Download presentation
Presentation is loading. Please wait.
Published byLorraine Robertson Modified over 9 years ago
1
© 2015 Cisco and/or its affiliates. All rights reserved. 1 The Importance of Threat-Centric Security William Young Security Solutions Architect It’s Our Time
2
© 2015 Cisco and/or its affiliates. All rights reserved. 2 Security Perspective
3
© 2015 Cisco and/or its affiliates. All rights reserved. 3 The Problem is Threats
4
© 2015 Cisco and/or its affiliates. All rights reserved. 4 Today’s Advanced Malware is Not Just a Single Entity 100% of companies connect to domains that host malicious files or services 54% of breaches remain undiscovered for months 60% of data is stolen in hours avoids detection and attacks swiftly It is a Community that hides in plain sight 100 percent of companies surveyed by Cisco have connections to domains that are known to host malicious files or services. (2014 CASR)
5
© 2015 Cisco and/or its affiliates. All rights reserved. 5 YEARS MONTHS Impact of a Breach HOURS Breach occurs 60% data in breaches is stolen in hours 54% of breaches remain undiscovered for months Information of up to 750 million individuals on the black market over last three years START Source: Verizon Data Breach Report 2014 Source: Verizon Data Breach Report 2012
6
© 2015 Cisco and/or its affiliates. All rights reserved. 6 Breach/Detection Time Delta is Not Improving Source: Verizon 2014 Data Breach Investigations Report Time to compromise Time to discovery 25% 50% 75% 100% 2004200520062007 2008 2009 2010 2011 20122013 Percent of beaches where time to compromise (orange)/time to discovery (blue) was days or less
7
© 2015 Cisco and/or its affiliates. All rights reserved. 7 If you knew you were going to be compromised, would you do security differently?
8
© 2015 Cisco and/or its affiliates. All rights reserved. 8 A Threat-Centric Approach ATTACK CONTINUUM Discover Enforce Harden Detect Block Defend Scope Contain Remediate Visibility and Context Firewall App Control VPN Patch Mgmt Vuln Mgmt IAM/NAC IPS Antivirus Email/Web IDS FPC Forensics AMD Log Mgmt SIEM
9
© 2015 Cisco and/or its affiliates. All rights reserved. 9 Cisco: Covering the Entire Attack Continuum ATTACK CONTINUUM Discover Enforce Harden Detect Block Defend Scope Contain Remediate FireSIGHT and pxGrid ASA NGFW Secure Access + Identity Services VPN Meraki NGIPS ESA/WSA CWS Advanced Malware Protection Cognitive ThreatGRID
10
© 2015 Cisco and/or its affiliates. All rights reserved. 10 A Threat-Centric Approach ATTACK CONTINUUM Point-in-Time Continuous Discover Enforce Harden Detect Block Defend Scope Contain Remediate NetworkEndpointMobileVirtualCloud
11
© 2015 Cisco and/or its affiliates. All rights reserved. 11 Today’s Security Appliances Context- Aware Functions IPS Functions Malware Functions VPN Functions Traditional Firewall Functions
12
© 2015 Cisco and/or its affiliates. All rights reserved. 12 Workflow (automation) Engine APIs Visibility and Context are the Foundation Broad visibility for context Visibility Set policy to reduce surface area of attack Control Focus on the threat – security is about detecting, understanding, and stopping threats Threat Understand scope, contain & remediate Breach
13
© 2015 Cisco and/or its affiliates. All rights reserved. 13 Workflow (automation) Engine Visibility Must Be Pervasive Visibility Control Threat Breach Scope Contain Remediate Detect Block Defend Control Enforce Harden Discover Monitor Inventory Map BEFORE ASA NGFW VPN Meraki ISE NAC Network / Devices (FireSIGHT/PXGrid) Users / Applications (FireSIGHT/PXGRID/ISE) Files / Data (FireSIGHT/AMP) DURING AFTER AMP ThreatGrid CTA NGIPS ESA/WSA Reputation APIs
14
© 2015 Cisco and/or its affiliates. All rights reserved. 14 A Threat-Centric Approach Reduces Complexity and Increase Capability Cloud Services Control Platform Hosted Collective Security Intelligence Centralized Management Appliances, Virtual Network Control Platform Device Control Platform Cloud Services Control Platform Appliances, Virtual Host, Mobile, Virtual Hosted
15
© 2015 Cisco and/or its affiliates. All rights reserved. 15 The Time is Now for Cisco’s Threat-Centric Approach Consistent Control Complexity Reduction Consistent Policies Across the Network and Data Center Fits and Adapts to Changing Business Models Global Intelligence With the Right Context Detects and Stops Advanced Threats Advanced Threat Protection Unmatched Visibility
16
© 2015 Cisco and/or its affiliates. All rights reserved. 16 Thank you.
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.