Cisco Effective Security: Simple, Open and Automated · Stephen Dane Managing Director, Security,...

Stephen DaneManaging Director, Security, APJDecember 2016

Cisco Effective Security: Simple, Open and Automated

Play Anatomy of a Hacker Video HERE (shortened version)

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Are we secure?

4© 2016 Cisco and/or its affiliates. All rights reserved.

Differentiators

Strategy

Threat Landscape

Agenda

What are we protecting against?

Cisco’s strategy, vision and portfolio

Why Cisco Security?

5© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Digitization Creates Many Opportunities…for Hackers

Attack SophisticationThreat ActorsAttack Surface

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

The Hacker Economy


Asymmetric battles are greater than our ability to respond

Persistent Attacks

Overwhelmed Defenders

Innovative Methods

Fragile Infrastructure

Shifting Tactics

Rising Vulnerabilities

Encryption Dilemma

Global Operations


Dynamic Threat Landscape Customers Biggest Security Challenges

A community that hides in plain sight avoids detection and attacks swiftly

60%of data isstolen inHOURS

54%of breaches remain

undiscovered forMONTHS

85%of point-of-sale intrusions

aren’t discovered for

WEEKS

82%increase of cybercrime

costs reported bycompanies since

2009*

100%of companies connect to

domains that host maliciousfiles or services last

YEAR

ChangingBusiness Models

Dynamic Threat Landscape

Complexityand Fragmentation

* 2015 Cost of Cyber Crime Study, Ponemon Institute


The Costs of Cybersecurity Breaches Are Immense, Going Far Beyond Those of the Initial Breach

Our biggest concern with cybersecurity breaches is not as much the direct financial impact as the indirect. What if customers decide that we're not worthy of their trust and they stay away?

Greg Kleffner, CFO,Stein Mart

“

”

CFO Perspective: 384 finance respondents

Rank the consequences of breaches or incidents your company suffered in the past year.

Survey

Lost business1 Lost

assets2 Lost productivity3

Regulatory fines and litigation4

Remediation costs5


Lack of Cybersecurity Hinders Innovation in the Digital Era

“Cybersecurity risks and threats hinder innovation in my organization.”

Survey

“My organization halted a mission-critical initiativedue to cybersecurity fears.”

Survey

Innovations are moving forward, but probably at 70%-80% of what they otherwise could if there were better tools to deal with the dark cloud of cybersecurity threats.

Robert SimmonsCFO

“

”

71%Agree

39%Agree

1014 respondents


Approach cybersecurityas a strategic business imperative rather than a defensive necessity

Build cybersecurity into the foundation of their digital strategy

Confident in their cybersecurity for Big Data/analytics, cloud, and Internet of Things

Act on a "first-mover" competitive advantage to create new digital business opportunities

Can you see beyond the protection aspect of security?

Reap the rewards of Fast Innovation in a Digital Era


Cisco Security Portfolio ‘’Time to do things differently’’


Integrated Architectural Approach

Best of Breed Portfolio

Cisco’s Security Strategy

Cisco Security Closes the GapThe Security Effectiveness Gap


14© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Open

Automated

Simple

Effective Security starts with an architectural approach

An architectural approach leads to Security that is:

Effective Security


Cisco’s Best of Breed and Integrated Portfolio

Threat Intelligence

Secure Internet Gateway

Network Analytics

Policy and Access

NGFW/NGIPS Advanced Malware

Web

WWW

Email UTM

Visibility

Threat Intelligence

Services


Cisco Architecture in Action


Umbrella blocks requestNGFW blocks connection

Web Security/Email Security blocks file

Stop the DeliveryUmbrella blocks request NGFW blocks connection

Block ActivationAMP for Endpoints

detects & stops malwareStealthwatch and SLN

detect activity

Detect & Respond

Internet

30%+TCO*

Reduction CiscoArchitectural

Approach

Cisco Architectural Approach Helps Customers Save Money


* Initial Results

Firewall

VPN

Email Security

Web Security

DLP

SIEM

Replacement Box

Failover

Persistent Threats

IDS

Firewall 2.0

VPN 2.0

Email Security 2.0

Web Security 2.0

DLP 2.0

SIEM 2.0

Replacement Box 2.0

Failover 2.0

Persistent Threats 2.0

IDS 2.0PointProducts Approach


Source: Cisco Midyear Security Report, 2016

~13100 VS.DAYS

IndustryCisco

…And reduces time to detection

Reduced Time to Detection

HOURS


Cisco Differentiation


“65% of CEOs say their risk management approach is falling behind. In a new reality where security breaches come at a daily rate, we must move away from trying to achieve the impossible perfect protection and instead invest in detection and response. Organizations should move their investments from 90 percent prevention and 10 percent detection and response to a 60/40 split.”

Peter SondergaardSenior VP and Global Head of Research

Gartner

C I S C O L E A D S I N B R E A C H D E T E C T I O N

Cisco

Other Products

2016 NSS Labs Breach Detection Systems test


&

Customers

Hundreds of Thousands Daily Threat

Telemetry

100TBThreat

Researchers

250Users

Tens of Millions Threat Analytic

Engines

Hundreds of

GLOBAL

Threats Across the Internet

LOCAL

Threats Inside Your Network

Unmatched visibility, threat research and analytics


Financial Information

email

Company Network

NetworkAdministrator

Network SecurityFirepower alert on threat sent to ISE

Quarantine

Rapid ContainmentTrustSec quarantines user

Rapid Threat Containment – adding automationMalicious

File Download


Branch

CampusEdge

OperationalTechnology

Data Center

Endpoint

Broadest scope of threat-centric coverage from the network to the data center, cloud, branch and endpoints

Cloud

Security Everywhere


What Can the Network Do for You?

Detect Anomalous Traffic Flowse.g. Communication with Malicious Hosts, Internal Malware Propagation, Data Exfiltration

Detect User Access Policy Violationse.g. Maintenance Contractor Accessing Financial Data

Detect Rogue Devices, APs and Moree.g. Maintenance Contractor Connecting an Unauthorized AP in Bank Branch to Breach

Network as a SensorSegment the Network to Contain the AttackTrustSec - Secure Group Tagging, VRF, ISE and More

Encrypt the Traffic to Protect the DataMACsec for Wired, DTLS for Wireless, IPSec/SSL for WAN and More

Secure The Branch for Direct Internet AccessIWAN, Cloud Web Security and More

Network as an Enforcer


Ask Your CISO…..

4 Best in Breed

Can your security provide the best protection for all the key attack vectors?

1 Integration

Does your security infrastructure integrate to provide low TCO and increased effectiveness?

3 Retrospection

Can you go back and change your position on a file that was initially deemed safe if it is later determined to be malicious?

2 Automation

Do your security technologies talk to each other? When one product sees a threat, can it tell another to change the user’s access?

Cisco Effective Security: Simple, Open and Automated · Stephen Dane Managing Director, Security,...

Documents

Transcript of Cisco Effective Security: Simple, Open and Automated · Stephen Dane Managing Director, Security,...