idc security roadshow may2015 adrian aron

© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1

CyberSecurity today

Adrian AronSecurity Sales

Cisco Systems Romania

© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2

Behind the Headlines

Security Breach in Federal Banking Networks Major Retailer Credit Card Server Hacked



Industrialization of Hacking There is a multi-billion dollar global industry targeting your prized assets

$450 Billionto

$1 TrillionSocial

Security$1

MobileMalware

$150

$Bank

Account Info>$1000 depending

on account type and balance

FacebookAccounts$1 for an

account with 15 friends

Credit CardData

$0.25-$60

MalwareDevelopment

$2500(commercial

malware)

DDoS

DDoS asA Service~$7/hour

Spam$50/500K

emails MedicalRecords

>$50

Exploits$1000-$300K


© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4

IT Sprawl

$

3.355%

MobileDevices Per Knowledge Worker*

IP Traffic Mobile by 2017**

* Cisco IBSG, ** Cisco 2013 VNI, *** IDC

545

44%

CloudCloud AppsPer Organization*

Annual Cloud Workload Growth***

* Skyhigh Networks Industry Report, ** Cisco Global Cloud Index, *** Cisco VNI Global Mobile Data Traffic Forecast,

Growth in M2M IP Traffic 2013–18**

50B Connected “Smart Objects” by 2020*

36X* Cisco IBSG, ** Cisco VNI: Global Mobile Data Traffic Forecast 2013-2018

IoE


Strategic Imperatives

Network-Integrated,Broad Sensor Base,

Context and Automation

Continuous Advanced Threat Protection, Cloud-

Based Security Intelligence

Agile and Open Platforms,Built for Scale, Consistent

Control, Management

EndpointNetwork Mobile Virtual Cloud

Visibility-Driven Threat-Focused Platform-Based


Infrastructure as a sensor, selfdefending, selfhealing architecture

Advanced Malware protection everywhere !

Big Data analytics and forensics with Open SoC

How Cisco is protecting



A Company with a Digital OverlayThe security architecture impact

Geo distributedfirewall clusters

Switching

Wired & WiFi

Routing SecureDatacenter

interconnect

DynamicMultipoint

Corelated

Full sample Netflow

MDM enforcedCloud security

Unified Accessfor Unified Security Policy

IPv6 complete security

Hardened 802.1x

MacSEC

REMOTE

BRANCHES

DATACENTER

PARTNERS

REMOTESECURE

SECURE vDC

PARTNERSTRUSTED

Intelligent sensors

VPN

Physical access

BYoD

Cisco architecture for security

Cloud, On-premises,Collective & Collaborative

PxGridREST identity

BRANCHESCONTAINED

TrustSEC with


Security capable infrastructure

Attack Continuum

DiscoverEnforceHarden

DetectBlock

Defend

ScopeContain

Remediate

Firewall

NGFW

NAC + Identity Services

VPN

UTM

NGIPS

Web Security

Email Security

Advanced Malware Protection

Network Behavior Analysis

Malware Sandboxing


Advanced Malware protection everywhere !




Continuous Protection when advanced malware evades point-in-time detection

Antivirus

SandboxingInitial Disposition = Clean

Point-in-time Detection

Initial Disposition = Clean

AMP

Actual Disposition = Bad = Too Late!!

Not 100%Analysis Stops

Sleep Techniques

Unknown Protocols

Encryption

Polymorphism

Actual Disposition = Bad = Blocked

Retrospective Detection,Analysis Continues


AMP, the secret sauce

Collective Security Intelligence

SPEROUses AI methods for real-time

discovery of malware based on environment and behavior. Uses

periodic review of Big Data store to implement retrospection

ONE-TO-ONECatches “well known”

malware through use of primary SHA match.

Equivalent to a signature-based system.

ETHOSCatches families of malware

through use of “fuzzy hashes” embedded in the Feature Print. Counters malware evasion by

“bit-twiddling”.

ADVANCED ANALYTICSIntegrates heuristics from the

malware environment, the Big Data store, ETHOS and SPERO to clarify

the outcome of a marginal conviction


AMP Everywhere Strategy Means Protection Across the Extended Network

MAC

AMP for Networks

PC

AMP for Cloud Web Security

& Hosted Email

CWS

Virtual

AMP on Web & Email Security Appliances

Mobile

AMP on ASA Firewall with FirePOWER

Services

AMP for Endpoints

AMP Private Cloud Virtual Appliance

AMP Threat GridDynamic Malware Analysis +

Threat Intelligence Engine


Big Data analytics and forensics with Open SoC




AMP Everywhere, down to the smallest scale


Why Cisco ?

1.6 Million sensors globally

100 TB data received every day

150+ Million IP terminals

600 engineers, tehnicians and security researchers

35% world wide emails inspected

6+ Mld $ invested in research and development

TALOS – Global Operation center for CyberSecurity

10 Million files inspected everyday

Email PCsMACs

Web Networks IPS mobile

WWW

Arhitecture

Solutions

IT building blocks

Rezults

Network Data Center Colaboration Security

13 Mld web request inspected

24x7x365 operations

4.3 Mld web attacks blocked / day

40+ programming languages

1.1 Million malware samples analysed / day

Advanced Malware Protection and Snort Community (AMP)

Intelligent infrastructure

Secure infrastructure &Continuous defence

Intelligent cities

Conformity & Security

Business operations

Education and Health

ProductionPublic

Administration


Thank You

idc security roadshow may2015 adrian aron

Engineering

cisco andor

cisco ibsg

cisco confidential2

cisco confidential3

cisco confidential4it

cisco global cloud index

cyber security

social security