0
11©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |[Restricted] ONL...
22©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
A comprehensive...
33©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
40%
40%
20%
39%...
44©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Multiple source...
55©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Looking back an...
66©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
The Check Point...
77©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
We will talk ab...
88©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Another day, an...
99©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Just this week…...
1010©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
2012: the yea...
1111©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
This does not...
1212©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
The majority ...
1313©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Once in … alw...
1414©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Top 2012 Bots...
1515©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Exploit kits ...
1616©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
But there is ...
1717©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Going to the ...
1818©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Downloading m...
1919©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Anatomy of an...
2020©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Two major tre...
2121©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Case example
...
2222©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Case Study
Ha...
2323©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
BLOCKED
by
Ch...
2424©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Main takeaway...
2525©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
We will talk ...
2626©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
No longer a g...
2727©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
What are risk...
2828©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Just this wee...
2929©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Risky applica...
3030©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
What is an an...
3131©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
History of An...
3232©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
The risk of a...
3333©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Anonymizers i...
3434©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Risky applica...
3535©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
The Risk of P...
3636©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
P2P inside th...
3737©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Case example:...
3838©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Main takeaway...
3939©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
We will talk ...
4040©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
How common is...
4141©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Many types of...
4242©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
PCI complianc...
4444©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
We have all h...
4545©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Storing and S...
4646©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Top sharing a...
4747©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
The Check Poi...
4848©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
We talked abo...
4949©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Anatomy of an...
5050©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Addressing ex...
5151©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Enabling secu...
5252©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Preventing da...
5353©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Seeing attack...
5454©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |
Summary
63%
4...
5555©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |[Restricted] O...
Upcoming SlideShare
Loading in...5
×

festival ICT 2013: Check Point 2013 Security Report

250

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
250
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
16
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "festival ICT 2013: Check Point 2013 Security Report"

  1. 1. 11©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |[Restricted] ONLY for designated groups and individuals
  2. 2. 22©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | A comprehensive survey – and much more ! 888 companies 1,494 gateways 120,000 Monitoring hours 112,000,000 security events [Restricted] ONLY for designated groups and individuals
  3. 3. 33©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | 40% 40% 20% 39% 14%10% 7% 4% 26% A comprehensive survey % of companies Americas EMEA APAC Industrial Finance Government Telco Consulting Other By geography By sector [Restricted] ONLY for designated groups and individuals
  4. 4. 44©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Multiple sources of data SensorNet 3D Reports Threat Cloud [Restricted] ONLY for designated groups and individuals
  5. 5. 55©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Looking back and forward Main security threats & risks Security architecture Recommendations 2012 2013 and beyond [Restricted] ONLY for designated groups and individuals
  6. 6. 66©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | The Check Point Security Report 2013 About the research Key findings Security strategy Summary [Restricted] ONLY for designated groups and individuals
  7. 7. 77©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | We will talk about 3 issues Threats to the organization Risky enterprise applications Data loss incidents in the network [Restricted] ONLY for designated groups and individuals
  8. 8. 88©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Another day, another major hack [Restricted] ONLY for designated groups and individuals
  9. 9. 99©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Just this week…. [Restricted] ONLY for designated groups and individuals “Hackers in China Attacked The Times for Last 4 Months” (NY Times , Jan 30, 2013) “Wall Street Journal also hit by hack” (WSJ , Jan 31 2013)
  10. 10. 1010©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | 2012: the year of hacktivism Arab Spring Political freedom Foxcon Working conditions Justice Department Anti-corruption Vatican Unhealthy transmitters UN ITU Internet deep packet inspection [Restricted] ONLY for designated groups and individuals
  11. 11. 1111©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | This does not affect me, right? [Restricted] ONLY for designated groups and individuals
  12. 12. 1212©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | The majority of companies are infected 63% 100% = 888 companies of the organizations (2 out of 3) in the research were infected with bots [Restricted] ONLY for designated groups and individuals
  13. 13. 1313©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Once in … always on Communicating with command & control every 21minutes [Restricted] ONLY for designated groups and individuals
  14. 14. 1414©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Top 2012 Bots [Restricted] ONLY for designated groups and individuals
  15. 15. 1515©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Exploit kits are easy to buy Rental costs One day – 50$ Up to 1 month – 500$ 3 month – 700$ Rental costs One day – 50$ Up to 1 month – 500$ 3 month – 700$ Available online [Restricted] ONLY for designated groups and individuals
  16. 16. 1616©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | But there is more than Bots, right? Malware INSIDE How does malware get to my network? [Restricted] ONLY for designated groups and individuals
  17. 17. 1717©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Going to the wrong places… [Restricted] ONLY for designated groups and individuals
  18. 18. 1818©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Downloading malware all the time 53%of organizations saw malware downloads [Restricted] ONLY for designated groups and individuals
  19. 19. 1919©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Anatomy of an attack Recon Exploit Toolkit Backdoor Damage4 3 2 1 BOT Virus RAT [Restricted] ONLY for designated groups and individuals
  20. 20. 2020©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Two major trends BOT Virus Damage Profit drivenA Ideological driven B 4RAT [Restricted] ONLY for designated groups and individuals
  21. 21. 2121©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Case example Massive SQL injection attack Italian University [Restricted] ONLY for designated groups and individuals
  22. 22. 2222©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Case Study Hacker injected the following string… In normal language: “Please give me the usernames and passwords from the database” In normal language: “Please give me the usernames and passwords from the database” [Restricted] ONLY for designated groups and individuals
  23. 23. 2323©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | BLOCKED by Check Point IPS Software Blades From around the world… Case study - the success [Restricted] ONLY for designated groups and individuals
  24. 24. 2424©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Main takeaways… 63%63% of organizations were infected with bots 53%53% of organizations experienced malware downloads [Restricted] ONLY for designated groups and individuals
  25. 25. 2525©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | We will talk about 3 issues Threats to the organization Risky enterprise applications Data loss incidents in the network [Restricted] ONLY for designated groups and individuals
  26. 26. 2626©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | No longer a game [Restricted] ONLY for designated groups and individuals
  27. 27. 2727©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | What are risky applications? Bypassing security or hiding identity Do harm without the user knowing it P2P file sharing Anonymizers File sharing / storage Social networks [Restricted] ONLY for designated groups and individuals
  28. 28. 2828©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Just this week…. [Restricted] ONLY for designated groups and individuals We discovered one live attack and were able to shut it down in process moments later, However, our investigation has thus far indicated that the attackers may have had access to limited user information — usernames, email addresses and passwords — for approximately 250,000 users.” Bob Lord, Twitter’s director of information security. (Friday, Feb 1, 2013)
  29. 29. 2929©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Risky applications Anonymizers [Restricted] ONLY for designated groups and individuals
  30. 30. 3030©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | What is an anonymizer? Firewall OK User Proxy Site [Restricted] ONLY for designated groups and individuals
  31. 31. 3131©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | History of Anonymizers Began as “The Onion Router” Officially sponsored by the US Navy 80% of 2012 budget from US Government Used widely during Arab Spring [Restricted] ONLY for designated groups and individuals
  32. 32. 3232©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | The risk of anonymizers Bypasses security infrastructure Used by botnets to communicate Hide criminal, illegal activity [Restricted] ONLY for designated groups and individuals
  33. 33. 3333©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Anonymizers inside the corporation 47% of organizations had users of Anonymizers (80% were not aware that their employees use Anonymizers) 100% = 888 companies [Restricted] ONLY for designated groups and individuals
  34. 34. 3434©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Risky applications P2P file sharing [Restricted] ONLY for designated groups and individuals
  35. 35. 3535©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | The Risk of P2P Applications Downloading the latest “24” episode right now ☺ Pirated content liability Malware downloads “Back door” network access [Restricted] ONLY for designated groups and individuals
  36. 36. 3636©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | P2P inside the corporation 61% of organizations had a P2P file sharing app in use 100% = 888 companies [Restricted] ONLY for designated groups and individuals
  37. 37. 3737©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Case example: P2P 3,800 personal details shared on P2P 95,000 personal details shared on P2P Fines for information disclosers [Restricted] ONLY for designated groups and individuals
  38. 38. 3838©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Main takeaways… 61% of organizations had a P2P file sharing app in use 47% of organizations had users of anonymizers [Restricted] ONLY for designated groups and individuals
  39. 39. 3939©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | We will talk about 3 issues Threats to the organization Risky enterprise applications Data loss incidents in the network [Restricted] ONLY for designated groups and individuals
  40. 40. 4040©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | How common is it? 54% of organizations experienced data loss [Restricted] ONLY for designated groups and individuals
  41. 41. 4141©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Many types of data leaked [Restricted] ONLY for designated groups and individuals
  42. 42. 4242©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | PCI compliance can be improved Of financial organizations sent credit card data outside the organization [Restricted] ONLY for designated groups and individuals
  43. 43. 4444©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | We have all had this problem Error 552: sorry, that message exceeds my maximum message size limit Dropbox? YouSendIt? Windows Live? [Restricted] ONLY for designated groups and individuals
  44. 44. 4545©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Storing and Sharing applications 80% of organizations use file storage and sharing applications 100% = 888 companies [Restricted] ONLY for designated groups and individuals
  45. 45. 4646©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Top sharing and storage apps 70 51 25 22 13 10 Dropbox Windows Live Curl YouSendIt Sugarsync PutLocker % of organizations But sharing is not always caring… [Restricted] ONLY for designated groups and individuals
  46. 46. 4747©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | The Check Point Security Report 2013 About the research Key findings Security strategy Summary [Restricted] ONLY for designated groups and individuals
  47. 47. 4848©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | We talked about three issues Threats to the organization Risky enterprise applications Data loss incidents in the network [Restricted] ONLY for designated groups and individuals
  48. 48. 4949©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Anatomy of an attack Recon Exploit Toolkit Backdoor Damage4 3 2 1 BOT Virus RAT [Restricted] ONLY for designated groups and individuals
  49. 49. 5050©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Addressing external threats FW AVIPS AntiBot URLF ThreatEmulation [Restricted] ONLY for designated groups and individuals
  50. 50. 5151©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Enabling secure application use URLF Antivirus ApplicationControl [Restricted] ONLY for designated groups and individuals Endpoint
  51. 51. 5252©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Preventing data loss DocSec DLP Data EndPoint ApplicationControl Usercheck [Restricted] ONLY for designated groups and individuals
  52. 52. 5353©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Seeing attacks and protections SmartEvent SmartLog SmartDashboard [Restricted] ONLY for designated groups and individuals
  53. 53. 5454©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals | Summary 63% 47% 54% Infected with bots 3 key Takeaways Used Anonymizer Experienced data leak Multi Layer Security Central Management Manage & Monitor Protect from external threats Protect from external threats Prevent access to bad sources Prevent access to bad sources Keep the organization secured Keep the organization secured [Restricted] ONLY for designated groups and individuals
  54. 54. 5555©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |[Restricted] ONLY for designated groups and individuals
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×