Securing The Cloud in Today's Threat Landscape

David Dzienciol Vice President, Channels & SMB Asia Pacific Japan Region

September 2011

2

By 2011 1 billion mobile devices will access the internet 98% of data breaches in 2009 came from servers

Corporations will spend $6.4 billion on Cloud in 2014 up from $3.8 billion in 2010

17% of physical servers virtualized by 2010

Digital data is up 600% in 5 years to 988 exabytes in 2010

Corporate information grows ~66% every year

88% of companies cannot answer “what are our information risks today” in less than two weeks

Each day 600 million email messages are sent containing unencrypted confidential data

Value of digital information stolen in 2009 was ~ $1 trillion

Cloud Services Revenue – 2010 to 2015

SERVICE 2010 2015 CAGR

SaaS $10B $21.3B

16%

PaaS $1.3B $2.4B 13%

Iaas: Compute $2.2B $15.5B

48%

IaaS: Storage $.12B $2.9B 89%

Iaas: Backup $.46B $1.2B 22%

Gartner, June 2011 3

Symantec Partner Engage 2011 4

Peter Norton

Computing

Anti-virus + Infrastructure Protection

Security + Storage + Compliance

Information Management

and Protection

1990’s

20

11

Extend core product

leadership into

complementary markets

Accelerate our

Vision

Evaluate where

there is rapid change

Confidence in a Connected World

Evolving the Symantec Vision and Brand

Trust “Trust is the key characteristic

of the cloud service consumer-

provider model.” – IDC 2010

“The checkmark logo symbolizes the company's focus on enabling

confidence and ensuring customers have simple and secure access to

their information from anywhere, seamlessly moving between their

personal and professional lives”

5

6

Hacking Old Motivation

Threat Landscape A fundamental shift…

7

Cyber Crime Cyber Espionage

Cyber Warfare 7

Threat Landscape

Prices on the ‘Underground Economy’

8

Threat Landscape

Who is being attacked?

9

- Targeted Attacks

- Data Breaches

- End-user disruption

- DDOS attacks

- Bank accounts

- Business disruption

- ID Theft

- Scammed for dollars

- Removal costs

Enterprises Small Businesses End-Users Governments

- Cyber Sabotage

- Cyber Espionage

- Hactivism

Threat Landscape

How are we being attacked?

• It can start with an attachment

• Buried inside may be an embedded ‘Flash’ object

• Which leverages a vulnerability to deliver malware

10

Agenda.pdf

Threat Landscape

How are we being attacked?

• More likely it will be a link

• Seems innocuous, right?

• Well not so fast…

11

Threat Landscape

How are we being attacked?

• More likely it will be a link

• Seems innocuous, right?

• Well not so fast…

• Hover over the link to see the real link buried underneath

• Clicking the link brings you to a malicious web site

12

Threat Landscape

How are we being attacked?

• Or maybe some one posts a link to your Facebook page

• Again, there’s that pesky shortened link… who knows where you’ll end up

13

John Doe: Hi Gerry, Check out this cool video of me surfing: bit.ly/e20z3v

Threat Landscape

How are we being attacked?

• Or the web site itself will infect you just by visiting it…

• For example, the neighborhood pizza store might be infected

• How many pizza stores have a fulltime IT guy on staff looking out for trouble?

14

Threat Landscape

How are we being attacked?

• Or it could be:

–Hidden in other software

–On a USB

–Behind a fake system message

15

12 new 0day vulnerabilities

Threat Landscape

How often are we being attacked?

⁻ 14 new 0day vulnerabilities

⁻ 163 new mobile vulnerabilities

⁻ 6,253 new vulnerabilities

⁻ 286,000,000 new malware variants

14 new public SCADA vulnerabilities

321 browser plug-in vulnerabilities

4,501 new vulnerabilities

17,432 new bot C&C servers

30,000 domains hosting malware

59,526 phishing hosts

2,895,802 new AV signatures

6,798,338 bot infected computers

240,000,000 million new malware variants

3,050,000,000 attacks blocked by Symantec in 2010

In the time it takes to give this presentation,

we will block more than 365,000 attacks!

16

Threat Landscape

Why are we being attacked?

17

Steal Resources Steal Information Extortion Money

- Send spam

- Part of a DDOS attack

- Steal sensitive info e.g. banking credentials

- Old fashion ‘con’

- Sit back and wait for the $s to roll in

Destroy

- Hackitivism

- Cyber-Sabotage

Rustock Zeus Rogue AV Stuxnet

Examples:

Mostly because of:

Employees Connect In A Whole New Way

Updates lead status on salesforce.com. Checks Facebook on company group page. Updates status to say “big meeting today!”

Completes expense report in Concur. Downloads the latest presentation from SharePoint. Uploads a new product demo on YouTube.

Posts link on his Facebook profile. Edits ROI models with his team on Office Live.

18

What Does That Mean For IT Security?

Security

Applications & Data Applications & Data

Salesforce.com

SuccessFactors

Gmail

FaceBook

POS

MRP

CRM

Xbox…

Streamed Applications SPN

Back-up

Security

Data

Tablets

Applications

Security

Applications

Data

Home PC

Applications

Data

Work PC

Security

Applications

Data

Mobile Phone

Security

Applications

Data

Other Endpoints

Internal IT

Outsourcer

DSP/ISP

Applications Data

Yikes!!!

19

Develop and Enforce IT Policies

Protect the Infrastructure Symantec Protection Suites

Data Loss Prevention Suite and Encryption

Control Compliance Suite

Authenticate Identities VeriSign™ Identity and Authentication

IT Management Suite

Symantec is Focused on Meeting The Security Challenges

Protect the Information

Manage Systems

20

Symantec Cloud Perspectives

Security as a Service – customers consume our products and solutions

information from the cloud

Build

Solutions to enable customers to extend their security reach for cloud

services

Solutions that enable the creation of secure and well managed public and

private clouds

Consume

Extend

21

Symantec Cloud Strategy Focus Areas

1. Security as a Service – How does Symantec leverage cloud models to deliver security solutions?

2. Secure Cloud Consumption – How does Symantec secure our customer’s access to other public cloud services?

3. Secure Cloud Enablement – How does Symantec enable customers to secure their own private clouds?

22

1. Security as a Service How Does Symantec Leverage Cloud Models To Deliver Security Solutions?

• Symantec.cloud: 16 Datacenters on 5 continents , 11M customers are protected by our services , 14 pre-integrated apps. Supported by our industry-leading service-level agreement

• WW leader in messaging Security (SaaS)

• WW leader in Web Security Hosted Services (IDC)

• Symantec Health Safe & Symantec Health Image Share

• Future: Symantec Protection Center Online

And… 23

Security as a Service (Continued)

How Does Symantec Leverage Cloud Models To Deliver Security Solutions?

• Trust Services – SSL, Hosted PKI, Verisign Identity Protection / User Authentication

– Average 2.1 Billion OCSP look-ups per day

– 500,000 CRL downloads per day

– >500M seals served per day

– >100K websites showing the VeriSign Seal

– >1.3 Billion active SSL Certs in the market

– >80 million desktops showing Seal-in-Search

– SSL Customer Coverage: 95% of Fortune 500, world’s 40 largest banks, 90% of Internet Retailers top 500

– VeriSign 3 Brands (VRSN, GeoTrust & Thawte) represents approximately 55% of the entire SSL install base

24

Basic Web Site Anti-Malware Check GeoTrust Web Site Anti-Malware Scan

Exclusive Channel Offering – 2 Flavors

NOTE: Unlike the Trust Seal there are no restrictions on who can buy anti-malware scanning product. Any website can buy this product regardless of SSL, brands, or other security products provided they are not restricted due to security trade/import

compliance rules.

• Simple “add to cart” option

• Non branded bundle component

• Add basic website anti-malware check

• Get daily anti-malware scans for up to 5 pages

• Protect customers’ web site - Assure customers that your site has been

scanned

• Find out fast if they get hacked - Avoid getting blacklisted by search engines

- Get daily anti-malware scans for up to 50 pages

• Standalone Product Offering

• Branded

Vulnerability Assessment – Feature Enhancement

• Free with the purchase of every VeriSign Extended Validation or Secure site Pro SSL Certificate

• Targeted scan helps quickly identify and take action against the most common exploitable weaknesses that post the biggest risk to business operations.

• Vulnerability assessment includes: – An automatic weekly

– An actionable report

– Rescan option post remediation

Key Features

2. Secure Cloud Consumption How Does Symantec Secure Our Customer’s Access To Other Public Cloud Services?

• Enable “Cloud Ready” Access (Data Loss Prevention, User-Authentication)

• Partnership Example:

+ • “MOUNTAIN VIEW, Calif. – December 9, 2009 – Symantec Corp. (Nasdaq: SYMC) today announced it is offering its next-generation

security and enterprise-class storage management solutions through the Amazon Elastic Compute Cloud (Amazon EC2)...”

27

3. Secure Cloud Enablement How Does Symantec Enable Secure Private Clouds In The Enterprise?

• What is the critical information to protect? Where is this data? How will it be used? Data Loss Prevention

• Does the critical information have the right level of control? Encryption

• How will heterogeneous access and broad network connectivity be controlled? Verisign User-authentication / VIP, Network Access Control

• How will security and performance be managed in a highly virtualized environment? Critical Systems Protection, Endpoint Management

• How can automation be used to abstract services from the infrastructure that provides them? Workflow

Leverage existing capabilities to enable a “Cloud Ready” enterprise

28

Enablers of the Future & Confidence & Trust

29

New Symantec Capabilities

User Authentication

Device Authentication

Trust Services Fraud Detection Encryption

The Trust Equation

+4664572

+4583601

VeriSign Authentication Services Mission:

“To enable businesses and individuals to use the Internet with confidence”

+7312862

Must verify the security

and reputation of the on-

line organization

Must be able to present

identity credentials before

accessing sensitive or

personal information

Must establish trust with

their users through

security and reputation

Must authenticate and

manage user identities

Public and Private Clouds

Trust

Trust Cloud

Users & Devices

Trust Identity / Devices

Trust

Information

30

Symantec’s VeriSign Identity and Access Management

TRUST For Businesses

TRUST For Users & Devices

User & Device Authentication

• Client PKI

• Device PKI

• VIP – OTP Strong Authentication

• Fraud Detection Service

Trust Services

• SSL Certificates

• Trust Seal Product

• Code Signing

31

People Information

Develop & Enforce IT

Policies Protect

Information Manage Systems

Authenticate Identities

Protect the Infrastructure

32

What happens in Singapore ends up on Facebook, Twitter, MySpace …

Thank you!

Copyright © 2010 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.

Thank you!

David Dzienciol

David_Dzienciol@symantec.com

34