![Page 1: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/1.jpg)
![Page 2: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/2.jpg)
Patch
Upgrade
New
Version
Firewall
Rulebase
IPS
Signatures
Virus
Regulation
Worm
![Page 3: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/3.jpg)
![Page 4: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/4.jpg)
![Page 5: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/5.jpg)
Subversive
Multi-Vector
Threats
Government
Sponsorship
Advanced
Persistent Threats
![Page 6: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/6.jpg)
![Page 7: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/7.jpg)
9/14/2010 Copyright 2010. All Rights Reserved.7
―Malicious computer code, placed
there by a foreign intelligence agency‖
―Digital Beachhead‖ that allowed the
foreign agency to suck data from the
Pentagon’s classified and
unclassified networks
―Network administrator’s worst fear‖
![Page 8: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/8.jpg)
Cyber criminals have stolen at least
from small to mid-
sized companies across America in a
sophisticated but increasingly common
form of online banking fraud…
— Brian Krebs, Washington Post, 26 October 2009
$100 million
![Page 9: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/9.jpg)
The City of Norfolk, Virginia is reeling
from a massive computer meltdown…
an unidentified family of malicious
code destroyed data on nearly
citywide.
— krebsonsecurity.com, February, 2010
800 computers
![Page 10: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/10.jpg)
Hillary Machinery lost
in fraudulent transfers to cyberthieves
from their account at Plains Capital Bank.
The bank is now suing Hillary Machinery!
$801,495
— forbes.com, February, 2010
![Page 12: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/12.jpg)
Assuming the data is in the data center
![Page 13: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/13.jpg)
Assuming the data is in the data center
IDC research shows
that desktops &
laptops represent the
most serious concern
for Data Loss
Prevention (DLP.)
![Page 14: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/14.jpg)
Assuming the data is in the data center
Forgetting the value of data on mobile devices
![Page 15: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/15.jpg)
Forgetting the value of data on mobile devices
![Page 16: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/16.jpg)
Forgetting the value of data on mobile devices
![Page 17: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/17.jpg)
Assuming the data is in the data center
Forgetting the value of data on mobile devices
Believing that company data never finds its way to home systems
![Page 18: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/18.jpg)
Believing that company data never finds its way to home systems.
![Page 19: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/19.jpg)
Assuming the data is in the data center
Forgetting the value of data on mobile devices
Believing that company data never finds its way to home systems
Treating mobile devices as desktops
![Page 20: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/20.jpg)
Treating mobile devices as desktops
People are working — accessing
the most up-to-date information,
responding immediately to client
contacts, and taking care of many
more daily tasks — around the
clock. …..this environment has
created a new corporate
vulnerability that is likely to be
targeted by emerging threats.
– IDC
![Page 21: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/21.jpg)
The days of the Traditional Legacy Perimeter Defense
are behind us.
Your approach to security needs to keep up.
The corporate perimeter is porous and permeable.
![Page 22: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/22.jpg)
"Endpoint . . . solutions are now
a PRIMARY line of defense . . .‖
Charles Kolodgy
Research Director
IDC Security Products Program
The Data On The Endpoint Is The Goal
Internet Video
Personal Websites
Business Websites
Social Media
![Page 23: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/23.jpg)
Assuming the data is in the data center
Forgetting the value of data on mobile devices
Believing that company data never finds its way to home systems
Treating mobile devices as desktops
Adopting of social media without protection
![Page 24: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/24.jpg)
Adopting Social Media Without Protection
![Page 25: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/25.jpg)
However, aside from being a potential drain on corporate
resources, they also jeopardize the integrity of your data,
encourage employees to post potentially sensitive data
without thinking, and empower a new wave of identity theft
based on abuse of trust.
![Page 26: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/26.jpg)
Assuming the data is in the data center
Forgetting the value of data on mobile devices
Believing that company data never finds its way to home systems
Treating mobile devices as desktops
Adopting of social media without protection
Focusing too much on Prevention
![Page 27: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/27.jpg)
ResponseDetectionPrevention
• 95% of respondents listed the 12 items below
• 95% thought that Prevention was key
• IT Security spending follows the same mindset
Focusing on Prevention vs. Detection and Response
Alarm Motion detectorMonitoring Crime watch
Doors LocksWindows Fence
Dog GunPolice Insurance
Source: ―Data @ Risk‖ by David H. Stelzl
How They Break In:
34%
9%
23% 4%
22%
2%
![Page 28: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/28.jpg)
Assuming the data is in the data center
Forgetting the value of data on mobile devices
Believing that company data never finds its way to home systems
Treating mobile devices as desktops
Adopting of social media without protection
Focusing on Protection versus Detection and Response
Failing to foster a culture of awareness
![Page 29: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/29.jpg)
![Page 30: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/30.jpg)
Unintentional Data Breaches
Hidden Columns on Excel Spreadsheets with
•Credit Card numbers
•Social Security Numbers
•PII data
Intellectual Property
Marketing Plans
Embargoed Announcements
Corporate betting pools
![Page 31: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/31.jpg)
Education is usually the first line item cut when
there are budgetary pressures.
If you only have ONE DOLLAR to spend in security,
make sure you spend it in security awareness.
![Page 32: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/32.jpg)
Assuming the data is in the data center
Forgetting the value of data on mobile devices
Believing that company data never finds its way to home systems
Treating mobile devices as desktops
Adopting of social media without protection
Focusing on Protection versus Detection and Response
Failing to foster a culture of awareness
Under-reporting of security breaches
![Page 33: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/33.jpg)
Underreporting of security breaches
―According to the FBI, cybercrime
officially cost Americans almost
$560 million last year, more than
double the 2008 tally, although
experts say the true number is
undoubtedly much higher,
since many cyberattacks
go unreported.‖
— Dallas Morning News, May 2, 2010
![Page 34: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/34.jpg)
Underreporting of security breaches
―The European Commission
claims that the cost of
cybercrime in the EU, at
€750 billion annually, vastly
exceeds drug trafficking and
is equivalent to 1% of global
GDP‖
EurActiv Network, April 28, 2010
![Page 35: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/35.jpg)
Unable to create proper actuarial tables for cybercrime due to lack of
data
Main causes for under-reporting
•Fear of embarrassment
•Loss of public or customer confidence
•Legal Liabilities
•Jurisdictional Limitations
![Page 36: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/36.jpg)
Albert ―Segvec‖ Gonzalez has been indicted by a federal
grand jury, along with two unnamed Russian conspirators , on
charges of hacking into Heartland Payment Systems… as well as Hannaford
Brothers, 7-Eleven and two unnamed national retailers…
[Gonzalez] and 10 others were charged in May and August 2008 with network intrusions
into TJX, OfficeMax, Dave & Busters…and other companies
wired.com, August 17, 2009
Laying the Foundation to Combat Privateers on
the High Seas of the Internet
http://cassandrasecurity.com/?p=1301
![Page 37: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/37.jpg)
Assuming the data is in the data center
Forgetting the value of data on mobile devices
Believing that company data never finds its way to home systems
Treating mobile devices as desktops
Adopting of social media without protection
Focusing on Protection versus Detection and Response
Failing to foster a culture of awareness
Under-reporting of security breaches
Settling for compliance
![Page 38: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/38.jpg)
Settling for Compliance
Compliance… just one step
north of negligence.— Josh Corman, The 451 Group
![Page 39: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/39.jpg)
A perfect example of aiming for compliance is the number
of lifeboats on the Titanic.
The British Board of Trade, the regulatory agency that mandated
Titanic, required the ship to have lifeboat capacity for 1,060 people.
Unfortunately, she had a maximum capacity of 3,547, between
passengers and crew.
AFTER the Titanic sank, the regulations were changed.
That seems to be the way it always happens...
After ENRON and WorldCom, we get Sarbanes Oxley… After TJX, we get
PCI.
![Page 40: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/40.jpg)
Assuming the data is in the data center
Forgetting the value of data on mobile devices
Believing that company data never finds its way to home systems
Treating mobile devices as desktops
Adopting of social media without protection
Focusing on Protection versus Detection and Response
Failing to foster a culture of awareness
Under-reporting of security breaches
Settling for compliance
![Page 41: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/41.jpg)
How many times have you heard your IT team say:
only to have your expensive external audit firm come
in and deliver a scathing report that enumerates
thousands of missed items, erroneous
configurations, and process violations?
“We’re covered… We are compliant”
Assuming Everything is OK
![Page 42: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/42.jpg)
9/14/2010 Copyright 2010. All Rights Reserved.42
Stephan Thought He Was Secure
Companies think they are secure.
But who is accessing your data?
- Number of Infections found per hour
![Page 43: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/43.jpg)
Assuming the data is in the data center
Forgetting the value of data on mobile devices
Believing that company data never finds its way to home systems
Treating mobile devices as desktops
Adopting of social media without protection
Focusing on Protection versus Detection and Response
Failing to foster a culture of awareness
Under-reporting of security breaches
Settling for compliance
Assuming Everything is OK
![Page 44: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/44.jpg)
―We’ve got it covered.‖
What Is The Likelihood Of An Attack?
BTW… Likelihood decreases with Detection and
Response
―We had no idea this malware was getting through.‖
Impact of Risk HighLow
Low
High
Pro
ba
bili
ty o
f Occ
urr
ence
![Page 45: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/45.jpg)
Michael TysonPhilosopher and Pugilist
―Everyone Has a Plan… Until They Get Hit‖
![Page 46: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/46.jpg)
When it comes to security,
1. If you didn’t go looking for it, remove it.
2. If you did go looking for it, make sure you patch it.
3. If you don’t need it, get rid of it.
Brian Krebs, April 2010
![Page 47: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/47.jpg)
9/14/2010 Copyright 2010. All Rights Reserved.47
![Page 48: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/48.jpg)
The Growing Malware Threat
1,600,000
1,400,000
1,200,000
1,000,000
800,000
600,000
400,000
200,000
0
1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008
30,000
3,500+
1,115
3,312,682
New threats per day
New signatures per day
Mobile Malware Signaturesas of December 2009
Total as of December 2009
9/14/201048 Copyright 2010. All Rights Reserved.
![Page 49: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/49.jpg)
IT Spend Is Not What It Should Be
Minimal Increase In IT Security Software
Spending with Little Thought to Likelihood
Exponential Growth in Malware and Attacks
at the Endpoint
Malware growth IT spend
![Page 50: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/50.jpg)
• A Pioneer in Fighting IT Threats for 25 Years
• Security Technology of Choice
9/14/2010 Copyright 2010. All Rights Reserved.50
![Page 51: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/51.jpg)
Small Updates for the Best Protection and User Experience
Microsoft
Symantec
Trend Micro
CA
McAfee
Updates per Month
0 100 200 300 400 500 600 700
24
28
32
33
138
9/14/201051 Copyright 2010. All Rights Reserved.
![Page 52: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/52.jpg)
Eset
Sophos
AVG
Symantec
McAfee
Hours
0 2 4 6 8
4 to 8 hours
4 to 6 hours
4 to 6 hours
2 to 4 hours
2 to 4 hours
< 2 hours
9/14/201052 Copyright 2010. All Rights Reserved.
![Page 53: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/53.jpg)
9/14/201053 Copyright 2010. All Rights Reserved.
![Page 54: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/54.jpg)
9/14/201054 Copyright 2010. All Rights Reserved.
![Page 55: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/55.jpg)
Short Hold Times
85% of calls closed by Tier 1Dedicated Engineers
< 5 minute average answer time
Free Standard SupportEnglish, French, Spanish, Portuguese
9/14/201055 Copyright 2010. All Rights Reserved.
![Page 56: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/56.jpg)
![Page 57: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/57.jpg)
Test production machines
Set up evaluation
Perform a Proof of Concept
Dedicated Kaspersky Support Engineer
Kaspersky Concierge Program
9/14/2010 Copyright 2010. All Rights Reserved.57
Testing Detection and Response Capability
TAKETHE
![Page 58: Patch Upgrade Version Firewall Rulebase IPS Signatures ...pittsburgh.issa.org › ISSA › Top10_IT_Crime_Enablers_v7.pdf · mindset Focusing on Prevention vs. Detection and Response](https://reader033.vdocument.in/reader033/viewer/2022060406/5f0f77ef7e708231d444505c/html5/thumbnails/58.jpg)
9/14/2010 Copyright 2010. All Rights Reserved.58