Www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Our Products Unified Threat Management SSL VPN Data.

1 www.cyberoam.com © Copyright 2011 Elitecore Technologie...
Author: Martin Phillips
0 downloads 10 Views

1 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Our Products Unified Threat Management SSL VPN Data Protection & Encryption Device Management Application Control Asset Management Cyberoam – Endpoint Data Protection AJAY NAWANI Presales Head – Global Operations Insider Threats – Its significance and how to identify them

2 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Agenda of Presentation  An overview of significant cyber security events  Insider Threats  Is your network security Future-ready?

3 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You An overview of significant cyber security events

4 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Stuxnet -Jan 2010: Targets industrial software and equipment  Hydraq Trojan -July 2010: Hackers made backdoor entry to corporate Intranets  Kama Sutra virus via downloadable ppt -Jan 2011: Downloaded presentation runs malware in the background  News events driving spam in corporate networks -Wikileaks, Osama Bin Laden death Major recent security incidents

5 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Key threat statistics  More than 300 million unique malicious programs in 2010  Mobile threat landscape comes into view -Public app stores leveraged for attacks  93% increase in web-based attacks -Attacks emerge using shortened URLs  14 NEW zero-day attacks per day -Including Hydraq, Stuxnet, Kama Sutra etc.  260,000 identities exposed per data breach -Hacking incidents drive identity theft in organizations

6 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Past -Lesser complex networks that were manageable -Fewer mediums of security vulnerability  External drives, Instant Messengers, Email etc. The evolution of the threat landscape

7 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Present -Complex networks -Rise in number of incidents due to  Wireless technologies  Handheld devices (like PDAs, iPads, cellphones)  Extending networks to partners, customers and more  HTTPS / SSL websites  Social media & Web 2.0 -Future: The threats would grow more serious  Cloud-residing data  Heterogenous networks (HetNets) The evolution of the threat landscape

8 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Insider Threats

9 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You How vulnerable is my organization to insider threats? 93% employees had betrayed the organization to directly benefit competition (SOURCE – KPMG Data Loss Baramoter, 2009)

10 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Greater fluidity of network parameter  Employee access to business-critical applications, Web 2.0, social media  Traditional security’s inability to identify human role -Victim - User ignorance, surfing patterns, trust, lack of awareness, lax security policy -Attacker - Malicious intent, vengeance, greed Why are insider attacks succeeding?

11 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You ? 192.168.3.105 Inside-out Threat Scenarios Internet Administrator Corporate LAN 192.168.3.120192.168.3.108192.168.3.1192.168.3.108192.168.3.120  In an inside-out threat scenario, user activities remain untraced  Multiple users on same machine can share a common IP address  “Human Identity” behind the IP address is a Question Mark

12 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Social Media: An increasing risk  Individual tidbits of information lying across Twitter, Facebook, LinkedIn etc. when seen together, constitute insider threats -The DNA of the entire organization can be decoded  INTANGIBLES -Core values, hierarchy, communication patterns, industry environment, employee morale  TANGIBLES -Intellectual property, financial information, trade secrets  What we did at Cyberoam -Monitored 20 companies with active social media presence

13 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Key demographics and distribution

14 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You More details about Cyberoam research… Pick an organization X Identify as many employees as possible from X’s Linkedin profile Go through the Twitter and Facebook profile of employees Monitor the information feed from these sources Identify the structure and hierarchy Sketch decision- makers and key employee motivators Chart the organization X’s DNA

15 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Singapore-based multimedia company  Reason for selection? -Asian corporation with impressive clients list  Employees monitored -Sales director, department head, designers  Methods used -Private tweets of all mentioned individuals Example 1: Company A

16 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Social media profile – Company A Employees not getting salary Cashflow problems in organization Bounced salary checks   Employees looking for new jobs 

17 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Security Executives are in a Middle of a Complex System

18 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Is your network security Future-ready?

19 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Need of ‘Layer 8 Technology’ – Building Security around the User Need of ‘Layer 8 Technology’ – Building Security around the User

20 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Expectation from Layer 8 technology:

21 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You 192.168.3.110 Mona 192.168.3.110 Shiv Internet 192.168.3.110 192.168.3.105 Corporate LAN Administrator What Layer 8 does? Provides Identity-based security  Applies security policies based on actual identity of users.  User-specific rules for multiple users to share a common IP address

22 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Fighting Terrorism through Identity Location – Ahmedabad, India Date: 26 th July 2008 Attack Type: 21 serial bomb blasts –Cyberoam – Identity based management solved the case and culprit was arrested.

23 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Measure User Threat Quotient (UTQ)  Help build patterns of activity profiles  Layer 8 security -Identity-based approach to control -Who is doing what? -Who can connect using which device? -What is being accessed over the network and by whom? -Who are the likely targets?  Securely extends network to customers, partners, remote workers  Role based access to resources and social media Solution that can help mitigate insider threats

24 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Applications and More Applications. Am I in control?  Who decides which applications are important to business and run on network ?

25 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You CRM ERP Sales force You Tube IM Application Web mail Casual Traffic A crowd of applications – how will you prioritize?

26 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Know and classify applications trying to enter the network -Business critical -Socio-business -Non critical -Undesirable  Allows control over -Who (user) -When (Time) -What (Application) -How (Bandwidth)  Essential for Cloud Computing  Assures availability of business-critical applications  Controls bandwidth costs Need of Application Visibility & Control

27 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Is my existing network security setup rigid and hard-coded?  Can the architecture grow to accommodate future threats? Threat environment is dynamic. Can I keep up with it?

28 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Anti virus AS IM control Intrusion Prevention Next Gen GUI L7 Firewall Future-ready security with Extensible Security Architecture

29 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Extensibility Security Architecture (ESA): -Ability to accommodate additional features and capabilities -Protecting investment: No need to invest in new expensive hardware or additional rackspace  Multicore-aware software architecture: -Parallelism – sharing computing load on multiple processors -Quickly deliver new patches and policies online Overcoming latest & unknown threats

30 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Regulatory compliance is becoming increasingly mandatory for organizations in all verticals  Why?  Organizations must follow best practices laid down by industry Does your appliance meet compliance challenges?

31 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Regulatory compliance is becoming increasingly mandatory for organizations in all verticals -Why?  Organizations must follow best practices laid down by industry -Challenges to be addressed by security solution  Complicated documentation processes  Identifying users and their online behavior  Painful audit process Solution which facilitates security compliance H I P A A CI P A

32 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Am I spending lesser and smarter?  How many security products I have to manage? -Firewall, Routers -Content filters, Bandwidth Managers -Multiple Link Managers, VPN …and more  Does my Total Cost of Security Operations increase with multiple solutions? -How much am I spending on licensing and subscription costs? -Do I spend lot of time configuring and managing my network security solution? How effectively are you spending?

33 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Reduced complexity: -Single security solution, single vendor and single AMC -No need for multiple software applications to be installed or maintained  Troubleshooting ease: Single point of contact with 24X7 support  Reduced technical training requirements: one product to learn  Easy management: Simple is always more secure; Web-based GUI; saves time  Future-ready: Preparing against HTTPS/SSL attacks, Cloud-based attacks Solution that helps you spend smartly on security

34 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Q&A If any??

35 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Thank you!