3. Five Cybersecurity Trends
IT teams will adopt the
mindset of ‘we don’t trust
anybody’
Deception technologies
become the security
enablers of IoT and OT
Robo-hunters are the new
norm
Zero Trust Network Deception Technology Robo HuntersBehavioural analytics Block Chain
Behavioural analytics and
artificial intelligence (AI)
demand a relook at identity
Businesses will start to
implement blockchain as a
cybersecurity measure in a
range of innovative ways
https://www2.dimensiondata.com/it-trends/cybersecurity-2018
4. Malware getting bigger and better
Source: Symantec, Internet security threat report; Verizon, 2017 Data Breaches Investigations Report, Dimension Data Insight & Analytics
Above mentioned attacks list is not exhaustive
*BEC - Business Email Compromise
Ransomware
caused Hollywood
Presbyterian
Medical Center to
declare an internal
emergency
Ransomware attacked 10
hospitals and 250
outpatient centers in the
MedStar network in the
Washington DC area, US
that compromised 2.2 mn
patient records
~11 mn documents
were leaked from
Panama based law
firm Mossack
Fonseca
About half the population
of Philippines became
victim of the data breach
at the Commission on
Elections
Microsoft patched
Five Internet Explore
(IE) zero day which
was being used in
targeted attacks in
South Korea
SWIFT hackers
stole $10 mn from
a bank in Ukraine
Leoni AG lost €40 mn in a
BEC scam
120,000 bitcoin stolen
from bitcoin exchange
Bitfinex, valued at
about $65 mn
Disk-wiping
malware
Shamoon
reappears after
four years
Takedown of
the Avalanche cybercrime
network including seizure
of 39 infrastructure
servers, with over 800 000
domains seized, sinkholed
or blocked
French hosting
company OVH
became target
of a 1Tb Gbps
DDoS attack
Hacking of a confidential database in
World Anti-Doping Agency by a
Russian cyber-espionage group
Feb’16 Mar’16 Apr’16 May’16 June’16 Aug’16 Sept’16 Oct’16 Nov’16 Dec’16 Feb17 May’17
A hacker named
Stackoverflowin hacked
over 150,000 printers
that has been left
accessible online and
start to send random
printing jobs
WannaCry ransomware,
termed as largest
ransomware attack, affected
75,000 window’s users
spread across 100 countries
and organizations including
Telefonica, FedEx, and UK
hospitals
6. Global Threat Intelligence Report 2017 Findings
www.dimensiondata.com/globalthreatreport
77% of ransomware
targets found in four industries
• Business / Professional Services (28%),
Government (19%), Healthcare (15%),
Retail (15%)
Victims by
sector
• 50% Incident
Response engagements
in Healthcare sector
related to ransomware
Vulnerability analysis
• effective patch management
remains a challenge
• nearly 47% of vulnerabilities
are more than three years old
Phishing, social engineering, ransomware the #1
threat to digital business
• phishing attacks responsible for 73% malware delivered
to organizations
• incident response engagements relating to malware up
from 19% to 41%
Ransomware the most common
malware discovered in client
environments
• 22% of Incident Response engagements due to
ransomware infection
7. Digital enterprise
NG Firewall Application
Control
Content
control Threat Analytics
Data
Control Blockchain
HQ / Data Centre
Operational
Technology
Branch Workspace IoT
Identity
ManagementGRC Analytics Deception DLP Forensics FW / IPS
Hybrid
Protection
Controls
Anti-DDoS
Consultant
Architect
Hunt Teams
Intelligence
MSS
Consultant
Architect
Hunt Teams
MSS
Intelligence
8. Challenges in securing the IT Infrastructure in a digital
enterprise
Policy Enforcement
How do you apply
consistent security control
across physical and virtual
environments?
Orchestration
Can you provision
security as fast as your
infrastructure?
Access control
How and who can access
the data centre.
End-point control
How do you stop
compromised end-points
from driving holes into your
data centre?
Visibility
What, where, when and by
whom?
Location
Do all workloads belong in
the data centre?
Regulation and
compliance
How do you maintain data
sovereignty SLA
responsibilities?
11. Client
Management
Controls
Architecture
Strategy
Assessment
Security lifecycle… Assessment
• Active security gaps
identification
• Cloud readiness
assessment
Strategy
• Customised Security
Cybersecurity
Advisory (CA)
• Security policies and
procedures
development
Architecture
• Solution designed by
certified experts
Management
• Controls managed by
Managed Security
Services (MSS)
• Higher hardware uptime
• Technology lifecycle
management
• Complete IT outsourcing
Controls
• World-class
technology powered
by partners
• Certified engineers for
implementation &
deployment
12. Cybersecurity Advisory Approach…
Controls
validation
Architecture
review
Workshops /
interviews
• Security vision and strategy,
• Security framework,
• Risk management, Architecture
• Business requirements
• Architecture principals
• Security policy
• Vendor Rationalisation
• Penetration testing
• Threat and vulnerability scanning
• Firewall assurance and analysis
• Build and configuration reviews
Assess people, process and technology
Level 1 Level 2 Level 3
Actionable roadmap of security initiatives
SAA consulting framework provides:
An assessment of your actual security posture
An actionable roadmap in line with business objectives
includes level 1 includes levels 1 and 2
Regulation Framework
13. Cybersecurity Advisory creates customized roadmap…
Business view
Architect view
Designer view
Operations
Applications
Infrastructure
EndPoint
Technology
Architecture
Business
Architecture
AS-IS TO-BE
Grow maturity to improve
security posture
14. ManagedDefinedRepeatableInitialNon-Existent
Maturity
Scale:
Optimised
Identity management
Endpoint
Applications
Operations
Infrastructure
Asset / Config
Management
Incident
Management
Vulnerability / Patch
Management
Change
Management
Access
Management
Event Monitoring and
Management
WAF
SIEM
Security
Analytics
Data
Encryption
Email
Gateway
DB Activity
Monitoring
Host DLP
Document
Exchange
IDM SSO
Antivirus / HIPS
Patch
Management
Configuration
Management
Vulnerability
Management
MDM
DDOS
Protection
Firewall IPS
VPN
Network
Antivirus
Network DLP
EDR
Web
Gateway
CASB
Network
Sandboxing
Cyber
Deception
DNS
Wireless
Threat intelligence
Feeds Platform Analysis
Wired
Network
Access management
NACAAA MFA PAM
Cybersecurity Advisory Reference Model
Host security
Data protection and visibility
Rationalize your environment
Identify your maturity level
Align with Business
requirement
15. MSS delivery provides:
• Takes over the management and operation of security equipment
• Proactively identify and respond to threats
MSS Approach…
24x7 Monitoring &
Management
• 24x7 service
• Globally consistent
• Supports multi-vendor
Threat Identification
& Response
• Identify threats when it hits
• Provide security
recommendation to contain
Change
Management
• Certified experts makes
change, so you don’t
have to hire experts
Threat Intelligence
Continuously relevant and secured investment
Cloud-delivered | Consumption-based | Certified SOC delivery | Industry experts
16. CloudAppliances
forSecurity
Virtual Next-Generation Firewall (new and available)
ManagedServices
forSecurity
Managed NGFW
Managed Web-application
Firewall
Managed e-mail GatewayManaged Web Gateway
Managed Security Information
and Event Management (SIEM)
Managed Intrusion
Detection & Prevention
Firewall Intrusion Prevention System Antivirus Application Control URL Filtering
Anti-Bot Anti-Spam & Email Security Mobile Access IPSec VPN Data Loss Prevention
Introduction to SOC delivered Managed Security Services…
CloudServices
forSecurity
Web Application Firewall-as-a-
service
Web Security-as-a-serviceEmail Security-as-a-Service
Real-time Threat Management-
as-a-Service
17. to help you deliver predictive
cybersecurity
Yo u r
trusted partner
Solutions Use
Case
18. Ransomware Protection
Internet
OT
Network
Endpoint
Protection
+
DNS
Security
RTM
Web Security
Managed Services
RTM
Managed Services
RTM
Email Security
Enterprise
Network
NGFW
Managed Services
RTM
NGIPS
Managed Services
RTM
Network
Monitoring
Email with
links /
attachments
Infected
websites
Ransomware
C2 PLCs
Services provided by Dimension Data MSS
Technology provided by partners
Threat Intelligence
Security SME
Incident Response
Consulting
Dark web monitoring
Network
Deception
RTM
Server
Deception
RTM
Network
Segmentation
RTM
Infected
endpoint
RTM
Managed Services
SIEM