rely on old-school AV to solve this. Fortunately, it’s all very simple. A combination of device control, data control, encryption, and even a bit of user education can go a long ways towards eliminating this risk.
  9. In today’s mobile world, you’ve got an increasing number of users working offsite who you are either trying to force to connect through the corporate infrastructure using VPN which can be expensive, complex and frustrating, or you’ve got road-warriors coming back to the office with infected laptops. Likely infected with some kind of FakeAV. The problem is nothing new, but there are new ways to solve it. With Web Protection in your Endpoint, your users can take their web protection with them everywhere they go, and be protected just like they are back in the office.
  10. Unpatched and uncontrolled applications represent one of the biggest exposures you have. Every unpatched application represents a set of vulnerabilities that are ripe to be exploited, and the more uncontrolled browsers, media players, and other applications users are running on their systems, the greater this surface area of attack. It’s absolutely essential that you limit these kinds of applications to just those required for your organization, and keep them patched. That’s where a complete security solution that includes application control and patch management play a critical role in reducing your risk and exposure to attack while also reducing the number of ways that sensitive data can end up leaving your network.
  11. Thousands of laptops are stolen every day. It’s only a matter of time before it happens to all of us. Fortunately, with affordable, simple encryption solutions for disks, emails, and files in the cloud or on removable media, there’s no reason anyone should have to worry about this kind of data loss anymore.
  12. The term zero-day threat means that the attack is exploiting a vulnerability before it’s been published. Behavioral analysis and intrusion prevention in today’s Endpoint security is designed to detect malicious code and behavior before it becomes a problem. Technologies like Sophos Live Protection make real-time updates to the latest threat intelligence possible, closing the gap between regular threat updates… improving response time to emerging zero-day threats.
  13. Howto make sure you’re getting the right solution or the most protection for your tight IT security budget.
  14. As you’ve seen, you need more than just AV to stay protected… you need complete security. You need the technologies we talked about working across all vectors from Endpoint, to the network gateway including web and email, with data protection everywhere and mobile protection as well.
  15. Proper complete security starts with reducing the surface area of an attack. Technologies like anti-spam and URL filtering play critical roles in blocking malicious entry points but you need solutions that update themselves in real-time… that’s where real-time updates like Sophos Live Protection can be a huge benefit. Application control and patch management play equally critical roles in eliminating vulnerabilities that can be exploited by controlling the number of applications and helping to keep them patched… significantly reducing the chance of infection. Last but not least, data control and encryption are an important last line of defense in protecting data should your system become infected and of course, to prevent data loss through accidents that are bound to happen.To prevent infection, you need a number of leading edge technologies working on your behalf to stop attacks and breaches at a variety of layers, detecting malicious code behavior and preventing it from taking hold or communicating with the source.And of course, these days, you need this kind of multi-layer protection everywhere users are, and in a way that keeps both them and the IT team productive and working without bogging them down.
  16. Here some essential questions to ask prospective vendors that get at their ability to deliver complete security.
  17. Of course, Sophos has the answers and can bring all of the essential technologies you need for better protection.
  18. The best part is that Sophos has made it simple by tightly integrating our security solutions where it makes sense to provide better protection/better efficiency through reduced complexity and better value for you. You get the benefit of all these technologies that are working seamlessly for you and you can manage them easily with our simple administration tools that take the head-aches out of managing today’s IT security.