1. security fabric
Today’s world demands security without compromise.

2. Brain tease…. Just simply read the following paragraph:
" Olny srmat poelpe can raed tihs.
I cdnuolt blveiee taht I cluod aulaclty uesdnatnrd waht I was rdanieg.
The phaonmneal pweor of the hmuan mnid, aoccdrnig to a rscheearch at Cmabrigde Uinervtisy, it deosn't mttaer in waht oredr the ltteers in a wrod are, the olny iprmoatnt tihng is taht the frist and lsat ltteer be in the rghit pclae.
The rset can be a taotl mses and you can sitll raed it wouthit a porbelm.
Tihs is bcuseae the huamn mnid deos not raed ervey lteter by istlef, but the wrod as a wlohe.
Amzanig huh? Yaeh and I awlyas tghuhot slpeling was ipmorantt! if you can raed tihs psas it on !! "

3. Read this…..
After reading the the sentence. You are now, aware that the the human brain often does not inform you that the the word “the” has been repeated twice every time.

4. Trend: Device Growth Continues More devices and newer device types are entering the network
33 Billion endpoints projected to be connected by 2020 – Gartner
New device types entering the network
‘headless’ IoT, wireless sensor nodes, beacons, wearables
In total, Gartner arrives at 33 billion objects connected to the Internet by 2020.
Others predict similar figures.

6. Did you know….. 40% of the clients had sustained at least 6 attacks
In recent months, a proliferation of ransomware attacks has affected everyone from personal-computer and smart phone owners to hospitals and police departments.
According to an FBI tally, ransomware attacks cost their victims a total of $209 million in the first 3 months of However that figure was based only on the complaints that victims reported to the bureau.
An hour of inactivity costs small companies an average of $8581 per hour
At least 2 days of downtime

7. 2016, sets new records, again…..
There were 4,149 breaches reported during 2016 exposing over 4.2 billion records – approximately 3.2 billion more records than the previous all time high exposed in 2013
• Top 10 breaches (9 Hacks1 and 1 Web) exposed a combined 3 billion records.
• The Business sector accounted for 51% of reported breaches, followed by Unknown (23.4%), Government (11.7%), Medical (9.2%), and Education (4.7%)..
• Breaches involving U.S. entities accounted for 47.5% of the breaches and 68.2% of the exposed records.
• 37.2% of the breaches exposed between one and 1000 records, 50.4% of breaches exposed between one and 10,000 records.
• Six (6) 2016 breaches have taken their place on the Top 10 List of All Time Largest Breaches. .
• The number of reported breaches tracked by Risk Based Security has exceeded 23,700, exposing
over 9.2 billion records.

8. 2016 Incidents by Data Type

9. 2016 Analysis of US State Rankings

10. Top Ransomware 2017 Ransomware increased >150 times in past 3 years
Locky is by far the most active ransomware
Most common attack vectors – Adobe, MSOffice, Web sites, and now Worm-like behaviour

11. 79,790 79,790 229 229 70-90 70-90% DID YOU KNOW… Gartner:
Number of incidents investigated by Verizon in 2015
229
229
Average number of days attackers were on a network before detection
70-90
70-90%
Percent of time unique malware was found
79,790- what do you think this number is? It is the number of security incidents investigated by Verizon in 2015.
How about 229? It is the number of days Verizon found attackers were on a network before being detected?
70-90%? The % of time Verizon found that the malware related to a security incident was unique/previously unknown.
In light of these stats, it’s no wonder that Gartner recommends that all organizations assume they are compromised.
Gartner:
All organizations should assume they are in a state of continuous compromise

12. DID YOU KNOW… 205 Billion emails sent every day
39% of attachments contain malicious files
34% of links embedded in s are malicious
77% of all malware is installed via
Malware by file type: 52% are PDF, and 44% are EXE format

13. Fortinet Threat Landscape Report, Q2, 2017
Exploit Trends
Malware Trends
Botnet Trends

14. Who is attacked??? Anyone… Any vertical… Any market….
Accomodation and Food Services
Educational Services
Financial and Insurance
Healthcare
Information Technologies
Manufacturing
Public Adminstration
Retail

15. Eagerness. Distraction. Curiosity. Uncertainty
Eagerness. Distraction. Curiosity. Uncertainty. All drivers of human behavior
90% of incidents and breaches were the result of Phishing

16. Cyber Threats of Concern:

17. Top Security Challenges:

18. Organizational Barriers:

19. Security Business Impact:

20. Cyber Attack Recovery:

21. BlueBorne

24. RANSOMWARE

25. SecurityAffairs just published a new discovery that you need to know about.  A Brazilian Infosec research group, Morphus Labs, just discovered a new Full Disk Encryption (FDE) ransomware strain this week, dubbed “Mamba”, a snake with a paralyzing poison.
Mamba, just like Petya, uses a disk-level encryption strategy instead of the conventional file-based one.  Full-disk encryption seems to be a new ransomware trend. 
“You are Hacked”. This message is all that remains of the victims of this new ransomware. To get the decryption key, victims must contact somebody through the address given in the message, give their unique ID and pay 1 BTC (currently ~$600) per infected host. 

27. A ransomware attack that began in Europe on Friday is lingering – and hitting targets in Japan and China. The WannaCry software has locked thousands of computers in more than 150 countries. Users are confronted with a screen demanding a $300 payment to restore their files.
The cyberattack has hit more than 300,000 computers, White House security adviser Tom Bossert said at Monday’s midday White House briefing.

28. Spoofing….
Session Layer Spoofing
Message Layer Spoofing

29. SPOOFING
A lawsuit filed on Friday September 16, 2016 by Tillage Commodities Fund alleges that $6 billion SS&C Technologies Holdings, a financial services software firm, showed an egregious lack of diligence and care, when they fell for an scam that ultimately led to hackers in China looting $5.9 million. 

30. Count the F’s….
Finished files are the result of many years of scientific study combined with the years of experience…..
A. 3
B. 7
C. 6
Answer: 6

31. Amazing capabilities of our minds…

32. Phishing

33. Phishing Apple Store Phishing Attack Goes For Whole Enchilada
500 Million Hacked Yahoo Accounts Are A Phishing Paradise. Warn Your Users!
Did you know that 91% of successful data breaches started with a spear-phishing attack? The phish in question is a fairly straightforward credentials phish. It starts with this
Anyone half-awake should be asking questions based on just a cursory glance at this It purports to originate from an "IT Help Desk Alert" account, yet the listed address appears to be a personal address (and, from the headers we inspected, likely associated with a compromised account). - The message in the body is not only strangely terse but awkwardly lacking an indefinite article (should read: "You have a meeting notification."). - The message is signed simply "Ohio State University," with no other identifying information about the scheduling system that presumably generated this notification.

34. Massive phishing attack targets millions of Gmail users
So far in 2017, more than 200 US businesses have been hit by successful spear phishing attacks seeking Social Security numbers and payroll information.

35. Phishing…..

37. So….. Now What

38. Businesses Are Attempting A “Fabric”… BUT IT IS FLAWED
Cloud
NOC/SOC
Network
Client
Application
Access
Our customers are building a fabric on their own, whether they know it or not
“Another day, another breach…” => “Another breach, another device – yields complexity and hard to manage –
Endless cycle of “see a vulnerability, buy a solution to address it” – results in patchwork of capabilities that don’t talk to each other or coordinate any kind of policy or response
“Custom” fabrics don’t work – resource-intensive to manage, hard to keep up with evolving threatscape.
We can help them do it better – as a partner, lead with the business
We can add the solutions they don’t have
We can coexist with and knit what they already have together
Every org creating their own fabric – need awareness/visibility, buying best of breed products to solve that problem, then buy next solution, now have a ton of solutions that don’t integrate or talk to each other.
We did the fabric already for them – they don’t have to do it. We can coexist and knit what you already have together.
Partner API
Advanced Threat Intelligence

39. Threat Actors’ Game Plan: Fortinet Solutions
Get in
Web
End points
Web
FortiWeb
Mail
FortiMail
Endpoint
FortiClient
NGFW
FortiGate
Stay in
Lateral movement
Evasions
Behavior blending
ISFW
FortiGate
Sandbox
FortiSandbox
SIEM
FortiSIEM
Threat Intell
CTI/TIS-Spotlight
Get out
C2 drop zones
Behavior blending
Encryption
NGFW
FortiGate
SIEM
FortiSIEM
Threat Intell
CTI/TIS-Spotlight
CTAP
FortiGate/CTAP

40. FortiAnalyzer/FortiCloud
Indicators of Compromise (IoC)
FortiSIEM
Behavioral Detection
FortiSandbox
Zero Day Discovery
Malware Variants
FortiClient
Check/Patch for Vulnerability
Malware Scan
Network
FortiGate
IPS
App Ctrl
Malware Scan
Segmentation
Web Filtering
IP Botnet
FortiMail
Phishing Discovery
Malware Scan

43. Fortinet – Security Fabric
White board session

44. Your Company’s network
Routing
Internet
FortiGate
NGFW
Your Company’s network
SCRIPT:
Fortinet is the only company with security solutions for the data center, cloud, campus, branch, operations center and remote user access designed to work together as an integrated security fabric to provide true end-to-end protection.

45. Your Company’s network
Routing
Internet
Your Company’s network
SCRIPT:
Fortinet is the only company with security solutions for the data center, cloud, campus, branch, operations center and remote user access designed to work together as an integrated security fabric to provide true end-to-end protection.

46. Your Company’s network
Routing
FortiSandbox
Internet
Your Company’s network
SCRIPT:
Fortinet is the only company with security solutions for the data center, cloud, campus, branch, operations center and remote user access designed to work together as an integrated security fabric to provide true end-to-end protection.

47. Your Company’s network
Routing
Firewall
VPN
Application Control
IPS
Web Filtering
Anti-malware
WAN Acceleration
Data Leakage Protection
Wi-Fi Controller
Advanced Threat Protection
FortiSandbox
Internet
FortiGate
NGFW
Your Company’s network
SCRIPT:
Fortinet is the only company with security solutions for the data center, cloud, campus, branch, operations center and remote user access designed to work together as an integrated security fabric to provide true end-to-end protection.

48. Your Company’s network
Routing
FortiSandbox
Internet
FortiGate
NGFW
FortiMail Security
Your Company’s network
Server
SCRIPT:
Fortinet is the only company with security solutions for the data center, cloud, campus, branch, operations center and remote user access designed to work together as an integrated security fabric to provide true end-to-end protection.

49. Your Company’s network
Routing
FortiSandbox
Internet
FortiClient
FortiGate
NGFW
Your Company’s network
FortiMail Security
Server
SCRIPT:
Fortinet is the only company with security solutions for the data center, cloud, campus, branch, operations center and remote user access designed to work together as an integrated security fabric to provide true end-to-end protection.

50. Your Company’s network
Routing
FortiSandbox
Internet
FortiClient
FortiGate
NGFW
Web Servers
FortiClient
FortiMail Security
Server
SCRIPT:
Fortinet is the only company with security solutions for the data center, cloud, campus, branch, operations center and remote user access designed to work together as an integrated security fabric to provide true end-to-end protection.
Your Company’s network

51. Your Company’s network
Routing
Secure Access
Points
FortiSandbox
Internet
FortiClient
FortiGate
NGFW
FortiMail Security
Server
SCRIPT:
Fortinet is the only company with security solutions for the data center, cloud, campus, branch, operations center and remote user access designed to work together as an integrated security fabric to provide true end-to-end protection.
Web Servers
FortiWeb
Web Application
Firewall
Your Company’s network

52. Your Company’s network
Routing
Secure Access
Points
FortiSandbox
Internet
FortiClient
FortiSwitch
Switching
FortiGate
NGFW
FortiMail Security
Server
SCRIPT:
Fortinet is the only company with security solutions for the data center, cloud, campus, branch, operations center and remote user access designed to work together as an integrated security fabric to provide true end-to-end protection.
Web Servers
FortiWeb
Web Application
Firewall
Your Company’s network

53. Your Company’s network
Routing
Secure Access
Points
FortiSandbox
Internet
FortiClient
FortiGate
NGFW
FortiSwitch
Switching
SCRIPT:
Fortinet is the only company with security solutions for the data center, cloud, campus, branch, operations center and remote user access designed to work together as an integrated security fabric to provide true end-to-end protection.
FortiMail Security
Server
Web Servers
FortiWeb
Web Application
Firewall
Your Company’s network

54. Your Company’s network
Routing
FortiSandbox
Secure Access
Points
Internet
FortiClient
FortiGate
NGFW
FortiSwitch
Switching
FortiExtender
LTE Extension
FortiClient
FortiGate/FortiWiFi
Distributed Ent FW
Branch office
Internet
SCRIPT:
Fortinet is the only company with security solutions for the data center, cloud, campus, branch, operations center and remote user access designed to work together as an integrated security fabric to provide true end-to-end protection.
FortiMail Security
Server
Web Servers
FortiWeb
Web Application
Firewall
Your Company’s network

55. Your Company’s network
Routing
cloud
Cloud-IaaS
Secure Access
Points
FortiSandbox
Internet
FortiClient
FortiGate
NGFW
FortiSwitch
Switching
FortiExtender
LTE Extension
FortiClient
FortiGate/FortiWiFi
Distributed Ent FW
Branch office
Internet
SCRIPT:
Fortinet is the only company with security solutions for the data center, cloud, campus, branch, operations center and remote user access designed to work together as an integrated security fabric to provide true end-to-end protection.
FortiMail Security
Server
Web Servers
FortiWeb
Web Application
Firewall
Your Company’s network

56. Your Company’s network
Routing
cloud
Cloud-IaaS
Fortinet
Virtual Firewall
Secure Access
Points
FortiSandbox
Internet
FortiClient
FortiGate
NGFW
FortiSwitch
Switching
FortiExtender
LTE Extension
FortiClient
FortiGate/FortiWiFi
Distributed Ent FW
Branch office
Internet
SCRIPT:
Fortinet is the only company with security solutions for the data center, cloud, campus, branch, operations center and remote user access designed to work together as an integrated security fabric to provide true end-to-end protection.
FortiMail Security
Server
Web Servers
FortiWeb
Web Application
Firewall
Your Company’s network

57. Your Company’s network
Routing
cloud
Cloud-IaaS
Fortinet
Virtual Firewall
FortiCloud
Cloud-SaaS
FortiCloud Sandboxing
FortiCloud AP Management
Secure Access
Points
FortiSandbox
Internet
FortiClient
FortiGate
NGFW
FortiSwitch
Switching
FortiExtender
LTE Extension
FortiClient
FortiGate/FortiWiFi
Distributed Ent FW
Branch office
Internet
SCRIPT:
Fortinet is the only company with security solutions for the data center, cloud, campus, branch, operations center and remote user access designed to work together as an integrated security fabric to provide true end-to-end protection.
FortiMail Security
Server
Web Servers
FortiWeb
Web Application
Firewall
Your Company’s network

58. Your Company’s network
Routing
FortiAnalyzer
cloud
OPERATIONS CENTER
FortiCloud
Cloud-SaaS
FortiCloud Sandboxing
FortiCloud AP Management
FortiManager
FortiSIEM
Secure Access
Points
Cloud-IaaS
FortiSandbox
Fortinet
Virtual Firewall
Internet
FortiClient
OPEN
FortiGate
NGFW
FortiSwitch
Switching
FortiExtender
LTE Extension
FortiClient
Branch office
Internet
FortiGate/FortiWiFi
Distributed Ent FW
SCRIPT:
Fortinet is the only company with security solutions for the data center, cloud, campus, branch, operations center and remote user access designed to work together as an integrated security fabric to provide true end-to-end protection.
FortiMail Security
Server
Web Servers
FortiWeb
Web Application
Firewall
Your Company’s network