SlideShare a Scribd company logo

Defeating Cyber Threats

Envision Technology Advisors
Envision Technology Advisors

ATLAS is a global threat analysis network operated by Arbor Networks that collects network traffic data from over 250 participating carriers and enterprises. This data is analyzed by Arbor's security researchers to produce actionable threat intelligence on malware, phishing, botnets, and DDoS attacks. Participating in ATLAS provides benefits like improved network security through more proactive threat mitigation, reduced remediation efforts, and enhanced knowledge for security analysts. It also lessens workload on network infrastructure by offloading darknet traffic to sensors. Enterprises should consider carriers that participate in ATLAS for more reliable network services and security protections.

Technology
1 of 9
Download to read offline
DEFEATING CYBER THREATS REQUIRES A WIDER NET INTRODUCTION The evidence on cyber threats is staggering: ▪ Malware is reaching new all-time highs – McAfee, a provider of endpoint security software, reported there were nearly eight million new pieces of malware — just in the third quarter of 2012.1 Additionally, malicious and high-risk mobile apps are also on the rise. Trend Micro, for example, has identified 145 thousand malicious Android apps, as of September 2012.2 Keeping malware at bay, already a “treading water” challenge, is intensifying. ▪ BYOD is a growing threat vector – With the escalating pervasiveness of smartphones and tablets—Frost & Sullivan estimates smartphones shipped in 2012 will reach 558 million, and tablets will reach 93 million—more fuel is added daily to the Bring Your Own Device (BYOD) movement. From a security perspective, the implications of BYOD are more untrusted devices connecting into corporate networks and connecting to enterprise public-facing Web sites; and, with that, more devices are potential participants in malware propagation and botnet-based attacks. The enemy is everywhere. ▪ Distributed Denial of Service (DDoS) attacks are approaching mainstream In a 2012 survey of network operators conducted by Arbor Networks, over three- quarters of the operators experienced DDoS attacks targeting their customers.3 In a 2012 Frost & Sullivan-conducted global survey of security professionals, cyber terrorism and attacks by hacktivists were identified as top security concerns by 19 percent and 14 percent of the survey respondents, respectively. Malware infections and application vulnerabilities were cited as top concerns by the greatest number of survey respondents—27 percent each. The list of significant security concerns is growing in length and diversity. ▪ Exposure footprint is expanding – The cloud is becoming another computing “location” for a growing number of organizations. According to the same Frost & Sullivan 2012 global survey of security professionals, slightly more than one-third of the respondents cite cloud computing as a high priority for their organizations now, and that percentage increases to 54 percent in two years. In other words, more than half of the surveyed organizations expect to be using or in the process of moving a portion of their operations to the cloud in two years. 1 McAfee Threats Report: Third Quarter 2012, available for download at: http://www.mcafee.com/us/mcafee-labs.aspx. 2 TrendLabs 3Q 2012 Security Roundup, available for download at: http://www.trendmicro.com/us/security-intelligence/research-and- analysis/index.html#threat-reports. 3 Worldwide Infrastructure Security Report, available for download at: http://www.arbornetworks.com/research/infrastructure-security-report.
What is of equal concern is that organizations cannot change how they conduct their operations. Networks, whether they are private or public, are the circulatory systems of business. Malicious and unwanted traffic clog these electronic arteries and add risk to maintaining stable operations, reaching profitability objectives, managing a business’s brand reputation, complying with compliance regulations, and safeguarding sensitive data. TRADITIONAL CYBER DEFENSE APPROACHES ARE INSUFFICIENT To lessen these risks, organizations rely on an assortment of gateways and filters to cleanse their network traffic. Although logical, this approach is dependent on the ability to identify threatening traffic with effectiveness and time efficiency, and then update security policies and malware and intrusion signatures with equal accuracy and speed. Many factors, however, make this critical task difficult, such as: unending escalation in traffic volume and originations, evolving network and computing infrastructures and traffic patterns, and hacker sophistication to evade detection. Despite all of these challenges, Stratecast’s perspective is that this identify-and-mitigate approach is fundamentally sound but incomplete. Where the incompleteness lies is in the restricted net of information and resulting analysis. Too often, organizations rely extensively on the traffic that they can see on their individual networks, and the traffic their individual carriers see. While essential, these views are not the entire universe, but merely a sample and, as a sample, subject to interpretative error (i.e., insufficient data points to reach conclusions with a maximum level of confidence and in an optimized window of time). What is needed is a net that is wider, with continuous data feeds from a community of carriers. Not only does this extended reach add to the breadth of data available for analysis (e.g., catching clues on threatening traffic on one carrier’s network before this same type or origin of trending traffic invades other carrier and enterprise networks), but also improves the integrity of mitigation policy changes and creation of new policies as more confirming data points on threatening traffic are available. Arbor’s ATLAS® (Active Threat Level Analysis System) reflects this carrier and enterprise community attribute. Furthermore, ATLAS is not a theoretical concept but a set of established services that have been supporting carriers and large, Internet-based enterprises on an opt-in basis for six years. ATLAS’s existence and expanding carrier and large enterprise participation is a testament to its value. In this paper, Stratecast will provide an overview of ATLAS, and detail why carriers and enterprises should participate in ATLAS; and, by association, why enterprises should take note of the participating carriers in making their carrier selections.
ARBOR ATLAS FUNDAMENTALS ATLAS is a global-operating threat analysis network. Launched in 2007, ATLAS transparently, and on an hourly basis, collects network traffic data from sensors hosted in carriers’ darknets, and data from carrier and enterprise-deployed Arbor security and traffic-monitoring platforms. Between these two sources, Arbor is collecting data from all assigned IP addresses—service-active IP addresses from Arbor platforms and service- inactive IP addresses from darknet-hosted ATLAS sensors. In terms of scale, there are more than 250 ATLAS-participating carriers and enterprises supplying a peak stream of network traffic data of over 38 terabytes per second (Tbps). Stripped of carrier and customer sensitive information, this data is fed into the Arbor Security Engineering Response Team (ASERT) database and combined with third-party threat information sources for assessment. Operating 24x7, ASERT researchers transform this data stream into actionable intelligence on malware, phishing attempts, botnet (command & control and botnet zombies) and DDoS attacks. Notable of depth, this data is bi-directional, representing traffic originating in carrier networks and their customers’ locations (where ATLAS platforms are deployed), as well as inter-carrier traffic. Alternatively stated, origins of Source: Arbor Networks
threatening traffic (compromised hosts and locations) and targets are both included in the ASERT database. Furthermore, ASERT researchers examine traffic data over time and in simulated and real polymorphic forms, in order to identify highly sophisticated, composite, and personalized threats. From a historical perspective, ATLAS, underpinned by ASERT (a 12-year old organization), is the culmination of pioneering, industry-collaboration initiatives sponsored by Arbor. The first launch, in 2004, was the Arbor Worldwide Infrastructure Security Report. An original, this report was prepared by Arbor with direct participation by its carrier customers and for its carrier customers to improve their network security strategies and tactics. One year later, in 2005, Arbor launched its Fingerprint Sharing Alliance (FSA). This alliance demonstrated the inter-carrier benefit of automated sharing of Internet attack information; in essence, uplifting the information sharing value of the Arbor Worldwide Infrastructure Security Report from once-a-year to continuous. For alliance participants, FSA again leveraged the power of community. For example, rather than establishing multiple pair-wise, carrier-to-carrier data sharing arrangements, or as a supplement to these, the clearinghouse function of FSA delivers Arbor-certified attack and anomaly traffic identifiers to each FSA subscriber, and does this without exposing private carrier or enterprise information. FSA also delved into the next layer of pressing needs for carrier and enterprise security professionals—that is, transforming threat information into trusted and actionable threat intelligence. Or, stated alternatively, assisting Arbor customers in being wise in threat information assessments and confidently deliberate in acting on this information. ASERT’s actionable threat intelligence exists in two Arbor automated services: ▪ Active Threat Feed (ATF) – The ATF is an activity-based threat detection service for known and emerging threats. ASERT uses attack information from ATLAS to create detailed profiles or “fingerprints” of security threats, including attacks, unauthorized activity or malicious traffic patterns. Unlike traditional defenses such as IPS/IDS or anti-virus, which use signatures to detect attacks, the ATF fingerprints provide subscribers with a broad scope of security intelligence and visibility into the events occurring on the network, including advanced threats and botnet activity. ▪ ATLAS Intelligence Feed (AIF) – With DDoS attacks going mainstream, carriers and enterprises are facing a legitimate business appropriation concern: whether additional hardware investments and security personnel will be required to address this looming threat. AIF delivers real-time DDoS and botnet signatures to protect networks and Web infrastructure from DDoS attack toolsets and their variants. In action, these feeds directly and automatically populate DDoS and botnet identification and mitigation policies. With DDoS attacks having the capability of going from a trickle to a debilitating wave in a cyber moment, automatic policy updates based on the wide experience aperture of ATLAS community members and vetted by ASERT researchers is essential.
For ATLAS subscribers seeking additional threat intelligence, Arbor hosts a Web-based portal. Subscriber views can be dynamically customized at a highly granular level; e.g., for a specific Autonomous System Number (ASN), IP address, or country. For non- subscriber, portal visitors, the ATLAS portal lists the top 20 threat sources from the latest 24-hour period. ATLAS BENEFITS FOR CARRIERS AND ENTERPRISES For security professionals, useful threat intelligence is paramount. But, as previously stated, value lies in the range, integrity and timeliness of this intelligence. This is the first benefit of ATLAS—a community-supported, vetted, real-time and actionable source of threat intelligence. In practice, this benefit has three correlated business and operational offshoots: ▪ More threats are proactively mitigated, resulting in a lower overall risk posture. ▪ Less remediation occurs. With fewer attacks being successful, remediation efforts (e.g., purging endpoint devices of malware infections, bolstering Web infrastructure to defend against DDoS attacks, and conducting data breach notifications) will be fewer in number and smaller in scale. ▪ As ATLAS researchers monitor and assess traffic data from Arbor platforms and darknet sensors, carrier and enterprise security analysts gain the benefits of this threat analysis without incurring the work effort. Their knowledge levels are enhanced. Obviously, these outcomes contribute to heightened operational efficacy for security organizations. However, efficacy improvements do not end there. Placing ATLAS’s threat intelligence in the broader context of existing security technologies that rely on signatures, such as IPS/IDS and anti-malware, security teams may determine that examining and updating signature files does not always need to be conducted on an “urgent” basis. Armed with the contextual attack data from ATLAS, security professionals have the information necessary to prioritize signature deployment in other network security products such as IDS/IPS and anti-malware applications. Lessening “break away” crises leaves more uninterrupted time for security professionals to concentrate on other important responsibilities and initiatives. ADDED ATLAS BENEFITS FOR CARRIERS Whereas the previously listed ATLAS benefits are focused on gains in operational efficacy, improving risk posture, and de-stressing the work lives of security professionals, there is also a de-stressing benefit to carriers’ network infrastructures. This benefit comes into play in the routing of darknet IP addresses. By routing darknet IP addresses
to the carrier-hosted ATLAS sensors, rather than the carrier’s production routers, the traffic load associated with the darknet is removed from these production routers. This darknet “off-loading” benefit is most evident during periods of high volume attacks aimed at darknet addresses. As the carrier’s production routers are not bombarded by this influx of undesirable, yet useful, traffic (i.e., useful in the sense that this traffic provides clues on emerging security threats), network administrators will not be pulled away from their important responsibilities to concentrate on this traffic spike, and how to mitigate the impact on their production networks. Another carrier benefit of ATLAS is in its market positioning. When given a choice, network administrators rank service reliability among the top attributes in network service selection. In a mid- 2012 survey of U.S. businesses, conducted by Frost & Sullivan, service reliability was second only to security as the most cited network services attribute. ATLAS directly contributes to both of these attributes by uplifting carriers’ ability to fortify the security and reliability of their production networks. Built on the “worldwide traffic library and brain” of ASERT, ATLAS-participating carriers have a tangible point of evidence to show their customers that they are not combating cyber threats alone; they are taking advantage of an expansive community. ENTERPRISE SHOULD TAKE NOTE Enterprise security operators are responsible for protecting their networks from confidential data breaches, unauthorized access (even from trusted users), maintaining network integrity, and ensuring solid brand reputation—as well as helping the network team keep stable service levels. Attackers are taking advantage of these professionals’ multiple responsibilities and launching multi-stage, blended attacks that are uniquely designed for that organization’s infrastructure. While some enterprise security professionals love getting into the weeds of attack information—understanding where it came from, the triggers associated with attacks and so on—it is simply not practical for most. In addition to security, service reliability is vital to any business that runs critical operations on the Internet or private networks that are not fully isolated from the Internet. While the business implications of service disruptions and uneven service performance will vary by circumstance, gauging those implications through experience is a risky proposition. Given the choice, is it not preferable to select network services from ATLAS-participating carriers? Data from ATLAS provides these busy security professionals with not only accurate and effective security via the AIF and ATF feeds that run in Arbor’s products; it also provides valuable context and information on attacks that can be used for proactive security. This security intelligence and forensic data can be used for updating security enforcement policies across the network, as well as for mitigation of threats that were previously not known. By updating these policies and proactively blocking threats, the security team can keep the network uncluttered from attack traffic—maintaining reliable service for critical business applications.
Michael Suby VP of Research Stratecast | Frost & Sullivan msuby@stratecast.com Stratecast The Last Word Shortly after the dawn of the public Internet, carriers supporting the Internet’s backbone, and commercial entities relying on the Internet to support their internal operations and conduct public-facing businesses, have been in a constant and ever- evolving battle against a myriad of threat types and actors. There is absolutely no reason to expect this battle to end. Moreover, battlefield expansion is a certainty as the volume and diversity of Internet-enabled devices grows and enterprises expand their virtual points of presence into a variety of interconnected cloud and hosting environments. In essence, the Internet’s relevancy and enterprise dependency are rising. With that, the attraction of it to cyber criminals, protestors and disruptors— from basement hobbyists to highly organized entities—will also increase. For carriers, hosting and cloud services providers, and enterprises, a fundamental question is how to leverage and protect the openness of the Internet and the business opportunities the Internet presents. Our position is that a structured worldwide, community-supported approach to threat analysis and response is fundamentally essential. The diversity, morphing velocity and sophistication of emerging threats calls for nothing less than a complete and real-time assessment of all battleground fronts. ATLAS has the carrier and enterprise relationship scale, expertise of ASERT and experience to support such an effort.
877.GoFrost • myfrost@frost.com http://www.frost.com ABOUT FROST & SULLIVAN Frost & Sullivan, the Growth Partnership Company, partners with clients to accelerate their growth. The company's TEAM Research, Growth Consulting, and Growth Team Membership™ empower clients to create a growth -focused culture that generates, evaluates, and implements effective growth strategies. Frost & Sullivan employs over 50 years of experience in partnering with Global 1000 companies, emerging businesses, and the investment community from more than 40 offices on six continents. For more information about Frost & Sullivan’s Growth Partnership Services, visit http://www.frost.com. ABOUT STRATECAST Stratecast collaborates with our clients to reach smart business decisions in the rapidly evolving and hyper - competitive Information and Communications Technology markets. Leveraging a mix of action -oriented subscription research and customized consulting engagements, Stratecast delivers knowledge and perspective that is only attainable through years of real-world experience in an industry where customers are collaborators; today’s partners are tomorrow’s competitors; and agility and innovation are essential elements for success. Contact your Stratecast Account Executive to engage our experience to assist you in attaining your growth objectives. Silicon Valley 331 E. Evelyn Ave., Suite 100 Mountain View, CA 94041 Tel 650.475.4500 Fax 650.475.1570 London 4, Grosvenor Gardens, London SWIW ODH,UK Tel 44(0)20 7730 3438 Fax 44(0)20 7730 3343 San Antonio 7550 West Interstate 10, Suite 400 San Antonio, Texas 78229-5616 Tel 210.348.1000 Fax 210.348.1003 Auckland Bangkok Beijing Bengaluru Bogotá Buenos Aires Cape Town Chennai Colombo Delhi / NCR Dhaka Dubai Frankfurt Hong Kong Istanbul Jakarta Kolkata Kuala Lumpur London Mexico City Milan Moscow Mumbai Manhattan Oxford Paris Rockville Centre San Antonio São Paulo Seoul Shanghai Silicon Valley Singapore Sophia Antipolis Sydney Taipei Tel Aviv Tokyo Toronto Warsaw Washington, DC

Recommended

Meeting the Challenges of HIPAA Compliance, Phishing Attacks, and Mobile Secu...
Meeting the Challenges of HIPAA Compliance, Phishing Attacks, and Mobile Secu...Meeting the Challenges of HIPAA Compliance, Phishing Attacks, and Mobile Secu...
Meeting the Challenges of HIPAA Compliance, Phishing Attacks, and Mobile Secu...Envision Technology Advisors
 
Perspecsys_Best_Practices_Guide_for_Protecting_Healthcare_Data_in_the_Cloud
Perspecsys_Best_Practices_Guide_for_Protecting_Healthcare_Data_in_the_CloudPerspecsys_Best_Practices_Guide_for_Protecting_Healthcare_Data_in_the_Cloud
Perspecsys_Best_Practices_Guide_for_Protecting_Healthcare_Data_in_the_CloudCheryl Goldberg
 
Secure Multimedia Content Protection and Sharing
Secure Multimedia Content Protection and SharingSecure Multimedia Content Protection and Sharing
Secure Multimedia Content Protection and SharingIRJET Journal
 
Securing sensitive data for the health care industry
Securing sensitive data for the health care industrySecuring sensitive data for the health care industry
Securing sensitive data for the health care industryCloudMask inc.
 
McMahon and Associates Cloud Usage Policy Paper
McMahon and Associates Cloud Usage Policy PaperMcMahon and Associates Cloud Usage Policy Paper
McMahon and Associates Cloud Usage Policy PaperMatthew J McMahon
 
Scaling Mobile Network Security for LTE: A Multi-Layer Approach
Scaling Mobile Network Security for LTE: A Multi-Layer ApproachScaling Mobile Network Security for LTE: A Multi-Layer Approach
Scaling Mobile Network Security for LTE: A Multi-Layer ApproachF5 Networks
 
F5 networks the_expectation_of_ssl_everywhere
F5 networks the_expectation_of_ssl_everywhereF5 networks the_expectation_of_ssl_everywhere
F5 networks the_expectation_of_ssl_everywhereF5 Networks
 
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...Steven Meister
 

Recommended

Meeting the Challenges of HIPAA Compliance, Phishing Attacks, and Mobile Secu...
Meeting the Challenges of HIPAA Compliance, Phishing Attacks, and Mobile Secu...Meeting the Challenges of HIPAA Compliance, Phishing Attacks, and Mobile Secu...
Meeting the Challenges of HIPAA Compliance, Phishing Attacks, and Mobile Secu...Envision Technology Advisors
 
Perspecsys_Best_Practices_Guide_for_Protecting_Healthcare_Data_in_the_Cloud
Perspecsys_Best_Practices_Guide_for_Protecting_Healthcare_Data_in_the_CloudPerspecsys_Best_Practices_Guide_for_Protecting_Healthcare_Data_in_the_Cloud
Perspecsys_Best_Practices_Guide_for_Protecting_Healthcare_Data_in_the_CloudCheryl Goldberg
 
Secure Multimedia Content Protection and Sharing
Secure Multimedia Content Protection and SharingSecure Multimedia Content Protection and Sharing
Secure Multimedia Content Protection and SharingIRJET Journal
 
Securing sensitive data for the health care industry
Securing sensitive data for the health care industrySecuring sensitive data for the health care industry
Securing sensitive data for the health care industryCloudMask inc.
 
McMahon and Associates Cloud Usage Policy Paper
McMahon and Associates Cloud Usage Policy PaperMcMahon and Associates Cloud Usage Policy Paper
McMahon and Associates Cloud Usage Policy PaperMatthew J McMahon
 
Scaling Mobile Network Security for LTE: A Multi-Layer Approach
Scaling Mobile Network Security for LTE: A Multi-Layer ApproachScaling Mobile Network Security for LTE: A Multi-Layer Approach
Scaling Mobile Network Security for LTE: A Multi-Layer ApproachF5 Networks
 
F5 networks the_expectation_of_ssl_everywhere
F5 networks the_expectation_of_ssl_everywhereF5 networks the_expectation_of_ssl_everywhere
F5 networks the_expectation_of_ssl_everywhereF5 Networks
 
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...
Gdpr ccpa steps to near as close to compliancy as possible with low risk of f...Steven Meister
 
3rd Part Cyber Risk Report - 2018
3rd Part Cyber Risk Report - 20183rd Part Cyber Risk Report - 2018
3rd Part Cyber Risk Report - 2018NormShield
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityArunvignesh Venkatesh
 
Keep Student information protected while improving services
Keep Student information protected while improving servicesKeep Student information protected while improving services
Keep Student information protected while improving servicesCloudMask inc.
 
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?Sarah Nirschl
 
Conference Paper: Enabling Privacy Mechanisms in Apache Storm
Conference Paper: Enabling Privacy Mechanisms in Apache StormConference Paper: Enabling Privacy Mechanisms in Apache Storm
Conference Paper: Enabling Privacy Mechanisms in Apache StormEricsson
 
Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsDr. Sunil Kr. Pandey
 
Open Source Insight: Struts in VMware, Law Firm Cybersecurity, Hospital Data ...
Open Source Insight: Struts in VMware, Law Firm Cybersecurity, Hospital Data ...Open Source Insight: Struts in VMware, Law Firm Cybersecurity, Hospital Data ...
Open Source Insight: Struts in VMware, Law Firm Cybersecurity, Hospital Data ...Black Duck by Synopsys
 
Final paper1 final paper1
Final paper1 final paper1Final paper1 final paper1
Final paper1 final paper1joney4
 
Cloud Audit and Compliance
Cloud Audit and ComplianceCloud Audit and Compliance
Cloud Audit and ComplianceQuadrisk
 
The Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security BreachThe Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security BreachCloudLock
 
ENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATE
ENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATEENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATE
ENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATEIJNSA Journal
 
Law firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskLaw firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskCloudMask inc.
 
27859 a new distributed architecture for remote communications 2013
27859 a new distributed architecture for remote communications 201327859 a new distributed architecture for remote communications 2013
27859 a new distributed architecture for remote communications 2013Benjamin Kyalo
 
The role of DDoS Providers
The role of DDoS ProvidersThe role of DDoS Providers
The role of DDoS ProvidersNeil Hinton
 
Whitepaper | Cyber resilience in the age of digital transformation
Whitepaper | Cyber resilience in the age of digital transformationWhitepaper | Cyber resilience in the age of digital transformation
Whitepaper | Cyber resilience in the age of digital transformationNexon Asia Pacific
 
Cashing in on the public cloud with total confidence
Cashing in on the public cloud with total confidenceCashing in on the public cloud with total confidence
Cashing in on the public cloud with total confidenceCloudMask inc.
 
To Improve Data Storage Security Levels in the Cloud
To Improve Data Storage Security Levels in the CloudTo Improve Data Storage Security Levels in the Cloud
To Improve Data Storage Security Levels in the Cloudrahulmonikasharma
 
Where in the world is your Corporate data?
Where in the world is your Corporate data?Where in the world is your Corporate data?
Where in the world is your Corporate data?Ashish Patel
 
4. data security eb__1_
4. data security eb__1_4. data security eb__1_
4. data security eb__1_Appsian
 
LinkedIn - Creating a Cloud Security Policy
LinkedIn - Creating a Cloud Security PolicyLinkedIn - Creating a Cloud Security Policy
LinkedIn - Creating a Cloud Security PolicyChris Niggel
 
Cloud Based Email
Cloud Based EmailCloud Based Email
Cloud Based EmailEnvision Technology Advisors
 
Disaster Recovery - Deep Dive
Disaster Recovery - Deep DiveDisaster Recovery - Deep Dive
Disaster Recovery - Deep DiveEnvision Technology Advisors
 

More Related Content

What's hot

3rd Part Cyber Risk Report - 2018
3rd Part Cyber Risk Report - 20183rd Part Cyber Risk Report - 2018
3rd Part Cyber Risk Report - 2018NormShield
 
Keep Student information protected while improving services
Keep Student information protected while improving servicesKeep Student information protected while improving services
Keep Student information protected while improving servicesCloudMask inc.
 
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?Sarah Nirschl
 
Conference Paper: Enabling Privacy Mechanisms in Apache Storm
Conference Paper: Enabling Privacy Mechanisms in Apache StormConference Paper: Enabling Privacy Mechanisms in Apache Storm
Conference Paper: Enabling Privacy Mechanisms in Apache StormEricsson
 
Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsDr. Sunil Kr. Pandey
 
Open Source Insight: Struts in VMware, Law Firm Cybersecurity, Hospital Data ...
Open Source Insight: Struts in VMware, Law Firm Cybersecurity, Hospital Data ...Open Source Insight: Struts in VMware, Law Firm Cybersecurity, Hospital Data ...
Open Source Insight: Struts in VMware, Law Firm Cybersecurity, Hospital Data ...Black Duck by Synopsys
 
Final paper1 final paper1
Final paper1 final paper1Final paper1 final paper1
Final paper1 final paper1joney4
 
Cloud Audit and Compliance
Cloud Audit and ComplianceCloud Audit and Compliance
Cloud Audit and ComplianceQuadrisk
 
The Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security BreachThe Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security BreachCloudLock
 
ENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATE
ENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATEENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATE
ENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATEIJNSA Journal
 
Law firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskLaw firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskCloudMask inc.
 
27859 a new distributed architecture for remote communications 2013
27859 a new distributed architecture for remote communications 201327859 a new distributed architecture for remote communications 2013
27859 a new distributed architecture for remote communications 2013Benjamin Kyalo
 
The role of DDoS Providers
The role of DDoS ProvidersThe role of DDoS Providers
The role of DDoS ProvidersNeil Hinton
 
Whitepaper | Cyber resilience in the age of digital transformation
Whitepaper | Cyber resilience in the age of digital transformationWhitepaper | Cyber resilience in the age of digital transformation
Whitepaper | Cyber resilience in the age of digital transformationNexon Asia Pacific
 
Cashing in on the public cloud with total confidence
Cashing in on the public cloud with total confidenceCashing in on the public cloud with total confidence
Cashing in on the public cloud with total confidenceCloudMask inc.
 
To Improve Data Storage Security Levels in the Cloud
To Improve Data Storage Security Levels in the CloudTo Improve Data Storage Security Levels in the Cloud
To Improve Data Storage Security Levels in the Cloudrahulmonikasharma
 
Where in the world is your Corporate data?
Where in the world is your Corporate data?Where in the world is your Corporate data?
Where in the world is your Corporate data?Ashish Patel
 
4. data security eb__1_
4. data security eb__1_4. data security eb__1_
4. data security eb__1_Appsian
 
LinkedIn - Creating a Cloud Security Policy
LinkedIn - Creating a Cloud Security PolicyLinkedIn - Creating a Cloud Security Policy
LinkedIn - Creating a Cloud Security PolicyChris Niggel
 

What's hot (20)

3rd Part Cyber Risk Report - 2018
3rd Part Cyber Risk Report - 20183rd Part Cyber Risk Report - 2018
3rd Part Cyber Risk Report - 2018
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Keep Student information protected while improving services
Keep Student information protected while improving servicesKeep Student information protected while improving services
Keep Student information protected while improving services
 
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
 
Conference Paper: Enabling Privacy Mechanisms in Apache Storm
Conference Paper: Enabling Privacy Mechanisms in Apache StormConference Paper: Enabling Privacy Mechanisms in Apache Storm
Conference Paper: Enabling Privacy Mechanisms in Apache Storm
 
Cloud Security, Standards and Applications
Cloud Security, Standards and ApplicationsCloud Security, Standards and Applications
Cloud Security, Standards and Applications
 
Open Source Insight: Struts in VMware, Law Firm Cybersecurity, Hospital Data ...
Open Source Insight: Struts in VMware, Law Firm Cybersecurity, Hospital Data ...Open Source Insight: Struts in VMware, Law Firm Cybersecurity, Hospital Data ...
Open Source Insight: Struts in VMware, Law Firm Cybersecurity, Hospital Data ...
 
Final paper1 final paper1
Final paper1 final paper1Final paper1 final paper1
Final paper1 final paper1
 
Cloud Audit and Compliance
Cloud Audit and ComplianceCloud Audit and Compliance
Cloud Audit and Compliance
 
The Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security BreachThe Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security Breach
 
ENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATE
ENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATEENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATE
ENHANCING INFRASTRUCTURE SECURITY IN REAL ESTATE
 
Law firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskLaw firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMask
 
27859 a new distributed architecture for remote communications 2013
27859 a new distributed architecture for remote communications 201327859 a new distributed architecture for remote communications 2013
27859 a new distributed architecture for remote communications 2013
 
The role of DDoS Providers
The role of DDoS ProvidersThe role of DDoS Providers
The role of DDoS Providers
 
Whitepaper | Cyber resilience in the age of digital transformation
Whitepaper | Cyber resilience in the age of digital transformationWhitepaper | Cyber resilience in the age of digital transformation
Whitepaper | Cyber resilience in the age of digital transformation
 
Cashing in on the public cloud with total confidence
Cashing in on the public cloud with total confidenceCashing in on the public cloud with total confidence
Cashing in on the public cloud with total confidence
 
To Improve Data Storage Security Levels in the Cloud
To Improve Data Storage Security Levels in the CloudTo Improve Data Storage Security Levels in the Cloud
To Improve Data Storage Security Levels in the Cloud
 
Where in the world is your Corporate data?
Where in the world is your Corporate data?Where in the world is your Corporate data?
Where in the world is your Corporate data?
 
4. data security eb__1_
4. data security eb__1_4. data security eb__1_
4. data security eb__1_
 
LinkedIn - Creating a Cloud Security Policy
LinkedIn - Creating a Cloud Security PolicyLinkedIn - Creating a Cloud Security Policy
LinkedIn - Creating a Cloud Security Policy
 

Viewers also liked

Marketing for NGOs
Marketing for NGOsMarketing for NGOs
Marketing for NGOsILM_UCU
 

Viewers also liked (8)

Cloud Based Email
Cloud Based EmailCloud Based Email
Cloud Based Email
 
Disaster Recovery - Deep Dive
Disaster Recovery - Deep DiveDisaster Recovery - Deep Dive
Disaster Recovery - Deep Dive
 
Ten Myths About Deleted Files
Ten Myths About Deleted FilesTen Myths About Deleted Files
Ten Myths About Deleted Files
 
The Ultimate Guide To Business Continuity
The Ultimate Guide To Business ContinuityThe Ultimate Guide To Business Continuity
The Ultimate Guide To Business Continuity
 
Cloud or Onsite BDR?
Cloud or Onsite BDR?Cloud or Onsite BDR?
Cloud or Onsite BDR?
 
Survivors Guide To The Cloud
Survivors Guide To The CloudSurvivors Guide To The Cloud
Survivors Guide To The Cloud
 
Marketing for NGOs
Marketing for NGOsMarketing for NGOs
Marketing for NGOs
 
How to Migrate Without Downtime
How to Migrate Without DowntimeHow to Migrate Without Downtime
How to Migrate Without Downtime
 

Similar to Defeating Cyber Threats

Find an article on the internet outline a security breach or cyb.docx
Find an article on the internet outline a security breach or cyb.docxFind an article on the internet outline a security breach or cyb.docx
Find an article on the internet outline a security breach or cyb.docxernestc3
 
Alert logic cloud security report
Alert logic cloud security reportAlert logic cloud security report
Alert logic cloud security reportGabe Akisanmi
 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise21CT Inc.
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
supply chain management.pptx
supply chain management.pptxsupply chain management.pptx
supply chain management.pptxMinnySkyy
 
F5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker FinalF5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker FinalShallu Behar-Sheehan FCIM
 
Secure intrusion detection and countermeasure selection in virtual system usi...
Secure intrusion detection and countermeasure selection in virtual system usi...Secure intrusion detection and countermeasure selection in virtual system usi...
Secure intrusion detection and countermeasure selection in virtual system usi...eSAT Publishing House
 
En msft-scrty-cntnt-e book-cybersecurity
En msft-scrty-cntnt-e book-cybersecurityEn msft-scrty-cntnt-e book-cybersecurity
En msft-scrty-cntnt-e book-cybersecurityOnline Business
 
Achieving high-fidelity security
Achieving high-fidelity securityAchieving high-fidelity security
Achieving high-fidelity securitybalejandre
 
Cisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco Security
 
MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudKumar Goud
 
Identified Vulnerabilitis And Threats In Cloud Computing
Identified Vulnerabilitis And Threats In Cloud ComputingIdentified Vulnerabilitis And Threats In Cloud Computing
Identified Vulnerabilitis And Threats In Cloud ComputingIOSR Journals
 
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...IRJET- Security Risk Assessment on Social Media using Artificial Intellig...
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...IRJET Journal
 
Interset-advanced threat detection wp
Interset-advanced threat detection wpInterset-advanced threat detection wp
Interset-advanced threat detection wpCMR WORLD TECH
 
AbstractCloud computing technology has become the new fron.docx
AbstractCloud computing technology has become the new fron.docxAbstractCloud computing technology has become the new fron.docx
AbstractCloud computing technology has become the new fron.docxSALU18
 
security_secure_pipes_frost_whitepaper
security_secure_pipes_frost_whitepapersecurity_secure_pipes_frost_whitepaper
security_secure_pipes_frost_whitepaperAlan Rudd
 

Similar to Defeating Cyber Threats (20)

Find an article on the internet outline a security breach or cyb.docx
Find an article on the internet outline a security breach or cyb.docxFind an article on the internet outline a security breach or cyb.docx
Find an article on the internet outline a security breach or cyb.docx
 
Alert logic cloud security report
Alert logic cloud security reportAlert logic cloud security report
Alert logic cloud security report
 
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of CompromiseInsight Brief: Security Analytics to Identify the 12 Indicators of Compromise
Insight Brief: Security Analytics to Identify the 12 Indicators of Compromise
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
supply chain management.pptx
supply chain management.pptxsupply chain management.pptx
supply chain management.pptx
 
F5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker FinalF5 Hero Asset - Inside the head of a Hacker Final
F5 Hero Asset - Inside the head of a Hacker Final
 
Secure intrusion detection and countermeasure selection in virtual system usi...
Secure intrusion detection and countermeasure selection in virtual system usi...Secure intrusion detection and countermeasure selection in virtual system usi...
Secure intrusion detection and countermeasure selection in virtual system usi...
 
En msft-scrty-cntnt-e book-cybersecurity
En msft-scrty-cntnt-e book-cybersecurityEn msft-scrty-cntnt-e book-cybersecurity
En msft-scrty-cntnt-e book-cybersecurity
 
2016 Trends in Security
2016 Trends in Security 2016 Trends in Security
2016 Trends in Security
 
Achieving high-fidelity security
Achieving high-fidelity securityAchieving high-fidelity security
Achieving high-fidelity security
 
Cisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco 2014 Midyear Security Report
Cisco 2014 Midyear Security Report
 
MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the Cloud
 
A017130104
A017130104A017130104
A017130104
 
Identified Vulnerabilitis And Threats In Cloud Computing
Identified Vulnerabilitis And Threats In Cloud ComputingIdentified Vulnerabilitis And Threats In Cloud Computing
Identified Vulnerabilitis And Threats In Cloud Computing
 
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...IRJET- Security Risk Assessment on Social Media using Artificial Intellig...
IRJET- Security Risk Assessment on Social Media using Artificial Intellig...
 
Interset-advanced threat detection wp
Interset-advanced threat detection wpInterset-advanced threat detection wp
Interset-advanced threat detection wp
 
AbstractCloud computing technology has become the new fron.docx
AbstractCloud computing technology has become the new fron.docxAbstractCloud computing technology has become the new fron.docx
AbstractCloud computing technology has become the new fron.docx
 
security_secure_pipes_frost_whitepaper
security_secure_pipes_frost_whitepapersecurity_secure_pipes_frost_whitepaper
security_secure_pipes_frost_whitepaper
 
4777.team c.final
4777.team c.final4777.team c.final
4777.team c.final
 
Veracode - Overview
Veracode - OverviewVeracode - Overview
Veracode - Overview
 

More from Envision Technology Advisors

Unleashing IT: Seize Innovation, Accelerate Business, Drive Outcomes. All thr...
Unleashing IT: Seize Innovation, Accelerate Business, Drive Outcomes. All thr...Unleashing IT: Seize Innovation, Accelerate Business, Drive Outcomes. All thr...
Unleashing IT: Seize Innovation, Accelerate Business, Drive Outcomes. All thr...Envision Technology Advisors
 

More from Envision Technology Advisors (20)

The State of Global Markets 2013
The State of Global Markets 2013The State of Global Markets 2013
The State of Global Markets 2013
 
Ten Myths About Recovery Deleted Files
Ten Myths About Recovery Deleted FilesTen Myths About Recovery Deleted Files
Ten Myths About Recovery Deleted Files
 
Detecting Stopping Advanced Attacks
Detecting Stopping Advanced AttacksDetecting Stopping Advanced Attacks
Detecting Stopping Advanced Attacks
 
8 Strategies For Building A Modern DataCenter
8 Strategies For Building A Modern DataCenter8 Strategies For Building A Modern DataCenter
8 Strategies For Building A Modern DataCenter
 
Unleashing IT: Seize Innovation, Accelerate Business, Drive Outcomes. All thr...
Unleashing IT: Seize Innovation, Accelerate Business, Drive Outcomes. All thr...Unleashing IT: Seize Innovation, Accelerate Business, Drive Outcomes. All thr...
Unleashing IT: Seize Innovation, Accelerate Business, Drive Outcomes. All thr...
 
7 Steps To Developing A Cloud Security Plan
7 Steps To Developing A Cloud Security Plan7 Steps To Developing A Cloud Security Plan
7 Steps To Developing A Cloud Security Plan
 
Avoiding The Seven Deadly Sins of IT
Avoiding The Seven Deadly Sins of ITAvoiding The Seven Deadly Sins of IT
Avoiding The Seven Deadly Sins of IT
 
Forrester Emerging MSSP Wave
Forrester Emerging MSSP WaveForrester Emerging MSSP Wave
Forrester Emerging MSSP Wave
 
RetroFit's Network Monitoring Solution
RetroFit's Network Monitoring SolutionRetroFit's Network Monitoring Solution
RetroFit's Network Monitoring Solution
 
Network Latency
Network LatencyNetwork Latency
Network Latency
 
2013 Threat Report
2013 Threat Report2013 Threat Report
2013 Threat Report
 
Termination of Windows XP
Termination of Windows XPTermination of Windows XP
Termination of Windows XP
 
WhenThe Going Gets Tough
WhenThe Going Gets ToughWhenThe Going Gets Tough
WhenThe Going Gets Tough
 
As A Man-Thinketh
As A Man-ThinkethAs A Man-Thinketh
As A Man-Thinketh
 
Project Management | Why do projects fail?
Project Management | Why do projects fail?Project Management | Why do projects fail?
Project Management | Why do projects fail?
 
Tips using Siri
Tips using SiriTips using Siri
Tips using Siri
 
Too Many EHR Alers
Too Many EHR AlersToo Many EHR Alers
Too Many EHR Alers
 
Top12 health issues
Top12 health issuesTop12 health issues
Top12 health issues
 
Final Federal IT Health Plan
Final Federal IT Health PlanFinal Federal IT Health Plan
Final Federal IT Health Plan
 
Roadmap IT Long Term Care
Roadmap IT Long Term CareRoadmap IT Long Term Care
Roadmap IT Long Term Care
 

Recently uploaded

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 

Recently uploaded (20)

The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 

Defeating Cyber Threats

  • 1.
  • 2. DEFEATING CYBER THREATS REQUIRES A WIDER NET INTRODUCTION The evidence on cyber threats is staggering: ▪ Malware is reaching new all-time highs – McAfee, a provider of endpoint security software, reported there were nearly eight million new pieces of malware — just in the third quarter of 2012.1 Additionally, malicious and high-risk mobile apps are also on the rise. Trend Micro, for example, has identified 145 thousand malicious Android apps, as of September 2012.2 Keeping malware at bay, already a “treading water” challenge, is intensifying. ▪ BYOD is a growing threat vector – With the escalating pervasiveness of smartphones and tablets—Frost & Sullivan estimates smartphones shipped in 2012 will reach 558 million, and tablets will reach 93 million—more fuel is added daily to the Bring Your Own Device (BYOD) movement. From a security perspective, the implications of BYOD are more untrusted devices connecting into corporate networks and connecting to enterprise public-facing Web sites; and, with that, more devices are potential participants in malware propagation and botnet-based attacks. The enemy is everywhere. ▪ Distributed Denial of Service (DDoS) attacks are approaching mainstream In a 2012 survey of network operators conducted by Arbor Networks, over three- quarters of the operators experienced DDoS attacks targeting their customers.3 In a 2012 Frost & Sullivan-conducted global survey of security professionals, cyber terrorism and attacks by hacktivists were identified as top security concerns by 19 percent and 14 percent of the survey respondents, respectively. Malware infections and application vulnerabilities were cited as top concerns by the greatest number of survey respondents—27 percent each. The list of significant security concerns is growing in length and diversity. ▪ Exposure footprint is expanding – The cloud is becoming another computing “location” for a growing number of organizations. According to the same Frost & Sullivan 2012 global survey of security professionals, slightly more than one-third of the respondents cite cloud computing as a high priority for their organizations now, and that percentage increases to 54 percent in two years. In other words, more than half of the surveyed organizations expect to be using or in the process of moving a portion of their operations to the cloud in two years. 1 McAfee Threats Report: Third Quarter 2012, available for download at: http://www.mcafee.com/us/mcafee-labs.aspx. 2 TrendLabs 3Q 2012 Security Roundup, available for download at: http://www.trendmicro.com/us/security-intelligence/research-and- analysis/index.html#threat-reports. 3 Worldwide Infrastructure Security Report, available for download at: http://www.arbornetworks.com/research/infrastructure-security-report.
  • 3. What is of equal concern is that organizations cannot change how they conduct their operations. Networks, whether they are private or public, are the circulatory systems of business. Malicious and unwanted traffic clog these electronic arteries and add risk to maintaining stable operations, reaching profitability objectives, managing a business’s brand reputation, complying with compliance regulations, and safeguarding sensitive data. TRADITIONAL CYBER DEFENSE APPROACHES ARE INSUFFICIENT To lessen these risks, organizations rely on an assortment of gateways and filters to cleanse their network traffic. Although logical, this approach is dependent on the ability to identify threatening traffic with effectiveness and time efficiency, and then update security policies and malware and intrusion signatures with equal accuracy and speed. Many factors, however, make this critical task difficult, such as: unending escalation in traffic volume and originations, evolving network and computing infrastructures and traffic patterns, and hacker sophistication to evade detection. Despite all of these challenges, Stratecast’s perspective is that this identify-and-mitigate approach is fundamentally sound but incomplete. Where the incompleteness lies is in the restricted net of information and resulting analysis. Too often, organizations rely extensively on the traffic that they can see on their individual networks, and the traffic their individual carriers see. While essential, these views are not the entire universe, but merely a sample and, as a sample, subject to interpretative error (i.e., insufficient data points to reach conclusions with a maximum level of confidence and in an optimized window of time). What is needed is a net that is wider, with continuous data feeds from a community of carriers. Not only does this extended reach add to the breadth of data available for analysis (e.g., catching clues on threatening traffic on one carrier’s network before this same type or origin of trending traffic invades other carrier and enterprise networks), but also improves the integrity of mitigation policy changes and creation of new policies as more confirming data points on threatening traffic are available. Arbor’s ATLAS® (Active Threat Level Analysis System) reflects this carrier and enterprise community attribute. Furthermore, ATLAS is not a theoretical concept but a set of established services that have been supporting carriers and large, Internet-based enterprises on an opt-in basis for six years. ATLAS’s existence and expanding carrier and large enterprise participation is a testament to its value. In this paper, Stratecast will provide an overview of ATLAS, and detail why carriers and enterprises should participate in ATLAS; and, by association, why enterprises should take note of the participating carriers in making their carrier selections.
  • 4. ARBOR ATLAS FUNDAMENTALS ATLAS is a global-operating threat analysis network. Launched in 2007, ATLAS transparently, and on an hourly basis, collects network traffic data from sensors hosted in carriers’ darknets, and data from carrier and enterprise-deployed Arbor security and traffic-monitoring platforms. Between these two sources, Arbor is collecting data from all assigned IP addresses—service-active IP addresses from Arbor platforms and service- inactive IP addresses from darknet-hosted ATLAS sensors. In terms of scale, there are more than 250 ATLAS-participating carriers and enterprises supplying a peak stream of network traffic data of over 38 terabytes per second (Tbps). Stripped of carrier and customer sensitive information, this data is fed into the Arbor Security Engineering Response Team (ASERT) database and combined with third-party threat information sources for assessment. Operating 24x7, ASERT researchers transform this data stream into actionable intelligence on malware, phishing attempts, botnet (command & control and botnet zombies) and DDoS attacks. Notable of depth, this data is bi-directional, representing traffic originating in carrier networks and their customers’ locations (where ATLAS platforms are deployed), as well as inter-carrier traffic. Alternatively stated, origins of Source: Arbor Networks
  • 5. threatening traffic (compromised hosts and locations) and targets are both included in the ASERT database. Furthermore, ASERT researchers examine traffic data over time and in simulated and real polymorphic forms, in order to identify highly sophisticated, composite, and personalized threats. From a historical perspective, ATLAS, underpinned by ASERT (a 12-year old organization), is the culmination of pioneering, industry-collaboration initiatives sponsored by Arbor. The first launch, in 2004, was the Arbor Worldwide Infrastructure Security Report. An original, this report was prepared by Arbor with direct participation by its carrier customers and for its carrier customers to improve their network security strategies and tactics. One year later, in 2005, Arbor launched its Fingerprint Sharing Alliance (FSA). This alliance demonstrated the inter-carrier benefit of automated sharing of Internet attack information; in essence, uplifting the information sharing value of the Arbor Worldwide Infrastructure Security Report from once-a-year to continuous. For alliance participants, FSA again leveraged the power of community. For example, rather than establishing multiple pair-wise, carrier-to-carrier data sharing arrangements, or as a supplement to these, the clearinghouse function of FSA delivers Arbor-certified attack and anomaly traffic identifiers to each FSA subscriber, and does this without exposing private carrier or enterprise information. FSA also delved into the next layer of pressing needs for carrier and enterprise security professionals—that is, transforming threat information into trusted and actionable threat intelligence. Or, stated alternatively, assisting Arbor customers in being wise in threat information assessments and confidently deliberate in acting on this information. ASERT’s actionable threat intelligence exists in two Arbor automated services: ▪ Active Threat Feed (ATF) – The ATF is an activity-based threat detection service for known and emerging threats. ASERT uses attack information from ATLAS to create detailed profiles or “fingerprints” of security threats, including attacks, unauthorized activity or malicious traffic patterns. Unlike traditional defenses such as IPS/IDS or anti-virus, which use signatures to detect attacks, the ATF fingerprints provide subscribers with a broad scope of security intelligence and visibility into the events occurring on the network, including advanced threats and botnet activity. ▪ ATLAS Intelligence Feed (AIF) – With DDoS attacks going mainstream, carriers and enterprises are facing a legitimate business appropriation concern: whether additional hardware investments and security personnel will be required to address this looming threat. AIF delivers real-time DDoS and botnet signatures to protect networks and Web infrastructure from DDoS attack toolsets and their variants. In action, these feeds directly and automatically populate DDoS and botnet identification and mitigation policies. With DDoS attacks having the capability of going from a trickle to a debilitating wave in a cyber moment, automatic policy updates based on the wide experience aperture of ATLAS community members and vetted by ASERT researchers is essential.
  • 6. For ATLAS subscribers seeking additional threat intelligence, Arbor hosts a Web-based portal. Subscriber views can be dynamically customized at a highly granular level; e.g., for a specific Autonomous System Number (ASN), IP address, or country. For non- subscriber, portal visitors, the ATLAS portal lists the top 20 threat sources from the latest 24-hour period. ATLAS BENEFITS FOR CARRIERS AND ENTERPRISES For security professionals, useful threat intelligence is paramount. But, as previously stated, value lies in the range, integrity and timeliness of this intelligence. This is the first benefit of ATLAS—a community-supported, vetted, real-time and actionable source of threat intelligence. In practice, this benefit has three correlated business and operational offshoots: ▪ More threats are proactively mitigated, resulting in a lower overall risk posture. ▪ Less remediation occurs. With fewer attacks being successful, remediation efforts (e.g., purging endpoint devices of malware infections, bolstering Web infrastructure to defend against DDoS attacks, and conducting data breach notifications) will be fewer in number and smaller in scale. ▪ As ATLAS researchers monitor and assess traffic data from Arbor platforms and darknet sensors, carrier and enterprise security analysts gain the benefits of this threat analysis without incurring the work effort. Their knowledge levels are enhanced. Obviously, these outcomes contribute to heightened operational efficacy for security organizations. However, efficacy improvements do not end there. Placing ATLAS’s threat intelligence in the broader context of existing security technologies that rely on signatures, such as IPS/IDS and anti-malware, security teams may determine that examining and updating signature files does not always need to be conducted on an “urgent” basis. Armed with the contextual attack data from ATLAS, security professionals have the information necessary to prioritize signature deployment in other network security products such as IDS/IPS and anti-malware applications. Lessening “break away” crises leaves more uninterrupted time for security professionals to concentrate on other important responsibilities and initiatives. ADDED ATLAS BENEFITS FOR CARRIERS Whereas the previously listed ATLAS benefits are focused on gains in operational efficacy, improving risk posture, and de-stressing the work lives of security professionals, there is also a de-stressing benefit to carriers’ network infrastructures. This benefit comes into play in the routing of darknet IP addresses. By routing darknet IP addresses
  • 7. to the carrier-hosted ATLAS sensors, rather than the carrier’s production routers, the traffic load associated with the darknet is removed from these production routers. This darknet “off-loading” benefit is most evident during periods of high volume attacks aimed at darknet addresses. As the carrier’s production routers are not bombarded by this influx of undesirable, yet useful, traffic (i.e., useful in the sense that this traffic provides clues on emerging security threats), network administrators will not be pulled away from their important responsibilities to concentrate on this traffic spike, and how to mitigate the impact on their production networks. Another carrier benefit of ATLAS is in its market positioning. When given a choice, network administrators rank service reliability among the top attributes in network service selection. In a mid- 2012 survey of U.S. businesses, conducted by Frost & Sullivan, service reliability was second only to security as the most cited network services attribute. ATLAS directly contributes to both of these attributes by uplifting carriers’ ability to fortify the security and reliability of their production networks. Built on the “worldwide traffic library and brain” of ASERT, ATLAS-participating carriers have a tangible point of evidence to show their customers that they are not combating cyber threats alone; they are taking advantage of an expansive community. ENTERPRISE SHOULD TAKE NOTE Enterprise security operators are responsible for protecting their networks from confidential data breaches, unauthorized access (even from trusted users), maintaining network integrity, and ensuring solid brand reputation—as well as helping the network team keep stable service levels. Attackers are taking advantage of these professionals’ multiple responsibilities and launching multi-stage, blended attacks that are uniquely designed for that organization’s infrastructure. While some enterprise security professionals love getting into the weeds of attack information—understanding where it came from, the triggers associated with attacks and so on—it is simply not practical for most. In addition to security, service reliability is vital to any business that runs critical operations on the Internet or private networks that are not fully isolated from the Internet. While the business implications of service disruptions and uneven service performance will vary by circumstance, gauging those implications through experience is a risky proposition. Given the choice, is it not preferable to select network services from ATLAS-participating carriers? Data from ATLAS provides these busy security professionals with not only accurate and effective security via the AIF and ATF feeds that run in Arbor’s products; it also provides valuable context and information on attacks that can be used for proactive security. This security intelligence and forensic data can be used for updating security enforcement policies across the network, as well as for mitigation of threats that were previously not known. By updating these policies and proactively blocking threats, the security team can keep the network uncluttered from attack traffic—maintaining reliable service for critical business applications.
  • 8. Michael Suby VP of Research Stratecast | Frost & Sullivan msuby@stratecast.com Stratecast The Last Word Shortly after the dawn of the public Internet, carriers supporting the Internet’s backbone, and commercial entities relying on the Internet to support their internal operations and conduct public-facing businesses, have been in a constant and ever- evolving battle against a myriad of threat types and actors. There is absolutely no reason to expect this battle to end. Moreover, battlefield expansion is a certainty as the volume and diversity of Internet-enabled devices grows and enterprises expand their virtual points of presence into a variety of interconnected cloud and hosting environments. In essence, the Internet’s relevancy and enterprise dependency are rising. With that, the attraction of it to cyber criminals, protestors and disruptors— from basement hobbyists to highly organized entities—will also increase. For carriers, hosting and cloud services providers, and enterprises, a fundamental question is how to leverage and protect the openness of the Internet and the business opportunities the Internet presents. Our position is that a structured worldwide, community-supported approach to threat analysis and response is fundamentally essential. The diversity, morphing velocity and sophistication of emerging threats calls for nothing less than a complete and real-time assessment of all battleground fronts. ATLAS has the carrier and enterprise relationship scale, expertise of ASERT and experience to support such an effort.
  • 9. 877.GoFrost • myfrost@frost.com http://www.frost.com ABOUT FROST & SULLIVAN Frost & Sullivan, the Growth Partnership Company, partners with clients to accelerate their growth. The company's TEAM Research, Growth Consulting, and Growth Team Membership™ empower clients to create a growth -focused culture that generates, evaluates, and implements effective growth strategies. Frost & Sullivan employs over 50 years of experience in partnering with Global 1000 companies, emerging businesses, and the investment community from more than 40 offices on six continents. For more information about Frost & Sullivan’s Growth Partnership Services, visit http://www.frost.com. ABOUT STRATECAST Stratecast collaborates with our clients to reach smart business decisions in the rapidly evolving and hyper - competitive Information and Communications Technology markets. Leveraging a mix of action -oriented subscription research and customized consulting engagements, Stratecast delivers knowledge and perspective that is only attainable through years of real-world experience in an industry where customers are collaborators; today’s partners are tomorrow’s competitors; and agility and innovation are essential elements for success. Contact your Stratecast Account Executive to engage our experience to assist you in attaining your growth objectives. Silicon Valley 331 E. Evelyn Ave., Suite 100 Mountain View, CA 94041 Tel 650.475.4500 Fax 650.475.1570 London 4, Grosvenor Gardens, London SWIW ODH,UK Tel 44(0)20 7730 3438 Fax 44(0)20 7730 3343 San Antonio 7550 West Interstate 10, Suite 400 San Antonio, Texas 78229-5616 Tel 210.348.1000 Fax 210.348.1003 Auckland Bangkok Beijing Bengaluru Bogotá Buenos Aires Cape Town Chennai Colombo Delhi / NCR Dhaka Dubai Frankfurt Hong Kong Istanbul Jakarta Kolkata Kuala Lumpur London Mexico City Milan Moscow Mumbai Manhattan Oxford Paris Rockville Centre San Antonio São Paulo Seoul Shanghai Silicon Valley Singapore Sophia Antipolis Sydney Taipei Tel Aviv Tokyo Toronto Warsaw Washington, DC