CCR : Going Beyond CSR Nilesh Jain
Country Sales Director Trend Micro, India
#CLOUDSEC
HACKERS HAVE AN UNDUE ADVANTAGE
Cost of failure is low They know you, you
don’t know them Sophisticated
technology: Big Data Analytics, Machine Learning
They are organized and collaborated.
2 Copyright 2014 Trend Micro Inc.
Victim
The Boss
Mercenary
Attackers
Data Fencing
The Captain Garant
Bullet Proof Hoster
CRIME SYNDICATE (SIMPLIFIED)
$4
Victim Blackhat SEO
Attacker
$10
Attacker
Keywords
(Botherder) $2
Compromised
Sites (Hacker)
$6 $10
Programmer $10
Cryptor
$10 Virtest
$5
Worm
Exploit Kit
Bot Reseller $1 $1
$1
Traffic
Direction
System $5
Garant $10
SQL Injection
Kit
$3
Carder $4
Money Mule
Droppers $1
Card Creator $2
Bullet Proof
Hoster
$5
CRIME SYNDICATE (DETAILED)
HAVE YOU HEARD THIS NAMES ?
• Santrex
• Maccolo
• Troyak
and Many more…
They are all Bulletproof hosters
Copyright 2014 Trend Micro Inc. 5
DATA SCIENCE IS MULTIDISCIPLINARY
http://eduardoarea.blogspot.tw/2012/11/el-camino-de-un-data-scientist.html
LETS CALCULATE ROI
7 Copyright 2014 Trend Micro Inc.
ROI for deploying security to large Enteprises: around 50% to 200%
ROI for companies providing security solutions: around 40% to 200%
ROI for cyber hackers:: 1000% to 1500%
Lower Hackers ROI.
BEATING THE SMART HACKERS- REDUCING THEIR ROI
• Apart from Detection, Prevention and Remediation, focus on Intentions.
• Kill their intentions: Mostly Money
• Decrease their ROI by making their job difficult.
• Keep the system Patched.
• Continuous monitoring for systems and network.
Copyright 2014 Trend Micro Inc. 8
BATTLE IS RAGING…
Need to deploy sophisticated technology
But need to address people piece of the same.
Collaboration in cyber security space is the tool to fight.
Law enforcement agency, Security vendors, Consultants and enterprises need to work together.
This demand Corporate Cyber Responsibility
9 Copyright 2014 Trend Micro Inc.
CORPORATE CYBER RESPONSIBILITY
• CSR- company act 2013 from 1st april,2014 but CSR is yet to evolve
• Collaboration is the key- other corporates, Security consultants, Government and Law enforcement agency
• Your network is not breeding ground for bots and Malwares to infect other network
• Don’t pay ransom
• Work with Law Enforcement Agency
• Share the information with suitable forum
• Educate and train your supply chain partners too beyond employee
Copyright 2014 Trend Micro Inc. 10
11 Copyright 2014 Trend Micro Inc.
HOW TREND MICRO DOES IT ?
As a strategic partner of INTERPOL Trend Micro will collaborate
with them in the fight against cybercrimes. Trend Micro will be
committed to prevent fierce cybercrimes through the Public-
Private Partnerships (PPP), which utilizes the strengths of both
organizations.
Trend Micro is working closely with the INTERPOL with smooth
cooperative framework by providing security researchers to
support them directly.
Work with Leading Social Networking sites like Facebook to
make them safe.
Work with Local Law enforcement agencies to track down the
group of Hackers.
Monitor
Detect
Analyse
Compile
Forward
Action
Intel Repor
Member Countries
COOPERATION WITH TREND MICRO
• Lets Join hands to fight the CYBER Criminals
Confidential | Copyright 2012 TrendMicro Inc. 13
Nilesh Jain Country Sales Director Trend Micro
#CLOUDSEC