This document discusses the evolution of cyber threats from viruses in the 1990s to advanced persistent threats today. It notes that 100% of companies connect to domains hosting malicious files or services, 54% of breaches go undiscovered for months, and 60% of data is stolen within hours. The document advocates for a holistic approach to cybersecurity called the Global Security Sales Organization that covers the entire attack continuum from before, during, and after attacks. This includes visibility across the network, endpoints, mobile devices, virtual systems, and cloud to detect, block, and defend against threats.

1. Intelligent Cybersecurity
for the Real World
Francisco Ramirez
Ghassan Dreibi
Nov 5, 2014

2. Agenda
Session 1
Francisco Ramirez – Security Managing Director
Ghassan Dreibi – Strategic & Planning BDM
Session 2
Carlo Davila – IDC LATAM Analyst
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2

3. The Industrialization of Hacking
Hacking Becomes
an Industry
Sophisticated Attacks,
Complex Landscape
Phishing, Low
Sophistication
1990 1995 2000 2005 2010 2015 2020
Viruses
1990–2000
Worms
2000–2005
Spyware and Rootkits
2005–Today
APTs Cyberware
Today +
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3

4. Threat Landscape Demands more than Application Control
100%
of companies connect
to domains that host
malicious files or services
54%
of breaches
remain undiscovered
for months
60%
of data is
stolen in
hours
It is a Community
that hides in plain sight
avoids detection and
attacks swiftly
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4

5. The Pervasiveness of Malicious Traffic
High-Threat Malware
Hijacked Infrastructure
Sites without Content
Suspect FTP
Suspect VPN
Inappropriate Content
100%
96%
92%
88%
79%
50%
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5

6. The Silver Bullet Does Not Exist
Sandboxing
Application
Control
“Detect the
Unknown”
“Fix the Firewall”
“Captive portal”
IDS/IPS
UTM
PKI
“No key, no access”
“It matches the pattern”
NAC
“No false positives,
no false negatives”
FW/VPN
AV
“Block or Allow”
GSSO focuses on the totality of defending against threats
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6

7. GSSO – Global Security Sales Organization
A New Way to Solve Real World Security Issues
Dedicated Security
sales force – GSSO
Aligned with Cisco’s
Services, Partner
and Sales
Organization (Cisco) +
Selling market
leading technology,
services and
solutions across the
entire attack
continuum
+
=
Unmatched differentiation
Market credibility that will amplify loyalty
Stronger solutions across all architectures
© 2014 2013-Cisco 2014 and/Cisco or its and/affiliates. or its affiliates. All rights All reserved. rights reserved. Cisco Confidential 7

8. Visibility: See More – Protect More
Files
Network
Servers
Users
Operating
Systems
Web
Applications
Routers and
Switches
Application
Protocols
Mobile
Devices
Printers
VoIP
Phones
Malware
Virtual
Machines
Command
and Control
Servers
Client
Applications
Services
Vulnerabilities
NetFlow
Network
Behavior
Processes
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8

9. Cyber Security Advanced Model
BEFORE
Discover
Enforce
Harden
AFTER
Scope
Contain
Remediate
Attack Continuum
DURING
Detect
Block
Defend
Network Endpoint Mobile Virtual Cloud
Point in Time Continuous
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9

10. Cyber Security Attach Continuum Approach
DURING
Cyber Threat Defense
Manage Security CPE
Solution Implementation
Security Assessment
Strategic Planning
Solution Plan / Design
Managed Threat Defense
Custom Threat Intelligence
Services
Security Optimization
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10 Firewall
NGFW
NAC + Identity Services
VPN
UTM
NGIPS
Web Security
Advanced Malware Protection
Network Behavior Analysis
Products
Email Security
BEFORE
Discover
Enforce
Harden
AFTER
Scope
Contain
Remediate
Detect
Block
Defend

11. Strategic Imperatives
Visibility-Driven Threat-Focused Platform-Based
Network Endpoint Mobile Virtual Cloud
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11

12. The Security Perimeter in the Cloud
Collective
Security
Intelligence
The
Distributed
Perimeter
Cloud
Connected
Network
Telemetry Data Threat Research Advanced Analytics
Mobile Router Firewall
3M+
Cloud Web
Security Users
6GB
Web Traffic Examined,
Protected
Every Hour
75M
Unique Hits
Every Hour
10M
Blocks Enforced Every
Hour
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12

13. Platform-Based Security Architecture
Management
Security Services
and Applications
Security Services
Platform
Infrastructure
Element
Layer
Common Security Policy and Management
Cisco Security Applications Third-Party Security Applications
Context
Awareness
Content
Inspection
Application
Visibility
Common Security Policy & Management
Orchestration
Access
Control
Security
Management APIs
Cisco ONE
APIs
Platform
APIs
Threat
Prevention
Cloud Intelligence
APIs
Physical Appliance Virtual Cloud
APIs APIs
Device API: OnePK™, OpenFlow, CLI
Cisco Networking Operating Systems (Enterprise, Data Center, Service Provider)
ASIC Data Plane Route–Switch–Compute Software Data Plane
© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13

14. Thank you.