BJ
Uploaded byBruce Johnson
PPT, PDF177 views

Joe CFO for CiscoLive Berlin 2016 Email and Web Security Presentation

This document discusses Cisco's layered approach to email and web security to protect users from modern threats. It presents a scenario of a user named Joe who clicks a link in a phishing email while waiting for his flight. This action infects Joe's device with malware that steals his credentials and information. The document then shows how Cisco's security solutions would have protected Joe at different points: before, during, and after the incident. It emphasizes the need for layered security defenses to block blended attacks and protect users from threats even after exposure.

Embed presentation

Download to read offline
Bruce Johnson Senior Product Marketing Manager February 10, 2016 Cisco Web and Email Security New Ways to Protect from the Top Threat Vectors
Email: Leading Threat Vector Data Loss Acceptable Use Violations Malware Infections IPv6 Spam Blended Threats Targeted Attacks APTs Advanced Malware Rootkits Worms Trojan Horse 205.6 Billion Emails per Day in 2015 and Growing - Radicati
Blended Attacks Multiple Security Layers Needed
Point in Time Security is Not Enough! BEFORE Discover Enforce Harden DURING Detect Block Defend AFTER Scope Contain Remediate Web ReputationWeb Reputation Usage ControlsUsage Controls Malware SignatureMalware Signature File ReputationFile Reputation File SandboxingFile Sandboxing File RetrospectionFile Retrospection Application ControlsApplication Controls Threat AnalyticsThreat Analytics Actionable Reporting Actionable Reporting
Cisco Confidential 5© 2013-2014 Cisco and/or its affiliates. All rights reserved. “If you knew you were going to be compromised… …would you do security differently?”
Joe CFO Waiting for his plane Meet Joe. He is heading home for a well deserved vacation. He’s catching up on email using the airport Wi-Fi while he waits for his flight. BEFORE
Joe CFO Checks his email Joe just got an email from his vacation resort with a confirmation link. www.beautiful-hawaii.com BEFORE Your Tropical Getaway Joe, Thank you for choosing us. We look forward to seeing you. Before your arrival, please verify your information here: www.vacationresort.com Best, Resort Team
Joe CFO Instinctively, he clicks on the link No problem, right? Everything looks normal. The site may even be a trusted site, or maybe a site that is newly minted. BEFORE Your Tropical Getaway Joe, Thank you for choosing us. We look forward to seeing you. Before your arrival, please verify your information here: www.vacationresort.com Best, Resort Team
DURING Joe CFO Joe is now infected Joe opens the link and the resort video plays. Although he doesn’t know it, Joe’s machine has been compromised by a flash-based video exploit. The malware now starts to harvest Joe’s confidential information: •Passwords •Credentials •Company access authorizations
Cisco Confidential 10© 2013-2014 Cisco and/or its affiliates. All rights reserved. Now let’s see how Cisco’s Layered Defense protects Joe…. instant replay
Meet Joe. He is heading home for a well deserved vacation. Instant Replay with Cisco Security BEFORE Waiting for his plane How Cisco Protects You
Joe just got an email from his vacation resort. Instant Replay with Cisco Email Security DURING Checks his email How Cisco Protects You Your Tropical Getaway Joe, Thank you for choosing us. We look forward to seeing you. Before your arrival, please verify your information here: www.vacationresort.com Best, Resort Team
No problem, right? Everything looks normal. Instant Replay with Cisco Web Security DURING Instinctively, he clicks on the link How Cisco Protects You Deploys malware protection Traces phone home traffic Conducts 200 pt. website “credit check” Controls social media micro-app policy Activates embedded protection Your Tropical Getaway Joe, Thank you for choosing us. We look forward to seeing you. Before your arrival, please verify your information here: www.vacationresort.com Best, Resort Team Traces “phone home” traffic
Joe opens the link and the resort video plays. Instant Replay with Cisco AMP for Email & Web Security DURING Joe is protected How Cisco Protects You Isolates unknown files through sandboxing Evaluates file reputation Registers files
After a relaxing vacation, Joe returns home protected and unaware that the threat even existed. (and he still has a job!) Joe CFO arrives home AFTER Joe is protected
After a few days, a file begins to behave maliciously. Joe CFO arrives home AFTER Joe is protected How Cisco Protects You Identifies polymorphic attacks Discovers patient zero and zero +1 Analyzes threats retrospectively
Layered Email and Web Security Best Defense for Complex Threats Come by the Email and Web Security Booth and Learn More
Thank you

More Related Content

PPT
Cyber Security – Virus and the Internet
byLove Steven
 
KEY
Privacy security
byhanjunxian
 
PPT
Discourage hackers using the ecc 521 system
byGlobal Secured - Reclaim Your Privacy - Gsecc
 
PDF
We Don't Need No Stinking Badges
byDeep Focus
 
PPTX
Digital safety
bypsusmith
 
PDF
Teknologi antivirus vs malware 2015 expanded
byAlfons Tanujaya
 
PDF
Social networking and internet security
byFrank Brunke
 
PDF
iOS and Android security: Differences you need to know
byNowSecure
 
Cyber Security – Virus and the Internet
byLove Steven
 
Privacy security
byhanjunxian
 
Discourage hackers using the ecc 521 system
byGlobal Secured - Reclaim Your Privacy - Gsecc
 
We Don't Need No Stinking Badges
byDeep Focus
 
Digital safety
bypsusmith
 
Teknologi antivirus vs malware 2015 expanded
byAlfons Tanujaya
 
Social networking and internet security
byFrank Brunke
 
iOS and Android security: Differences you need to know
byNowSecure
 

What's hot

PPTX
Internet security and privacy
bygbemis00
 
PPTX
Deployment Scenarios KES4B [Kaspersky]
byDesmond Israel
 
PPTX
Android App Security Solution
byJay Li
 
PPT
Top 5 website security myths
bykanika sharma
 
PPTX
Viruses
byfaustynj
 
PPTX
Pure retail training non animation
bykatelyn-fogarty
 
PPTX
Pure retail training presentation
bykatelyn-fogarty
 
PPTX
Pure retail training presentation v2
bykaspersky-lab
 
PPTX
Smartphone Security Guide: The Easiest Way to Keep Your Phone & Data Secure
byHeimdal Security
 
PPT
AVG 8.0 Product Listing
bylilsyko
 
PPT
Bitdefender Android/Mobile Security
byKazi Sarwar Hossain
 
PDF
Simple Steps to Online Safety
bySymantec
 
PDF
Mobile Application Pentest [Fast-Track]
byPrathan Phongthiproek
 
PPTX
REVE Antivirus
byAbhijeet Guha
 
PPTX
1
byBjrnJohansen9
 
PPTX
IT Security for Small Business
byExecutive Management Solutions
 
PDF
Top10 Biggest Security Threats
byKim Jensen
 
PPT
Keep Your SME Safe Online
byalbryce
 
Internet security and privacy
bygbemis00
 
Deployment Scenarios KES4B [Kaspersky]
byDesmond Israel
 
Android App Security Solution
byJay Li
 
Top 5 website security myths
bykanika sharma
 
Viruses
byfaustynj
 
Pure retail training non animation
bykatelyn-fogarty
 
Pure retail training presentation
bykatelyn-fogarty
 
Pure retail training presentation v2
bykaspersky-lab
 
Smartphone Security Guide: The Easiest Way to Keep Your Phone & Data Secure
byHeimdal Security
 
AVG 8.0 Product Listing
bylilsyko
 
Bitdefender Android/Mobile Security
byKazi Sarwar Hossain
 
Simple Steps to Online Safety
bySymantec
 
Mobile Application Pentest [Fast-Track]
byPrathan Phongthiproek
 
REVE Antivirus
byAbhijeet Guha
 
1
byBjrnJohansen9
 
IT Security for Small Business
byExecutive Management Solutions
 
Top10 Biggest Security Threats
byKim Jensen
 
Keep Your SME Safe Online
byalbryce
 

Similar to Joe CFO for CiscoLive Berlin 2016 Email and Web Security Presentation

PPTX
Cisco Web and Email Security Overview
byCisco Security
 
PDF
Cisco Content Security
byCisco Canada
 
PDF
Presentation cisco iron port e-mail security solution
byxKinAnx
 
PDF
Cisco Secure Email 2024 Cisco Secure Email 2024
byMichaelLee15927
 
PPTX
Two for Attack: Web and Email Content Protection
byCisco Canada
 
PPTX
email-security-bdm.pptx
bypunzango73
 
PDF
Presentation cisco iron port email & web security
byxKinAnx
 
PDF
Presentation cisco cloud security strategy
byxKinAnx
 
PDF
Intelligent Cybersecurity for the Real World
byNetCraftsmen
 
PPTX
IntroCyberv2.1_Chp2_Instructor_Supplemental_Material.pptx
byfuebf
 
PDF
Cisco Live Cancun PR Session
byFelipe Lamus
 
PPTX
Seminar on Phishing Protection
byCristian Garcia G.
 
PDF
BYOD and Security Trends
byCisco Russia
 
PDF
Proteja seus clientes - Gerenciamento dos Serviços de Segurança
byCisco do Brasil
 
PDF
Apresentação da tecnologias de E-mail Threats
byJeanCarlos706416
 
PDF
Cisco 2014 - Anual Security Report
byMandar Kharkar
 
PPTX
Idc security roadshow may2015 Adrian Aron
byDejan Jeremic
 
PDF
During the Next Generation Network and Data Centre – Now and into the Future ...
byCisco Canada
 
PPT
Girls Days 2014 - Cisco Germany - Duesseldorf
byChristoph Nienhaus
 
PDF
Cisco Advanced Services
byCisco do Brasil
 
Cisco Web and Email Security Overview
byCisco Security
 
Cisco Content Security
byCisco Canada
 
Presentation cisco iron port e-mail security solution
byxKinAnx
 
Cisco Secure Email 2024 Cisco Secure Email 2024
byMichaelLee15927
 
Two for Attack: Web and Email Content Protection
byCisco Canada
 
email-security-bdm.pptx
bypunzango73
 
Presentation cisco iron port email & web security
byxKinAnx
 
Presentation cisco cloud security strategy
byxKinAnx
 
Intelligent Cybersecurity for the Real World
byNetCraftsmen
 
IntroCyberv2.1_Chp2_Instructor_Supplemental_Material.pptx
byfuebf
 
Cisco Live Cancun PR Session
byFelipe Lamus
 
Seminar on Phishing Protection
byCristian Garcia G.
 
BYOD and Security Trends
byCisco Russia
 
Proteja seus clientes - Gerenciamento dos Serviços de Segurança
byCisco do Brasil
 
Apresentação da tecnologias de E-mail Threats
byJeanCarlos706416
 
Cisco 2014 - Anual Security Report
byMandar Kharkar
 
Idc security roadshow may2015 Adrian Aron
byDejan Jeremic
 
During the Next Generation Network and Data Centre – Now and into the Future ...
byCisco Canada
 
Girls Days 2014 - Cisco Germany - Duesseldorf
byChristoph Nienhaus
 
Cisco Advanced Services
byCisco do Brasil
 

Joe CFO for CiscoLive Berlin 2016 Email and Web Security Presentation

  • 1.
    Bruce Johnson Senior ProductMarketing Manager February 10, 2016 Cisco Web and Email Security New Ways to Protect from the Top Threat Vectors
  • 2.
    Email: Leading ThreatVector Data Loss Acceptable Use Violations Malware Infections IPv6 Spam Blended Threats Targeted Attacks APTs Advanced Malware Rootkits Worms Trojan Horse 205.6 Billion Emails per Day in 2015 and Growing - Radicati
  • 3.
  • 4.
    Point in TimeSecurity is Not Enough! BEFORE Discover Enforce Harden DURING Detect Block Defend AFTER Scope Contain Remediate Web ReputationWeb Reputation Usage ControlsUsage Controls Malware SignatureMalware Signature File ReputationFile Reputation File SandboxingFile Sandboxing File RetrospectionFile Retrospection Application ControlsApplication Controls Threat AnalyticsThreat Analytics Actionable Reporting Actionable Reporting
  • 5.
    Cisco Confidential 5©2013-2014 Cisco and/or its affiliates. All rights reserved. “If you knew you were going to be compromised… …would you do security differently?”
  • 6.
    Joe CFO Waiting forhis plane Meet Joe. He is heading home for a well deserved vacation. He’s catching up on email using the airport Wi-Fi while he waits for his flight. BEFORE
  • 7.
    Joe CFO Checks hisemail Joe just got an email from his vacation resort with a confirmation link. www.beautiful-hawaii.com BEFORE Your Tropical Getaway Joe, Thank you for choosing us. We look forward to seeing you. Before your arrival, please verify your information here: www.vacationresort.com Best, Resort Team
  • 8.
    Joe CFO Instinctively, heclicks on the link No problem, right? Everything looks normal. The site may even be a trusted site, or maybe a site that is newly minted. BEFORE Your Tropical Getaway Joe, Thank you for choosing us. We look forward to seeing you. Before your arrival, please verify your information here: www.vacationresort.com Best, Resort Team
  • 9.
    DURING Joe CFO Joe isnow infected Joe opens the link and the resort video plays. Although he doesn’t know it, Joe’s machine has been compromised by a flash-based video exploit. The malware now starts to harvest Joe’s confidential information: •Passwords •Credentials •Company access authorizations
  • 10.
    Cisco Confidential 10©2013-2014 Cisco and/or its affiliates. All rights reserved. Now let’s see how Cisco’s Layered Defense protects Joe…. instant replay
  • 11.
    Meet Joe. Heis heading home for a well deserved vacation. Instant Replay with Cisco Security BEFORE Waiting for his plane How Cisco Protects You
  • 12.
    Joe just gotan email from his vacation resort. Instant Replay with Cisco Email Security DURING Checks his email How Cisco Protects You Your Tropical Getaway Joe, Thank you for choosing us. We look forward to seeing you. Before your arrival, please verify your information here: www.vacationresort.com Best, Resort Team
  • 13.
    No problem, right? Everythinglooks normal. Instant Replay with Cisco Web Security DURING Instinctively, he clicks on the link How Cisco Protects You Deploys malware protection Traces phone home traffic Conducts 200 pt. website “credit check” Controls social media micro-app policy Activates embedded protection Your Tropical Getaway Joe, Thank you for choosing us. We look forward to seeing you. Before your arrival, please verify your information here: www.vacationresort.com Best, Resort Team Traces “phone home” traffic
  • 14.
    Joe opens thelink and the resort video plays. Instant Replay with Cisco AMP for Email & Web Security DURING Joe is protected How Cisco Protects You Isolates unknown files through sandboxing Evaluates file reputation Registers files
  • 15.
    After a relaxingvacation, Joe returns home protected and unaware that the threat even existed. (and he still has a job!) Joe CFO arrives home AFTER Joe is protected
  • 16.
    After a fewdays, a file begins to behave maliciously. Joe CFO arrives home AFTER Joe is protected How Cisco Protects You Identifies polymorphic attacks Discovers patient zero and zero +1 Analyzes threats retrospectively
  • 17.
    Layered Email andWeb Security Best Defense for Complex Threats Come by the Email and Web Security Booth and Learn More
  • 18.

Editor's Notes

  • #3 T: There are new challenges during every stage of an attack.
  • #5 Cisco Web security provides protection across the attack continuum. We start with Web Reputation, Usage and application controls During an attack your protected with : Malware Signature File reputation And file sandboxing for dynamic analysis And after an attack with continuous retrospection – the ability to identify malicious malware that crossed the wire undetected – using file retrospection, threat analytics and actionable reporting capabilities.
  • #6 If it was your house that was going to be broken into, certainly. The same should be true for your system, after all both represent your personal information, property and safety. Allow me to present a use case. Let’s consider an email based spear phishing attack and how it would unfold across the attack continuum. The target will be Joe. He’s a CFO on his way home to enjoy some vacation time. Joe’s going to receive an email from what looks like a trusted site. In reality, the email is a targeted attack and contains a compromised link. We’ll look at two versions of this case: one in which Joe is unprotected, and one in which Joe is protected by Cisco security products. T: First, let’s look a scenario where Joe is not protected.
  • #7 Meet Joe CFO. He’s sitting in the airport waiting to head home. He’s excited to go back for a well deserved vacation. T: He’s using the public airport Wi-Fi to check his email
  • #8 Joe just received an email from what appears to be his vacation resort. It is asking him to verify his information – a credit card number, dinner reservations, or any number of things. It wants him to verify by clicking on an embedded URL link. T: Joe is drawn to the link.
  • #9 Everything seems fine. There is a factor of trust, since Joe is going on vacation and the email is from a vacation resort. The email may even be from a trusted site that has been compromised. T: Joe clicks on the link.
  • #10 A resort video plays. Although he doesn’t know it, Joe has been taken to a website with a flash-based video exploit and it has downloaded malware onto his machine. The malware begins to harvest his information. Joe’s passwords, credentials, and company access authorizations have all been compromised. He has unknowingly given hackers the ability to steal sensitive company and customer information. T: Enjoy your vacation Joe.
  • #11 As a company CFO, Joe is an attractive target. In order to secure his and his company’s information, Joe needs the best possible protection. In a moment we’ll explore the second version of the case. This time, Joe will have Cisco’s Talos and layered defense products to protect him, his company’s information, and his job. T: Before that, allow me to briefly expand on Cisco’s Talos.
  • #12 Meet Joe again. He’s using the public airport Wi-Fi to check his email. He is accessing his corporate network via an encrypted VPN from Cisco. His mobile devices are being managed through Cisco’s Identity Services Engine. Cloud security and split tunneling are implemented for further protection, and Talos inoculates his device against malware. Lastly our indexing can us to track patterns of behavior and analyze it for harmful patters. So that we can identify complex attacks even if they are made up of seemingly benign actions. T: Before an attack even happens, Joe is actively being defended.
  • #13 He receives an email from what appears to be his vacation resort. As Joe opens the email, Cisco’s email security appliance and Talos spring into action. They provide an email credit check, conduct a 200 point inspection, rewrite or redirect URLs and enforce corporate security policy. It seems that the resort staff are asking Joe to verify his information by clicking on a hyperlinked web address. T: Joe is drawn to the link while Cisco continues to protect him.
  • #14 Everything seems fine. The email address is legitimate and the site it links to appears to be legitimate as well. Joe clicks on the link while his defenses take action. Cisco’s security products activate embedded protection and conduct a 200 point website “credit check.” They deploy malware protection, control social media micro-app policy and trace phone home traffic. T: Joe’s browser opens the web page.
  • #15 A resort video plays. Though he doesn’t know it, Joe has been taken to a malicious website that begins to download files onto his machine. But this time, Joe is protected. Cisco security products register the downloaded files and evaluate their reputations. They isolate unknown and suspicious files through sandboxing and update the Talos database in order to inoculate against further attacks. T: Joe can now enjoy his vacation without the worry of a security threat.
  • #16 T: Joe returns home with his devices and data secure.
  • #17 Now let’s say that a file appears to be legitimate. It passes through Joe’s defenses and is loaded onto his device. Three days later a timer goes off, and the file begins to behave maliciously. Joe is now the target of a polymorphic attack. Thankfully for Joe, Cisco security products analyze threats retrospectively. They identify the polymorphic attack, discover patient zero and trace the file’s trajectory to discover if anyone else has been attacked. All discoveries are cataloged and added to the Talos database to inoculate even further. T: With Cisco security, the damages can be traced, scoped and remediated.