Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

The Threat Landscape in the Era of Directed Attacks - Webinar

1,388 views

Published on

These slides are an excerpt from a live Kaspersky Lab's webinar broadcast on 6th may 2014.
To get access to the full version of the webinar please visit http://ow.ly/whfar
More info is available at http://business.kaspersky.com/threat-landscape-in-the-era-of-targeted-attacks/

  • Be the first to comment

The Threat Landscape in the Era of Directed Attacks - Webinar

  1. 1. THREAT LANDSCAPE IN THE ERA OF DIRECTED ATTACKS #ThreatTalk
  2. 2. THESE SLIDES ARE AN EXCERPT FROM A LIVE KASPERSKY WEBINAR BROADCAST ON 6TH MAY 2014 TO ACCESS THE WEBINAR PLEASE VISIT HTTP://OW.LY/WHFAR
  3. 3. ROEL SCHOUWENBERG PRINCIPAL SECURITY RESEARCHER GLOBAL RESEARCH & ANALYSIS TEAM KASPERSKY LAB
  4. 4. HEARTBLEED – CVE-2014-0160 4 Back to the fundamentals Triaging is painful Keys to the kingdom?
  5. 5. 5 Significant portion of the market still running XP First ‘eternal zero-day’ discovered IE Zero-day different to recent flash Zero-day END OF XP
  6. 6. ACTORS AND MOTIVES HAVE CHANGED
  7. 7. NEW PLATFORMS AND TECHNOLOGIES Attack surface keeps increasing Diversification / BYOD Mobile payments
  8. 8. METHOD OF ENTRY 8 Phishing Web browsing – watering holes
  9. 9. NON-TARGETED MALWARE 9 Financial/ID theft malware Ransomware May not run in virtual environment
  10. 10. ESPIONAGE Zero day needed? Widening platform support Targeting supply chain More and more verticals affected More actors involved
  11. 11. SABOTAGE 11 DDoS attacks have become a major problem BCP 38/84 Wiper attacks as seen in cyberweapons
  12. 12. THE FUTURE 12 Will CNE and CNA converge?
  13. 13. INCREASED FOCUS ON VIRTUAL ENVIRONMENTS Back to the fundamental
  14. 14. VM SPECIFIC THREAT SCENARIOS EoP / Escape to Host Network traffic sniffing Modifying master virtual disks Lost audit trails Hyper-visor level attacks
  15. 15. ERIK DEVINE CHIEF SECURITY OFFICER INFORMATION SERVICES RIVERSIDE MEDICAL CENTER
  16. 16. CorporationEmployees Cloud Services Data Loss Malware and Vulnerabilities Business Associates Mobile Devices/ Employees Hackers MITIGATING THE TOP 7 THREATS
  17. 17. WHY IT’S MOVING AND CHANGING Government regulations changing Privacy Security Technical and operational control Environment changing Electronic transmission of data BYOD Technology changes (virtualization, OS, patient portals, physician portals, vendor portals) Threats are changing Malware Hackers internal/external
  18. 18. NOW HOW DO WE MITIGATE… Policy and Procedures Education Technical Controls Monitoring and Logging Audit and Risk Assessment
  19. 19. What are your Security Initiatives? Know your data, network, endpoints and users, then apply the rules!
  20. 20. CONCLUSIONS AND TAKEAWAYS New technologies present new opportunities and challenges All platforms need protecting in an era of targeted attacks Prioritise which assets to protect most and then segregate them Data integrity attacks on the horizon
  21. 21. FOR MORE INFORMATION WATCH THE ON DEMAND WEBINAR REGISTER HERE: HTTP://OW.LY/WHFAR FEEL FREE TO ASK QUESTIONS: @KASPERSKYLABB2B #THREATTALK MORE INFO ON SECURITY FOR BUSINESS WWW.KASPERSKY.COM//BUSINESS B2B BLOG HTTP://BUSINESS.KASPERSKY.COM THANK YOU!

×