Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Ed Rowley - People Make the Best Exploits: Roadmapping your security investment in line with the emerging threat landscape (#ExecLN Event)

252 views

Published on

The threat landscape has changed fundamentally over the last couple of years. Social engineering became the No. 1 attack technique. Attackers have shifted away from automated exploits and instead engaged people to do the dirty work—infecting systems, stealing credentials, and transferring funds. Across all vectors and in attacks of all sizes, threat actors used social engineering to trick people into doing things that once depended on malicious code. You will get better visibility into the nature of attacks against your organisation so you can quickly distinguish between targeted and indiscriminate campaigns, which will ultimately help you in making the right decisions for your investment in security solutions.

Published in: Technology
  • Be the first to like this

Ed Rowley - People Make the Best Exploits: Roadmapping your security investment in line with the emerging threat landscape (#ExecLN Event)

  1. 1. 1 © 2016 Proofpoint, Inc. PEOPLE MAKE THE BEST EXPLOITS: Mappingyoursecurity spendinginlinewiththe currentsecuritylandscape
  2. 2. 2 © 2016 Proofpoint, Inc.
  3. 3. 3 © 2016 Proofpoint, Inc. The Exploit: Ambassador Harriman
  4. 4. 4 © 2016 Proofpoint, Inc. The Great Seal
  5. 5. 5 © 2016 Proofpoint, Inc. The Thing
  6. 6. 6 © 2016 Proofpoint, Inc. How most organizations think they are attacked
  7. 7. 7 © 2016 Proofpoint, Inc. Network 55% Endpoint 21% Email 10% Web 15% 55% on protecting the network IT Security Spending in 2015
  8. 8. 8 © 2016 Proofpoint, Inc. How the bad guys actually attack you
  9. 9. 9 © 2016 Proofpoint, Inc. Cyberattacks Target the Human Factor Attacks like ransomware use social engineering, not vulnerabilities Credential phishing continues to evolve, scale BEC/CEO fraud running rampant 99.7% Malicious docs use macros 98%Malware links require user to install $2.3B 17,642 Organizations victimized in the US alone Direct losses since January 2015, up 270% year over year Source: FBI
  10. 10. 10 © 2016 Proofpoint, Inc. Challenge: Persistent, Customized, Randomized Attacks Massive Infrastructure Large Scale Randomization Overwhelming ScaleMass Personalization Attacks launched and optimized daily Automated, customized simultaneous attacks on thousands of individuals Hundreds of millions of messages per day Tens of thousands of unique pieces of obfuscated malware Hundreds of thousands of IPs, thousands of compromised sites
  11. 11. 11 © 2016 Proofpoint, Inc. Mapping to Maturity Model proofpoint nexus threat graph Respond Quickly www 1001 0100 0101 90%+ 1-5% 1-5% 5-10%
  12. 12. 12 © 2016 Proofpoint, Inc. Working Across the Ecosystem to Deliver Better Security IAMEndpoint SIEM Mobile Social Network Database Email proofpoint nexus
  13. 13. 13 © 2016 Proofpoint, Inc. The Power of the Threat Graph
  14. 14. 14 © 2016 Proofpoint, Inc. The Power of the Threat Graph Start with a URL
  15. 15. 15 © 2016 Proofpoint, Inc. The Power of the Threat Graph Pivot to Forensics
  16. 16. 16 © 2016 Proofpoint, Inc. The Power of the Threat Graph Link to Campaign
  17. 17. 17 © 2016 Proofpoint, Inc. The Power of the Threat Graph Attribute to Actor
  18. 18. 18 © 2016 Proofpoint, Inc. The Power of the Threat Graph Find Related Posts/Emails
  19. 19. 19 © 2016 Proofpoint, Inc. The Power of the Threat Graph Identify Compromised Account Owner
  20. 20. 20 © 2016 Proofpoint, Inc. Threat Discover – see how your users have been targeted
  21. 21. 21 © 2016 Proofpoint, Inc. The Right Approach: 1. Stop advanced threats before they get to people 2. Protect the information people create to reduce the attack surface and compliance risk 3. Enable your people to respond quickly when things go wrong 4. Educate Users To run a report showing how your users have been targeted by malicious email campaigns, please visit the Proofpoint booth or send an email to info@proofpoint.com or erowley@proofpoint.com

×