©2014 Check Point Software Technologies Ltd. 2014 Security Report “Critical Security Trends and What You Need to Know Today” Nick Hampson Security Engineering.

Slides:

Advertisements

Similar presentations

Palo Alto Networks Threat Prevention. Palo Alto Networks at a Glance Corporate Highlights Founded in 2005; First Customer Shipment in 2007 Safely Enabling.

Advertisements

Taking Control of Cloud Security Travis Abrams. Consulting and Professional Services Health checks Deployment services Strategic Partner VAR Board Leadership.

Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.

IBM Security Network Protection (XGS)

© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.

1 Cost-Effective Strategies for Countering Security Threats: IPSEC, SSLi and DDoS Mitigation Bruce Hembree, Senior Systems Engineer A10 Networks.

1 1©2010 Check Point Software Technologies Ltd. | [Restricted] ONLY for designated groups and individuals |

IT-security in the Ubiquitous Computing World Chris Kuo, CISSP, CISA Acer eDC (e-Enabling Data Center) Acer Inc. 2007/3/27.

©2015 Check Point Software Technologies Ltd. 1 [Restricted] ONLY for designated groups and individuals Preventing the next breach or discovering the one.

Director of Research, SANS Institute

1 All Your iFRAMEs Point to Us Mike Burry. 2 Drive-by downloads Malicious code (typically Javascript) Downloaded without user interaction (automatic),

1 Panda Malware Radar Discovering hidden threats Channel Presentation Name Date.

©2015 Check Point Software Technologies Ltd. 1 Rich Comber SME, Threat Prevention Check Point Software Technologies Moving to a Prevent Based Security.

 Two types of malware propagating through social networks, Cross Site Scripting (XSS) and Koobface worm.  How these two types of malware are propagated.

A virus is software that spreads from program to program, or from disk to disk, and uses each infected program or disk to make copies of itself. Basically.

Sophos Live Protection. Agenda 1.Before and After Scenarios 2.Minimum Required Capabilities 3.How we do it 4.How we do it better.

The Changing World of Endpoint Protection

© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Integration Framework: QRadar 7.2 MR1.

Synchronized Security Revolutionizing Advanced Threat Protection

Sky Advanced Threat Prevention

BUFFERZONE Advanced Endpoint Security Data Connectors-Charlotte January 2016 Company Confidential.

NETWORK SECURITY Definitions and Preventions Toby Wilson.

LIVE TALK - Security Speed Pitch di Luigi Tamburini, Product Management Team Leader Auditorium Gruppo 24 ORE Milano – 11 febbraio 2016.

Antivirus Software Troy Behmer. Outline Topics covered: – What is Antivirus software (AVS)? – What are the advantages and disadvantages of AVS? – What.

©2016 Check Point Software Technologies Ltd. 1 Latest threats…. Rolando Panez | Security Engineer RANSOMWARE.

©2015 Check Point Software Technologies Ltd. 1 Website Watering Holes Endpoints are at risk in numerous ways, especially when social engineering is applied.

©2015 Check Point Software Technologies Ltd. 1 [Restricted] ONLY for designated groups and individuals CHECK POINT MOBILE THREAT PREVENTION.

©2012 Check Point Software Technologies Ltd. | [Confidential] For Check Point users and approved third parties Check Point & Security Market June 2013.

Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models.

Blue Coat Confidential Web and Mobile Application Controls Timothy Chiu Director of Product Marketing, Security July 2012.

Internet security for the home Paul Norton MEng(Hons) MIEE Electronic engineer working for Pascall Electronics Ltd. on the Isle of Wight A talk on Internet.

Palo Alto Networks - Next Generation Security Platform

Final Project: Advanced Security Blade IPS and DLP blades.

Web security | data security | security © 2010 Websense, Inc. All rights reserved. Strategy for Defense Against Web-based Advanced Persistent Threats.

Blue Coat Cloud Continuum

Trend Micro Security Protections at Live Nation: Fixing What Keeps Us Up At Night James Patterson Wicks – June 2016.

Tripwire Threat Intelligence Integrations. 2 Threat Landscape by the Numbers Over 390K malicious programs are found every day AV-Test.org On day 0, only.

White Paper: Enterprise Encryption and Key Management Strategy 1 Vormetric Contact: Name: Tina Stewart (send traffic.

Understanding and breaking the cyber kill chain

Computer safety Filip Hruby.

Protect your Digital Enterprise

Chapter 40 Internet Security.

Advanced Endpoint Security Data Connectors-Charlotte January 2016

Sophos Intercept X Matt Cooke – Senior Product Marketing Manager.

BUILD SECURE PRODUCTS AND SERVICES

Tom Hartig Check Point Software Technologies August 13th, 2015

Exchange Online Advanced Threat Protection

Centralized Security Event Management

Sophos Intercept Next-Gen Endpoint Protection

Today’s cyber security landscape

[Internal Use] for Check Point employees

Critical Security Controls

Defeat Tomorrow’s Threats Today

Active Cyber Security, OnDemand

Sophos Intercept Next-Gen Endpoint Protection

Complete Cloud Security

Jon Peppler, Menlo Security Channels

Exchange Online Advanced Threat Protection

Prevent Costly Data Leaks from Microsoft Office 365

11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Check Point Connectra NGX R60

Brandon Traffanstedt Systems Engineer - Southeast

The Next Generation Cyber Security in the 4th Industrial Revolution

Information Security Awareness

Chapter 4: Protecting the Organization

Strategic threat assessment

Counter APT Counter APT HUNT operations combine best of breed endpoint detection response technology with an experienced cadre of cybersecurity experts.

Digitization complicates visibility Market demands have taken the network beyond your perimeter Threats are more numerous and complex Threats are using.

AIR-T11 What We’ve Learned Building a Cyber Security Operation Center: du Case Study Tamer El Refaey Senior Director, Security Monitoring and Operations.

Presentation transcript:

©2014 Check Point Software Technologies Ltd Security Report “Critical Security Trends and What You Need to Know Today” Nick Hampson Security Engineering Director

2©2014 Check Point Software Technologies Ltd. Gateway event data from 9,240 organizations Meta-analysis of malware, application and DLP data from almost 1,000 organizations Data collected over the course of 2013 About the 2014 Security Report

3©2014 Check Point Software Technologies Ltd. Key Findings of Check Point 2014 Security Report Use of unknown malware exploded in Malware exposure and infections increased 2 High-risk applications expanded in the enterprise 3 Data loss events grew across industries and data types 4

4©2014 Check Point Software Technologies Ltd. 0/46 AV vendors who detected HIMAN when it was caught by Threat Emulation* * Source:

5©2014 Check Point Software Technologies Ltd. HIMAN: The Problem for Antivirus Infection MS Word exploit 2-stage dropper No AV detection DLL injection C&C Connection Brute force internal proxy Reverse proxy for C&C Exfiltration Collect system and network info AES encryption Outbound obfuscation Process takes minutes

6©2014 Check Point Software Technologies Ltd. 53 UNKNOWN MALWARE files pass an organization’s gateway EVERY DAY

7©2014 Check Point Software Technologies Ltd. of malware engines detected unknown malware when it was first caught in the wild for a majority of anti-malware engines to detect unknown malware after it is first caught in the wild New Unknown Malware Is Often Effective for Days 2-3 days <10%

8©2014 Check Point Software Technologies Ltd. 84% OF ORGANIZATIONS DOWNLOADED A MALICIOUS FILE

9©2014 Check Point Software Technologies Ltd. A host accesses a malicious Web site every minute –In 2012, the rate was one host every 23 minutes Malware Exposure and Infections Increased in 2013 A host downloads malware every 10 minutes –58% of organizations experienced a user downloading malware every 2 hours or less 49% of organizations have 7 or more bot-infected hosts Every 3 minutes a bot is attempting to communicate with its C&C server

10©2014 Check Point Software Technologies Ltd. Bigger and More Entrenched Bot Infestations in 2013 MORE THAN 4 WEEKS LESS THAN 4 WEEKS

11©2014 Check Point Software Technologies Ltd. High-Risk Applications Continued to Spread 96% of organizations have at least one high-risk application

12©2014 Check Point Software Technologies Ltd. Top High-Risk Applications in 2013

13©2014 Check Point Software Technologies Ltd. Every Hour, at the Average Organization Hosts access malicious web sites EVERY MINUTE A bot communicates with its C&C server every 3 minutes A high-risk application is used every 9 minutes Known malware is downloaded every 10 minutes Unknown malware is downloaded every 27 minutes Sensitive data is sent outside the organization every 49 minutes ONE HOUR

14©2014 Check Point Software Technologies Ltd. Since the Start of This Talk… At a single organization 12 hosts accessed a malicious Web site Every bot communicated with its C&C server 4 times Someone used a high-risk application At least one host downloaded a known malware And in the next 24 hours 27 unknown malware files will be downloaded 1 more host will be infected by a bot

15©2014 Check Point Software Technologies Ltd. What Do You Need in 2014? Recommendations Use of unknown malware exploded in 2013 Integrated malware sandboxing is a must-have 1 Malware exposure and infections increased Anti-bot and antivirus must have, global intelligence 2 High-risk applications expanded in the enterprise Policy-driven application control must be integrated 3 Data loss events grew across industries and data types Data loss prevention must expand across the network 4

16©2014 Check Point Software Technologies Ltd. A free onsite network assessment that will give you visibility into your network, uncovering incidents and risks. Within as little as one hour, we can provide a comprehensive report that identifies: › Your current security status › Active risks or security issues in your organization › Suspicious activity or source of data leaks › Recommendations on how to eliminate threats and resolve your security issues Take Action to Protect Your Organization in 2014

©2014 Check Point Software Technologies Ltd. THANK YOU