Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Canadian Cyber Cecurity

107 views

Published on

Looking at Cyber Security from a Canadian perspective using Canadian-centric reports

Published in: Software
  • Be the first to comment

  • Be the first to like this

Canadian Cyber Cecurity

  1. 1. Peter Scheffler F5 Networks, Security Systems Engineer
  2. 2. © F5 Networks, Inc 2
  3. 3. © F5 Networks, Inc 3
  4. 4. © F5 Networks, Inc 4 On average, Canadian companies were attacked 40 times in 2015 (1) 51% of respondents suffered data loss due to an attack in 2015 (1) 35% of respondents saw one Advanced Persistent Threat (APT) attack a month (1) (1) 2015 Scalar Security Study – The Cyber Security Readiness of Canadian Organizations
  5. 5. © F5 Networks, Inc 5 DDoS is still the most common – an average of 5 per month! (1) Web-borne malware presents the biggest and most common threat (1) Spear phishing is a common attack against users (1)(1) 2015 Scalar Security Study – The Cyber Security Readiness of Canadian Organizations
  6. 6. © F5 Networks, Inc 6 27% of users WOULD SELL THEIR OWN CREDENTIALS (3) It takes an average of 205 days to locate a breach (2) Only 50% of respondents deploy 0- Day patches within a week (4) (2) M-Trends: A View from the Front Lines (Mandiant/FireEye) (3) Passwords Are Failing, Security Pros Say (Lieberman Software) (4) RSA Conference 2016: State of Security Survey (Bromium)
  7. 7. © F5 Networks, Inc 7 Deploy IDAM solutions (1) Implement network monitoring / sniffing tools (1) Implement a SIEM (1) Encrypt data both at rest and in flight (1) (1) 2015 Scalar Security Study – The Cyber Security Readiness of Canadian Organizations
  8. 8. © F5 Networks, Inc 8
  9. 9. © F5 Networks, Inc 10 FW IPS LB Servers R Apps 0% 100%SSL TLS Typical Architecture – built for little/no Encryption FW IPS LB Servers R 443 Apps Zero Visibility ------- Key Mgmt Nightmare SSL Pass Thru
  10. 10. © F5 Networks, Inc 11 BIG-IP FW DLP FEYE WAF SVR New Architecture for SSL/TLS Visibility R IPS
  11. 11. © F5 Networks, Inc 12 TMOS FPGA T C P T C P iRules CAVIUM Servers Why BIG-IP in Front? Cipher Diversity - HW implementation - F5 developed drivers/ciphers - Bulk Throughput SSL TLS F5 Silverline DDoS, WAF SSL TLS DDoS Vectors in Hardware L T M Security Services with Visibility - Firewalls: Network, WAF, DNS, DDoS - Access Control, SSO, SAML, SSL VPN - Forward Proxy, Web Filtering - Anti-BOT (IPI), Anti-Fraud (Websafe) - IPS, FireEye, DLP, etc. (external) #1 Performance/Scale - Sessions, Connections - Unmatched anywhere

×