8 Threats Your Anti-Virus Won't Stop

8 Threats your antivirus won’t stop

Outline

Current threat landscape

8 threats AV won’t stop

Wrap up

2

Threats changing,

still increasing

Data everywhere, regulations

growing

Users everywhere,

using everything

Changing threat landscapeWhat’s causing you pain

3

How data is lost

4

Devices Hacked

Web/Virus Documents

Fraud

Source: DatalossDB.org

Anatomy of an attackA hijacked website or an unwanted email with a malicious link

Initial malware redirects based on what it’s working with (Windows/Mac, IE/Safari, etc.)

Exploit pack attempts to leverage a number of vulnerabilities in apps & plugins

Download of a malicous payload to log keys, steal data, or convert the system into a botnet

Malware calls home with sensitive data

Entry point

Malware Distribution

Exploitvulnerabilities

Infection

Execution

Outline

Current threat landscape

8 threats AV won’t stop

Wrap up

6

Evolution of AV

• Signature based anti-virus protection

• HIPS (Host Intrusion Prevention System)

• Behavioral analysis

• Client firewall

• Application control

• Device control

• Endpoint Protection

• Web Protection

• Email Protection

• Network Protection

• Data Protection

• Mobile Protection

• Signature based anti-virus protection

• Signature based anti-virus protection

• HIPS (Host Intrusion Prevention System)

SignatureAV

SignatureAV + HIPS

EndpointSecurity

CompleteSecurity

8 threats AV won’t stop

8

Human error:

1. Misdirected email

2. Infected USB device

Facts of life:

3. Working offsite

4. Working on the web

IT issues:

5. Unpatched PC’s

6. Uncontrolled apps

Malicious intent:

7. Stolen Laptops

8. Zero-day threat

1. Misdirected emailIf it hasn’t happened to you, it will

9

Data Control

Email encryption

2. The infected USB device75% fail the lollipop test

10

Device Control

Data Control

Encryption

3. Working offsite & 4. on the webToday’s primary source of FakeAV

11

Endpoint Web Protection

URL Filtering

5. Unpatched & 6. Uncontrolled appsIs your company data circulating on Bit-Torrent?

12

PatchManagement

ApplicationControl

7. Stolen laptopsIt’s only a matter of time

13

Email encryption

Encryption for cloud

Full Disk Encryption

8. The zero-day threatExploiting unknown vulnerabilities

14

Intrusion prevention

Anti-malware with behavioural analysis

Live Protection

Outline

Current threat landscape

8 threats AV won’t stop

Wrap up

15

Evolution of AV

• Signature based anti-virus protection

• HIPS (Host Intrusion Prevention System)

• Behavioral analysis

• Client firewall

• Application control

• Device control

• Endpoint Protection

• Web Protection

• Email Protection

• Network Protection

• Data Protection

• Mobile Protection

• Signature based anti-virus protection

• Signature based anti-virus protection

• HIPS (Host Intrusion Prevention System)

SignatureAV

SignatureAV + HIPS

EndpointSecurity

CompleteSecurity

Entry point

Malware Distribution

Exploitvulnerabilities

Infection

Execution

URLFiltering

Anti-spam

PatchManager

ApplicationControl

Data Control

Encryption

Reduce attacksurface

LiveProtection

Intrusion prevention

Firewall

Anti-malware

Stop attacksand breaches

Pro

tect everywh

ereK

eep p

eop

le wo

rkingComplete Security at Work

LiveProtection

Layered Protection

8 Questions to ask your vendor…

1. How do we stop sensitive data from falling into the wrong hands?

2. How can we ensure staff is not leaking data out of our organization?

3. How can we prevent users from infecting themselves with USB sticks?

4. How do you protect offsite users from malicious websites?

5. How can we control applications such as VoIP, IM, P2P or games?

6. How can you help ensure systems are patched and up to date?

7. How does your solution help protect us from new and unknown threats?

8. How often do you publish new threat intelligence and how do we get it?

18

Clean up

Automation

Visibility Local self-help

WiFi security

Keep people working

Technical support

Access control

Intrusion prevention

Anti-malware User education

Data Control

Stop attacks and breaches

Firewall

Email encryption

Complete security

Email Data Endpoint Mobile Web Network

Virtualization

Endpoint Web Protection

Mobile Control

Secure branch offices

Encryption for cloud

Free Home use

Mobile app security

Protect everywhere

Web ApplicationFirewall

URL Filtering

Anti-spam Patch Manager

ApplicationControl

Encryption

Device Control

Reduce attack surface

VPN Performance

Better protection, better efficiency, and better value

Small updates

Live ProtectionTamper protection

Complete securityBetter protection, better efficiency, and better value

21

US and Canada 1-866-866-2802

NASales@sophos.com

UK and Worldwide + 44 1235 55 9933

Sales@sophos.com

nakedsecurity.sophos.com

Staying ahead of the curveStaying ahead of the curve

facebook.com/securitybysophos

twitter.com/Sophos_News

Sophos on Google+

linkedin.com/company/sophos