Securing the Human （人を守るセキュリティ）

© Blue Coat Systems, Inc. 2012.

Securing the Human: Challenges and Success Stories

Dr. Hugh Thompson

Chief Security Strategist and Senior Vice President




The Shifting IT Environment


Shift: Attackers

• Attackers are becoming organized and profit-driven • Attackers are turning to a blend of technical and

human attacks • An entire underground economy has been created:

– Meeting place for buyers and sellers (chat rooms, auction sites, etc.)

– What they are trading: vulnerabilities, botnet time, credit

card numbers, PII, … – New ways to exchange of “value” anonymously and in non-

sovereign currency


Shift: Consumerization

• Shift in technology power – from the enterprise to the individual

• Employee-owned devices are now more powerful than company-provided devices

• Rogue/shadow IT is large and growing as individuals now have greater choices with technology


Shift: Growing complexity/credibility of attacks

• It is becoming harder for users to make good security/risk choices

– Bad neighborhoods online are looking like good

neighborhoods online

– Phishing emails use shortened URLS and are

increasingly credible

– Bad URLs coming in from “trusted” sources

• Safety nets are eroding

– Desktop AV often not present or unreliable on BYOD

– New malware being generated quickly, reducing the

effectiveness of AV signatures



WARNING!

SHARKMAGEDDON!!


Behind the numbers

• Worldwide shark attacks rose from 63 to 79 in 2010.

• Much of the increase was due to two very angry sharks in Egypt!


Hackernomics

In the absence of security education or experience, people (customers,

managers, developers, testers, designers) naturally make poor security decisions

with technology Corollary:

Systems need to be easy to use securely and difficult to use

insecurely


© Blue Coat Systems, Inc. 2012. 17


Haccident (hacking accident)

An undesirable or unfortunate happening that occurs unintentionally by users making security mistakes when using technology.




Bob door slide



© Blue Coat Systems, Inc. 2012 24

WebPulse Collaborative Defense

Cloud Service

Proxy SG

Proactive Malnet Tracking

Negative Day Defense

Web & Mobile Application

Controls

Blocks 3.3M Threats Daily

Intelligent

New & Emerging Malware

Multi-dimensional Ratings

for Different Content Types

Real-time Web Filtering in

21 Languages

K9 Proxy AV

Third Party

Packet Shaper

Aware 75 Million Users

Worldwide

One Billion Daily

Requests

Consumer & Enterprise

Cache Flow


Negative Day Defense

Active

Threat Phase

Infrastructure

Phase

Negative Day Defense Continues to Block Malnet Infrastructure

Negative Day Defense Identifies and Blocks New

Components

AV Engines Begin Detection UTM Policy

applied

-30 Days

Dynamic Payload

Changes Domain Attack

Begins

Exploit

Server

0 Day +1 Days +30 Days

Attack

Ends

New Subnet,

IP Address

and Host Name


Enabling the Real-Time Enterprise

Enterprise Apps

Sanctioned by IT

Enterprise Apps Store &

Consumer Style Apps

Mandated by Users

Office-Based Users

on Private WAN

Controlled by IT

Always-on Remote &

Mobile Workers,

Public Access

Applications

Security

Multiple Devices

Owned by Employee

Single Device

Owned by IT Devices

Users &

Networks

Securing the

User

Securing the

Perimeter


Multiple Logins

Required

VPN Error

No Intranet Access Choppy

Video

Inaudible Voice

Malware Exposure


One, Secure

Login

Seamless Access to Apps

Streaming Video & Voice

Malware Protected

Greater Productivity

Fast Response Time



Summary

• The threat landscape is changing – attackers are going after both technical vulnerabilities and human vulnerabilities

• We must be proactive in stopping threats

• Preventing bad user choices is a key component of a comprehensive security solution

Technology

Securing the Human （人を守るセキュリティ）