Gordon Thomson Infosecurity.nl 4 november Jaarbeurs Utrecht

1,457
-1

Published on

Published in: Technology, Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,457
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
71
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Gordon Thomson Infosecurity.nl 4 november Jaarbeurs Utrecht

  1. 1. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID The Secure Borderless Network Gordon Thomson Director of Security Sales, Europe November 4, 2010
  2. 2. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID Urgent Sales Quote Hello, Our team needs a sales quote ASAP. Please respond as soon as possible. https://www.salesforce.com/ Urgent! Need Sales Quote User : ED Hello, Our team needs a sales quote ASAP. Please respond as soon as possible. https://www.salesforce.com/ Urgent! Need Sales Quote User : TED
  3. 3. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID Cisco Secure Mobility 3
  4. 4. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID No Cisco Secure Mobility
  5. 5. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID While reporters and onlookers were lamenting the passing of the King of Pop…
  6. 6. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 666666666666 FriJune26 20:00 0.00% 1.00% 2.00% 3.00% 4.00% 5.00% 6.00% Michael Jackson Spam as a Percentage of Global Spam SatJune27 02:00 SatJune27 08:00 SatJune27 14:00 SatJune27 20:00 SunJune28 02:00 SunJune28 08:00 …criminals spewed over 2 billion Michael Jackson spam messages
  7. 7. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID Web 2.0 Abuse Commercial tools for account creation, posting, CAPTCHA bypass, and IP rotation are readily available Targets popular sites and blogs including Gmail, Yahoo, Facebook, Twitter, and Craigslist Enables abuse of many services including webmail account creation for spamming 7
  8. 8. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID Botnet Trends Reducing…………… Better Hidden, More Refined, but Hard Working as Ever 2007: Big Botnet story was Storm 2008: Storm not dead yet, now joined by Kraken/Bobax and Asprox 2009: Storm evolves to Waledac, Conficker, Koobface 2009: Zeus………what‘s next?
  9. 9. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 999999999999 Strategic Alliances: Conficker and Waledac Waledac monetizes Conficker botnet  Fake and malicious SMS software  Scareware Antivirus software
  10. 10. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 101010101010101010101010 Service dedicated to checking if a malware executable is detectable by AV engines Criminal SaaS Offerings Expand
  11. 11. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID Rise in SMS Attacks Often will direct users to call automated phone systems designed to steal personal info Targeted (by area code) Credible ―Smishing‖: SMS being used to deliver phishing links Smartphone OS vulnerability exploits being discovered 11
  12. 12. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID Security Top of Agenda ‗How important are each of the following IT initiatives to your organizations usiness or corporate initiatives for the coming year?‗ 1st Security Enhancement 3rd Updating Disaster recovery 5th Beginning/Updating Server Virtualisation 11th Adoption of Unified Communications Technology IT Managers place highest priority on adoption of security Critical Priority High Priority Low Priority Not on our agenda Source: Wedbush Morgan, Jan. 2010, 49% 36% 12% 3% 35% 38% 21% 5% 34% 35% 25% 5% 25% 35% 26% 14%
  13. 13. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 131313131313131313131313 ‖ I need security to be simpler, transparent to the user and more agile. ― — John Stewart CSO Cisco Collaboration is changing workplace experience Cloud computing drives efficiency Vendor consolidation lowers costs
  14. 14. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 141414141414141414141414 My business has a mass of data. I need to identify which data needs protection, and put systems in place to protect it. ― — Dave Martin CSO EMC ‖ Data theft turns ―professional‖ Regulations make data control more critical Anytime, anywhere access increases risk
  15. 15. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 151515151515151515151515 I need to be thinking about all threats – rational and irrational, amateur, professional and political. ― ‖— Charlie Forand CSO Verizon Cyber crime fuels malicious R&D Industrial espionage is a real threat Political attacks are growing threat
  16. 16. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 161616161616161616161616 Business Imperatives Security Imperatives Simplify Security for the User, the Business, and for the Operations Maintain Regulatory Compliance and Manage Risk Well Design and Defend for Unpredictable Threats Enable Business Speed and Agility Maintain Regulatory Compliance and Manage Risk Well Protect Intellectual Property
  17. 17. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 171717171717 The European CIO Landscape
  18. 18. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID The Customer’s Problem Theft Unintentional Loss Virus Scanning - Host & Server Anomaly Detection & Mitigation Encryption Software One-Time Token Software Multifunction Security Firewall Physical Security Endpoint Security Network Intrusion Protection Router/Switch Security Security Management VPN Compliance Validation Application Optimization Identity Management Security Alerts Event Logging Application Vulnerability Assessment Access Control & Video Surveillance Vulnerability Scan Risk Management Facility Management Application Security Policy Access Control Identity Web Security Website Defacement Loss of Confidentiality Virus Outbreak DDoS
  19. 19. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 191919191919 Our Approach to Security needs to Change Improve Effectiveness Reduce Risk Control Costs
  20. 20. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 202020202020202020202020 Opposing Forces Access Control Cyber Security Control Open Smart Connected Communities Mobility Cloud Collaboration Virtualization Smart Grid Connected Cameras, Printers… Acceptable Use Threat Protection Data Security Compliance
  21. 21. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 212121212121212121212121 The Traditional Network DMZ and ServerDesktop
  22. 22. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 222222222222222222222222 Any Device, Anytime, Anywhere WorkplaceApplications and Data Are Now Mobile
  23. 23. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 232323232323232323232323 Applications and Data Are Now MobileSecurity Extends from the Network
  24. 24. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 242424242424242424242424 From Self-Defending Network to Secure Borderless Networks Keep the Bad Guys Out Firewall Access Control Intrusion Prevention Block Attacks Content Security Email & Web Self-Defending Network
  25. 25. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 252525252525252525252525 From Self-Defending Network to Secure Borderless Networks Self-Defending Network Enable Secure Borderless Access Firewall Access Control Intrusion Prevention Block Attacks Content Security Email & Web Policy & Identity Trusted Access Secure Mobility Always On Cloud Security Hosted/Hybrid New Security Requirements Keep the Bad Guys Out
  26. 26. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 262626262626262626262626 From Self-Defending Network to Secure Borderless Networks Self-Defending Network Enable Secure Borderless Access Keep the Bad Guys Out Secure Mobility Always On Secure Borderless Networks Policy & Identity Trusted Access Cloud Security Hosted/Hybrid Cisco Security Intelligence Operations Firewall Access Control Intrusion Prevention Block Attacks Content Security Email & Web
  27. 27. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 272727272727272727272727 Cisco’s Security Approach Accurately, Seamlessly & Always On DEFEND Defend Against Threats Anyone, Anywhere, Anything, Anytime Threat Defence and Risk Reduction EXTEND PREVENT COMPLY Achieve Regulatory Compliance Prevent Loss of Business Assets Secure Enterprise Connectivity Secure Mobile Workforce Physical and Data Loss Prevention Governance, Risk and Compliance
  28. 28. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID New Business Models in Security Suitable for single site, no mobile workers, low perception of security risk, DIY mentality. Appliance Self-Managed, On-Premise Hybrid Hosted Divided Control, On-Premise & Cloud-Based Managed Fully-Managed, On-Premise or DC. Suitable for multiple sites, many mobile workers, TCO aware , Cloud friendly. Large HQ, hub sites, many mobile workers, but cloud not strategic. Company outsource to SI or SP. Technology agnostic. Hosted Cloud-Based, SaaS Infrastructure
  29. 29. Trusted Systems Management Endpoint Cloud ServicesPartners Site Licenses The Whole Offer Cisco Security Architecture Global Intelligence Local Intelligence
  30. 30. Trusted Systems Management Endpoint Cloud ServicesPartners Site Licenses The Whole Offer The Cisco Advantage Global Intelligence Local Intelligence AnyConnect Hybrid Scanning TrustSec Security Intelligence Operations Policy Network Integration
  31. 31. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 313131313131313131313131 The New Borderless Organization Securely, Reliably, Seamlessly Borderless Experience Anything AnytimeAnywhere Anyone
  32. 32. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 323232323232323232323232 Critical Questions to Consider Do I Have a Consistent Access Policy Architecture Across My Network for all Users and Devices? Can Mobile Devices Access My Network Securely, Reliably and Seamlessly? Can My Network Deliver Real-Time Collaboration Experiences? Can My Network Deliver Protection from the Premises to the Cloud? Can My Network Optimize Performance of Applications Anytime, Anywhere? Am I Using My Network to Reduce My Energy Costs? Is My Network Ready for Current and Future Regulatory Requirements? Where Am I Now? Where Do I Start? 1 2 3 4 5 6 7 8
  33. 33. © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 333333333333 SECURITY NEEDS TO SECURE, ENABLE AND CONTROL COST Secure Borderless Networks delivers the anytime, anywhere experience securely
  34. 34. 3434© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 3434© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 3434© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 3434© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 3434© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID 3434© 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID © 2009 Cisco Systems, Inc. All rights reserved. Cisco PublicPresentation_ID

×