SlideShare a Scribd company logo

Managing security threats in today’s enterprise

Download as PPTX, PDF
Quick Heal Technologies Ltd.
Quick Heal Technologies Ltd.

Evolving technologies and business models have led to advanced network security threats that never existed a few years back. Moreover, enterprises are also relying on outdated security solutions to shut out such threats and this is leading to bigger and frequent data breaches. So if your company recognizes the need for a reliable IT security solution, then you should join our webinar to learn the following: - An overview of the prevalent enterprise security threats - The evolving security landscape and the obsolete security mechanisms - What Seqrite does to ensure enterprise security and network compliance

Related slideshows

PRESENTATION▶ Cyber Security Services (CSS): Security Simulation
PRESENTATION▶ Cyber Security Services (CSS): Security SimulationPRESENTATION▶ Cyber Security Services (CSS): Security Simulation
PRESENTATION▶ Cyber Security Services (CSS): Security Simulation
 
Building an application security program
Building an application security programBuilding an application security program
Building an application security program
 
Your cyber security webinar
Your cyber security webinarYour cyber security webinar
Your cyber security webinar
 
1 of 17
Managing Security Threats in Today’s Enterprise
Agenda 1) Today’s enterprise scenario 2) Rise of Advanced Persistent Threats & Other Risks 3) Triangle of Use.x 4) User Awareness 5) One single point of observation 6) Security appliances have to work out-of-the-box 7) Q&A
• Consistent growth in number of malwares & cyber crime incidents • No Platform/OS is 100% immune from threat • Exponential growth of highly sophisticated and advanced global cyber criminals’ community • Sophisticated cyber crooks want your intellectual property, confidential information, financial data, trade secrets etc. • Attacks are more persistent, pervasive, and in some cases more targeted than ever before…! Today’s enterprise Scenario
Rise of Advanced Persistent Threats & Other Risks Advanced Persistent Threats (APTs) are targeted cyber-attacks designed to dodge an organization’s technical countermeasures. APTs are specifically designed to bypass firewalls, intrusion detection systems, and anti- malware programs. Source: PWC 3.4 million 9.4 million 22.7 million 24.9 million 28.9 million 42.8 million 2009 2010 2011 2012 2013 2014 Total number of Security Incidents to grow 66% CAGR
Page 4 Cloud External factors to consider Big Data Mobility Security and Risk 738 25% 7.22 60% Number of cloud services that a company uses on average. By 2016, 25% of global firms will adopt big data analytics for security and fraud detection. Number of mobile devices around the world today in BILLIONS. By 2020, 60% of enterprise security budgets will be allocated for rapid detection and response strategies.
Attacks in News!! • NSA implants software into 100,000 computers • This allows them to reach non-connected machines through supply chain attack vectors • NSA calls this ‘active defense’
SECURITY (INCREASES) FUNCTIONALITY(DECREASES) EASE OF USE(DECREASES) Triangle of Use
How it is done?
Today’s SMB & Enterprise Challenges • Security Information and Event Management (SIEM) is an essential cyber security technology. • SMBs face the same cyber threats as their enterprise counterparts; however, SMBs cannot typically apply the same security professional resources to the issue. • While SIEM platforms are built to scale up, the challenges to scale down an enterprise-scale SIEM for SMB are challenging and costly.
Lack of dedicated Network Security Professional • In the vast majority of SMB, network security is treated as a subset of IT. • Demand for cybersecurity tools and resources has doubled since 2014, but a lack of skills and dedicated resources are the main obstacles to implementing them • In SMB Security function are managed by lower IT Admin staff & Due to Lack of training & knowledge its unable to understand the network security requirement. • Budgets allocated for IT security are one of the big challenges . Solution:- • We analyzed all the network setup & extended awareness of security in general. • Identified policy and compliance issues originating from networks.
One single point of observation In most of SMB Assuming that the IT Director could purchase several cyber security tools, Managing & Monitor the all the security incident at single console is challenge. Detecting threat & prioritizing it is a big challenge Solution Provides real-time visibility for threat detection and prioritization, delivering surveillance throughout the entire IT infrastructure. Produces detailed data access and user activity reports to help manage compliance. Managed Service Providers helps deliver cost-effective security intelligence using a single console that supports multiple sites & customer.
Advanced Most of the targeted attacks have the ability to evade detection and the capability to gain and maintain access to well protected networks and sensitive information. Written by highly technical and motivated group of malware writers. Persistent Uses advanced root-kit /stealth technologies to be persistent in nature, very difficult to sense the presence. Threat Everything is at risk…! Most Infamous APTs: Stuxnet, Ghostnet, Duqu, Flame, Shamoon, Wiper APT: Not just another malware category!
Important factors behind successful Targeted Attack Technology Factor: • Bypassing Traditional Security with limited capabilities • Software Design/Architecture Flaws: Vulnerable Systems • Outdated/Unpatched Operating Systems OR Outdated Antivirus Human Factor: • Highly sophisticated and extremely organized cyber criminals • Unaware/Irresponsible Insider • Application developers not following Secure SDLC • IT Admin Team’s Incompetence: Inefficient Configuration Important Factors: Technology & Human
Security appliances have to work out-of-the-box SMB don’t have dedicated personnel that can write rules for incident detection, create inputs for compliance reporting, and write scripts to connect platforms via application program interfaces (API). In this case the IT Admin is constrained by time and practical network security expertise. Solution • Collect, retain, search, alert and report on logs throughout your infrastructure • Providing compliance focused analysts and auditors • Automated mechanisms and advanced correlation • Pre-Built Compliance Reports as per Industry Standard
• Design good security strategy: Understand the threat landscape relevant to your computing environment and have good security strategy and policies with periodic auditing and revision • Develop efficient security Infrastructure: Your Infrastructure’s ability to rapidly discover the presence of the threat and respond to it,will help you to mitigate advanced and targeted threats • Observe and track every smallest activity to sense any anomaly: Early Discovery-> Early Reaction ->Lesser the Impact • Security in the culture: Security education, awareness and common sense will play crucial role DDOS: Mantra for best enterprise security
Write to us at: support@seqrite.com Follow us on: Facebook: www.facebook.com/seqrite Twitter: www.twitter.com/seqrite Google Plus: http://bit.ly/SeqriteGooglePlus LinkedIn: https://www.linkedin.com/company/seqrite YouTube: http://bit.ly/SeqriteYouTube Visit us: Website: www.seqrite.com Share your feedback with us
THANK YOU.

More Related Content

Managing security threats in today’s enterprise

  • 1. Managing Security Threats in Today’s Enterprise
  • 2. Agenda 1) Today’s enterprise scenario 2) Rise of Advanced Persistent Threats & Other Risks 3) Triangle of Use.x 4) User Awareness 5) One single point of observation 6) Security appliances have to work out-of-the-box 7) Q&A
  • 3. • Consistent growth in number of malwares & cyber crime incidents • No Platform/OS is 100% immune from threat • Exponential growth of highly sophisticated and advanced global cyber criminals’ community • Sophisticated cyber crooks want your intellectual property, confidential information, financial data, trade secrets etc. • Attacks are more persistent, pervasive, and in some cases more targeted than ever before…! Today’s enterprise Scenario
  • 4. Rise of Advanced Persistent Threats & Other Risks Advanced Persistent Threats (APTs) are targeted cyber-attacks designed to dodge an organization’s technical countermeasures. APTs are specifically designed to bypass firewalls, intrusion detection systems, and anti- malware programs. Source: PWC 3.4 million 9.4 million 22.7 million 24.9 million 28.9 million 42.8 million 2009 2010 2011 2012 2013 2014 Total number of Security Incidents to grow 66% CAGR
  • 5. Page 4 Cloud External factors to consider Big Data Mobility Security and Risk 738 25% 7.22 60% Number of cloud services that a company uses on average. By 2016, 25% of global firms will adopt big data analytics for security and fraud detection. Number of mobile devices around the world today in BILLIONS. By 2020, 60% of enterprise security budgets will be allocated for rapid detection and response strategies.
  • 6. Attacks in News!! • NSA implants software into 100,000 computers • This allows them to reach non-connected machines through supply chain attack vectors • NSA calls this ‘active defense’
  • 8. How it is done?
  • 9. Today’s SMB & Enterprise Challenges • Security Information and Event Management (SIEM) is an essential cyber security technology. • SMBs face the same cyber threats as their enterprise counterparts; however, SMBs cannot typically apply the same security professional resources to the issue. • While SIEM platforms are built to scale up, the challenges to scale down an enterprise-scale SIEM for SMB are challenging and costly.
  • 10. Lack of dedicated Network Security Professional • In the vast majority of SMB, network security is treated as a subset of IT. • Demand for cybersecurity tools and resources has doubled since 2014, but a lack of skills and dedicated resources are the main obstacles to implementing them • In SMB Security function are managed by lower IT Admin staff & Due to Lack of training & knowledge its unable to understand the network security requirement. • Budgets allocated for IT security are one of the big challenges . Solution:- • We analyzed all the network setup & extended awareness of security in general. • Identified policy and compliance issues originating from networks.
  • 11. One single point of observation In most of SMB Assuming that the IT Director could purchase several cyber security tools, Managing & Monitor the all the security incident at single console is challenge. Detecting threat & prioritizing it is a big challenge Solution Provides real-time visibility for threat detection and prioritization, delivering surveillance throughout the entire IT infrastructure. Produces detailed data access and user activity reports to help manage compliance. Managed Service Providers helps deliver cost-effective security intelligence using a single console that supports multiple sites & customer.
  • 12. Advanced Most of the targeted attacks have the ability to evade detection and the capability to gain and maintain access to well protected networks and sensitive information. Written by highly technical and motivated group of malware writers. Persistent Uses advanced root-kit /stealth technologies to be persistent in nature, very difficult to sense the presence. Threat Everything is at risk…! Most Infamous APTs: Stuxnet, Ghostnet, Duqu, Flame, Shamoon, Wiper APT: Not just another malware category!
  • 13. Important factors behind successful Targeted Attack Technology Factor: • Bypassing Traditional Security with limited capabilities • Software Design/Architecture Flaws: Vulnerable Systems • Outdated/Unpatched Operating Systems OR Outdated Antivirus Human Factor: • Highly sophisticated and extremely organized cyber criminals • Unaware/Irresponsible Insider • Application developers not following Secure SDLC • IT Admin Team’s Incompetence: Inefficient Configuration Important Factors: Technology & Human
  • 14. Security appliances have to work out-of-the-box SMB don’t have dedicated personnel that can write rules for incident detection, create inputs for compliance reporting, and write scripts to connect platforms via application program interfaces (API). In this case the IT Admin is constrained by time and practical network security expertise. Solution • Collect, retain, search, alert and report on logs throughout your infrastructure • Providing compliance focused analysts and auditors • Automated mechanisms and advanced correlation • Pre-Built Compliance Reports as per Industry Standard
  • 15. • Design good security strategy: Understand the threat landscape relevant to your computing environment and have good security strategy and policies with periodic auditing and revision • Develop efficient security Infrastructure: Your Infrastructure’s ability to rapidly discover the presence of the threat and respond to it,will help you to mitigate advanced and targeted threats • Observe and track every smallest activity to sense any anomaly: Early Discovery-> Early Reaction ->Lesser the Impact • Security in the culture: Security education, awareness and common sense will play crucial role DDOS: Mantra for best enterprise security
  • 16. Write to us at: support@seqrite.com Follow us on: Facebook: www.facebook.com/seqrite Twitter: www.twitter.com/seqrite Google Plus: http://bit.ly/SeqriteGooglePlus LinkedIn: https://www.linkedin.com/company/seqrite YouTube: http://bit.ly/SeqriteYouTube Visit us: Website: www.seqrite.com Share your feedback with us