it security upside in a down market darin andersen coo eset, llc
TRANSCRIPT
IT Security Upside in a Down Market
Darin AndersenCOOESET, LLC
•Global security company
•Sales in over 150 countries
•North American Headquarters San Diego
•INC 500 2008 and 2007 winner
•Flagship Product: ESET NOD32 Antivirus
•Over 70 million copies in use
•“Track record” in the Enterprise
About ESET
ESET Around the World
ESET Headquarters
ESET Offices
ESET Partners
ESET Revenue Growth
Endpoint Security Solutions
ESET NOD32 Antivirus 4: Business Edition
Protection for every endpoint in your business from viruses, spyware, malware, and all Internet-born threats.
ESET NOD32 Antivirus 4 Business Edition includes Remote Administrator, LAN update “mirror” and can be installed on servers.
ESET Smart Security is excellent for laptop computers and includes anti-spam and personal firewall.
New features in version 4: Enhanced Remote Administrator, Smarter Scanner, Removable Media Security, Host-based Intrusion Prevention System (HIPS)
ESET – Securing the Enterprise
Enterprise Pain ESET Solution
1. Slow protection – wait hours, even days for signature updates
1. Proactive Protection – Zero-day protection with non-intrusive, frequent updates
2. False positives - waste time and resources 2. Precise – accurate detection of malware rarely yields false-positive results
3. “Bloatware” – kludged solution that is heavy and slows system performance
3. Lightweight - fully integrated security solution with minimal impact on system performance
4. Slow scanning - high impact to systems – users turn off protection, vulnerable
4. Fast – scanning speeds allow users to work unencumbered
5. Difficult to deploy, update, and manage security on a large number of nodes
5. Scalable - central remote administration easy to manage thousands of nodes
6. High cost - too much to put on every computer
6. Competitive pricing - enables full coverage
Proactive Protection
“NOD32 has the most proactive malware detection capabilities of all
the products tested over the last 12 months.”
– Andreas Clementi, Project Manager AV-Comparatives.org
Missed In-the-Wild Viruses in Virus Bulletin Tests
* May 1998 – April 2009 (fewer is better)
By the time you read this, 70 new types of malware will be produced.
ESET receives 100,000 new malware samples per day
Over 1.5 million new malware samples
in 2008
Zero-day attacks are increasing rapidly
Cybercriminals are growing more sophisticated and financially motivated
Traditional security solutions are not keeping up
ESET’s proactive approach
Are your customers safe….really?
eCrime Trends
• 41% of organizations have seen increase in cybercrime
• Only 1% have seen decrease
Source: eCrime Survey 2009 in partnership with KPMG
“We have already had an attack where the infection was dormant, remaining undetected, for 10 months. How many more of these are already on our computers?”
“…new scam targets has pushed the total of phishing e-mails from a maximum of around 400,000 a day in August to nearly 800,000 a day in November [2008].”
Forbes.com, Economic Bust, Cybercrime Boom, Andy Greenberg, Nov. 19, 2008
Finding: The Recession
• 66% of respondents agree that out-of-work IT professionals during the recession will lead to more people with technical skills joining the cybercriminal underground economy.
Source: eCrime Survey 2009 in partnership with KPMG
Overall Threat
• 79% of respondents do not believe that security software based on signature detection offers a sufficient level of protection to Internet users.
Source: eCrime Survey 2009 in partnership with KPMG
The #1 Internal Threat
• “ Theft of customer or employee data “
• “Knowledge of weak points in business/systems being deliberately exploited.
What internal eCrime risks are of most concern in economic downturn?
Source: eCrime Survey 2009 in partnership with KPMG
The of customer or employee data by insiders
Knowledge of weak points in business processes/systems
Theft of intellectual property of business sensitive data
Loss of undocumented business knowledge
Employees placing personal information on the internet - exploitation
Knowledge of weak points in business systems being sold
Other
64%
62%
61%
38%
36%
27%
3%
Growth of Malware from 1985 – 2007
Source: AVTEST.org
Industry Perspective
“Computer security has become a more urgent issue in light of rampant online crime and mega-infections like the Conficker worm, which has ensnared up to 12 million personal computers and has helped spur security software sales.”
Canadian Business Online - From The Associated Press, May 1, 2009
“Malware kits are supported by product guarantees and service level agreements.” It is real-business, support by organized crime.
Emerging Cyber Threats Report for 2009 – Oct. 15, 2008
SMB & Enterprise Spending Trends – Main Drivers
• 1st – High-profile incidents in other organizations – 42%
• 2nd – Regulatory Compliance – 41%
• 3rd – Fear of a major incident resulting in negative media coverage for organization – 40%
Source: eCrime Survey 2009 in partnership with KPMG
Data Breaches
•What is “Data Loss Prevention” (DLP)?• It’s about mitigating risk
•Who is impacted by data breaches?•Everyone
•Why do data breaches occur?•75%-80% of data breaches are due to human error
•Yankee Group report: “Anywhere Data is Powerful, Data Everywhere is Dangerous” – Phil Hochmuth Sr. Analyst
• Financially catastrophic for your customers
• Loss of sales• Investigation and notification costs• Fines and litigation (approx: $90 -
$305/record)• Pay for credit monitoring service
($40/record)• Interruption of operations• Last – but definitely not least: Brand erosion
(reputation, customer trust)
Data Breach Consequences
Data Breaches – Case Study: Hanaford Bros.
• Chain of events:
• Physical access and auditing• Malware installed on key servers• Data Interception• Middleware configuration• 4.2M customer records copied “in flight”
Data Breach Consequences (cont’d)
•Regulatory Compliance
•HIPAA
•Sarbanes Oxley (SARBOX)
•Graham Leach Bliley (GLBA)
Data Loss Prevention Architectures
•Data at rest
•Data in motion
•Data on mobile and removable devices
•Network-based
•Host-based
Cyber Risk – Guiding Your Customers
•What is cyber risk?
•The risks, liabilities and solutions associated with processes and interactions resulting from business activities conducted through computer networks.
Cyber Risk (cont’d)
•To determine how to lower the risk profile of a company at least three areas need to be evaluated:
• What is at risk (customer information, IP, etc)?
•What the threat vectors are (e.g. employees, competition, malware)?
•Consequences of failure (regulatory compliance issues, brand damage, consumer confidence)
Managing Cyber Risk
• Risk management plan requires senior management buy-in• Requires a collaborative approach (team-based) •Outline new and existing applications and operations• Assess security and privacy risk controls • Review business continuity plans• Policies.. a necessary evil!• Technology is what we use to enforce policy
• The growth of malware targeting a specific platform is dependent on a key factor: the market penetration of the specific platform.
• Other factors:
• The popularity of a platform to engage in commerce as well as its ability to be “always-connected“
• Availability of development tools
• Well-documented APIs (knowledge of the "inner-workings" of the kernel, security mechanisms and network stack)
• There will be approximately 4B (billion) mobile phones in use by EOY ‘08. This is a very tempting target for cybercriminals to leverage!
Mobile Threats
Malware
• The evolution of malware
• More targeted – spear phishing• Increasingly complex – self-modifying,
encrypted, etc.• Pre-installed• Sophisticated social engineering• Decrease in email-borne malware• Lower barrier to entry
Malware (cont’d)
• Examples
• Spear phishing – Oak Ridge Nat’l Labs• Storm Worm• USB (autorun.inf)• Password stealing trojans
Malware: Bottom Line
• Gaming-related malware is prevalent and expensive to the victim (identities and assets stolen and re-sold)
• Autorun is dangerous and can be embedded in off-the-shelf/retail devices!
• PUAs and spyware are a plague and a curse
• Heuristics and Behavior Analysis Rule!
Mobile Threats (cont’d)• The value of an executive's mobile device:
• 1,000-5,000 contacts• customer details• business partner's information• colleagues / friends' home numbers
• 100-200+ appointments• customer leads• pending business activities
• 200+ internal company emails with sensitive corporate data• pending partnerships, lawsuits, M&A data• pending business activities• sensitive data masquerading as calendar events / contacts• ATM, credit card, banking, brokerage info• poorly obscured ID's, PIN codes and passwords
Best Practices - Businesses
• Inventory your assets.
•Know how many computers you have
•How they connect to your network and Internet
• Audit is essential
• Know that all assets are protected
• Protection is current and audited
• Use business assets for business only
• Clearly define policies for acceptable use of company resources
• Hire a consultant to help secure your business
• Make security education priority http://www.securingourecity.org
Securing Our eCity – www.securingourcity.org
Takeaways
• Cyber security is everyone’s responsibility
• DLP is more than just marketing – the numbers speak!
• No business is immune to data breaches or cyber risk
• Risk assessment goal – reducing the risk to an acceptable level
• Technology controls require well-written policies
• Patch management process
• The prevalence of malware continues to steadily rise
• Antivirus is a key component to a security strategy
• While early, the mobile threat exists – it’s not if, but when
ESET in the Enterprise
Proactive ProtectionPrecise DetectionSupport Services
Fast Scanning Lightweight Footprint
Partner with ESET is Good for your Customers• ESET offers proactive approach to security
ThreatSense (Advanced Heuristic)
• Transparent PerformanceBest of breedSmallest footprintMinimal CPU
• Centralized Management Manages 3-400,000 computers
• Agile Security
• Integrated approach• Secure methodology requires layers• Server level, desktop, laptop and mobile
Partner Protect Profit
