SlideShare una empresa de Scribd logo

Kba talk track 2018

Descargar como PPTX, PDF
Greg Wartes, MCP
Greg Wartes, MCP

Local City Business Assoc. Event - spreading awareness about Cyber Security Threats faced on prem, cloud and mobile.

Empresariales
1 de 42
1©2018 Check Point Software Technologies Ltd.©2018 Check Point Software Technologies Ltd. Tuesday, July 10th, 2018 Evolving Threats Layered Security
2©2018 Check Point Software Technologies Ltd. Greg Wartes – GA Account Manager – Check Point Software Technologies • Husband | Father of 3 • Microsoft Certified Professional • Aspiring Writer/Blogger • Former Golf Professional Magazine WHITE PAPERS CASE STUDIES Published In: gwartes@checkpoint.com
3©2018 Check Point Software Technologies Ltd. Who is Check Point? HQ in Tel-Aviv, Israel CEO – Gil Shwed, inventor of the firewall In business 25 years Pure Cyber-Security Company
4©2018 Check Point Software Technologies Ltd. Look at YOUR Organization/Data Differently!! INTENTION:
5©2018 Check Point Software Technologies Ltd. Context/Definitions Matter:
6©2018 Check Point Software Technologies Ltd. Definitions Matter:
7©2018 Check Point Software Technologies Ltd. Definitions Matter:
8©2018 Check Point Software Technologies Ltd.
9©2018 Check Point Software Technologies Ltd. The Game Has Changed! Law No. 1: If There Is A Vulnerability, It Will Be Exploited Law No. 2: Everything Is Vulnerable In Some Way Law No. 3: Humans Trust Even When They Shouldn't Law No. 4: W/ Innovation Comes Opportunity For Exploitation Law No. 5: When In Doubt, See Law No. 1 : The Five Laws Of Cybersecurity
10©2018 Check Point Software Technologies Ltd.
11©2018 Check Point Software Technologies Ltd. How Serious Are The Cyber Threats In 2018?
12©2018 Check Point Software Technologies Ltd. Threats are evolving…..
13©2018 Check Point Software Technologies Ltd. Definitions Matter:
14©2018 Check Point Software Technologies Ltd. Definitions Matter:
15©2018 Check Point Software Technologies Ltd. 15©2018 Check Point Software Technologies Ltd. Generations of Attacks and Protections Gen I Late 1980s – PC attacks - standalone Virus Gen II Mid 1990s – Attacks from the internet Networks Gen III Early 2000s - Exploiting vulnerabilities in applications Applications The Anti Virus The Firewall Intrusion Prevention (IPS) Gen IV 2010 - Polymorphic Content Payload SandBoxing and Anti-Bot
16©2018 Check Point Software Technologies Ltd. [Internal Use] for Check Point employees​ Where are we ? 1990 2000 2010 2015 2017 THREATS PROTECTIONSNetworks Gen II Applications Gen III Payload Gen IV GRADE I GRADE II GRADE III GRADE V GRADE IV Virus Gen I Enterprises are between Gen 2-3 2.8 Mega Gen V
17©2018 Check Point Software Technologies Ltd. Quick Story: Thursday - March 22nd, 2018 8:30a.m. Thursday - March 22nd, 2018 8:55a.m. Jim X – Business Accounting Professional of 18 years: 1. 3. 2. Process: 1. 6M customers affected 8,000 employees affected 5 FULL Days! Multiple Dpts. Around the clock hours worked Partner dependence Day-to-day Operations/Process = MANUAL
18©2018 Check Point Software Technologies Ltd. By Show of hands……
19©2018 Check Point Software Technologies Ltd. “In The Room”
20©2018 Check Point Software Technologies Ltd. March 22nd, 2018 $51,000 ransom • The city’s police department reported that most of its video evidence (mostly dashcam videos) have been lost. • More than 140 separate applications were totally or partially disabled by the attack (nearly 30 percent of the affected programs were “mission critical”). • After an initial estimated cost of $2 million, the city will need an additional $9.5 million to recover
21©2018 Check Point Software Technologies Ltd. What is it costing? At The End of 2017, Global Ransomware Damage Cost Exceeded $5 Billion
22©2018 Check Point Software Technologies Ltd. RENTAL CAR – YOUR CLOUD:
23©2018 Check Point Software Technologies Ltd. What’s in Your “CAR?” YOUR
24©2018 Check Point Software Technologies Ltd. What are you doing to protect your “CAR?”
25©2018 Check Point Software Technologies Ltd. YOU Still have responsibility
26©2018 Check Point Software Technologies Ltd. OUR CLOUD ENVIRONMENT Internet
27©2018 Check Point Software Technologies Ltd. WITHIN THE FIRST 15 MINUTES149 Attacks: • 92 SSL Attacks • 1 Scripting attack7 TCP Attacks • 49 Network based attacks
28©2018 Check Point Software Technologies Ltd. AFTER 7 DAYS . . . Oh won’t you please be my neighbor . . . ~4 million attacks recorded!
29©2018 Check Point Software Technologies Ltd. WARNING THE NEXT COUPLE OF SLIDES MAY CONTAIN TECHNICAL CONTENT SIDE EFFECTS MAY CAUSE SLEEPINESS…..WAKE UP
30©2018 Check Point Software Technologies Ltd. “Best” of Breed Approach…..
31©2018 Check Point Software Technologies Ltd. 31©2018 Check Point Software Technologies Ltd. [Internal Use] for Check Point employees​ Machine Learning CPU-Level Sandboxing Threat Extraction Virtual Firewall Endpoint Detection & Response Human Behavioral Analytics Data Encryption Data Leak Prevention Anti-Bot Flash Detonation URL Filtering Firewall ICS/ SCADA Protection Machine Learning Proxy Network Encryption Anti- Ransomware Zero Phishing Mobile Threat Prevention CPU-Level Sandboxing HTTPS Inspection Intrusion Prevention Anti-Virus DDOS Hypervisor Level Security Application Control
32©2018 Check Point Software Technologies Ltd. Time
33©2018 Check Point Software Technologies Ltd. Crazy Statistics: Law No. 4: W/ Innovation Comes Opportunity For Exploitation
34©2018 Check Point Software Technologies Ltd. LEGIT: “Coffee_Guest” (Fair to Poor Signal) LEGIT: “Coffeee_Guest” (Full Bars)
35©2018 Check Point Software Technologies Ltd.
36©2018 Check Point Software Technologies Ltd.
37©2018 Check Point Software Technologies Ltd. LAST 18 MONTHS:
38©2018 Check Point Software Technologies Ltd. Law No. 3: Humans Trust Even When They Shouldn't
39©2018 Check Point Software Technologies Ltd. SHARED Intelligence =
40©2018 Check Point Software Technologies Ltd.
41©2018 Check Point Software Technologies Ltd.©2018 Check Point Software Technologies Ltd. Don’t be caught unprepared. Uncover potential risks on your enterprise network.
42©2018 Check Point Software Technologies Ltd. Thank you.

Recomendados

Ga society of cpa's 2018 coastal chapter
Ga society of cpa's 2018 coastal chapterGa society of cpa's 2018 coastal chapter
Ga society of cpa's 2018 coastal chapterGreg Wartes, MCP
 
End to End Security - Check Point
End to End Security - Check PointEnd to End Security - Check Point
End to End Security - Check PointHarry Gunns
 
Pgatss slide deck june 7, 2018
Pgatss slide deck june 7, 2018Pgatss slide deck june 7, 2018
Pgatss slide deck june 7, 2018Greg Wartes, MCP
 
Completing your Next Generation Threat Prevention - Check Point
Completing your Next Generation Threat Prevention - Check PointCompleting your Next Generation Threat Prevention - Check Point
Completing your Next Generation Threat Prevention - Check Pointaliciasyc
 
Augusta gen v presentation adapture v2
Augusta gen v presentation adapture v2Augusta gen v presentation adapture v2
Augusta gen v presentation adapture v2Greg Wartes, MCP
 
PIONEERING GEN V SECURITY WITH CHECK POINT
PIONEERING GEN V SECURITY WITH CHECK POINTPIONEERING GEN V SECURITY WITH CHECK POINT
PIONEERING GEN V SECURITY WITH CHECK POINTTechnofutur TIC
 
AsianGames Security Story - Andika Triwidada
AsianGames Security Story - Andika TriwidadaAsianGames Security Story - Andika Triwidada
AsianGames Security Story - Andika Triwidadaidsecconf
 
Check Point Infinity powered by R80.10
Check Point Infinity powered by R80.10Check Point Infinity powered by R80.10
Check Point Infinity powered by R80.10MarketingArrowECS_CZ
 

Recomendados

Ga society of cpa's 2018 coastal chapter
Ga society of cpa's 2018 coastal chapterGa society of cpa's 2018 coastal chapter
Ga society of cpa's 2018 coastal chapterGreg Wartes, MCP
 
End to End Security - Check Point
End to End Security - Check PointEnd to End Security - Check Point
End to End Security - Check PointHarry Gunns
 
Pgatss slide deck june 7, 2018
Pgatss slide deck june 7, 2018Pgatss slide deck june 7, 2018
Pgatss slide deck june 7, 2018Greg Wartes, MCP
 
Completing your Next Generation Threat Prevention - Check Point
Completing your Next Generation Threat Prevention - Check PointCompleting your Next Generation Threat Prevention - Check Point
Completing your Next Generation Threat Prevention - Check Pointaliciasyc
 
Augusta gen v presentation adapture v2
Augusta gen v presentation adapture v2Augusta gen v presentation adapture v2
Augusta gen v presentation adapture v2Greg Wartes, MCP
 
PIONEERING GEN V SECURITY WITH CHECK POINT
PIONEERING GEN V SECURITY WITH CHECK POINTPIONEERING GEN V SECURITY WITH CHECK POINT
PIONEERING GEN V SECURITY WITH CHECK POINTTechnofutur TIC
 
AsianGames Security Story - Andika Triwidada
AsianGames Security Story - Andika TriwidadaAsianGames Security Story - Andika Triwidada
AsianGames Security Story - Andika Triwidadaidsecconf
 
Check Point Infinity powered by R80.10
Check Point Infinity powered by R80.10Check Point Infinity powered by R80.10
Check Point Infinity powered by R80.10MarketingArrowECS_CZ
 
Check Point Corporate Overview 2020 - Detailed
Check Point Corporate Overview 2020 - DetailedCheck Point Corporate Overview 2020 - Detailed
Check Point Corporate Overview 2020 - DetailedMoti Sagey מוטי שגיא
 
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...Black Duck by Synopsys
 
Check Point: Securing Web 2.0
Check Point: Securing Web 2.0 Check Point: Securing Web 2.0
Check Point: Securing Web 2.0 Group of company MUK
 
Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...
Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...
Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...Black Duck by Synopsys
 
INFINITY Presentation
INFINITY PresentationINFINITY Presentation
INFINITY PresentationCristian Garcia G.
 
Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...
Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...
Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...Black Duck by Synopsys
 
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013Clouditalia Telecomunicazioni
 
Check Point SMB Proposition
Check Point SMB PropositionCheck Point SMB Proposition
Check Point SMB PropositionGroup of company MUK
 
Webinar misra and security
Webinar misra and securityWebinar misra and security
Webinar misra and securityPerforce
 
Stay One Step Ahead of Cyber Threats - Check Point
Stay One Step Ahead of Cyber Threats - Check PointStay One Step Ahead of Cyber Threats - Check Point
Stay One Step Ahead of Cyber Threats - Check PointMarcoTechnologies
 
Surviving the Ransomware Plague
Surviving the Ransomware PlagueSurviving the Ransomware Plague
Surviving the Ransomware PlagueMarketingArrowECS_CZ
 
Understanding Advanced Threats and How to Prevent Them
Understanding Advanced Threats and How to Prevent ThemUnderstanding Advanced Threats and How to Prevent Them
Understanding Advanced Threats and How to Prevent ThemMarketingArrowECS_CZ
 
Cyber Security for Digital-Era
Cyber Security for Digital-EraCyber Security for Digital-Era
Cyber Security for Digital-EraJK Tech
 
Car Cybersecurity: The Gap Still Exists
Car Cybersecurity: The Gap Still ExistsCar Cybersecurity: The Gap Still Exists
Car Cybersecurity: The Gap Still ExistsSecurity Innovation
 
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...Black Duck by Synopsys
 
Staying One Step Ahead with Zero-Day Protection
Staying One Step Ahead with Zero-Day ProtectionStaying One Step Ahead with Zero-Day Protection
Staying One Step Ahead with Zero-Day ProtectionMarketingArrowECS_CZ
 
Взаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical SupportВзаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical SupportGroup of company MUK
 
Check Point vs competition security effectiveness
Check Point vs competition security effectiveness Check Point vs competition security effectiveness
Check Point vs competition security effectiveness Moti Sagey מוטי שגיא
 
Information Security Seminar
Information Security SeminarInformation Security Seminar
Information Security SeminarAcend Corporate Learning
 
Solar winds supply chain breach - Insights from the trenches
Solar winds supply chain breach - Insights from the trenchesSolar winds supply chain breach - Insights from the trenches
Solar winds supply chain breach - Insights from the trenchesInfosec
 
ALMUERZO DE TRABAJO CHECKPOINT - SECURE SOFT
ALMUERZO DE TRABAJO CHECKPOINT - SECURE SOFTALMUERZO DE TRABAJO CHECKPOINT - SECURE SOFT
ALMUERZO DE TRABAJO CHECKPOINT - SECURE SOFTCristian Garcia G.
 
Ascendiendo a la GEN V de Cyber Security
Ascendiendo a la GEN V de Cyber SecurityAscendiendo a la GEN V de Cyber Security
Ascendiendo a la GEN V de Cyber SecurityCristian Garcia G.
 

Más contenido relacionado

La actualidad más candente

Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...Black Duck by Synopsys
 
Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...
Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...
Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...Black Duck by Synopsys
 
Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...
Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...
Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...Black Duck by Synopsys
 
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013Clouditalia Telecomunicazioni
 
Webinar misra and security
Webinar misra and securityWebinar misra and security
Webinar misra and securityPerforce
 
Stay One Step Ahead of Cyber Threats - Check Point
Stay One Step Ahead of Cyber Threats - Check PointStay One Step Ahead of Cyber Threats - Check Point
Stay One Step Ahead of Cyber Threats - Check PointMarcoTechnologies
 
Understanding Advanced Threats and How to Prevent Them
Understanding Advanced Threats and How to Prevent ThemUnderstanding Advanced Threats and How to Prevent Them
Understanding Advanced Threats and How to Prevent ThemMarketingArrowECS_CZ
 
Cyber Security for Digital-Era
Cyber Security for Digital-EraCyber Security for Digital-Era
Cyber Security for Digital-EraJK Tech
 
Car Cybersecurity: The Gap Still Exists
Car Cybersecurity: The Gap Still ExistsCar Cybersecurity: The Gap Still Exists
Car Cybersecurity: The Gap Still ExistsSecurity Innovation
 
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...Black Duck by Synopsys
 
Staying One Step Ahead with Zero-Day Protection
Staying One Step Ahead with Zero-Day ProtectionStaying One Step Ahead with Zero-Day Protection
Staying One Step Ahead with Zero-Day ProtectionMarketingArrowECS_CZ
 
Взаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical SupportВзаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical SupportGroup of company MUK
 
Check Point vs competition security effectiveness
Check Point vs competition security effectiveness Check Point vs competition security effectiveness
Check Point vs competition security effectiveness Moti Sagey מוטי שגיא
 
Solar winds supply chain breach - Insights from the trenches
Solar winds supply chain breach - Insights from the trenchesSolar winds supply chain breach - Insights from the trenches
Solar winds supply chain breach - Insights from the trenchesInfosec
 

La actualidad más candente (20)

Check Point Corporate Overview 2020 - Detailed
Check Point Corporate Overview 2020 - DetailedCheck Point Corporate Overview 2020 - Detailed
Check Point Corporate Overview 2020 - Detailed
 
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...
 
Check Point: Securing Web 2.0
Check Point: Securing Web 2.0 Check Point: Securing Web 2.0
Check Point: Securing Web 2.0
 
Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...
Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...
Open Source Insight: GitHub Finds 4M Flaws, IAST Magic Quadrant, 2018 Open So...
 
INFINITY Presentation
INFINITY PresentationINFINITY Presentation
INFINITY Presentation
 
Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...
Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...
Open Source Insight: AppSec for DevOps, Open Source vs Proprietary, Malicious...
 
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
Presentazione CHECKPOINT Evento CloudGarage 5-11 giugno 2013
 
Check Point SMB Proposition
Check Point SMB PropositionCheck Point SMB Proposition
Check Point SMB Proposition
 
Webinar misra and security
Webinar misra and securityWebinar misra and security
Webinar misra and security
 
Stay One Step Ahead of Cyber Threats - Check Point
Stay One Step Ahead of Cyber Threats - Check PointStay One Step Ahead of Cyber Threats - Check Point
Stay One Step Ahead of Cyber Threats - Check Point
 
Surviving the Ransomware Plague
Surviving the Ransomware PlagueSurviving the Ransomware Plague
Surviving the Ransomware Plague
 
Understanding Advanced Threats and How to Prevent Them
Understanding Advanced Threats and How to Prevent ThemUnderstanding Advanced Threats and How to Prevent Them
Understanding Advanced Threats and How to Prevent Them
 
Cyber Security for Digital-Era
Cyber Security for Digital-EraCyber Security for Digital-Era
Cyber Security for Digital-Era
 
Car Cybersecurity: The Gap Still Exists
Car Cybersecurity: The Gap Still ExistsCar Cybersecurity: The Gap Still Exists
Car Cybersecurity: The Gap Still Exists
 
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
 
Staying One Step Ahead with Zero-Day Protection
Staying One Step Ahead with Zero-Day ProtectionStaying One Step Ahead with Zero-Day Protection
Staying One Step Ahead with Zero-Day Protection
 
Взаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical SupportВзаимодействие с Check Point Technical Support
Взаимодействие с Check Point Technical Support
 
Check Point vs competition security effectiveness
Check Point vs competition security effectiveness Check Point vs competition security effectiveness
Check Point vs competition security effectiveness
 
Information Security Seminar
Information Security SeminarInformation Security Seminar
Information Security Seminar
 
Solar winds supply chain breach - Insights from the trenches
Solar winds supply chain breach - Insights from the trenchesSolar winds supply chain breach - Insights from the trenches
Solar winds supply chain breach - Insights from the trenches
 

Similar a Kba talk track 2018

ALMUERZO DE TRABAJO CHECKPOINT - SECURE SOFT
ALMUERZO DE TRABAJO CHECKPOINT - SECURE SOFTALMUERZO DE TRABAJO CHECKPOINT - SECURE SOFT
ALMUERZO DE TRABAJO CHECKPOINT - SECURE SOFTCristian Garcia G.
 
Ascendiendo a la GEN V de Cyber Security
Ascendiendo a la GEN V de Cyber SecurityAscendiendo a la GEN V de Cyber Security
Ascendiendo a la GEN V de Cyber SecurityCristian Garcia G.
 
2018 06 Presentation Cloudguard IaaS de Checkpoint
2018 06 Presentation Cloudguard IaaS de Checkpoint2018 06 Presentation Cloudguard IaaS de Checkpoint
2018 06 Presentation Cloudguard IaaS de Checkpointe-Xpert Solutions SA
 
CompTIA powered Cybersecurity Apprenticeships
CompTIA powered Cybersecurity ApprenticeshipsCompTIA powered Cybersecurity Apprenticeships
CompTIA powered Cybersecurity ApprenticeshipsZeshan Sattar
 
Scrapping for Pennies: How to implement security without a budget
Scrapping for Pennies: How to implement security without a budgetScrapping for Pennies: How to implement security without a budget
Scrapping for Pennies: How to implement security without a budgetRyan Wisniewski
 
2018 06 Presentation Cloudguard SaaS de Checkpoint
2018 06 Presentation Cloudguard SaaS de Checkpoint 2018 06 Presentation Cloudguard SaaS de Checkpoint
2018 06 Presentation Cloudguard SaaS de Checkpoint e-Xpert Solutions SA
 
Building application security with 0 money down
Building application security with 0 money downBuilding application security with 0 money down
Building application security with 0 money downDefCamp
 
Check point presentation june 2014
Check point presentation june 2014Check point presentation june 2014
Check point presentation june 2014David Berkelmans
 
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftHow Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftOSIsoft, LLC
 
Leveraging Compliance to “Help” Prevent a Future Breach
Leveraging Compliance to “Help” Prevent a Future BreachLeveraging Compliance to “Help” Prevent a Future Breach
Leveraging Compliance to “Help” Prevent a Future BreachKevin Murphy
 
THE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITYTHE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITYETDAofficialRegist
 
Aalto cyber-10.4.18
Aalto cyber-10.4.18Aalto cyber-10.4.18
Aalto cyber-10.4.18japijapi
 
Security as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud AdoptionSecurity as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud AdoptionMarketingArrowECS_CZ
 
Csa summit seguridad en el sddc
Csa summit seguridad en el sddcCsa summit seguridad en el sddc
Csa summit seguridad en el sddcCSA Argentina
 
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondHow BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondSecPod Technologies
 
The 2018 Threatscape
The 2018 ThreatscapeThe 2018 Threatscape
The 2018 ThreatscapePeter Wood
 
Trend Micro 10 Minute Overview
Trend Micro 10 Minute OverviewTrend Micro 10 Minute Overview
Trend Micro 10 Minute OverviewJohn D. Haden
 

Similar a Kba talk track 2018 (20)

ALMUERZO DE TRABAJO CHECKPOINT - SECURE SOFT
ALMUERZO DE TRABAJO CHECKPOINT - SECURE SOFTALMUERZO DE TRABAJO CHECKPOINT - SECURE SOFT
ALMUERZO DE TRABAJO CHECKPOINT - SECURE SOFT
 
Ascendiendo a la GEN V de Cyber Security
Ascendiendo a la GEN V de Cyber SecurityAscendiendo a la GEN V de Cyber Security
Ascendiendo a la GEN V de Cyber Security
 
Infosecurity - CDMX 2018
Infosecurity - CDMX 2018Infosecurity - CDMX 2018
Infosecurity - CDMX 2018
 
CheckPoint Software
CheckPoint SoftwareCheckPoint Software
CheckPoint Software
 
2018 06 Presentation Cloudguard IaaS de Checkpoint
2018 06 Presentation Cloudguard IaaS de Checkpoint2018 06 Presentation Cloudguard IaaS de Checkpoint
2018 06 Presentation Cloudguard IaaS de Checkpoint
 
Check Point Infinity
Check Point Infinity Check Point Infinity
Check Point Infinity
 
CompTIA powered Cybersecurity Apprenticeships
CompTIA powered Cybersecurity ApprenticeshipsCompTIA powered Cybersecurity Apprenticeships
CompTIA powered Cybersecurity Apprenticeships
 
Scrapping for Pennies: How to implement security without a budget
Scrapping for Pennies: How to implement security without a budgetScrapping for Pennies: How to implement security without a budget
Scrapping for Pennies: How to implement security without a budget
 
2018 06 Presentation Cloudguard SaaS de Checkpoint
2018 06 Presentation Cloudguard SaaS de Checkpoint 2018 06 Presentation Cloudguard SaaS de Checkpoint
2018 06 Presentation Cloudguard SaaS de Checkpoint
 
Building application security with 0 money down
Building application security with 0 money downBuilding application security with 0 money down
Building application security with 0 money down
 
Check point presentation june 2014
Check point presentation june 2014Check point presentation june 2014
Check point presentation june 2014
 
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftHow Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
 
Leveraging Compliance to “Help” Prevent a Future Breach
Leveraging Compliance to “Help” Prevent a Future BreachLeveraging Compliance to “Help” Prevent a Future Breach
Leveraging Compliance to “Help” Prevent a Future Breach
 
THE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITYTHE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITY
 
Aalto cyber-10.4.18
Aalto cyber-10.4.18Aalto cyber-10.4.18
Aalto cyber-10.4.18
 
Security as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud AdoptionSecurity as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud Adoption
 
Csa summit seguridad en el sddc
Csa summit seguridad en el sddcCsa summit seguridad en el sddc
Csa summit seguridad en el sddc
 
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondHow BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
 
The 2018 Threatscape
The 2018 ThreatscapeThe 2018 Threatscape
The 2018 Threatscape
 
Trend Micro 10 Minute Overview
Trend Micro 10 Minute OverviewTrend Micro 10 Minute Overview
Trend Micro 10 Minute Overview
 

Más de Greg Wartes, MCP

Security Minded - Ransomware Awareness
Security Minded - Ransomware AwarenessSecurity Minded - Ransomware Awareness
Security Minded - Ransomware AwarenessGreg Wartes, MCP
 
Removing Reactive Behavior Inside Your Organization
Removing Reactive Behavior Inside Your Organization Removing Reactive Behavior Inside Your Organization
Removing Reactive Behavior Inside Your Organization Greg Wartes, MCP
 
Outcome Based Selling July 15th 2014 CPA event
Outcome Based Selling July 15th 2014 CPA eventOutcome Based Selling July 15th 2014 CPA event
Outcome Based Selling July 15th 2014 CPA eventGreg Wartes, MCP
 
Comptia slides managed print vegas
Comptia slides managed print vegasComptia slides managed print vegas
Comptia slides managed print vegasGreg Wartes, MCP
 
June 18th, 2013 gwinnete chapter of cpa's
June 18th, 2013 gwinnete chapter of cpa'sJune 18th, 2013 gwinnete chapter of cpa's
June 18th, 2013 gwinnete chapter of cpa'sGreg Wartes, MCP
 
Office 365 mid_market_sales_pitch_deck (3)
Office 365 mid_market_sales_pitch_deck (3)Office 365 mid_market_sales_pitch_deck (3)
Office 365 mid_market_sales_pitch_deck (3)Greg Wartes, MCP
 

Más de Greg Wartes, MCP (6)

Security Minded - Ransomware Awareness
Security Minded - Ransomware AwarenessSecurity Minded - Ransomware Awareness
Security Minded - Ransomware Awareness
 
Removing Reactive Behavior Inside Your Organization
Removing Reactive Behavior Inside Your Organization Removing Reactive Behavior Inside Your Organization
Removing Reactive Behavior Inside Your Organization
 
Outcome Based Selling July 15th 2014 CPA event
Outcome Based Selling July 15th 2014 CPA eventOutcome Based Selling July 15th 2014 CPA event
Outcome Based Selling July 15th 2014 CPA event
 
Comptia slides managed print vegas
Comptia slides managed print vegasComptia slides managed print vegas
Comptia slides managed print vegas
 
June 18th, 2013 gwinnete chapter of cpa's
June 18th, 2013 gwinnete chapter of cpa'sJune 18th, 2013 gwinnete chapter of cpa's
June 18th, 2013 gwinnete chapter of cpa's
 
Office 365 mid_market_sales_pitch_deck (3)
Office 365 mid_market_sales_pitch_deck (3)Office 365 mid_market_sales_pitch_deck (3)
Office 365 mid_market_sales_pitch_deck (3)
 

Último

Kenya’s Coconut Value Chain by Gatsby Africa
Kenya’s Coconut Value Chain by Gatsby AfricaKenya’s Coconut Value Chain by Gatsby Africa
Kenya’s Coconut Value Chain by Gatsby Africaictsugar
 
8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCR8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCRashishs7044
 
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / NcrCall Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncrdollysharma2066
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Pereraictsugar
 
Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Kirill Klimov
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfRbc Rbcua
 
PSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationPSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationAnamaria Contreras
 
Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Riya Pathan
 
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deckPitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deckHajeJanKamps
 
Digital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfDigital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfJos Voskuil
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCRashishs7044
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03DallasHaselhorst
 
Innovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfInnovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfrichard876048
 
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptxContemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptxMarkAnthonyAurellano
 
Annual General Meeting Presentation Slides
Annual General Meeting Presentation SlidesAnnual General Meeting Presentation Slides
Annual General Meeting Presentation SlidesKeppelCorporation
 
MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?Olivia Kresic
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaoncallgirls2057
 

Último (20)

Kenya’s Coconut Value Chain by Gatsby Africa
Kenya’s Coconut Value Chain by Gatsby AfricaKenya’s Coconut Value Chain by Gatsby Africa
Kenya’s Coconut Value Chain by Gatsby Africa
 
8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCR8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCR
 
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / NcrCall Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
Call Girls in DELHI Cantt, ( Call Me )-8377877756-Female Escort- In Delhi / Ncr
 
Corporate Profile 47Billion Information Technology
Corporate Profile 47Billion Information TechnologyCorporate Profile 47Billion Information Technology
Corporate Profile 47Billion Information Technology
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Perera
 
Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024
 
Japan IT Week 2024 Brochure by 47Billion (English)
Japan IT Week 2024 Brochure by 47Billion (English)Japan IT Week 2024 Brochure by 47Billion (English)
Japan IT Week 2024 Brochure by 47Billion (English)
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdf
 
Call Us ➥9319373153▻Call Girls In North Goa
Call Us ➥9319373153▻Call Girls In North GoaCall Us ➥9319373153▻Call Girls In North Goa
Call Us ➥9319373153▻Call Girls In North Goa
 
PSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationPSCC - Capability Statement Presentation
PSCC - Capability Statement Presentation
 
Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737
 
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deckPitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
 
Digital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfDigital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdf
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03
 
Innovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfInnovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdf
 
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptxContemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
Contemporary Economic Issues Facing the Filipino Entrepreneur (1).pptx
 
Annual General Meeting Presentation Slides
Annual General Meeting Presentation SlidesAnnual General Meeting Presentation Slides
Annual General Meeting Presentation Slides
 
MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?MAHA Global and IPR: Do Actions Speak Louder Than Words?
MAHA Global and IPR: Do Actions Speak Louder Than Words?
 
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City GurgaonCall Us 📲8800102216📞 Call Girls In DLF City Gurgaon
Call Us 📲8800102216📞 Call Girls In DLF City Gurgaon
 

Kba talk track 2018

  • 1. 1©2018 Check Point Software Technologies Ltd.©2018 Check Point Software Technologies Ltd. Tuesday, July 10th, 2018 Evolving Threats Layered Security
  • 2. 2©2018 Check Point Software Technologies Ltd. Greg Wartes – GA Account Manager – Check Point Software Technologies • Husband | Father of 3 • Microsoft Certified Professional • Aspiring Writer/Blogger • Former Golf Professional Magazine WHITE PAPERS CASE STUDIES Published In: gwartes@checkpoint.com
  • 3. 3©2018 Check Point Software Technologies Ltd. Who is Check Point? HQ in Tel-Aviv, Israel CEO – Gil Shwed, inventor of the firewall In business 25 years Pure Cyber-Security Company
  • 4. 4©2018 Check Point Software Technologies Ltd. Look at YOUR Organization/Data Differently!! INTENTION:
  • 5. 5©2018 Check Point Software Technologies Ltd. Context/Definitions Matter:
  • 6. 6©2018 Check Point Software Technologies Ltd. Definitions Matter:
  • 7. 7©2018 Check Point Software Technologies Ltd. Definitions Matter:
  • 8. 8©2018 Check Point Software Technologies Ltd.
  • 9. 9©2018 Check Point Software Technologies Ltd. The Game Has Changed! Law No. 1: If There Is A Vulnerability, It Will Be Exploited Law No. 2: Everything Is Vulnerable In Some Way Law No. 3: Humans Trust Even When They Shouldn't Law No. 4: W/ Innovation Comes Opportunity For Exploitation Law No. 5: When In Doubt, See Law No. 1 : The Five Laws Of Cybersecurity
  • 10. 10©2018 Check Point Software Technologies Ltd.
  • 11. 11©2018 Check Point Software Technologies Ltd. How Serious Are The Cyber Threats In 2018?
  • 12. 12©2018 Check Point Software Technologies Ltd. Threats are evolving…..
  • 13. 13©2018 Check Point Software Technologies Ltd. Definitions Matter:
  • 14. 14©2018 Check Point Software Technologies Ltd. Definitions Matter:
  • 15. 15©2018 Check Point Software Technologies Ltd. 15©2018 Check Point Software Technologies Ltd. Generations of Attacks and Protections Gen I Late 1980s – PC attacks - standalone Virus Gen II Mid 1990s – Attacks from the internet Networks Gen III Early 2000s - Exploiting vulnerabilities in applications Applications The Anti Virus The Firewall Intrusion Prevention (IPS) Gen IV 2010 - Polymorphic Content Payload SandBoxing and Anti-Bot
  • 16. 16©2018 Check Point Software Technologies Ltd. [Internal Use] for Check Point employees​ Where are we ? 1990 2000 2010 2015 2017 THREATS PROTECTIONSNetworks Gen II Applications Gen III Payload Gen IV GRADE I GRADE II GRADE III GRADE V GRADE IV Virus Gen I Enterprises are between Gen 2-3 2.8 Mega Gen V
  • 17. 17©2018 Check Point Software Technologies Ltd. Quick Story: Thursday - March 22nd, 2018 8:30a.m. Thursday - March 22nd, 2018 8:55a.m. Jim X – Business Accounting Professional of 18 years: 1. 3. 2. Process: 1. 6M customers affected 8,000 employees affected 5 FULL Days! Multiple Dpts. Around the clock hours worked Partner dependence Day-to-day Operations/Process = MANUAL
  • 18. 18©2018 Check Point Software Technologies Ltd. By Show of hands……
  • 19. 19©2018 Check Point Software Technologies Ltd. “In The Room”
  • 20. 20©2018 Check Point Software Technologies Ltd. March 22nd, 2018 $51,000 ransom • The city’s police department reported that most of its video evidence (mostly dashcam videos) have been lost. • More than 140 separate applications were totally or partially disabled by the attack (nearly 30 percent of the affected programs were “mission critical”). • After an initial estimated cost of $2 million, the city will need an additional $9.5 million to recover
  • 21. 21©2018 Check Point Software Technologies Ltd. What is it costing? At The End of 2017, Global Ransomware Damage Cost Exceeded $5 Billion
  • 22. 22©2018 Check Point Software Technologies Ltd. RENTAL CAR – YOUR CLOUD:
  • 23. 23©2018 Check Point Software Technologies Ltd. What’s in Your “CAR?” YOUR
  • 24. 24©2018 Check Point Software Technologies Ltd. What are you doing to protect your “CAR?”
  • 25. 25©2018 Check Point Software Technologies Ltd. YOU Still have responsibility
  • 26. 26©2018 Check Point Software Technologies Ltd. OUR CLOUD ENVIRONMENT Internet
  • 27. 27©2018 Check Point Software Technologies Ltd. WITHIN THE FIRST 15 MINUTES149 Attacks: • 92 SSL Attacks • 1 Scripting attack7 TCP Attacks • 49 Network based attacks
  • 28. 28©2018 Check Point Software Technologies Ltd. AFTER 7 DAYS . . . Oh won’t you please be my neighbor . . . ~4 million attacks recorded!
  • 29. 29©2018 Check Point Software Technologies Ltd. WARNING THE NEXT COUPLE OF SLIDES MAY CONTAIN TECHNICAL CONTENT SIDE EFFECTS MAY CAUSE SLEEPINESS…..WAKE UP
  • 30. 30©2018 Check Point Software Technologies Ltd. “Best” of Breed Approach…..
  • 31. 31©2018 Check Point Software Technologies Ltd. 31©2018 Check Point Software Technologies Ltd. [Internal Use] for Check Point employees​ Machine Learning CPU-Level Sandboxing Threat Extraction Virtual Firewall Endpoint Detection & Response Human Behavioral Analytics Data Encryption Data Leak Prevention Anti-Bot Flash Detonation URL Filtering Firewall ICS/ SCADA Protection Machine Learning Proxy Network Encryption Anti- Ransomware Zero Phishing Mobile Threat Prevention CPU-Level Sandboxing HTTPS Inspection Intrusion Prevention Anti-Virus DDOS Hypervisor Level Security Application Control
  • 32. 32©2018 Check Point Software Technologies Ltd. Time
  • 33. 33©2018 Check Point Software Technologies Ltd. Crazy Statistics: Law No. 4: W/ Innovation Comes Opportunity For Exploitation
  • 34. 34©2018 Check Point Software Technologies Ltd. LEGIT: “Coffee_Guest” (Fair to Poor Signal) LEGIT: “Coffeee_Guest” (Full Bars)
  • 35. 35©2018 Check Point Software Technologies Ltd.
  • 36. 36©2018 Check Point Software Technologies Ltd.
  • 37. 37©2018 Check Point Software Technologies Ltd. LAST 18 MONTHS:
  • 38. 38©2018 Check Point Software Technologies Ltd. Law No. 3: Humans Trust Even When They Shouldn't
  • 39. 39©2018 Check Point Software Technologies Ltd. SHARED Intelligence =
  • 40. 40©2018 Check Point Software Technologies Ltd.
  • 41. 41©2018 Check Point Software Technologies Ltd.©2018 Check Point Software Technologies Ltd. Don’t be caught unprepared. Uncover potential risks on your enterprise network.
  • 42. 42©2018 Check Point Software Technologies Ltd. Thank you.

Notas del editor

  1. It’s time to look at your organization differently – someone else already is!
  2. Anyone know who this is? Seth Godin – Creator of Google Marketing, Author of NYT Best Sellers, Bizzillionare – in many of his books – he talks about the importance of definitions in business/business meetings – getting everyone on the same page…..I have adopted that methodology and would like to start there – what is the cloud?
  3. We can all agree that there are a wide variety of types of cloud computing: private, public, hybrid, community, etc…But are they all secure/safe by default? Does the provider hold responsibility for keeping your data safe? What makes me laugh is when people complain about the cloud when they are utililsing a FREE service…..E-Mail is the biggest one….
  4. So everyone has a cloud in 2018 – the 800lb. Gorillas in the game most certainly have a large presence: Microsoft, Google, Amazon
  5. The cloud has become part of our every day lives – there really isn’t a way of getting around it. You can no longer buy a CD for software, it’s delivered to you via the cloud. The 800lb. Gorrila/the mother ship/Microsoft now has included ways to save your work to the cloud as a default location. You can utilize google photos to save space on your i-phone…..for free!
  6. We can all agree that there are a wide variety of types of cloud computing: private, public, hybrid, community, etc…But are they all secure/safe by default? Does the provider hold responsibility for keeping your data safe? E-Mail is the biggest one….
  7. We can all agree that there are a wide variety of types of cloud computing: private, public, hybrid, community, etc…But are they all secure/safe by default? Does the provider hold responsibility for keeping your data safe? What makes me laugh is when people complain about the cloud when they are utililsing a FREE service…..E-Mail is the biggest one….
  8. Jim is a long term employee of 18+ years with the same “company” and performs his job well. Jim is a accounting professional supporting multiple departments and reports to a C-Suite title. On March 22nd, Jim entered work just like any other day- started his day by logging on to his PC, checking e-mail and returning voicemails. Jim was just getting his day started when he noticed his PC acting funny, internet was on and off for a few minutes and then completely locked out with no email or internet or access to his files. His PC was affected with ransomware as was his entire network.
  9. Let’s address the elephant in the room….Atlanta was the “company” that was hacked. It made national news and unfortunately a number of other cities followed. Savannah and Baltimore just to name a couple.
  10. Let’s start with the elephant in the room – the city of ATL was recently hacked – Ransomware. Orbits was also hacked with almost a million customer records leaked. This sort of stuff happens every day – it’s just the ones that carry a large recognizable logo that make the headlines – this happens even more often in the Mid-sized market place, but they don’t report it because they aren’t household names.
  11. Who here has rented a car recently? What is the 1st thing you do…..after signing paperwork? You walk around the car with the rep, check for dents/dings, check gas level, make sure is has 4 tires, etc. They don’t check the engine with you, they don’t check the electronics, the power windows, etc. They give you a car that drives……that’s it, and you’re off.
  12. What do you travel with? What do you put in your car? Would you leave this in a “bad” part of town with the windows down and the doors unlocked? So why are you leaving your cloud in the bad part of town with doors unlocked and windows down?
  13. What are you able to put around your car? Lock the doors? Hire someone (MSP – Staff) to watch it? Put a fence around it (Technology?) Spot lights to ensure you can see it at all times (technology?)
  14. You have the responsibility to protect that car/cloud – it’s in good share when it was given to you – but the provider’s responsibility do in fact end there – they’ve give you the keys, now you have to manage it, protect it, ensure it stays safe…..So how do you do that?
  15. So, we built a cloud environment from a popular cloud service provider (CSP), deployed a server instance in our new cloud environment, and using all the native tools that were available through the CSP, connected our new “cloud service” to the Internet. In addition, for added assurance, we also deployed a Honeypot in front of our new cloud service just on the off-chance something were to slip past the native controls . . . we connected our service through our Honeypot and sat back and watched what happened . . . And almost immediately we found some “interesting” results . . .
  16. 149 attacks identified by our HoneyPot Ninety two (92) ssh/telnet attacks One (1) scripting attack Seven (7) attacks targeting TCP/UDP ports Forty nine (49) network based According to Distil Networks: “Bad bots made up 20% of all web traffic and are everywhere, at all times—they don’t take breaks and they don’t sleep. Even though bad bots are on all sites, larger sites were hit the hardest in 2016. Bad bots accounted for 21.83% of large website web traffic, which saw an increase of 36.43% since 2015.” Also, “Data centers were the weapon of choice for bad bots with 60.1% coming from the cloud. Amazon AWS was the top originating ISP for the third year in a row with 16.37% of all bad bot traffic—four times more than the next ISP (OVH SAS).” The challenge – these bot armies are programmed to After 7 days: 3.97 Million ssh/telnet based attempts + malware uploaded to the cloud 826 attack attemps detected by Dionaea 9 attack attempts detected by the elastic pot search engine 98 attempts detected by the web application honeypot glastopf and almost 4900 attacks detected by Honeytrap It‘s clear we have a problem – native controls aren‘t enough . . . How do cloud providers deal with this?
  17. It is worth noting that these figures do not contain any clean traffic. Since there are no real services behind our honeypot, everything we saw and captured were attempts to compromise our environment. In total, we witnessed:   3.97 Million ssh/telnet based attempts + malware uploaded to the cloud 826 attack attemps detected by Dionaea 9 attack attempts detected by the elastic pot search engine 98 attempts detected by the web application honeypot glastopf and almost 4900 attacks detected by Honeytrap   Our test simulated a typical cloud environment, thus this is what customers are likely to see in a similar span of time – especially if they just utilize the native ACL filters available through their cloud provider. We can clearly see that cloud assets are vulnerable to the same types of attacks targeting our premises-based networks, but the key difference is that on-prem we deploy advanced security protections to safeguard our assets; we need to start doing the same thing in the cloud.
  18. Let’s start with the elephant in the room – the city of ATL was recently hacked – Ransomware. Orbits was also hacked with almost a million customer records leaked. This sort of stuff happens every day – it’s just the ones that carry a large recognizable logo that make the headlines – this happens even more often in the Mid-sized market place, but they don’t report it because they aren’t household names.
  19. We are in talks with companies that take their security so serious they are adding layers of protection that are not just technology – they include their attorney to document conversations – having a legal layer of protection. Lots of firms are now implementing cyber-insurance as an added layer of protection (re-active), but another layer.