Date post: | 16-Dec-2015 |
Category: |
Documents |
Upload: | miles-shields |
View: | 216 times |
Download: | 0 times |
Ruslans Barbasins| Territory Manager – CIS, Central Asia, Caucasus
Leading The World Into Connected Security
.
McAfee Confidential2
History of DefiningArchitecture
– Inventor of the world’s most widely used computing architecture
– Defining countless standards used in everyday lives ranging from USB, WiFi, to IoT
– Top 10 Most Influential Brands in the World
Largest Dedicated Security Provider
– Broadest security product coverage in the industry
– Complete portfolio focused upon security
– Leadership position in 6 of 8 Gartner Security Magic Quadrants
Delivering a Next Generation Security Architecture
– Defining innovative industry approaches for collaborative and adaptive security
– Introducing security integrations which are sustainable and broadly reaching
– Developing capabilities for new security paradigms in areas such as Software Defined Datacenter, Cloud, and IoT
.
McAfee Confidential3
Challenges Faced by Security Professionals
Source: McAfee Survey at Black Hat USA 2013
False Positives20%
Detection35%
Other3%
Damage Repair9%
Timely Response11%
Protection22%
.
McAfee Confidential4
Advanced Targeted Attacks—The Reality
Sources: Verizon 2013 Data Breach Investigations Report. Securosis Malware Analysis Quant Metrics Model
CONTAINMENT
ATTACK
COMPROMISE
DISCOVERY
COMPROMISE TO DISCOVERY DISCOVERY TO CONTAINMENTADVANCED TARGETED ATTACKS
Weeks64%
Days11%
Years4% Months
12%Minutes2%
Weeks14%
Months23%
Days42%
Hours19%
$8,769 / Incident$3,840,988 / Year 1.2 incidents / Day
Hours9%
.
McAfee Confidential5
Targeted attacks against Point-of-Sale (POS) systems
Memory parsing/scraping malware
Extracts full magnetic stripe data out of memory
Not detected by traditional A/V
Not detected for a significant amount of time
Substantial damage – 40 million credit cards where ex-filtrated in the TARGET compromise
Estimated $652 million loss in market cap after Target breach
Containment took long (VISA)
Recent Notable Advanced Targeted Attacks
.
McAfee Confidential6
FirewallEndpoint
ProtectionGatewaySecurity
Network IPS ComplianceData
ProtectionMobility SIEM
.
6
TIME
Building Security By SiloTechnology Acquisition Process Has Delivered Security Chaos
.
McAfee Confidential7
Security Posture
TCOCapEx + OpEx
Point Products
Layered Tools
Building Security By SiloCreating a False Sense of Security
TIME
Lessons Learned
• Well-funded organizations do not equal well-defended organizations
• Maintaining compliance will not result in protection
• Massive alerting in a sea of noise cannot receive action
• Defenses operating in silos are setup to fail
Parity Advancement
.
McAfee Confidential8
Security Posture
TCOCapEx + OpEx
Building Security By SiloDelivering Operationally Effective Security
TIMEParity Advancement
Layered Tools
Point Products
ConnectedArchitecture
.
McAfee Confidential9
Adaptive Threat Preventionin Real-TimeFrom Encounter to Containment in Milliseconds
.
McAfee Confidential10
Asset
Threat
Identity
Activity
BPM
Risk
Data
Location
Data Exchange LayerAn innovative, real-time, bi-directional communications fabric providing with product integration simplicity.
Security components operate as one to immediately share relevant data between endpoint, gateway, and other security products enabling security intelligence and adaptive security.
THE SECURITY CONNECTED FRAMEWORK
ADAPTIVE SECURITY ARCHITECTURE
.
McAfee Confidential12
?
LOCAL THREAT INTELLIGENCE
ORGANIZATIONAL INTELLIGENCE
McAfeeNGFW
McAfeeEmail Gateway
McAfeeNSP
Add the power of knowledge
Other Data SourcesFuture
McAfeeGlobal ThreatIntelligence
3rd PartyFeeds
McAfeeEndpoint Client
McAfeeWeb Gateway
McAfeeThreat Intelligence
Exchange
Optimizing Security for Your Organization
Personalized Threat Intelligence
Assemble, override, augment and tune the intelligence source information
GLOBAL THREAT INTELLIGENCE
AdministratorOrganizational
Knowledge
.
McAfee Confidential13
McAfeeVSE Threat Intelligence
Module
McAfeeVSE Threat Intelligence
Module
McAfeeePO
McAfeeATD
Threat Intelligence ExchangeAdapt and Immunize — From Encounter to Containment in Milliseconds
YES NO
McAfeeGlobal ThreatIntelligence
3rd PartyFeeds
Data Exchange Layer
McAfeeTIE Server
.
McAfee Confidential14
14
McAfeeESM
McAfeeVSE Threat Intelligence
Module
McAfeeVSE Threat Intelligence
Module
McAfeeePO
McAfeeATD
McAfeeWeb Gateway
McAfeeEmail Gateway
McAfeeNGFW
McAfeeNSP
Instant Protection Across the Enterprise
Data Exchange Layer
McAfeeGlobal ThreatIntelligence
3rd PartyFeeds
Gateways block access based on endpoint convictions
Security components
operate as one to immediately
share relevant data between
endpoint, gateway, and other security
products
Proactively and efficiently protect
your organization as soon as a threat is
revealed
McAfeeTIE Server
.
McAfee Confidential15
15
McAfeeESM
McAfeeVSE Threat Intelligence
Module
McAfeeVSE Threat Intelligence
Module
McAfeeePO
McAfeeATD
McAfeeWeb Gateway
McAfeeEmail Gateway
McAfeeNGFW
McAfeeNSP
Threat Intelligence ExchangeAdapt and Immunize—From Encounter to Containment in Milliseconds
Data Exchange Layer
NOYES
McAfeeGlobal ThreatIntelligence
3rd PartyFeeds
Endpoints are protected based on gateway convictions
McAfeeTIE Server
.
McAfee Confidential16
Threat Intelligence Exchange Lowers TCO and Improves Your ROI
Integration simplicity through McAfee’s data
exchange layer
Enables unmatched operation effectiveness
and agility
Reduces implementation and operational costs
Extends existing McAfee security detection, prevention, and analytics technology investments