Tomorrow Starts Here - Security Everywhere

2. Tomorrow Starts Here Mandar Rege, Principal Cisco Security Solutions Security Everywhere

5. 5© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Are Canadian Businesses Prepared for Future Security Threats? 60% of Canadian businesses don’t have Security strategies in place—or are unsure how to prepare their networks for evolving mobile and cloud-based models Source: Cisco and IDC Canada Survey, Dec. 2014

6. 6© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Are Canadian Businesses Prepared for Future Security Threats? 60% Less than 60% of Canadian businesses have IT solutions in place to protect company data on employee-owned devices. Source: Cisco and IDC Canada Survey, Dec. 2014 31% of Canada’s largest companies are unsure if their IT security strategy accounts for evolving data center and IT consumption models.

7. 7© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Market Trends Massive Increase in Connected Devices Process ThingsPeople Data + + + Rise of Cloud Computing Changing Business Models, Architectures & Service Delivery The World Has Gone Mobile Mobile Traffic Growth 2013-2019 10X Ubiquitous Access to Apps 180 billion apps will download in 2015

8. 8© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential IoT Challenges Data Capture, store, and analyze data Things Connect to capture useful data Process Business and operational benefits People Enable workers 1230 RespondentsSource: Cisco Consulting Services Global IoT Study, 2014 20% 27% 13% 40% Which Areas Does Your Organization Need to Improve to Capitalize on IoT?

9. 9© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential BusinessandSocietalImpact Intelligent Connections §  Email §  Web Browser §  Search Connectivity Digitize Access to Information §  Social §  Mobility §  Cloud §  Video Immersive Experiences Digitize Interactions (Business and Social) §  E-commerce §  Digital Supply Chain §  Collaboration Networked Economy Digitize Business Process Connecting §  People §  Process §  Data §  Things Internet of Everything Digitize the World Evolution of the Internet

11. 11© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Internet of Things …and Everything Every company becomes a technology company… Every company becomes a security company

12. 12© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Cyber Security is a Boardroom Discussion Security breaches are costly Cisco Confidential 12©2014 Cisco and/or its affiliates. All rights reserved. Security is the #1 issue for your customers Protect now the value you intend to create tomorrow

14. 14© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Changing Business Models Dynamic Threat Landscape Complexity and Fragmentation Security Challenges Increasing Connectivity Drives New Business Models 90% of organizations are not fully aware of all network devices 5-10 times more cloud services are being used than known by IT 92% of top Android apps carry security/privacy/risk 14% of organizations had malware enter the corporate network through social media/web apps BYOD Social Media Cloud App Stores

15. 15© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 60% Changing Business Models Dynamic Threat Landscape Complexity and Fragmentation Security Challenges Threats Hide in Plain Sight and Attack Swiftly of data is stolen in of point-of-sale intrusions aren’t discovered for 27 of breaches remain undiscovered for increase of companies reporting a $10M loss or more in the last 2015 51%54%85%

16. 16© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Security Challenges Security Silos Complicate Protection Security Vendors at RSA Demand for Security Talent Complexity TalentFragmentation 45 Security Vendors for Some Customers 480 12x Changing Business Models Dynamic Threat Landscape Complexity and Fragmentation

17. 17© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Growth in Security Source: Gartner Total Security Market Security Product Market Security Services Market $95B CAGR 8.4% 2015-2018 $32B CAGR 6.4% 2015-2018 $63B CAGR 9.6% 2015-2018

19. 19© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Cisco Security Hypothesis Advisory Integration ManagedThreat-centric Platform-basedVisibility-driven Operational Focus Talent Shortage + Security Challenges + Requires Improved Outcomes

20. 20© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Cisco Intelligence 10I000 0II0 00 0III000 II1010011 101 1100001 110 101000 0II0 00 0III000 III0I00II II II0000I II0110000III000III0 I00I II0I III0011 0110011 101000 0110 00 1100001110001III0 I00I II0I III00II 0II00II 101000 0110 00 I00I III0I III00II 0II00II I0I000 0110 00 1100001 110 1100001110001III0 101000 0110 00Threat Intelligence Research Response Collective Security Intelligence

21. 21© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Cisco Threat Intelligence Unprecedented Breadth & Depth 100TB1.6M13B120,000Daily Security IntelligenceDaily Web RequestsDeployed Security DevicesDaily Malware Sandbox Reports 100TB Security Intelligence 1.6M Deployed Devices 13B Web Requests 150,000 Micro- applications 1,000 Applications 93B Daily Email Messages 35% Enterprise Email 5,500 IPS Signatures 150M Deployed Endpoints 3-5 min Updates 5B Daily Email Connections 4.5B Daily Email Blocks 14M Deployed Access Gateway 75,000 FireAMP Updates 6,000 New Clam AV Sigs 120K Sandbox Reports Cisco Security Intelligence Global Visibility Global Footprint

24. 24© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Security Service Portfolio Assessments Architecture & Design Program Strategy Managed SecurityProduct Support Hosted Security Optimization Migration Integration Adviso ry Managed Int egration

25. 25© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Continued Security Technology Innovation Inorganic Growth 2007 2009 2012 2013 2014 20152011 Messaging & Web Security Appliance XML Firewall Cloud Security Advanced Malware Protection (AMP) UTM Threat-Centric Security (NGIPS & AMP) Security ConsulingSecurity Analytics Dynamic Malware Analysis

26. 26© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Neohapsis Acquisition Industry leading expertise focused on compliance, cloud, mobile, and application security World class security consultants with an average of 15+ years experience Emerging threat research and analysis to support advanced threat protection Advisory Expertise Top Talent Advanced Research

29. 29© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential §  Near real-time analytics §  Anomaly detection §  Zero day threat focus §  Identification to suppression mean time reduction §  Integration of the latest security technology §  Extensible platform designed to evolve with market demands §  Improved technology leverage and accountability §  Access to actionable sources of intelligence §  Cisco proprietary telemetry §  Adapted for customer intelligence §  Publicly available intelligence §  Operationalization §  Advanced expertise §  Combat security talent shortage §  Force multiply internal resources Managed Threat Defense (MTD) Organic Innovation Analytics People Intelligence Technology CISCO MTD

30. 30© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Security Operations Centers Americas Austin Raleigh EMEAR Dubai Krakow APJC Sydney Top Talent Targeted Expertise Custom Operations

31. 31© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Managed Threat Defense Architecture DEDICATED CUSTOMER SEGMENT Administrative Consoles PORTAL TICKETING COMMON SERVICES Threat Intelligence Dedicated Customer Portal Alerting/Ticketing System Investigator Portal Authentication Services 24/7 ACCESS CUSTOMER SOC Secure Connection (HTTPS/SSH/IPSec) VPN INTERNET VPN FIREWALL FIREWALL CMSP Advanced Malware Protection Full Packet Capture Anomaly Detection Sourcefire IDS Collective Security Intelligence Streaming Analytics ThreatGrid NetFlow Full Packet Machine Exhaust Cisco Third Party

32. 32© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential DMZUsers Endpoint Agents NetFlow Generator Access Control Data Center NetFlow Generator Access Control Web Proxy Email Proxy Endpoint Agent NetFlow Generator Access Control Talos MTD: A Comprehensive Threat Solution Perimeter Firewall Cisco Cloud Security Internet Mobile Endpoints Anywhere / Anytime MTD ThreatGRIDSourcefire Full Packet Anomalies Endpoint Agent Application Security

33. 33© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential MTD’s High Fidelity Approach Post-investigation tickets71 269,808 Security Events Unique events113,713 High fidelity events1710 207,99261,816Threat intel sourced Telemetry generated

34. 34© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Strong Differentiation Advanced Analytics and Correlation Continuous and Zero-Day Detection AMP Everywhere Reduced Cost and Complexity Threat-Focused Next-Generation Firewall ASA with FirePOWER Integrated Threat Defense Diverse Threat Intelligence Real Time Analytics Managed Threat Defense Advanced Expertise

35. 35© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Intelligence Feeds Enrichment Data OpenSOC Overview Full packet capture Protocol metadata NetFlow Machine exhaust (logs) Unstructured telemetry Other streaming telemetry Parse + Format Enrich Alert Log Mining and Analytics Big Data Exploration, Predictive Modelling Network Packet Mining and PCAP Reconstruction Applications + Analyst Tools

36. 36© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential OpenSOC Framework Sources Data Collection Messaging Broker Real-Time Processing Storage Access Analytic Tools Tableau R / Python Power Pivot Web Services Search PCAP Reconstruction Telemetry Sources NetFlow Machine Exhaust HTTP Other Flume Agent B Agent N Agent A Kafka B Topic N Topic PCAP Topic DPI Topic A Topic Storm B Topology N Topology A Topology PCAP Topology DPI Topology Hive Raw Data ORC Elasticsearch Index HBase Packet Table PCAP Passive Tap Traffic Replicator

37. 37© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential NEW - Incident Management Services Execution Across the Entire Threat Kill Chain Know your threats Detect threat activity Engage kill chain Contain and remove threat Threat Intelligence, Advisory and Managed Security Services Managed Threat Defense Incident Response Services Advisory Services Enable growth Reduce costs Mitigate Risk Managed Services Enhanced visibility Advanced analytics

38. 38© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Incident Response Services Experts Combine Latest Intelligence and Best Practices Security Experts Threat Intelligence Readiness •  Infrastructure Breach Preparedness •  Security Operations Readiness •  Breach Communications •  DDOS preparedness •  Incident Response Training •  Tabletop Exercises Response •  Log Source Assessment, Analysis & Data Mining •  Forensic Image Analysis •  Infected System Dynamic Instrumentation •  Malware Reverse Engineering •  Exploit Analysis and Re-Implementation •  Post-breach Remediation Prepare, assess infrastructure, operations, communications and skill Identification, isolation, and remediation expedience

40. 40© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential NEOHAPSIS Third Party Risk §  Multiple vendor assessment programs §  Ineffective prioritization and remediation for vendor risks §  Bandwidth challenges had limited the number of assessments Challenge §  Piloted vendor assessment program including program management and 25 assessments §  Delivered improvements to program processes, assessment, executive metrics, and management oversight Solution §  Continuous improvement in program and assessment efficacy §  Greater management transparency to vendor risks §  Annual assessments and summary analysis across all programs Outcomes

41. 41© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential ADVISORY Custom Threat Intelligence §  Desire to identify “unknown unknowns” §  Limited capability for compromise detection §  Lack of expertise and tools for incident management Challenge §  Combination of external and internal instrumentation §  Detailed traffic monitoring and forensic analysis §  Tailored risk impact assessment and targeted operational remediation Solution §  500+ previously missed indicators of compromise (IOCs) within first 90 days §  65% savings with targeted security remediation §  Positive BoD feedback on improved compliance posture Outcomes

42. 42© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential INTEGRATION Identity Services Engine §  Limited control over user access to the network §  Shortage of internal security experts for design and build §  Inability to effectively operate security policy and controls Challenge §  Audit of devices and security policy configuration §  ISE implementation and knowledge transfer §  24/7 threat monitoring via Remote Managed Services Solution §  100% visibility and control for BYOD across the network §  Zero downtime for the deployment of ISE §  56% cost reduction through managed solution Outcomes

43. 43© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential MANAGED Managed Threat Defense (MTD) §  Uneven visibility into multiple threat vectors §  Shortage of operational security expertise §  Limited real-time security analytics capabilities §  Need for better threat intelligence Challenge §  Predictive analysis and behavior-based tools §  24/7 real-time expert staffed SOCs §  Incident prioritization and event correlation §  Industry leading hybrid intelligence Solution §  34% savings on information security management through leverage of MTD SOC §  95% decrease in redundant investigations due to higher fidelity detection §  70+ high priority threats remediated per day Outcomes

44. 44© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Only Cisco Delivers Physical, Virtual or Cloud models to fit multiscreen, IoE and other changing business needs Adaptable Business Models Unmatched Visibility & End to End Security across Cloud, Network and Customer Premise Advanced Threat Protection Complexity Reduction Consistent Policies & Control Across Devices, Network, and Data Center

Tomorrow Starts Here - Security Everywhere

Cisco Canada

Tomorrow Starts Here - Security Everywhere