Gelişmiş Tehdit Korumasının İnkar Edilemez 4 Gerçeği Engin Özbay IBM Security Ülke Lideri, Türkiye enginoz@tr.ibm.com
More companies are revealing massive breaches Security has never been more critical, with increasing numbers of companies revealing massive breaches of their computer systems. How serious is the problem? The annual global cost of cybercrime is estimated to be more than USD400 billion—equaling the gross national income of many countries.1 The soaring number of breaches has created a new security reality, with more risk and greater damage inflicted. To measure the damage, Ponemon Institute has been doing benchmark research for years on the cost of a data breach, the most common type of incident. In the 2015 report, the global average for the total cost of a data breach was found to be USD3.79 million, a 23 percent increase since 2013.2 Estimated annual global cost of cybercrime: over USD400 billion1 Global average cost of a data breach: USD3.79 million—a 23 percent increase since 20132
Is your security team prepared? Broad Attacks Targeted Attacks Indiscriminate malware, spam and DoS activity Advanced, persistent, organized, politically or financially motivated Tactical Approach Compliance-driven, reactionary Strategic Approach Intelligence-driven, continuous Build multiple perimeters Protect all systems Use signature-based methods Periodically scan for known threats Read the latest news Shut down systems Assume constant compromise Prioritize high-risk assets Use behavioral-based methods Continuously monitor activity Consume real-time threat feeds Gather, preserve, retrace evidence New threats require a new approach to security, but most are defending against yesterday’s attacks, using siloed, discrete defenses
The Dyre Wolf campaign is run by a ring of unusually well-funded, experienced and intelligent people Source: IBM MSS, “Inside the Dyre Wolf malware campaign“
Four truths about advanced threat protection Despite increasing challenges, organizations can protect themselves by adopting the right strategy Four truths about advanced threat protection 1 Prevention is mandatory Traditional methods of prevention have often failed, leaving many to believe detection is the only way forward. This is a dangerous proposition. 2 Security Intelligence is the underpinning Specialized knowledge in one domain is not enough. It takes enterprise-wide visibility and maximum use of data to stop today’s threats. 3 Integration enables protection The best defense is relentless improvement. Technologies must seamlessly integrate with processes and people across the entire lifecycle of attacks. 4 Openness must be embraced Security teams need the ability to share context and invoke actions between communities of interest and numerous new and existing security investments.
A dynamic, integrated system to help stop advanced threats The IBM Threat Protection System Break-in 1 Latch-on 2 Expand 3 Gather 4 Exfiltrate 5 Attack Chain
Renaissance Istanbul Polat Bosphorus Hotel Barbaros IBM X-Force Security Roadshow, Istanbul - 2 December 2015 Renaissance Istanbul Polat Bosphorus Hotel Barbaros A Walk On The Wild Side: Real stories from real security incidents, security testing, and things that go bump in the net. Dark Web, Dark Net: How Much Do We Know? When sacked employees hit back. TOR - but there's not just TOR! Ransomware, holding 500,000 key business files to ransom. Pay up or? How we phished a bank account containing in excess of 10M USD. You are invited !!!