SlideShare a Scribd company logo

The Need for Efficiency and Effectiveness

Mantralogix
Mantralogix

Traditional Security Is Not Working. Presentation by Kal Kurm / Intel. Series of presentations from the MantraVision 2015 Event held on October 21st by Mantralogix Inc. http://insights.mantralogix.com/mantravision-2015-event

Software
1 of 17
Download to read offline
. McAfee Confidential ​The Need for Efficiency and Effectiveness ​Kal Kurm ​kal.kurm@intel.com ​416.529.5876
. McAfee ConfidentialIntel Security Confidential A matter of national interest. Under Attack DEC13JAN14FEB14MAR14APR14MAY14JUN14JUL14AUG14SEP14OCT14NOV14DEC14JAN15FEB15MAR15APR15MAY15JUN15JUL1 We’ve reached a tipping point
. McAfee Confidential Traditional Security Is Not Working Source: Verizon 2014 Data Breach Investigations Report 99% of breaches led to compromise within “days” or less with 85% leading to data exfiltration in the same time 85% of breaches took “weeks” or more to discover
. Intel Security Confidential Marriott, Starwood, Radisson, InterContinental ‘…learned that an unauthorized party gained access to our systems compromising the payment card information of certain customers who made purchases at a ‘wichcraft location in New York or San Francisco using a payment card from approximately 11 Aug to 2 Oct, 2013.’ ‘The attack was similar to attacks reported by other national retailers. In response, we immediately engaged a leading cyber- security company to investigate and notices were posted in every store and on our website.’ Easton, Bell, Riddell, Giro, Blackburn Seven Specific Retail Breaches NYT 27 Feb 14 (re:Target): “…the company said earnings were down 46 percent from the same period a year earlier, including an expenditure of 61M USD for the breach itself. Earnings per share were 81 cents, down from $1.47 the year before. Target executives repeatedly called 2013 a ‘challenging’ year on Wednesday.” Three Major Things in Common
. McAfee Confidential Attack Begins System Intrusion Attacker Surveillance Cover-up Complete Access Probe Leap Frog Attacks Complete Target Analysis TIME Attack Set-up Discovery/ Persistence Maintain foothold Cover-up Starts Attack Forecast Physical Security Containment & Eradication System ReactionDamage Identification Recovery Defender Discovery Monitoring & Controls Impact Analysis Response Threat Analysis Attack Identified Incident Reporting Need to collapse free time ATTACKER FREE TIME TIME Reducing Attacker Free Time
. Intel Security Confidential 6 Economic Impact of Cybercrime II – CSIS, June ‘14 Estimated loss of GDP to Cybercrime Comparisons with other criminal activity
. Intel Security Confidential …Fed Chair Janet Yellen: “…important to understand that this is a payment innovation…Governments do not have the authority to regulate Bitcoin in any way.” Eastern District of Texas Federal Court: “…can be used to purchase goods or services… exchanged for conventional currencies… Bitcoin is a currency or form of money…” Ransomware Payment with Bitcoins BTC converter 5 Mar 15 preev.com, (Yellen) Fortune 27 Feb 14, (Court) Forbes 07 Aug 14, (Ransomware) McAfee Labs, 2015
. Intel Security Confidential 8 McAfee Labs Threat Report, August 2015 Signed Malicious Binaries Routinely utilized attacker technique
. Intel Security Confidential 9 McAfee Labs Threat Report, August 2014 Phishing Quiz Still the most effective means of delivering malware 95% of enterprise breaches are the result of successful spear phishing – Alan Paller, SANS https://phishingquiz.mcafee.com/
. Intel Security Confidential Spam (in trillions) High numbers but a gently declining trend
. McAfee Confidential Security’s Perfect Storm Fragmented Security Market Industrialization of Cybercrime Exponential Attack Surface Growth By 2020 there will be 26 smart objects for every living person and 5000x more stored bytes than grains of sand on Earth Intel forecast / IDC Up to 50 offerings to assess and secure an environment Linear Budgets Skillset Shortages Compliancy & regulatory Competitive Pressures Breaches up 55% year over year 30% of attacks are targeted Verizon DBIR 2015 / Intel Security Golden Hour Survey 2015 Business Realities 11
. McAfee Confidential 17% Seconds 4% Minutes 20% Hours 24% Days 19% Weeks 14% Months 2% Years Exploit to Discovery 2% Seconds 3% Minutes 18% Hours 36% Days 18% Weeks 20% Months 1% Years 2% Never Discovery to Remediation Evidence of Security Inefficiency 12 Source: Verizon Data Breach Report 2014 Two affected time windows
. McAfee Confidential Sophistication of attacks leads to increased emphasis on detect and correct. Attack-Driven View Shifting emphasis given large volume and complexity of attacks DETECT An iterative process of finding attacks that were not prevented Involves a cycle of hunting, assessing scope and impact, and prioritizing PROTECT The prevention of attacks, either by reducing exposure or by detecting and blocking via deployed countermeasures The attack does not become a formal breach CORRECT The process of remediating an attack, restoring to normal operations, and reporting impact Also involves adapting countermeasures to protect against similar attacks in the future
. McAfee Confidential Apply the power of knowledge Intelligence Orchestration Organizational Threat Intelligence Global Threat Intelligence Intel Security Countermeasures 3rd Party Solutions McAfee Global Threat Intelligence Virus Total 3rd Party Feeds Administrator Knowledge Organization Prevalence & Forensics Security Innovation Alliance STIX/TAXII Analytics & response Payload inspection & detonation Cloud assisted protection Evolution of endpoints 14
. McAfee Confidential Efficient, thorough, automated communications between disparate sensors Connected Architecture 3rd PartyNetwork DataIdentityEndpoint Real-Time Messaging Standardized Content Adaptive Workflows Efficiency in Communication 15
. McAfee Confidential 16
. Intel Security Confidential 17

Recommended

Introduction to MicroSolved, Inc.
Introduction to MicroSolved, Inc.Introduction to MicroSolved, Inc.
Introduction to MicroSolved, Inc.MRMaguire
 
Threat Life Cycle Management
Threat Life Cycle ManagementThreat Life Cycle Management
Threat Life Cycle ManagementFujitsu Middle East
 
Blue Coat Infographic: Proactive Incident response
Blue Coat Infographic: Proactive Incident response Blue Coat Infographic: Proactive Incident response
Blue Coat Infographic: Proactive Incident response Meriann Muraoka
 
Incident response
Incident responseIncident response
Incident responsebluecoatss
 
Targeted Defense for Malware & Targeted Attacks
Targeted Defense for Malware & Targeted AttacksTargeted Defense for Malware & Targeted Attacks
Targeted Defense for Malware & Targeted AttacksImperva
 
CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016 CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016 Bolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
 
Art Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat PreventionArt Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat Preventioncentralohioissa
 
User Behavior Analytics And The Benefits To Companies
User Behavior Analytics And The Benefits To CompaniesUser Behavior Analytics And The Benefits To Companies
User Behavior Analytics And The Benefits To CompaniesSpectorsoft
 

Recommended

Introduction to MicroSolved, Inc.
Introduction to MicroSolved, Inc.Introduction to MicroSolved, Inc.
Introduction to MicroSolved, Inc.MRMaguire
 
Threat Life Cycle Management
Threat Life Cycle ManagementThreat Life Cycle Management
Threat Life Cycle ManagementFujitsu Middle East
 
Blue Coat Infographic: Proactive Incident response
Blue Coat Infographic: Proactive Incident response Blue Coat Infographic: Proactive Incident response
Blue Coat Infographic: Proactive Incident response Meriann Muraoka
 
Incident response
Incident responseIncident response
Incident responsebluecoatss
 
Targeted Defense for Malware & Targeted Attacks
Targeted Defense for Malware & Targeted AttacksTargeted Defense for Malware & Targeted Attacks
Targeted Defense for Malware & Targeted AttacksImperva
 
CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016 CYBER THREAT FORCAST 2016
CYBER THREAT FORCAST 2016 Bolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
 
Art Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat PreventionArt Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat Preventioncentralohioissa
 
User Behavior Analytics And The Benefits To Companies
User Behavior Analytics And The Benefits To CompaniesUser Behavior Analytics And The Benefits To Companies
User Behavior Analytics And The Benefits To CompaniesSpectorsoft
 
Cybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already KnowCybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already Knowjxyz
 
Threat Intelligence by the Numbers
Threat Intelligence by the NumbersThreat Intelligence by the Numbers
Threat Intelligence by the NumbersRecorded Future
 
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Raffael Marty
 
What's behind a cyber attack
What's behind a cyber attackWhat's behind a cyber attack
What's behind a cyber attackAndreanne Clarke
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRIZivaro Inc
 
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...Lancope, Inc.
 
IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015Andreanne Clarke
 
Chris Haley - Understanding Attackers' Use of Covert Communications
Chris Haley - Understanding Attackers' Use of Covert CommunicationsChris Haley - Understanding Attackers' Use of Covert Communications
Chris Haley - Understanding Attackers' Use of Covert Communicationscentralohioissa
 
Cylance Protect-Next-Generation Antivirus-Overview
Cylance Protect-Next-Generation Antivirus-OverviewCylance Protect-Next-Generation Antivirus-Overview
Cylance Protect-Next-Generation Antivirus-OverviewInnovation Network Technologies: InNet
 
Global Ransomware Client Alert
Global Ransomware Client AlertGlobal Ransomware Client Alert
Global Ransomware Client AlertRobyn Melnyk
 
Global ransomware attacks_2017_final msw_g2_sg
Global ransomware attacks_2017_final msw_g2_sgGlobal ransomware attacks_2017_final msw_g2_sg
Global ransomware attacks_2017_final msw_g2_sgChristopher R. Ward
 
The state of endpoint defense in 2021
The state of endpoint defense in 2021The state of endpoint defense in 2021
The state of endpoint defense in 2021Adrian Sanabria
 
Exploring the Capabilities and Economics of Cybercrime
Exploring the Capabilities and Economics of CybercrimeExploring the Capabilities and Economics of Cybercrime
Exploring the Capabilities and Economics of CybercrimeCylance
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...IBM Security
 
Cyber Security Trends for 2020 to Keep an Eye On
Cyber Security Trends for 2020 to Keep an Eye OnCyber Security Trends for 2020 to Keep an Eye On
Cyber Security Trends for 2020 to Keep an Eye OnTyrone Systems
 
Industrial Control Systems 101 - Why Hack The Network If You Can Shut Down Th...
Industrial Control Systems 101 - Why Hack The Network If You Can Shut Down Th...Industrial Control Systems 101 - Why Hack The Network If You Can Shut Down Th...
Industrial Control Systems 101 - Why Hack The Network If You Can Shut Down Th...Resilient Systems
 
Cyber Threat Hunting Workshop
Cyber Threat Hunting WorkshopCyber Threat Hunting Workshop
Cyber Threat Hunting WorkshopDigit Oktavianto
 
Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015Roy Ramkrishna
 
Android & fire base 玩上雲端囉
Android & fire base 玩上雲端囉Android & fire base 玩上雲端囉
Android & fire base 玩上雲端囉政斌 楊
 
ProfConf2016Developing VMSystem for Reading.
ProfConf2016Developing VMSystem for Reading.ProfConf2016Developing VMSystem for Reading.
ProfConf2016Developing VMSystem for Reading.Jackie Huber
 
Office 365
Office 365Office 365
Office 365Ngoc2009
 
Prezentacija pdf
Prezentacija pdfPrezentacija pdf
Prezentacija pdfsindikatdaido2011
 

More Related Content

What's hot

Cybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already KnowCybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already Knowjxyz
 
Threat Intelligence by the Numbers
Threat Intelligence by the NumbersThreat Intelligence by the Numbers
Threat Intelligence by the NumbersRecorded Future
 
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Raffael Marty
 
What's behind a cyber attack
What's behind a cyber attackWhat's behind a cyber attack
What's behind a cyber attackAndreanne Clarke
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRIZivaro Inc
 
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...Lancope, Inc.
 
IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015Andreanne Clarke
 
Chris Haley - Understanding Attackers' Use of Covert Communications
Chris Haley - Understanding Attackers' Use of Covert CommunicationsChris Haley - Understanding Attackers' Use of Covert Communications
Chris Haley - Understanding Attackers' Use of Covert Communicationscentralohioissa
 
Global Ransomware Client Alert
Global Ransomware Client AlertGlobal Ransomware Client Alert
Global Ransomware Client AlertRobyn Melnyk
 
Global ransomware attacks_2017_final msw_g2_sg
Global ransomware attacks_2017_final msw_g2_sgGlobal ransomware attacks_2017_final msw_g2_sg
Global ransomware attacks_2017_final msw_g2_sgChristopher R. Ward
 
The state of endpoint defense in 2021
The state of endpoint defense in 2021The state of endpoint defense in 2021
The state of endpoint defense in 2021Adrian Sanabria
 
Exploring the Capabilities and Economics of Cybercrime
Exploring the Capabilities and Economics of CybercrimeExploring the Capabilities and Economics of Cybercrime
Exploring the Capabilities and Economics of CybercrimeCylance
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...IBM Security
 
Cyber Security Trends for 2020 to Keep an Eye On
Cyber Security Trends for 2020 to Keep an Eye OnCyber Security Trends for 2020 to Keep an Eye On
Cyber Security Trends for 2020 to Keep an Eye OnTyrone Systems
 
Industrial Control Systems 101 - Why Hack The Network If You Can Shut Down Th...
Industrial Control Systems 101 - Why Hack The Network If You Can Shut Down Th...Industrial Control Systems 101 - Why Hack The Network If You Can Shut Down Th...
Industrial Control Systems 101 - Why Hack The Network If You Can Shut Down Th...Resilient Systems
 
Cyber Threat Hunting Workshop
Cyber Threat Hunting WorkshopCyber Threat Hunting Workshop
Cyber Threat Hunting WorkshopDigit Oktavianto
 
Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015Roy Ramkrishna
 

What's hot (18)

Cybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already KnowCybersecurity: How to Use What We Already Know
Cybersecurity: How to Use What We Already Know
 
Threat Intelligence by the Numbers
Threat Intelligence by the NumbersThreat Intelligence by the Numbers
Threat Intelligence by the Numbers
 
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
Cyber Security Beyond 2020 – Will We Learn From Our Mistakes?
 
What's behind a cyber attack
What's behind a cyber attackWhat's behind a cyber attack
What's behind a cyber attack
 
Insider Threat Solution from GTRI
Insider Threat Solution from GTRIInsider Threat Solution from GTRI
Insider Threat Solution from GTRI
 
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
Ponemon Report: Cyber Security Incident Response: Are we as prepared as we th...
 
IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015IBM X-Force Threat Intelligence Quarterly Q4 2015
IBM X-Force Threat Intelligence Quarterly Q4 2015
 
Chris Haley - Understanding Attackers' Use of Covert Communications
Chris Haley - Understanding Attackers' Use of Covert CommunicationsChris Haley - Understanding Attackers' Use of Covert Communications
Chris Haley - Understanding Attackers' Use of Covert Communications
 
Cylance Protect-Next-Generation Antivirus-Overview
Cylance Protect-Next-Generation Antivirus-OverviewCylance Protect-Next-Generation Antivirus-Overview
Cylance Protect-Next-Generation Antivirus-Overview
 
Global Ransomware Client Alert
Global Ransomware Client AlertGlobal Ransomware Client Alert
Global Ransomware Client Alert
 
Global ransomware attacks_2017_final msw_g2_sg
Global ransomware attacks_2017_final msw_g2_sgGlobal ransomware attacks_2017_final msw_g2_sg
Global ransomware attacks_2017_final msw_g2_sg
 
The state of endpoint defense in 2021
The state of endpoint defense in 2021The state of endpoint defense in 2021
The state of endpoint defense in 2021
 
Exploring the Capabilities and Economics of Cybercrime
Exploring the Capabilities and Economics of CybercrimeExploring the Capabilities and Economics of Cybercrime
Exploring the Capabilities and Economics of Cybercrime
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
 
Cyber Security Trends for 2020 to Keep an Eye On
Cyber Security Trends for 2020 to Keep an Eye OnCyber Security Trends for 2020 to Keep an Eye On
Cyber Security Trends for 2020 to Keep an Eye On
 
Industrial Control Systems 101 - Why Hack The Network If You Can Shut Down Th...
Industrial Control Systems 101 - Why Hack The Network If You Can Shut Down Th...Industrial Control Systems 101 - Why Hack The Network If You Can Shut Down Th...
Industrial Control Systems 101 - Why Hack The Network If You Can Shut Down Th...
 
Cyber Threat Hunting Workshop
Cyber Threat Hunting WorkshopCyber Threat Hunting Workshop
Cyber Threat Hunting Workshop
 
Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015Sans cyber-threat-intelligence-survey-2015
Sans cyber-threat-intelligence-survey-2015
 

Viewers also liked

Android & fire base 玩上雲端囉
Android & fire base 玩上雲端囉Android & fire base 玩上雲端囉
Android & fire base 玩上雲端囉政斌 楊
 
ProfConf2016Developing VMSystem for Reading.
ProfConf2016Developing VMSystem for Reading.ProfConf2016Developing VMSystem for Reading.
ProfConf2016Developing VMSystem for Reading.Jackie Huber
 
Office 365
Office 365Office 365
Office 365Ngoc2009
 
MEC Press Info & Clippings
MEC Press Info & ClippingsMEC Press Info & Clippings
MEC Press Info & ClippingsDavid Bishop
 
Slussprava
SlusspravaSlussprava
Slusspravasuper256
 
Bolst global export marketing framework
Bolst global export marketing frameworkBolst global export marketing framework
Bolst global export marketing frameworkVictoria Boldison
 
RBG: как часто, куда и зачем ездят украинцы
RBG: как часто, куда и зачем ездят украинцыRBG: как часто, куда и зачем ездят украинцы
RBG: как часто, куда и зачем ездят украинцыmResearcher
 
Curso Excel Armoll Peru 27 agosto
Curso Excel Armoll Peru 27 agostoCurso Excel Armoll Peru 27 agosto
Curso Excel Armoll Peru 27 agostoARMOLL PERU
 
RBG: на каком транспорте и по каким дорогам ездят украинцы
RBG: на каком транспорте и по каким дорогам ездят украинцыRBG: на каком транспорте и по каким дорогам ездят украинцы
RBG: на каком транспорте и по каким дорогам ездят украинцыmResearcher
 
RPH Matematik Tajuk Ruang berasaskan model assure
RPH Matematik Tajuk Ruang berasaskan model assureRPH Matematik Tajuk Ruang berasaskan model assure
RPH Matematik Tajuk Ruang berasaskan model assureTan Sze Nee
 
Beautiful Dog Quotes
Beautiful Dog QuotesBeautiful Dog Quotes
Beautiful Dog QuotesDogseechew
 
Kompetence za vodenje druzinskega podjetja
Kompetence za vodenje druzinskega podjetjaKompetence za vodenje druzinskega podjetja
Kompetence za vodenje druzinskega podjetjaBarbara Vrhovnik
 
Готовность к протесту среди киевлян
Готовность к протесту среди киевлянГотовность к протесту среди киевлян
Готовность к протесту среди киевлянmResearcher
 
cerebrospinal fluid
cerebrospinal fluidcerebrospinal fluid
cerebrospinal fluidvijay kumar
 

Viewers also liked (16)

Android & fire base 玩上雲端囉
Android & fire base 玩上雲端囉Android & fire base 玩上雲端囉
Android & fire base 玩上雲端囉
 
ProfConf2016Developing VMSystem for Reading.
ProfConf2016Developing VMSystem for Reading.ProfConf2016Developing VMSystem for Reading.
ProfConf2016Developing VMSystem for Reading.
 
Office 365
Office 365Office 365
Office 365
 
Prezentacija pdf
Prezentacija pdfPrezentacija pdf
Prezentacija pdf
 
MEC Press Info & Clippings
MEC Press Info & ClippingsMEC Press Info & Clippings
MEC Press Info & Clippings
 
Slussprava
SlusspravaSlussprava
Slussprava
 
Bolst global export marketing framework
Bolst global export marketing frameworkBolst global export marketing framework
Bolst global export marketing framework
 
RBG: как часто, куда и зачем ездят украинцы
RBG: как часто, куда и зачем ездят украинцыRBG: как часто, куда и зачем ездят украинцы
RBG: как часто, куда и зачем ездят украинцы
 
Journal 1
Journal 1Journal 1
Journal 1
 
Curso Excel Armoll Peru 27 agosto
Curso Excel Armoll Peru 27 agostoCurso Excel Armoll Peru 27 agosto
Curso Excel Armoll Peru 27 agosto
 
RBG: на каком транспорте и по каким дорогам ездят украинцы
RBG: на каком транспорте и по каким дорогам ездят украинцыRBG: на каком транспорте и по каким дорогам ездят украинцы
RBG: на каком транспорте и по каким дорогам ездят украинцы
 
RPH Matematik Tajuk Ruang berasaskan model assure
RPH Matematik Tajuk Ruang berasaskan model assureRPH Matematik Tajuk Ruang berasaskan model assure
RPH Matematik Tajuk Ruang berasaskan model assure
 
Beautiful Dog Quotes
Beautiful Dog QuotesBeautiful Dog Quotes
Beautiful Dog Quotes
 
Kompetence za vodenje druzinskega podjetja
Kompetence za vodenje druzinskega podjetjaKompetence za vodenje druzinskega podjetja
Kompetence za vodenje druzinskega podjetja
 
Готовность к протесту среди киевлян
Готовность к протесту среди киевлянГотовность к протесту среди киевлян
Готовность к протесту среди киевлян
 
cerebrospinal fluid
cerebrospinal fluidcerebrospinal fluid
cerebrospinal fluid
 

Similar to The Need for Efficiency and Effectiveness

Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperCMR WORLD TECH
 
A1 - Cibersegurança - Raising the Bar for Cybersecurity
A1 - Cibersegurança - Raising the Bar for CybersecurityA1 - Cibersegurança - Raising the Bar for Cybersecurity
A1 - Cibersegurança - Raising the Bar for CybersecuritySpark Security
 
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdfsecureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdfYounesChafi1
 
Security Fact & Fiction: Three Lessons from the Headlines
Security Fact & Fiction: Three Lessons from the HeadlinesSecurity Fact & Fiction: Three Lessons from the Headlines
Security Fact & Fiction: Three Lessons from the HeadlinesDuo Security
 
Securing the Cloud
Securing the CloudSecuring the Cloud
Securing the CloudGGV Capital
 
rsmiraldi_SAMPLE_FocusSecWhereitMatters_PPT_022819_DRAFT_V2.pdf
rsmiraldi_SAMPLE_FocusSecWhereitMatters_PPT_022819_DRAFT_V2.pdfrsmiraldi_SAMPLE_FocusSecWhereitMatters_PPT_022819_DRAFT_V2.pdf
rsmiraldi_SAMPLE_FocusSecWhereitMatters_PPT_022819_DRAFT_V2.pdfRichard Smiraldi
 
Complicate, detect, respond: stopping cyber attacks with identity analytics
Complicate, detect, respond: stopping cyber attacks with identity analyticsComplicate, detect, respond: stopping cyber attacks with identity analytics
Complicate, detect, respond: stopping cyber attacks with identity analyticsCA Technologies
 
Active security monitoring
Active security monitoringActive security monitoring
Active security monitoringPetra Divekyova
 
Who is the next target and how is big data related ulf mattsson
Who is the next target and how is big data related ulf mattssonWho is the next target and how is big data related ulf mattsson
Who is the next target and how is big data related ulf mattssonUlf Mattsson
 
Netwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldNetwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldnetwealthInvest
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security BasicsMohan Jadhav
 
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018Panda Security
 
Insider Threat: How Does Your Security Stack Measure Up?
Insider Threat: How Does Your Security Stack Measure Up?Insider Threat: How Does Your Security Stack Measure Up?
Insider Threat: How Does Your Security Stack Measure Up?ThinAir
 
Aon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation StrategiesAon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation StrategiesCSNP
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...James Anderson
 

Similar to The Need for Efficiency and Effectiveness (20)

Cybersecurity - Sam Maccherola
Cybersecurity - Sam MaccherolaCybersecurity - Sam Maccherola
Cybersecurity - Sam Maccherola
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
 
A1 - Cibersegurança - Raising the Bar for Cybersecurity
A1 - Cibersegurança - Raising the Bar for CybersecurityA1 - Cibersegurança - Raising the Bar for Cybersecurity
A1 - Cibersegurança - Raising the Bar for Cybersecurity
 
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdfsecureit-cloudsecurity-151130141528-lva1-app6892.pdf
secureit-cloudsecurity-151130141528-lva1-app6892.pdf
 
Cloud & Sécurité
Cloud & SécuritéCloud & Sécurité
Cloud & Sécurité
 
Security Fact & Fiction: Three Lessons from the Headlines
Security Fact & Fiction: Three Lessons from the HeadlinesSecurity Fact & Fiction: Three Lessons from the Headlines
Security Fact & Fiction: Three Lessons from the Headlines
 
Heartland
HeartlandHeartland
Heartland
 
Securing the Cloud
Securing the CloudSecuring the Cloud
Securing the Cloud
 
rsmiraldi_SAMPLE_FocusSecWhereitMatters_PPT_022819_DRAFT_V2.pdf
rsmiraldi_SAMPLE_FocusSecWhereitMatters_PPT_022819_DRAFT_V2.pdfrsmiraldi_SAMPLE_FocusSecWhereitMatters_PPT_022819_DRAFT_V2.pdf
rsmiraldi_SAMPLE_FocusSecWhereitMatters_PPT_022819_DRAFT_V2.pdf
 
Complicate, detect, respond: stopping cyber attacks with identity analytics
Complicate, detect, respond: stopping cyber attacks with identity analyticsComplicate, detect, respond: stopping cyber attacks with identity analytics
Complicate, detect, respond: stopping cyber attacks with identity analytics
 
Active security monitoring
Active security monitoringActive security monitoring
Active security monitoring
 
Who is the next target and how is big data related ulf mattsson
Who is the next target and how is big data related ulf mattssonWho is the next target and how is big data related ulf mattsson
Who is the next target and how is big data related ulf mattsson
 
IBM Security Services
IBM Security ServicesIBM Security Services
IBM Security Services
 
Netwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital worldNetwealth educational webinar: Peace of mind in a digital world
Netwealth educational webinar: Peace of mind in a digital world
 
Information Technology Security Basics
Information Technology Security BasicsInformation Technology Security Basics
Information Technology Security Basics
 
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018
 
Insider Threat: How Does Your Security Stack Measure Up?
Insider Threat: How Does Your Security Stack Measure Up?Insider Threat: How Does Your Security Stack Measure Up?
Insider Threat: How Does Your Security Stack Measure Up?
 
Aon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation StrategiesAon Ransomware Response and Mitigation Strategies
Aon Ransomware Response and Mitigation Strategies
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
 
when minutes counts
when minutes countswhen minutes counts
when minutes counts
 

More from Mantralogix

Sage 300 What's new?
Sage 300 What's new?Sage 300 What's new?
Sage 300 What's new?Mantralogix
 
What can CRM do for your business?
What can CRM do for your business?What can CRM do for your business?
What can CRM do for your business?Mantralogix
 
Mantralogix how to plug slow profit leaks
Mantralogix how to plug slow profit leaksMantralogix how to plug slow profit leaks
Mantralogix how to plug slow profit leaksMantralogix
 
How Big is Small Business?
How Big is Small Business?How Big is Small Business?
How Big is Small Business?Mantralogix
 
Excel Tips and Tricks
Excel Tips and TricksExcel Tips and Tricks
Excel Tips and TricksMantralogix
 
How to Manage Projects the Profitable Way Using Sage CRM
How to Manage Projects the Profitable Way Using Sage CRMHow to Manage Projects the Profitable Way Using Sage CRM
How to Manage Projects the Profitable Way Using Sage CRMMantralogix
 
What's New In Sage X3
What's New In Sage X3What's New In Sage X3
What's New In Sage X3Mantralogix
 

More from Mantralogix (7)

Sage 300 What's new?
Sage 300 What's new?Sage 300 What's new?
Sage 300 What's new?
 
What can CRM do for your business?
What can CRM do for your business?What can CRM do for your business?
What can CRM do for your business?
 
Mantralogix how to plug slow profit leaks
Mantralogix how to plug slow profit leaksMantralogix how to plug slow profit leaks
Mantralogix how to plug slow profit leaks
 
How Big is Small Business?
How Big is Small Business?How Big is Small Business?
How Big is Small Business?
 
Excel Tips and Tricks
Excel Tips and TricksExcel Tips and Tricks
Excel Tips and Tricks
 
How to Manage Projects the Profitable Way Using Sage CRM
How to Manage Projects the Profitable Way Using Sage CRMHow to Manage Projects the Profitable Way Using Sage CRM
How to Manage Projects the Profitable Way Using Sage CRM
 
What's New In Sage X3
What's New In Sage X3What's New In Sage X3
What's New In Sage X3
 

Recently uploaded

Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendArshad QA
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
Clustering techniques data mining book ....
Clustering techniques data mining book ....Clustering techniques data mining book ....
Clustering techniques data mining book ....ShaimaaMohamedGalal
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 

Recently uploaded (20)

Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and Backend
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
Clustering techniques data mining book ....
Clustering techniques data mining book ....Clustering techniques data mining book ....
Clustering techniques data mining book ....
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 

The Need for Efficiency and Effectiveness

  • 1. . McAfee Confidential ​The Need for Efficiency and Effectiveness ​Kal Kurm ​kal.kurm@intel.com ​416.529.5876
  • 2. . McAfee ConfidentialIntel Security Confidential A matter of national interest. Under Attack DEC13JAN14FEB14MAR14APR14MAY14JUN14JUL14AUG14SEP14OCT14NOV14DEC14JAN15FEB15MAR15APR15MAY15JUN15JUL1 We’ve reached a tipping point
  • 3. . McAfee Confidential Traditional Security Is Not Working Source: Verizon 2014 Data Breach Investigations Report 99% of breaches led to compromise within “days” or less with 85% leading to data exfiltration in the same time 85% of breaches took “weeks” or more to discover
  • 4. . Intel Security Confidential Marriott, Starwood, Radisson, InterContinental ‘…learned that an unauthorized party gained access to our systems compromising the payment card information of certain customers who made purchases at a ‘wichcraft location in New York or San Francisco using a payment card from approximately 11 Aug to 2 Oct, 2013.’ ‘The attack was similar to attacks reported by other national retailers. In response, we immediately engaged a leading cyber- security company to investigate and notices were posted in every store and on our website.’ Easton, Bell, Riddell, Giro, Blackburn Seven Specific Retail Breaches NYT 27 Feb 14 (re:Target): “…the company said earnings were down 46 percent from the same period a year earlier, including an expenditure of 61M USD for the breach itself. Earnings per share were 81 cents, down from $1.47 the year before. Target executives repeatedly called 2013 a ‘challenging’ year on Wednesday.” Three Major Things in Common
  • 5. . McAfee Confidential Attack Begins System Intrusion Attacker Surveillance Cover-up Complete Access Probe Leap Frog Attacks Complete Target Analysis TIME Attack Set-up Discovery/ Persistence Maintain foothold Cover-up Starts Attack Forecast Physical Security Containment & Eradication System ReactionDamage Identification Recovery Defender Discovery Monitoring & Controls Impact Analysis Response Threat Analysis Attack Identified Incident Reporting Need to collapse free time ATTACKER FREE TIME TIME Reducing Attacker Free Time
  • 6. . Intel Security Confidential 6 Economic Impact of Cybercrime II – CSIS, June ‘14 Estimated loss of GDP to Cybercrime Comparisons with other criminal activity
  • 7. . Intel Security Confidential …Fed Chair Janet Yellen: “…important to understand that this is a payment innovation…Governments do not have the authority to regulate Bitcoin in any way.” Eastern District of Texas Federal Court: “…can be used to purchase goods or services… exchanged for conventional currencies… Bitcoin is a currency or form of money…” Ransomware Payment with Bitcoins BTC converter 5 Mar 15 preev.com, (Yellen) Fortune 27 Feb 14, (Court) Forbes 07 Aug 14, (Ransomware) McAfee Labs, 2015
  • 8. . Intel Security Confidential 8 McAfee Labs Threat Report, August 2015 Signed Malicious Binaries Routinely utilized attacker technique
  • 9. . Intel Security Confidential 9 McAfee Labs Threat Report, August 2014 Phishing Quiz Still the most effective means of delivering malware 95% of enterprise breaches are the result of successful spear phishing – Alan Paller, SANS https://phishingquiz.mcafee.com/
  • 10. . Intel Security Confidential Spam (in trillions) High numbers but a gently declining trend
  • 11. . McAfee Confidential Security’s Perfect Storm Fragmented Security Market Industrialization of Cybercrime Exponential Attack Surface Growth By 2020 there will be 26 smart objects for every living person and 5000x more stored bytes than grains of sand on Earth Intel forecast / IDC Up to 50 offerings to assess and secure an environment Linear Budgets Skillset Shortages Compliancy & regulatory Competitive Pressures Breaches up 55% year over year 30% of attacks are targeted Verizon DBIR 2015 / Intel Security Golden Hour Survey 2015 Business Realities 11
  • 12. . McAfee Confidential 17% Seconds 4% Minutes 20% Hours 24% Days 19% Weeks 14% Months 2% Years Exploit to Discovery 2% Seconds 3% Minutes 18% Hours 36% Days 18% Weeks 20% Months 1% Years 2% Never Discovery to Remediation Evidence of Security Inefficiency 12 Source: Verizon Data Breach Report 2014 Two affected time windows
  • 13. . McAfee Confidential Sophistication of attacks leads to increased emphasis on detect and correct. Attack-Driven View Shifting emphasis given large volume and complexity of attacks DETECT An iterative process of finding attacks that were not prevented Involves a cycle of hunting, assessing scope and impact, and prioritizing PROTECT The prevention of attacks, either by reducing exposure or by detecting and blocking via deployed countermeasures The attack does not become a formal breach CORRECT The process of remediating an attack, restoring to normal operations, and reporting impact Also involves adapting countermeasures to protect against similar attacks in the future
  • 14. . McAfee Confidential Apply the power of knowledge Intelligence Orchestration Organizational Threat Intelligence Global Threat Intelligence Intel Security Countermeasures 3rd Party Solutions McAfee Global Threat Intelligence Virus Total 3rd Party Feeds Administrator Knowledge Organization Prevalence & Forensics Security Innovation Alliance STIX/TAXII Analytics & response Payload inspection & detonation Cloud assisted protection Evolution of endpoints 14
  • 15. . McAfee Confidential Efficient, thorough, automated communications between disparate sensors Connected Architecture 3rd PartyNetwork DataIdentityEndpoint Real-Time Messaging Standardized Content Adaptive Workflows Efficiency in Communication 15