SlideShare a Scribd company logo

Endpoint and Server: The belt and braces anti-malware strategy

Download as PPTX, PDF
Stephen Cobb
Stephen Cobb

Slides prepared for the Federal IT expo: FOSE. Should help employees and managers understand why anti-malware protection is needed at all endpoints and on all serves.

Technology
1 of 29
Belt & Braces, Server & Endpoint: Why you need multiple levels of malware protection Stephen Cobb, CISSP Senior Security Researcher, ESET NA
Today’s agenda
Today’s agenda • Full spectrum malware defense
Endpoints under attack • Malware threat shows no signs of retreating • Attacks come from – Cyber criminals – Hacktivists – Non-state actors – Nation states
Attacks from servers, mobile devices • We now see large-scale server-based attacks • In one operation: 1000s of servers taken over • Used to attack 100s of 1000s of endpoints – Desktops, laptops, mobile devices • Clearly we need to protect against malware at all levels, across all surfaces
2014 State of Endpoint Risk • Are security threats created by vulnerabilities to endpoint more difficult to stop/mitigate: 71% • Have you seen a major increase in malware incidents targeting your endpoints: 41% • Have your mobile endpoints been the target of malware in the last 12 months: 68% 2014 State of Endpoint Risk, Ponemon Institute
April 2014 GAO report • Information Security – Federal Agencies Need to Enhance Responses to Data Breaches • (GAO-14-487T) • A lot of work still to be done, across numerous agencies – Improve security – Improve breach response
29,999 41,776 42,854 48,562 61,214 2009 2010 2011 2012 2013 The scale of the problem • Information security incidents reported to US-CERT by all federal agencies, 2009 – 2013 • GAO-14-487T • Number of incidents way up – More data to defend? – Improved reporting?
Exposure of PII is growing • More incidents involving Personally Identifiable Information • Why? – Thriving black market for PII • Impact – Serious costs/stress for victims – Growing public displeasure – Target CIO and CEO 10,481 13,028 15,584 22,156 25,566 2009 2010 2011 2012 2013
A federal PII breach example • July 2013, hackers get PII of 104,000+ people – From a DOE system • Social Security numbers, birth dates and locations, bank account numbers – Plus security questions and answers • DOE Inspector General: cost = $3.7 million – Assisting affected individuals and lost productivity
What happens to the stolen data? • Sold to criminal enterprises – For identity theft, raiding bank accounts, buying luxury goods, laundering money • Lucrative scams like tax identity fraud
The market for stolen data has matured
All driven by proven business strategies
Market forces in malware strategy • Dirty deeds that pay well: – Click fraud – DDoS – Spam – Infection
Malware profitability requires: • Devices that are always on, on good bandwidth • Was: desktop-based botnets • Now: server-based, website, VPS, etc. • With mobile devices on the rise
Example: Operation Windigo • 25,000+ servers compromised in last 2 years • About 10,000 still infected • 35 million spam messages per day • 500,000 web redirects per day • Currently installing • Click fraud malware • Spam sending malware
• Evolving since 2011 as modular multi-OS design • Apple OS X, OpenBSD, FreeBSD, Microsoft Windows (Cygwin), Linux, including Linux on ARM • Stealthy, with strong use of cryptography • Halts operation to avoid detection • Maximizes resources by varying activity Complex malware infrastructure
Structure • Bad guys install on root-level compromised hosts: – By replacing SSH related binaries (ssh, sshd, ssh-add, etc.) – Or via a shared library used by SSH (libkeyutils) • Servers used to: – Serve malware, redirect traffic to infected hosts – Act as domain servers for malicious sites • Infecting web users through drive-by downloads • Redirect web traffic to advertisement networks
The need for belt and braces is clear • Endpoint – Scanning all incoming files, as they enter – From email, websites, removable media • Server – Email, File, Sharepoint, Gateway • Mobile – Antivirus, remote lock, and wipe
Belt, braces, encryption, authentication
Preferably: One interface to manage them all
Don’t neglect the real end point
Resources to tap • Industry associations • CompTIA • ISSA, SANS, (ISC)2 • Booth number 826 • My talk tomorrow • Websites
Thank you! • Stephen Cobb • Stephen.cobb@eset.com • We Live Security • www.welivesecurity.com • Webinars • www.brighttalk.com/channel/1718 • Booth number 826

Recommended

Think Like a Hacker
Think Like a HackerThink Like a Hacker
Think Like a HackerNormShield, Inc.
 
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party RiskUsing SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party RiskSurfWatch Labs
 
2017 Cyber Risk Grades by Industry: Normshield Executive Presentation
2017 Cyber Risk Grades by Industry: Normshield Executive Presentation2017 Cyber Risk Grades by Industry: Normshield Executive Presentation
2017 Cyber Risk Grades by Industry: Normshield Executive PresentationNormShield, Inc.
 
Webinar cybersecurity presentation-6-2018 (final)
Webinar cybersecurity presentation-6-2018 (final)Webinar cybersecurity presentation-6-2018 (final)
Webinar cybersecurity presentation-6-2018 (final)AT-NET Services, Inc. - Charleston Division
 
Investigating Cybercrime in the UK
Investigating Cybercrime in the UKInvestigating Cybercrime in the UK
Investigating Cybercrime in the UKNapier University
 
Revealing the dark web
Revealing the dark webRevealing the dark web
Revealing the dark webVeriato
 
NormShield Cyber Threat & Vulnerability Orchestration Overview
NormShield Cyber Threat & Vulnerability Orchestration OverviewNormShield Cyber Threat & Vulnerability Orchestration Overview
NormShield Cyber Threat & Vulnerability Orchestration OverviewNormShield, Inc.
 
Incident handling of cyber espionage
Incident handling of cyber espionageIncident handling of cyber espionage
Incident handling of cyber espionageMarie Elisabeth Gaup Moe
 

Recommended

Think Like a Hacker
Think Like a HackerThink Like a Hacker
Think Like a HackerNormShield, Inc.
 
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party RiskUsing SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party RiskSurfWatch Labs
 
2017 Cyber Risk Grades by Industry: Normshield Executive Presentation
2017 Cyber Risk Grades by Industry: Normshield Executive Presentation2017 Cyber Risk Grades by Industry: Normshield Executive Presentation
2017 Cyber Risk Grades by Industry: Normshield Executive PresentationNormShield, Inc.
 
Webinar cybersecurity presentation-6-2018 (final)
Webinar cybersecurity presentation-6-2018 (final)Webinar cybersecurity presentation-6-2018 (final)
Webinar cybersecurity presentation-6-2018 (final)AT-NET Services, Inc. - Charleston Division
 
Investigating Cybercrime in the UK
Investigating Cybercrime in the UKInvestigating Cybercrime in the UK
Investigating Cybercrime in the UKNapier University
 
Revealing the dark web
Revealing the dark webRevealing the dark web
Revealing the dark webVeriato
 
NormShield Cyber Threat & Vulnerability Orchestration Overview
NormShield Cyber Threat & Vulnerability Orchestration OverviewNormShield Cyber Threat & Vulnerability Orchestration Overview
NormShield Cyber Threat & Vulnerability Orchestration OverviewNormShield, Inc.
 
Incident handling of cyber espionage
Incident handling of cyber espionageIncident handling of cyber espionage
Incident handling of cyber espionageMarie Elisabeth Gaup Moe
 
Cybercrime
CybercrimeCybercrime
CybercrimeTouqeerAhmed30
 
Cyber Crimes
Cyber Crimes Cyber Crimes
Cyber Crimes Umair Javed
 
Cambodia CERT Seminar: Incident response for ransomeware attacks
Cambodia CERT Seminar: Incident response for ransomeware attacksCambodia CERT Seminar: Incident response for ransomeware attacks
Cambodia CERT Seminar: Incident response for ransomeware attacksAPNIC
 
ANDROID SECURITY - THE LEADING ISSUE BY PRATIK RATHOD
ANDROID SECURITY - THE LEADING ISSUE BY PRATIK RATHODANDROID SECURITY - THE LEADING ISSUE BY PRATIK RATHOD
ANDROID SECURITY - THE LEADING ISSUE BY PRATIK RATHODpratikrathodnetsquare1
 
4. Mitigating a Cyber Attack
4. Mitigating a Cyber Attack4. Mitigating a Cyber Attack
4. Mitigating a Cyber Attackisc2-hellenic
 
Ransomware protection
Ransomware protectionRansomware protection
Ransomware protectionRohit Srivastwa
 
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SCCyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SCAT-NET Services, Inc. - Charleston Division
 
Internet and Global Connectivity – Security Concerns
Internet and Global Connectivity – Security ConcernsInternet and Global Connectivity – Security Concerns
Internet and Global Connectivity – Security ConcernsAkshay Jain
 
Cyber security
Cyber securityCyber security
Cyber securityEduonix
 
Important Notes
Important NotesImportant Notes
Important NotesUsman Abdullah
 
Insurance Cyber Risks Presentation
Insurance Cyber Risks PresentationInsurance Cyber Risks Presentation
Insurance Cyber Risks PresentationNeville Cartwright
 
Cyber Security –PPT
Cyber Security –PPTCyber Security –PPT
Cyber Security –PPTRajat Kumar
 
Cybersecurity service provider
Cybersecurity service providerCybersecurity service provider
Cybersecurity service providerVishvendra Saini
 
Using SurfWatch Labs' Threat Intelligence to Monitor Your Digital Risk
Using SurfWatch Labs' Threat Intelligence to Monitor Your Digital RiskUsing SurfWatch Labs' Threat Intelligence to Monitor Your Digital Risk
Using SurfWatch Labs' Threat Intelligence to Monitor Your Digital RiskSurfWatch Labs
 
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...Stefano Maria De' Rossi
 
Openbar Leuven // Top 5 focus areas in cyber security linked to you digital t...
Openbar Leuven // Top 5 focus areas in cyber security linked to you digital t...Openbar Leuven // Top 5 focus areas in cyber security linked to you digital t...
Openbar Leuven // Top 5 focus areas in cyber security linked to you digital t...Openbar
 
Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Hannah Jane del Castillo
 
CyberCrime - Lse summer school 2010 mg270
CyberCrime - Lse summer school 2010 mg270CyberCrime - Lse summer school 2010 mg270
CyberCrime - Lse summer school 2010 mg270Dario
 
Fears and fulfillment with IT security
Fears and fulfillment with IT securityFears and fulfillment with IT security
Fears and fulfillment with IT securityDavid Strom
 
Jeffrey_Smith_Resume_2016
Jeffrey_Smith_Resume_2016Jeffrey_Smith_Resume_2016
Jeffrey_Smith_Resume_2016Jeffrey Smith
 
Maintaining a Malware Collection
Maintaining a Malware CollectionMaintaining a Malware Collection
Maintaining a Malware Collectionfrisksoftware
 
Increasing Performance in Enterprise Anti-Malware Software
Increasing Performance in Enterprise Anti-Malware SoftwareIncreasing Performance in Enterprise Anti-Malware Software
Increasing Performance in Enterprise Anti-Malware SoftwareGFI Software
 

More Related Content

What's hot

Cambodia CERT Seminar: Incident response for ransomeware attacks
Cambodia CERT Seminar: Incident response for ransomeware attacksCambodia CERT Seminar: Incident response for ransomeware attacks
Cambodia CERT Seminar: Incident response for ransomeware attacksAPNIC
 
ANDROID SECURITY - THE LEADING ISSUE BY PRATIK RATHOD
ANDROID SECURITY - THE LEADING ISSUE BY PRATIK RATHODANDROID SECURITY - THE LEADING ISSUE BY PRATIK RATHOD
ANDROID SECURITY - THE LEADING ISSUE BY PRATIK RATHODpratikrathodnetsquare1
 
4. Mitigating a Cyber Attack
4. Mitigating a Cyber Attack4. Mitigating a Cyber Attack
4. Mitigating a Cyber Attackisc2-hellenic
 
Internet and Global Connectivity – Security Concerns
Internet and Global Connectivity – Security ConcernsInternet and Global Connectivity – Security Concerns
Internet and Global Connectivity – Security ConcernsAkshay Jain
 
Cyber security
Cyber securityCyber security
Cyber securityEduonix
 
Insurance Cyber Risks Presentation
Insurance Cyber Risks PresentationInsurance Cyber Risks Presentation
Insurance Cyber Risks PresentationNeville Cartwright
 
Cyber Security –PPT
Cyber Security –PPTCyber Security –PPT
Cyber Security –PPTRajat Kumar
 
Cybersecurity service provider
Cybersecurity service providerCybersecurity service provider
Cybersecurity service providerVishvendra Saini
 
Using SurfWatch Labs' Threat Intelligence to Monitor Your Digital Risk
Using SurfWatch Labs' Threat Intelligence to Monitor Your Digital RiskUsing SurfWatch Labs' Threat Intelligence to Monitor Your Digital Risk
Using SurfWatch Labs' Threat Intelligence to Monitor Your Digital RiskSurfWatch Labs
 
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...Stefano Maria De' Rossi
 
Openbar Leuven // Top 5 focus areas in cyber security linked to you digital t...
Openbar Leuven // Top 5 focus areas in cyber security linked to you digital t...Openbar Leuven // Top 5 focus areas in cyber security linked to you digital t...
Openbar Leuven // Top 5 focus areas in cyber security linked to you digital t...Openbar
 
Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Hannah Jane del Castillo
 
CyberCrime - Lse summer school 2010 mg270
CyberCrime - Lse summer school 2010 mg270CyberCrime - Lse summer school 2010 mg270
CyberCrime - Lse summer school 2010 mg270Dario
 
Fears and fulfillment with IT security
Fears and fulfillment with IT securityFears and fulfillment with IT security
Fears and fulfillment with IT securityDavid Strom
 
Jeffrey_Smith_Resume_2016
Jeffrey_Smith_Resume_2016Jeffrey_Smith_Resume_2016
Jeffrey_Smith_Resume_2016Jeffrey Smith
 

What's hot (20)

Cybercrime
CybercrimeCybercrime
Cybercrime
 
Cyber Crimes
Cyber Crimes Cyber Crimes
Cyber Crimes
 
Cambodia CERT Seminar: Incident response for ransomeware attacks
Cambodia CERT Seminar: Incident response for ransomeware attacksCambodia CERT Seminar: Incident response for ransomeware attacks
Cambodia CERT Seminar: Incident response for ransomeware attacks
 
ANDROID SECURITY - THE LEADING ISSUE BY PRATIK RATHOD
ANDROID SECURITY - THE LEADING ISSUE BY PRATIK RATHODANDROID SECURITY - THE LEADING ISSUE BY PRATIK RATHOD
ANDROID SECURITY - THE LEADING ISSUE BY PRATIK RATHOD
 
4. Mitigating a Cyber Attack
4. Mitigating a Cyber Attack4. Mitigating a Cyber Attack
4. Mitigating a Cyber Attack
 
Ransomware protection
Ransomware protectionRansomware protection
Ransomware protection
 
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SCCyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
 
Internet and Global Connectivity – Security Concerns
Internet and Global Connectivity – Security ConcernsInternet and Global Connectivity – Security Concerns
Internet and Global Connectivity – Security Concerns
 
Cyber security
Cyber securityCyber security
Cyber security
 
Important Notes
Important NotesImportant Notes
Important Notes
 
Insurance Cyber Risks Presentation
Insurance Cyber Risks PresentationInsurance Cyber Risks Presentation
Insurance Cyber Risks Presentation
 
Cyber Security –PPT
Cyber Security –PPTCyber Security –PPT
Cyber Security –PPT
 
Cybersecurity service provider
Cybersecurity service providerCybersecurity service provider
Cybersecurity service provider
 
Using SurfWatch Labs' Threat Intelligence to Monitor Your Digital Risk
Using SurfWatch Labs' Threat Intelligence to Monitor Your Digital RiskUsing SurfWatch Labs' Threat Intelligence to Monitor Your Digital Risk
Using SurfWatch Labs' Threat Intelligence to Monitor Your Digital Risk
 
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
E Fraud And Predictive Forensic Profiling Reducing Losses By Combining Sci...
 
Openbar Leuven // Top 5 focus areas in cyber security linked to you digital t...
Openbar Leuven // Top 5 focus areas in cyber security linked to you digital t...Openbar Leuven // Top 5 focus areas in cyber security linked to you digital t...
Openbar Leuven // Top 5 focus areas in cyber security linked to you digital t...
 
Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)Internet Issues (How to Deal on Internet Security)
Internet Issues (How to Deal on Internet Security)
 
CyberCrime - Lse summer school 2010 mg270
CyberCrime - Lse summer school 2010 mg270CyberCrime - Lse summer school 2010 mg270
CyberCrime - Lse summer school 2010 mg270
 
Fears and fulfillment with IT security
Fears and fulfillment with IT securityFears and fulfillment with IT security
Fears and fulfillment with IT security
 
Jeffrey_Smith_Resume_2016
Jeffrey_Smith_Resume_2016Jeffrey_Smith_Resume_2016
Jeffrey_Smith_Resume_2016
 

Viewers also liked

Maintaining a Malware Collection
Maintaining a Malware CollectionMaintaining a Malware Collection
Maintaining a Malware Collectionfrisksoftware
 
Increasing Performance in Enterprise Anti-Malware Software
Increasing Performance in Enterprise Anti-Malware SoftwareIncreasing Performance in Enterprise Anti-Malware Software
Increasing Performance in Enterprise Anti-Malware SoftwareGFI Software
 
About Malware Testing
About Malware TestingAbout Malware Testing
About Malware Testingfrisksoftware
 
Why Traditional Anti Malware Whitepaper
Why Traditional Anti Malware WhitepaperWhy Traditional Anti Malware Whitepaper
Why Traditional Anti Malware WhitepaperAVG Technologies
 
Eliminating Inter-Domain Vulnerabilities in Cyber-Physical Systems: An Analys...
Eliminating Inter-Domain Vulnerabilities in Cyber-Physical Systems: An Analys...Eliminating Inter-Domain Vulnerabilities in Cyber-Physical Systems: An Analys...
Eliminating Inter-Domain Vulnerabilities in Cyber-Physical Systems: An Analys...Ivan Ruchkin
 
Physical Security Domain
Physical Security DomainPhysical Security Domain
Physical Security Domainamiable_indian
 
Zero Day Plus Anti Malware LTD 2016 sales pdf
Zero Day Plus Anti Malware LTD 2016 sales pdfZero Day Plus Anti Malware LTD 2016 sales pdf
Zero Day Plus Anti Malware LTD 2016 sales pdfAlexander Rogan
 
CISSP week 26
CISSP week 26CISSP week 26
CISSP week 26jemtallon
 
Situational Awareness, Botnet and Malware Detection in the Modern Era - Davi...
Situational Awareness, Botnet and Malware Detection in the Modern Era - Davi...Situational Awareness, Botnet and Malware Detection in the Modern Era - Davi...
Situational Awareness, Botnet and Malware Detection in the Modern Era - Davi...Codemotion
 
Certified Information Systems Security Professional (cissp) Domain “access co...
Certified Information Systems Security Professional (cissp) Domain “access co...Certified Information Systems Security Professional (cissp) Domain “access co...
Certified Information Systems Security Professional (cissp) Domain “access co...master student
 
The Physical Structure Of Organizations
The Physical Structure Of OrganizationsThe Physical Structure Of Organizations
The Physical Structure Of Organizationscwroblew
 
ANTIVIRUS AND VIRUS Powerpoint presentation
ANTIVIRUS AND VIRUS Powerpoint presentationANTIVIRUS AND VIRUS Powerpoint presentation
ANTIVIRUS AND VIRUS Powerpoint presentationabhijit chintamani
 
Physical Security Presentation
Physical Security PresentationPhysical Security Presentation
Physical Security PresentationWajahat Rajab
 

Viewers also liked (14)

Maintaining a Malware Collection
Maintaining a Malware CollectionMaintaining a Malware Collection
Maintaining a Malware Collection
 
Increasing Performance in Enterprise Anti-Malware Software
Increasing Performance in Enterprise Anti-Malware SoftwareIncreasing Performance in Enterprise Anti-Malware Software
Increasing Performance in Enterprise Anti-Malware Software
 
About Malware Testing
About Malware TestingAbout Malware Testing
About Malware Testing
 
Why Traditional Anti Malware Whitepaper
Why Traditional Anti Malware WhitepaperWhy Traditional Anti Malware Whitepaper
Why Traditional Anti Malware Whitepaper
 
Eliminating Inter-Domain Vulnerabilities in Cyber-Physical Systems: An Analys...
Eliminating Inter-Domain Vulnerabilities in Cyber-Physical Systems: An Analys...Eliminating Inter-Domain Vulnerabilities in Cyber-Physical Systems: An Analys...
Eliminating Inter-Domain Vulnerabilities in Cyber-Physical Systems: An Analys...
 
Physical Security Domain
Physical Security DomainPhysical Security Domain
Physical Security Domain
 
Zero Day Plus Anti Malware LTD 2016 sales pdf
Zero Day Plus Anti Malware LTD 2016 sales pdfZero Day Plus Anti Malware LTD 2016 sales pdf
Zero Day Plus Anti Malware LTD 2016 sales pdf
 
CISSP week 26
CISSP week 26CISSP week 26
CISSP week 26
 
Situational Awareness, Botnet and Malware Detection in the Modern Era - Davi...
Situational Awareness, Botnet and Malware Detection in the Modern Era - Davi...Situational Awareness, Botnet and Malware Detection in the Modern Era - Davi...
Situational Awareness, Botnet and Malware Detection in the Modern Era - Davi...
 
Certified Information Systems Security Professional (cissp) Domain “access co...
Certified Information Systems Security Professional (cissp) Domain “access co...Certified Information Systems Security Professional (cissp) Domain “access co...
Certified Information Systems Security Professional (cissp) Domain “access co...
 
The Physical Structure Of Organizations
The Physical Structure Of OrganizationsThe Physical Structure Of Organizations
The Physical Structure Of Organizations
 
6 Physical Security
6 Physical Security6 Physical Security
6 Physical Security
 
ANTIVIRUS AND VIRUS Powerpoint presentation
ANTIVIRUS AND VIRUS Powerpoint presentationANTIVIRUS AND VIRUS Powerpoint presentation
ANTIVIRUS AND VIRUS Powerpoint presentation
 
Physical Security Presentation
Physical Security PresentationPhysical Security Presentation
Physical Security Presentation
 

Similar to Endpoint and Server: The belt and braces anti-malware strategy

Using Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityUsing Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityStephen Cobb
 
Stopping zero day threats
Stopping zero day threatsStopping zero day threats
Stopping zero day threatsZscaler
 
How to Detect System Compromise & Data Exfiltration with AlienVault USM
How to Detect System Compromise & Data Exfiltration with AlienVault USMHow to Detect System Compromise & Data Exfiltration with AlienVault USM
How to Detect System Compromise & Data Exfiltration with AlienVault USMAlienVault
 
Cybersecurity.pptx
Cybersecurity.pptxCybersecurity.pptx
Cybersecurity.pptxJohn Donahue
 
Can You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security RisksCan You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security RisksMichael Davis
 
Cyber Attacks aren't going away - including Cyber Security in your risk strategy
Cyber Attacks aren't going away - including Cyber Security in your risk strategyCyber Attacks aren't going away - including Cyber Security in your risk strategy
Cyber Attacks aren't going away - including Cyber Security in your risk strategyJames Mulhern
 
Data security best practices for risk awareness and mitigation
Data security best practices for risk awareness and mitigationData security best practices for risk awareness and mitigation
Data security best practices for risk awareness and mitigationNick Chandi
 
Anomaly Detection and You
Anomaly Detection and YouAnomaly Detection and You
Anomaly Detection and YouMary Kelly Rich
 
Cyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat LandscapeCyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat LandscapeAaron White
 
Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationPriyanka Aash
 
Risk Factory Information Security Coordination Challenges & Best Practice
Risk Factory Information Security Coordination Challenges & Best PracticeRisk Factory Information Security Coordination Challenges & Best Practice
Risk Factory Information Security Coordination Challenges & Best PracticeRisk Crew
 
InformationSecurity.ppt
InformationSecurity.pptInformationSecurity.ppt
InformationSecurity.pptAnshikaGoel42
 
Security Breakout Session
Security Breakout Session Security Breakout Session
Security Breakout Session Splunk
 
Law Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your DataLaw Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your DataAccellis Technology Group
 
Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective amarukanda
 
Operational Security Intelligence
Operational Security IntelligenceOperational Security Intelligence
Operational Security IntelligenceSplunk
 
The Threat Landscape & Network Security Measures
The Threat Landscape & Network Security MeasuresThe Threat Landscape & Network Security Measures
The Threat Landscape & Network Security MeasuresCarl B. Forkner, Ph.D.
 
THE CYBER-DOME
THE CYBER-DOMETHE CYBER-DOME
THE CYBER-DOMEDina Beer
 

Similar to Endpoint and Server: The belt and braces anti-malware strategy (20)

Using Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber SecurityUsing Technology and People to Improve your Threat Resistance and Cyber Security
Using Technology and People to Improve your Threat Resistance and Cyber Security
 
Stopping zero day threats
Stopping zero day threatsStopping zero day threats
Stopping zero day threats
 
How to Detect System Compromise & Data Exfiltration with AlienVault USM
How to Detect System Compromise & Data Exfiltration with AlienVault USMHow to Detect System Compromise & Data Exfiltration with AlienVault USM
How to Detect System Compromise & Data Exfiltration with AlienVault USM
 
Cybersecurity.pptx
Cybersecurity.pptxCybersecurity.pptx
Cybersecurity.pptx
 
Can You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security RisksCan You Steal From Me Now? Mobile and BYOD Security Risks
Can You Steal From Me Now? Mobile and BYOD Security Risks
 
Declaration of malWARe
Declaration of malWAReDeclaration of malWARe
Declaration of malWARe
 
Cyber Attacks aren't going away - including Cyber Security in your risk strategy
Cyber Attacks aren't going away - including Cyber Security in your risk strategyCyber Attacks aren't going away - including Cyber Security in your risk strategy
Cyber Attacks aren't going away - including Cyber Security in your risk strategy
 
Data security best practices for risk awareness and mitigation
Data security best practices for risk awareness and mitigationData security best practices for risk awareness and mitigation
Data security best practices for risk awareness and mitigation
 
Anomaly Detection and You
Anomaly Detection and YouAnomaly Detection and You
Anomaly Detection and You
 
Cyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat LandscapeCyber-Espionage: Understanding the Advanced Threat Landscape
Cyber-Espionage: Understanding the Advanced Threat Landscape
 
Cyberattacks.pptx
Cyberattacks.pptxCyberattacks.pptx
Cyberattacks.pptx
 
Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security Innovation
 
Risk Factory Information Security Coordination Challenges & Best Practice
Risk Factory Information Security Coordination Challenges & Best PracticeRisk Factory Information Security Coordination Challenges & Best Practice
Risk Factory Information Security Coordination Challenges & Best Practice
 
InformationSecurity.ppt
InformationSecurity.pptInformationSecurity.ppt
InformationSecurity.ppt
 
Security Breakout Session
Security Breakout Session Security Breakout Session
Security Breakout Session
 
Law Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your DataLaw Firm Cybersecurity: Practical Tips for Protecting Your Data
Law Firm Cybersecurity: Practical Tips for Protecting Your Data
 
Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective a
 
Operational Security Intelligence
Operational Security IntelligenceOperational Security Intelligence
Operational Security Intelligence
 
The Threat Landscape & Network Security Measures
The Threat Landscape & Network Security MeasuresThe Threat Landscape & Network Security Measures
The Threat Landscape & Network Security Measures
 
THE CYBER-DOME
THE CYBER-DOMETHE CYBER-DOME
THE CYBER-DOME
 

More from Stephen Cobb

Cybercrime-as-health-crisis-shared.pptx
Cybercrime-as-health-crisis-shared.pptxCybercrime-as-health-crisis-shared.pptx
Cybercrime-as-health-crisis-shared.pptxStephen Cobb
 
Cybersecurity Risk Perception and Communication
Cybersecurity Risk Perception and CommunicationCybersecurity Risk Perception and Communication
Cybersecurity Risk Perception and CommunicationStephen Cobb
 
What Makes a Good CISO
What Makes a Good CISOWhat Makes a Good CISO
What Makes a Good CISOStephen Cobb
 
Sizing the Cyber Skills Gap
Sizing the Cyber Skills GapSizing the Cyber Skills Gap
Sizing the Cyber Skills GapStephen Cobb
 
Security and Wearables: Success starts with security
Security and Wearables: Success starts with securitySecurity and Wearables: Success starts with security
Security and Wearables: Success starts with securityStephen Cobb
 
The Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityThe Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityStephen Cobb
 
How to assess and manage cyber risk
How to assess and manage cyber riskHow to assess and manage cyber risk
How to assess and manage cyber riskStephen Cobb
 
Cybercrime and the Hidden Perils of Patient Data
Cybercrime and the Hidden Perils of Patient DataCybercrime and the Hidden Perils of Patient Data
Cybercrime and the Hidden Perils of Patient DataStephen Cobb
 
Cybersecurity for the non-technical
Cybersecurity for the non-technicalCybersecurity for the non-technical
Cybersecurity for the non-technicalStephen Cobb
 
The mobile health IT security challenge: way bigger than HIPAA?
The mobile health IT security challenge: way bigger than HIPAA?The mobile health IT security challenge: way bigger than HIPAA?
The mobile health IT security challenge: way bigger than HIPAA?Stephen Cobb
 
2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-securityStephen Cobb
 
NCSAM = Cyber Security Awareness Month: Trends and Resources
NCSAM = Cyber Security Awareness Month: Trends and ResourcesNCSAM = Cyber Security Awareness Month: Trends and Resources
NCSAM = Cyber Security Awareness Month: Trends and ResourcesStephen Cobb
 
The Evolution of Cybercrime
The Evolution of CybercrimeThe Evolution of Cybercrime
The Evolution of CybercrimeStephen Cobb
 
HIPAA, Privacy, Security, and Good Business
HIPAA, Privacy, Security, and Good BusinessHIPAA, Privacy, Security, and Good Business
HIPAA, Privacy, Security, and Good BusinessStephen Cobb
 
Malware is Called Malicious for a Reason: The Risks of Weaponizing Code
Malware is Called Malicious for a Reason: The Risks of Weaponizing CodeMalware is Called Malicious for a Reason: The Risks of Weaponizing Code
Malware is Called Malicious for a Reason: The Risks of Weaponizing CodeStephen Cobb
 
Malware and the risks of weaponizing code
Malware and the risks of weaponizing codeMalware and the risks of weaponizing code
Malware and the risks of weaponizing codeStephen Cobb
 
Safer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseSafer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseStephen Cobb
 
The Year Ahead in Cyber Security: 2014 edition
The Year Ahead in Cyber Security: 2014 editionThe Year Ahead in Cyber Security: 2014 edition
The Year Ahead in Cyber Security: 2014 editionStephen Cobb
 
Using Technology and Techno-People to Improve your Threat Resistance and Cybe...
Using Technology and Techno-People to Improve your Threat Resistance and Cybe...Using Technology and Techno-People to Improve your Threat Resistance and Cybe...
Using Technology and Techno-People to Improve your Threat Resistance and Cybe...Stephen Cobb
 
Enjoy Safer Technology and Defeat Cyber Criminals
Enjoy Safer Technology and Defeat Cyber CriminalsEnjoy Safer Technology and Defeat Cyber Criminals
Enjoy Safer Technology and Defeat Cyber CriminalsStephen Cobb
 

More from Stephen Cobb (20)

Cybercrime-as-health-crisis-shared.pptx
Cybercrime-as-health-crisis-shared.pptxCybercrime-as-health-crisis-shared.pptx
Cybercrime-as-health-crisis-shared.pptx
 
Cybersecurity Risk Perception and Communication
Cybersecurity Risk Perception and CommunicationCybersecurity Risk Perception and Communication
Cybersecurity Risk Perception and Communication
 
What Makes a Good CISO
What Makes a Good CISOWhat Makes a Good CISO
What Makes a Good CISO
 
Sizing the Cyber Skills Gap
Sizing the Cyber Skills GapSizing the Cyber Skills Gap
Sizing the Cyber Skills Gap
 
Security and Wearables: Success starts with security
Security and Wearables: Success starts with securitySecurity and Wearables: Success starts with security
Security and Wearables: Success starts with security
 
The Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise SecurityThe Hacking Team Hack: Lessons Learned for Enterprise Security
The Hacking Team Hack: Lessons Learned for Enterprise Security
 
How to assess and manage cyber risk
How to assess and manage cyber riskHow to assess and manage cyber risk
How to assess and manage cyber risk
 
Cybercrime and the Hidden Perils of Patient Data
Cybercrime and the Hidden Perils of Patient DataCybercrime and the Hidden Perils of Patient Data
Cybercrime and the Hidden Perils of Patient Data
 
Cybersecurity for the non-technical
Cybersecurity for the non-technicalCybersecurity for the non-technical
Cybersecurity for the non-technical
 
The mobile health IT security challenge: way bigger than HIPAA?
The mobile health IT security challenge: way bigger than HIPAA?The mobile health IT security challenge: way bigger than HIPAA?
The mobile health IT security challenge: way bigger than HIPAA?
 
2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security2015: The year-ahead-in-cyber-security
2015: The year-ahead-in-cyber-security
 
NCSAM = Cyber Security Awareness Month: Trends and Resources
NCSAM = Cyber Security Awareness Month: Trends and ResourcesNCSAM = Cyber Security Awareness Month: Trends and Resources
NCSAM = Cyber Security Awareness Month: Trends and Resources
 
The Evolution of Cybercrime
The Evolution of CybercrimeThe Evolution of Cybercrime
The Evolution of Cybercrime
 
HIPAA, Privacy, Security, and Good Business
HIPAA, Privacy, Security, and Good BusinessHIPAA, Privacy, Security, and Good Business
HIPAA, Privacy, Security, and Good Business
 
Malware is Called Malicious for a Reason: The Risks of Weaponizing Code
Malware is Called Malicious for a Reason: The Risks of Weaponizing CodeMalware is Called Malicious for a Reason: The Risks of Weaponizing Code
Malware is Called Malicious for a Reason: The Risks of Weaponizing Code
 
Malware and the risks of weaponizing code
Malware and the risks of weaponizing codeMalware and the risks of weaponizing code
Malware and the risks of weaponizing code
 
Safer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and ResponseSafer Technology Through Threat Awareness and Response
Safer Technology Through Threat Awareness and Response
 
The Year Ahead in Cyber Security: 2014 edition
The Year Ahead in Cyber Security: 2014 editionThe Year Ahead in Cyber Security: 2014 edition
The Year Ahead in Cyber Security: 2014 edition
 
Using Technology and Techno-People to Improve your Threat Resistance and Cybe...
Using Technology and Techno-People to Improve your Threat Resistance and Cybe...Using Technology and Techno-People to Improve your Threat Resistance and Cybe...
Using Technology and Techno-People to Improve your Threat Resistance and Cybe...
 
Enjoy Safer Technology and Defeat Cyber Criminals
Enjoy Safer Technology and Defeat Cyber CriminalsEnjoy Safer Technology and Defeat Cyber Criminals
Enjoy Safer Technology and Defeat Cyber Criminals
 

Recently uploaded

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 

Recently uploaded (20)

How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 

Endpoint and Server: The belt and braces anti-malware strategy

  • 1. Belt & Braces, Server & Endpoint: Why you need multiple levels of malware protection Stephen Cobb, CISSP Senior Security Researcher, ESET NA
  • 3. Today’s agenda • Full spectrum malware defense
  • 4. Endpoints under attack • Malware threat shows no signs of retreating • Attacks come from – Cyber criminals – Hacktivists – Non-state actors – Nation states
  • 5. Attacks from servers, mobile devices • We now see large-scale server-based attacks • In one operation: 1000s of servers taken over • Used to attack 100s of 1000s of endpoints – Desktops, laptops, mobile devices • Clearly we need to protect against malware at all levels, across all surfaces
  • 6. 2014 State of Endpoint Risk • Are security threats created by vulnerabilities to endpoint more difficult to stop/mitigate: 71% • Have you seen a major increase in malware incidents targeting your endpoints: 41% • Have your mobile endpoints been the target of malware in the last 12 months: 68% 2014 State of Endpoint Risk, Ponemon Institute
  • 7. April 2014 GAO report • Information Security – Federal Agencies Need to Enhance Responses to Data Breaches • (GAO-14-487T) • A lot of work still to be done, across numerous agencies – Improve security – Improve breach response
  • 8. 29,999 41,776 42,854 48,562 61,214 2009 2010 2011 2012 2013 The scale of the problem • Information security incidents reported to US-CERT by all federal agencies, 2009 – 2013 • GAO-14-487T • Number of incidents way up – More data to defend? – Improved reporting?
  • 9. Exposure of PII is growing • More incidents involving Personally Identifiable Information • Why? – Thriving black market for PII • Impact – Serious costs/stress for victims – Growing public displeasure – Target CIO and CEO 10,481 13,028 15,584 22,156 25,566 2009 2010 2011 2012 2013
  • 10. A federal PII breach example • July 2013, hackers get PII of 104,000+ people – From a DOE system • Social Security numbers, birth dates and locations, bank account numbers – Plus security questions and answers • DOE Inspector General: cost = $3.7 million – Assisting affected individuals and lost productivity
  • 11. What happens to the stolen data? • Sold to criminal enterprises – For identity theft, raiding bank accounts, buying luxury goods, laundering money • Lucrative scams like tax identity fraud
  • 12. The market for stolen data has matured
  • 13.
  • 14.
  • 15. All driven by proven business strategies
  • 16. Market forces in malware strategy • Dirty deeds that pay well: – Click fraud – DDoS – Spam – Infection
  • 17. Malware profitability requires: • Devices that are always on, on good bandwidth • Was: desktop-based botnets • Now: server-based, website, VPS, etc. • With mobile devices on the rise
  • 18. Example: Operation Windigo • 25,000+ servers compromised in last 2 years • About 10,000 still infected • 35 million spam messages per day • 500,000 web redirects per day • Currently installing • Click fraud malware • Spam sending malware
  • 19. • Evolving since 2011 as modular multi-OS design • Apple OS X, OpenBSD, FreeBSD, Microsoft Windows (Cygwin), Linux, including Linux on ARM • Stealthy, with strong use of cryptography • Halts operation to avoid detection • Maximizes resources by varying activity Complex malware infrastructure
  • 20. Structure • Bad guys install on root-level compromised hosts: – By replacing SSH related binaries (ssh, sshd, ssh-add, etc.) – Or via a shared library used by SSH (libkeyutils) • Servers used to: – Serve malware, redirect traffic to infected hosts – Act as domain servers for malicious sites • Infecting web users through drive-by downloads • Redirect web traffic to advertisement networks
  • 21.
  • 22. The need for belt and braces is clear • Endpoint – Scanning all incoming files, as they enter – From email, websites, removable media • Server – Email, File, Sharepoint, Gateway • Mobile – Antivirus, remote lock, and wipe
  • 23.
  • 24. Belt, braces, encryption, authentication
  • 25. Preferably: One interface to manage them all
  • 26. Don’t neglect the real end point
  • 27. Resources to tap • Industry associations • CompTIA • ISSA, SANS, (ISC)2 • Booth number 826 • My talk tomorrow • Websites
  • 28.
  • 29. Thank you! • Stephen Cobb • Stephen.cobb@eset.com • We Live Security • www.welivesecurity.com • Webinars • www.brighttalk.com/channel/1718 • Booth number 826