securing the cloud in today's threat...
TRANSCRIPT
Securing The Cloud in Today's Threat Landscape
David Dzienciol Vice President, Channels & SMB Asia Pacific Japan Region
September 2011
2
By 2011 1 billion mobile devices will access the internet 98% of data breaches in 2009 came from servers
Corporations will spend $6.4 billion on Cloud in 2014 up from $3.8 billion in 2010
17% of physical servers virtualized by 2010
Digital data is up 600% in 5 years to 988 exabytes in 2010
Corporate information grows ~66% every year
88% of companies cannot answer “what are our information risks today” in less than two weeks
Each day 600 million email messages are sent containing unencrypted confidential data
Value of digital information stolen in 2009 was ~ $1 trillion
Cloud Services Revenue – 2010 to 2015
SERVICE 2010 2015 CAGR
SaaS $10B $21.3B
16%
PaaS $1.3B $2.4B 13%
Iaas: Compute $2.2B $15.5B
48%
IaaS: Storage $.12B $2.9B 89%
Iaas: Backup $.46B $1.2B 22%
Gartner, June 2011 3
Symantec Partner Engage 2011 4
Peter Norton
Computing
Anti-virus + Infrastructure Protection
Security + Storage + Compliance
Information Management
and Protection
1990’s
20
11
Extend core product
leadership into
complementary markets
Accelerate our
Vision
Evaluate where
there is rapid change
Confidence in a Connected World
Evolving the Symantec Vision and Brand
Trust “Trust is the key characteristic
of the cloud service consumer-
provider model.” – IDC 2010
“The checkmark logo symbolizes the company's focus on enabling
confidence and ensuring customers have simple and secure access to
their information from anywhere, seamlessly moving between their
personal and professional lives”
5
6
Hacking Old Motivation
Threat Landscape A fundamental shift…
7
Cyber Crime Cyber Espionage
Cyber Warfare 7
Threat Landscape
Prices on the ‘Underground Economy’
8
Threat Landscape
Who is being attacked?
9
- Targeted Attacks
- Data Breaches
- End-user disruption
- DDOS attacks
- Bank accounts
- Business disruption
- ID Theft
- Scammed for dollars
- Removal costs
Enterprises Small Businesses End-Users Governments
- Cyber Sabotage
- Cyber Espionage
- Hactivism
Threat Landscape
How are we being attacked?
• It can start with an attachment
• Buried inside may be an embedded ‘Flash’ object
• Which leverages a vulnerability to deliver malware
10
Agenda.pdf
Threat Landscape
How are we being attacked?
• More likely it will be a link
• Seems innocuous, right?
• Well not so fast…
11
Threat Landscape
How are we being attacked?
• More likely it will be a link
• Seems innocuous, right?
• Well not so fast…
• Hover over the link to see the real link buried underneath
• Clicking the link brings you to a malicious web site
12
Threat Landscape
How are we being attacked?
• Or maybe some one posts a link to your Facebook page
• Again, there’s that pesky shortened link… who knows where you’ll end up
13
John Doe: Hi Gerry, Check out this cool video of me surfing: bit.ly/e20z3v
Threat Landscape
How are we being attacked?
• Or the web site itself will infect you just by visiting it…
• For example, the neighborhood pizza store might be infected
• How many pizza stores have a fulltime IT guy on staff looking out for trouble?
14
Threat Landscape
How are we being attacked?
• Or it could be:
–Hidden in other software
–On a USB
–Behind a fake system message
15
12 new 0day vulnerabilities
Threat Landscape
How often are we being attacked?
⁻ 14 new 0day vulnerabilities
⁻ 163 new mobile vulnerabilities
⁻ 6,253 new vulnerabilities
⁻ 286,000,000 new malware variants
14 new public SCADA vulnerabilities
321 browser plug-in vulnerabilities
4,501 new vulnerabilities
17,432 new bot C&C servers
30,000 domains hosting malware
59,526 phishing hosts
2,895,802 new AV signatures
6,798,338 bot infected computers
240,000,000 million new malware variants
3,050,000,000 attacks blocked by Symantec in 2010
In the time it takes to give this presentation,
we will block more than 365,000 attacks!
16
Threat Landscape
Why are we being attacked?
17
Steal Resources Steal Information Extortion Money
- Send spam
- Part of a DDOS attack
- Steal sensitive info e.g. banking credentials
- Old fashion ‘con’
- Sit back and wait for the $s to roll in
Destroy
- Hackitivism
- Cyber-Sabotage
Rustock Zeus Rogue AV Stuxnet
Examples:
Mostly because of:
Employees Connect In A Whole New Way
Updates lead status on salesforce.com. Checks Facebook on company group page. Updates status to say “big meeting today!”
Completes expense report in Concur. Downloads the latest presentation from SharePoint. Uploads a new product demo on YouTube.
Posts link on his Facebook profile. Edits ROI models with his team on Office Live.
18
What Does That Mean For IT Security?
Security
Applications & Data Applications & Data
Salesforce.com
SuccessFactors
Gmail
POS
MRP
CRM
Xbox…
Streamed Applications SPN
Back-up
Security
Data
Tablets
Applications
Security
Applications
Data
Home PC
Applications
Data
Work PC
Security
Applications
Data
Mobile Phone
Security
Applications
Data
Other Endpoints
Internal IT
Outsourcer
DSP/ISP
Applications Data
Yikes!!!
19
Develop and Enforce IT Policies
Protect the Infrastructure Symantec Protection Suites
Data Loss Prevention Suite and Encryption
Control Compliance Suite
Authenticate Identities VeriSign™ Identity and Authentication
IT Management Suite
Symantec is Focused on Meeting The Security Challenges
Protect the Information
Manage Systems
20
Symantec Cloud Perspectives
Security as a Service – customers consume our products and solutions
information from the cloud
Build
Solutions to enable customers to extend their security reach for cloud
services
Solutions that enable the creation of secure and well managed public and
private clouds
Consume
Extend
21
Symantec Cloud Strategy Focus Areas
1. Security as a Service – How does Symantec leverage cloud models to deliver security solutions?
2. Secure Cloud Consumption – How does Symantec secure our customer’s access to other public cloud services?
3. Secure Cloud Enablement – How does Symantec enable customers to secure their own private clouds?
22
1. Security as a Service How Does Symantec Leverage Cloud Models To Deliver Security Solutions?
• Symantec.cloud: 16 Datacenters on 5 continents , 11M customers are protected by our services , 14 pre-integrated apps. Supported by our industry-leading service-level agreement
• WW leader in messaging Security (SaaS)
• WW leader in Web Security Hosted Services (IDC)
• Symantec Health Safe & Symantec Health Image Share
• Future: Symantec Protection Center Online
And… 23
Security as a Service (Continued)
How Does Symantec Leverage Cloud Models To Deliver Security Solutions?
• Trust Services – SSL, Hosted PKI, Verisign Identity Protection / User Authentication
– Average 2.1 Billion OCSP look-ups per day
– 500,000 CRL downloads per day
– >500M seals served per day
– >100K websites showing the VeriSign Seal
– >1.3 Billion active SSL Certs in the market
– >80 million desktops showing Seal-in-Search
– SSL Customer Coverage: 95% of Fortune 500, world’s 40 largest banks, 90% of Internet Retailers top 500
– VeriSign 3 Brands (VRSN, GeoTrust & Thawte) represents approximately 55% of the entire SSL install base
24
Basic Web Site Anti-Malware Check GeoTrust Web Site Anti-Malware Scan
Exclusive Channel Offering – 2 Flavors
NOTE: Unlike the Trust Seal there are no restrictions on who can buy anti-malware scanning product. Any website can buy this product regardless of SSL, brands, or other security products provided they are not restricted due to security trade/import
compliance rules.
• Simple “add to cart” option
• Non branded bundle component
• Add basic website anti-malware check
• Get daily anti-malware scans for up to 5 pages
• Protect customers’ web site - Assure customers that your site has been
scanned
• Find out fast if they get hacked - Avoid getting blacklisted by search engines
- Get daily anti-malware scans for up to 50 pages
• Standalone Product Offering
• Branded
Vulnerability Assessment – Feature Enhancement
• Free with the purchase of every VeriSign Extended Validation or Secure site Pro SSL Certificate
• Targeted scan helps quickly identify and take action against the most common exploitable weaknesses that post the biggest risk to business operations.
• Vulnerability assessment includes: – An automatic weekly
– An actionable report
– Rescan option post remediation
Key Features
2. Secure Cloud Consumption How Does Symantec Secure Our Customer’s Access To Other Public Cloud Services?
• Enable “Cloud Ready” Access (Data Loss Prevention, User-Authentication)
• Partnership Example:
+ • “MOUNTAIN VIEW, Calif. – December 9, 2009 – Symantec Corp. (Nasdaq: SYMC) today announced it is offering its next-generation
security and enterprise-class storage management solutions through the Amazon Elastic Compute Cloud (Amazon EC2)...”
27
3. Secure Cloud Enablement How Does Symantec Enable Secure Private Clouds In The Enterprise?
• What is the critical information to protect? Where is this data? How will it be used? Data Loss Prevention
• Does the critical information have the right level of control? Encryption
• How will heterogeneous access and broad network connectivity be controlled? Verisign User-authentication / VIP, Network Access Control
• How will security and performance be managed in a highly virtualized environment? Critical Systems Protection, Endpoint Management
• How can automation be used to abstract services from the infrastructure that provides them? Workflow
Leverage existing capabilities to enable a “Cloud Ready” enterprise
28
Enablers of the Future & Confidence & Trust
29
New Symantec Capabilities
User Authentication
Device Authentication
Trust Services Fraud Detection Encryption
The Trust Equation
+4664572
+4583601
VeriSign Authentication Services Mission:
“To enable businesses and individuals to use the Internet with confidence”
+7312862
Must verify the security
and reputation of the on-
line organization
Must be able to present
identity credentials before
accessing sensitive or
personal information
Must establish trust with
their users through
security and reputation
Must authenticate and
manage user identities
Public and Private Clouds
Trust
Trust Cloud
Users & Devices
Trust Identity / Devices
Trust
Information
30
Symantec’s VeriSign Identity and Access Management
TRUST For Businesses
TRUST For Users & Devices
User & Device Authentication
• Client PKI
• Device PKI
• VIP – OTP Strong Authentication
• Fraud Detection Service
Trust Services
• SSL Certificates
• Trust Seal Product
• Code Signing
31
People Information
Develop & Enforce IT
Policies Protect
Information Manage Systems
Authenticate Identities
Protect the Infrastructure
32
What happens in Singapore ends up on Facebook, Twitter, MySpace …
Thank you!
Copyright © 2010 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.
Thank you!
David Dzienciol
34