visibility and retrospective security-before during and after an attack
TRANSCRIPT
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 1© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 1
Intelligent Cybersecurityfor the Real World
11 Marzo 2015
Stefano Volpi, GSSO Cisco
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
FY15 Business Vision and Strategy: Security
28th Jan, Miln, IoE Forum, David Bevilacqua “42% of CIO consider Security as the first topic in relation to IoE”
Vision :
Security as a
Business
Transformation
Driver
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
Cisco Confidential 3© 2013-2014 Cisco and/or its affiliates. All rights reserved.
In the news: Feb 2013 Today
Cisco Confidential 3©2014 Cisco and/or its affiliates. All rights reserved.
Global Security Sales Organization
5000+
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
The Industrialization of Hacking
20001990 1995 2005 2010 2015 2020
Viruses1990–2000
Worms2000–2005
Spyware and Rootkits2005–Today
APTs CyberwareToday +
Hacking Becomesan Industry
Sophisticated Attacks, Complex Landscape
Phishing, Low Sophistication
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
Any Device to Any Cloud
Private Cloud
Public Cloud
Public Cloud
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
Il 64% dei dipendenti ritiene che la propria azienda abbia attuato policy di sicurezza, l’11% che non le abbia attuate e il 25% non ne è a conoscenza
Il 56% dei dipendenti rispetta moderatamente le policy e una persona su 14 elude consapevolmente le policy di sicurezza IT aziendale
Il 29% dipendenti ritiene che la sicurezza IT stia soffocando l'innovazione e la collaborazione all’interno dell’azienda, rendendo più difficile fare il proprio loro lavoro
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
How Industrial Hackers Monetize the Opportunity
Social Security
$1
Medical
Record
>$50
DDOS
as a Service
~$7/hour
WELCOME TO THE HACKERS’ ECONOMY
DDoS
Credit
Card Data
$0.25-$60
Bank Account Info
>$1000depending on account
type and balance
$
Exploits
$1000-$300K
Facebook Account
$1 for an account
with 15 friends
Spam
$50/500K emails
Malware
Development
$2500(commercial malware)
Global
Cybercrime
Market:
$450B-$1T
Mobile Malware
$150
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
The Security Problem
Changing
Business Models
Dynamic
Threat Landscape
Complexity
and Fragmentation
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
The Threat-Centric Security Model
Attack Continuum
Network Endpoint Mobile Virtual Cloud
Point in Time Continuous
DiscoverEnforceHarden
DetectBlock
Defend
ScopeContain
Remediate
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
Strategic Imperatives
Network-Integrated,
Broad Sensor Base,
Context and Automation
Continuous Advanced Threat
Protection, Cloud-Based
Security Intelligence
Agile and Open Platforms,
Built for Scale, Consistent
Control, Management
EndpointNetwork Mobile Virtual Cloud
Visibility-Driven Threat-Focused Platform-Based
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
Increases Visibility Accelerates Detection Scales Enforcement
Synergies Through Integration
The Network and Security
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
Silos Create Security Gaps
W W W
Context-Aware
Functions
IPS Functions
Malware Functions
VPNFunctions
Traditional Firewall
Functions
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
Mapping Technologies to the Model
Security Services
Firewall
App Control
VPN
Patch Mgmt
Vuln Mgmt
IAM/NAC
IPS
Antivirus
Email/Web
IDS
FPC
Forensics
AMD
Log Mgmt
SIEM
Attack Continuum
DiscoverEnforceHarden
DetectBlock
Defend
ScopeContain
Remediate
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
Comprehensive Security Product Portfolio
IPS & NGIPS
• Cisco IPS 4300 Series
• Cisco ASA 5500-X Series integrated IPS
• FirePOWER NGIPS
• FirePOWER NGIPS w/ Application Control
• FirePOWER Virtual NGIPS
NAC +Identity Services
• Cisco Identity Services Engine (ISE)
• Cisco Access Control Server (ACS)
Email Security
• Cisco Email Security Appliance (ESA)
• Cisco Virtual Email Security Appliance (vESA)
• Cisco Cloud Email Security
Web Security
• Cisco Web Security Appliance (WSA)
• Cisco Virtual Web Security Appliance (vWSA)
• Cisco Cloud Web Security
UTM
• Meraki MX
Advanced Malware Protection
• AMP for Networks
• AMP for Endpoints
• AMP for Private Cloud / Virtual Appliance
VPN
• Cisco AnyConnect VPN
Firewall & NGFW
• Cisco ASA 5500-X Series
• Cisco ASA 5500-X w/ NGFW
license
• Cisco ASA 5585-X w/ NGFW
blade
• Cisco ASA with FirePOWERServices
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
Only Cisco Delivers
Consistent Control
ReducedComplexity
Consistent Policies
Across the
Network and
Data Center
Fits and Adapts
to Changing
Business Models
Global Intelligence
With the Right
Context
Detects and Stops
Advanced Threats
Advanced Threat Protection
UnmatchedVisibility
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
Advisory Integration Managed
Custom Threat
Intelligence
Technical Security
Assessments
Integration
Services
Security Optimization
Services
Managed Threat
Defense
Remote Managed
Services
Security Services
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
GRAZIE!
Focus Group 2 - 14.45 - 15.45
Security intelligence: come contrastare le minacce di nuova generazione
impiegando i Big Data e la Real-time Analytics
Chaired by: Giancarlo Vercellino, (IDC Italia) Stefano Volpi (Cisco Italia), Marco Mazzoleni (Cisco Italia)