A Master Class given by Yul Bahat during the Forum Internationale de la Cybersécurité (FIC) 2018.
Brief:
"Detection, the core cyber security mechanism we have been using for the past 50 years is failing us. We need to be open to new innovations, and new ways to achieve protection".
3. Introduction
• Previous roles include:
• Head of IT Risk Surveys for a leading consulting firm in Israel
• Head of Cyber Security Threat Intelligence at the Israeli e-Gov
department
• Senior Information Security Specialist at the Organisation for
Economic Cooperation and Development (OECD)
• Currently
• Co-Founder of Securitude Cyber Solutions – Come visit us at booth
D24, or on our website: www.securitude.com
But if I must…
3
4. Introduction (CyAN)
CYbersecurity Advisors Network (CyAN)
An international not-for-profit association established in 2015. CyAN aims to
strengthen cybersecurity and fight against cybercrime through a multi-disciplinary
approach based on mutual trust among its members and on complementarity of their
profiles and experiences. CyAN is a pool of experts in all disciplines, with 67
worldwide members in 2017.
Partnerships: Partnerships in the works with organisations as reputable as
Bloomberg, Kaspersky, Viva Tech Forum, CyberSec Krakow, FIC and more.
Projects: CyAN takes part in European projects such as OSINT by Europol and
MANDOLA by the European Commission
More information: meet us at our stand (E20) or visit www.cyan.network
But I’m here under a different hat…
4
10. Detection Technologies
• Anti Malware (also Next-Gen Anti Malware)
• Network based IDS/IPS
• Host based IDS/IPS
• Sandbox (In-Band or Out-of-Band)
• …
It’s not just the Anti-Malwares that are failing
10
11. Evolution of Detection
• Signatures
• Heuristics
• Baseline / Anomalies
• Cloud Based
• Threat Intelligence
• Machine Learning
• Artificial Intelligence
Rise of the buzzwords
11
17. Isolation
• Shut down direct access to assets
• Content Disarmament & Reconstruction (CDR)
• Segmentation, Segmentation, Segmentation
• Micro Virtual Machines and Micro-Segmentation
• Move interaction to outside your network
• Web Browsing Isolation
Keep malicious stuff as contained and as far away as possible
17
18. Isolation – Web Browsing Isolation
18
HTTP Request
HTML Response
19. Isolation – Web Browsing Isolation
19
HTTP Request
HTML ResponseInteractive HTML5
Video Stream
30. Conclusion
• Detection is Dead (or at least, dying)
• It’s a good last line of defense
• Isolation
• Nothing should get in your perimeter directly
• Deception
• Use their evasive techniques in your benefit
Imagine something funny written here
30
With representation in initiatives such as the fake news comission
Market share in corporates of McAfee, Symantec and Trend, combined is ~80%.
And this is even before we discussed the fact that in some cases, there’s a person whose entire job is to maintain exceptions and whitelisting. And this is a legacy machine, so we can’t activate half the features, and this server is too important, so we don’t dare install anything on it.
And this is even before we discussed the fact that in some cases, there’s a person whose entire job is to maintain exceptions and whitelisting. And this is a legacy machine, so we can’t activate half the features, and this server is too important, so we don’t dare install anything on it.
And this is even before we discussed the fact that in some cases, there’s a person whose entire job is to maintain exceptions and whitelisting. And this is a legacy machine, so we can’t activate half the features, and this server is too important, so we don’t dare install anything on it.
Hackers and malwares are the world champions of Hide and Seek.
They are, unfortunately, much better than my kid is.
There are many trends and things to look out for in the next couple of years, but I don’t have time to go voer all them. I chose two. And the fact is, they are not new. But in the last couple of years there were some amazing developments, and I think you should really take a closer look at them in 2018-2019.
The name of the game is seamless protection
The name of the game is seamless protection
The name of the game is seamless protection
My personal favorite trend. When clients are asking me where the future of cyber security lies, this is my answer