cisco intelligent cyber security for the real worldcisco confidential 10 visibility and context...
TRANSCRIPT
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
Cisco Intelligent Cyber Security for the Real WorldDorin Pena.:|:.:|:. Genearal Manager | Cisco Romaniacisco [email protected]
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
The Security Problem
Changing
Business Models
Dynamic
Threat Landscape
Complexity
and Fragmentation
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
The Industrialization of Hacking
20001990 1995 2005 2010 2015 2020
Viruses1990–2000
Worms2000–2005
Spyware and Rootkits2005–Today
APTs CyberwareToday +
Hacking Becomesan Industry
Sophisticated Attacks, Complex Landscape
Phishing, Low Sophistication
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
Today’s advanced malware is not just a single entity
It is a Community
that hides in plain site
Missed by Point-in-
time Detection
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
Hacking, 21st Century The attack chain
SurveyEvaluate victim’s
countermeasures
WriteCraft context-aware malware to
penetrate victim’s environment
TestCheck malware works & evades victim’s
countermeasures
ExecuteDeploy malware. Move laterally,
establish secondary access
Accomplish
The mission: Extract data,
destroy, plant evidence,
compromise.
Victim = targeted organization
days,
weeks,
months
6hours
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
Industry Risk and
Web Malware
Encounters, 2013
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
The Silver Bullet Does Not Exist
“Self Defending Network”
“It matches the pattern”
“No false positives,
no false negatives.”
Application
Control
NGFW / VPN
IDS / IPS
UTM
NAC
AV
PKI
“Block or Allow”
“Fix the Firewall”
“No key, no access”
Sandboxing
“Detect the
Unknown”
Cisco focuses on the totality of defending against threats, through architecture
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
Visibility and Context
Firewall
NGFW
NAC + Identity Services
VPN
UTM
NG IPS
Web Security
Email Security
Advanced Malware Protection
Network Behavior Analysis
Covering the Entire Attack Continuum
BEFOREDiscover
Enforce
Harden
AFTERScope
Contain
Remediate
Attack Continuum
Detect
Block
Defend
DURING
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
Sourcefire Advanced Malware ProtectionRetrospective Security
• ComprehensiveNetwork + Endpoint
• Continuous Analysis
• Integrated Response
• Big Data Analytics
• Control & Remediation
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
Thank You