SlideShare a Scribd company logo

ISTR Volume 18

Symantec
Symantec

Symantec's Internet Security Threat Report, Volume 18 revealed a 42 percent surge during 2012 in targeted attacks compared to the prior year. Designed to steal intellectual property, these targeted cyberespionage attacks are increasingly hitting the manufacturing sector as well as small businesses, which are the target of 31 percent of these attacks. Small businesses are attractive targets themselves and a way in to ultimately reach larger companies via “watering hole” techniques. In addition, consumers remain vulnerable to ransomware and mobile threats, particularly on the Android platform.

Technology
1 of 39
ISTR 2013 Overview
TARGETED ATTACKS Internet Security Threat Report 2013 :: Volume 18 2
Targeted Attacks in 2012 Internet Security Threat Report 2013 :: Volume 18 3
Targeted Attacks by Industry Manufacturing 24% Finance, Insurance & Real Estate 19% Services – Non-Traditional 17% Government 12% Energy/Utilities 10% Services – Professional 8% Wholesale 2% Retail 2% Aerospace 2% Transportation, 1% Communications, Electric, Gas 0% 5% 10% 15% 20% 25% 30% Manufacturing moved to top position in 2012 But all industries are targeted Internet Security Threat Report 2013 :: Volume 18 4
Targeted Attacks by Company Size 50% 2,501+ 50% 1 to 2,500 Employees 9% 1,501 to 2,500 2,501+ 2% 1,001 to 1,500 3% 501 to 1,000 5% 251 to 500 50% 31% 31% 1 to 250 growth since 2011 Greatest growth in 2012 is at companies with <250 employees Internet Security Threat Report 2013 :: Volume 18 5
Targeted Attacks by Job Function 30% R&D 27% Sales 25% 24% 20% C-Level 17% Shared Mailbox 15% Senior 13% 12% 10% Recruitment Media 5% 4% 3% PA 1% 0% Attacks may start with the ultimate target, but often look opportunistically for any entry into a company Internet Security Threat Report 2013 :: Volume 18 6
Spear Phishing Watering Hole Attack Send an email to a person Infect a website and lie of interest in wait for them Targeted Attacks predominantly start as spear phishing attacks In 2012, Watering Hole Attacks emerged (popularized by the Elderwood Gang) Internet Security Threat Report 2013 :: Volume 18 7
Effectiveness of Watering Hole Attacks Watering Hole Infected 500 All Within Attack in 2012 Companies 24 Hours Watering Hole attacks are targeted at specific groups Can capture a large number of victims in a very short time Internet Security Threat Report 2013 :: Volume 18 8
Recent Example of Watering Hole Attack In 2013 this type of attack will become widely used Several high profile companies fell victim to just such an attack Internet Security Threat Report 2013 :: Volume 18 9
Watering Hole Targeted iOS Developers In 2013 this type of attack will become widely used Several high profile companies fell victim to just such an attack Internet Security Threat Report 2013 :: Volume 18 10
Thwarting Targeted Attacks • Human Intelligence regarding active and anticipated attack campaigns, targeted Security Intelligence attacks, and emerging threats • Use full capabilities of monitoring solutions to provide full visibility into security Holistic Security Monitoring posture and events across the entire enterprise footprint Removable Media Device • Restrict removable devices and functions to prevent malware infection Control Email & Web Gateway Filtering • Scan and monitor inbound/outbound email and web traffic and block accordingly • Discover data spills of confidential information that are targeted by attackers Data Loss Prevention • Detect and prevent exfiltration of confidential information that are targeted by attackers Encryption • Create and enforce security policies so all confidential information is encrypted Incident Preparedness & • Ensure formal Incident Response capabilities are in place and fully tested • Conduct periodic penetration tests and red-team exercises to evaluate defense Response and response capabilities from the perspective of an attacker Internet Security Threat Report 2013 :: Volume 18 11
SPAM TRENDS Internet Security Threat Report 2013 :: Volume 18 12
Spam Decline 79% January 2011 Global Spam Rates 2011-2012 69% 90% October 2012 80% 70% 60% 50% 40% 30% 20% 10% 0% Jan- Apr Jul Oct Jan- Apr Jul Oct 11 12 Spam has declined for second year in a row (as % of email) Botnet takedowns continue to have an affect Internet Security Threat Report 2013 :: Volume 18 13
Pharmaceutical Spam Decline Pharmaceutical Spam Rates 2011-2012 70% 60% 50% 40% 30% 20% 10% 0% Jan- Apr Jul Oct Jan- Apr Jul Oct 11 12 Internet Security Threat Report 2013 :: Volume 18 14
The Risk of Spam Continues 1 in 414 1 in 283 Emails are a phishing attack Emails are a malware attack of all email is spam Internet Security Threat Report 2013 :: Volume 18 15
Thwarting Spam-borne Attacks: Defense • Human Intelligence regarding active and anticipated attack campaigns, targeted Security Intelligence attacks, and emerging threats Email & Web Gateway Filtering • Scan and monitor inbound/outbound email and web traffic and block accordingly • Detect and block new and unknown threats based on global reputation Advanced Reputation Security and ranking • Use more than just AV – use full functionality of endpoint protection including Layered Endpoint Protection heuristics, reputation-based, behavior-based and other technologies • Restrict removable devices and turn off auto-run to prevent malware infection Holistic Network Monitoring • Monitor globally for network intrusions, propagation attempts and other suspicious traffic patterns, including using reputation-based technologies & Layered Defenses • Network protection is more than just blacklisting • Ensure employees become the first line of defense against socially engineered Security Awareness Training attacks, such as phishing, spear phishing, and other types of attacks Internet Security Threat Report 2013 :: Volume 18 16
VULNERABILITIES Internet Security Threat Report 2013 :: Volume 18 17
Zero-Day Vulnerabilities 16 14 15 14 14 12 13 Total Volume 12 Stuxnet 10 Elderwood 8 9 8 6 2 4 4 4 3 2 0 2006 2007 2008 2009 2010 2011 2012 One group can significantly affect yearly numbers Elderwood Gang drove the rise in zero-day vulnerabilities Internet Security Threat Report 2013 :: Volume 18 18
All Vulnerabilities 7,000 6,000 6,253 5,562 5,000 5,291 4,842 4,989 4,644 4,814 4,000 3,000 2,000 1,000 0 2006 2007 2008 2009 2010 2011 2012 No significant rise or fall in discovery of new vulnerabilities in last 6 years Internet Security Threat Report 2013 :: Volume 18 19
30% Increase in web attacks blocked… 247,350 190,370 2011 2012 Internet Security Threat Report 2013 :: Volume 18 20
Our Websites are Being Used Against Us 53% 61% of legitimate websites have unpatched vulnerabilities of web sites serving malware are legitimate sites 25% have critical vulnerabilities unpatched Internet Security Threat Report 2013 :: Volume 18 21
Our Websites are Being Used Against Us In 2012, one threat infected more than 1 million websites Its payload was FakeAV The next time it’s likely to be ransomware Internet Security Threat Report 2013 :: Volume 18 22
Internet Security Threat Report 2013 :: Volume 18 23
Internet Security Threat Report 2013 :: Volume 18 24
Ransomware Number of criminal gangs Estimated amount extorted involved in this cybercrime from victims in 2012 Average number of attacks seen from one threat in 18 day period Internet Security Threat Report 2013 :: Volume 18 25
Protecting Against Vulnerabilities: Defense Vulnerability • Routine, frequent vulnerability assessments and penetrations tests to identify vulnerabilities in applications, systems, and mobile devices Management Program • Formal process for addressing identified vulnerabilities Configuration & Patch • Ensure all operating system and application patches are evaluated and deployed in a timely manner Management Program • Ensure adherence to formal, secure configuration standards • Leverage application virtualization technologies to reduce risk when legacy web Application Virtualization browsers and older versions of 3rd party applications like JAVA or Adobe Reader must be used for compatibility reasons Advanced Reputation Security • Detect and block new and unknown threats based on global reputation and ranking • Use more than just AV – use full functionality of endpoint protection including Layered Endpoint Protection heuristics, reputation-based, behavior-based and other technologies • Restrict removable devices and turn off auto-run to prevent malware infection • Monitor globally for network intrusions, propagation attempts and other Layered Network Protection suspicious traffic patterns, including using reputation-based technologies • Network protection is more than just blacklisting Internet Security Threat Report 2013 :: Volume 18 26
MOBILE TRENDS Internet Security Threat Report 2013 :: Volume 18 27
Android Malware Growth 200 5,000 180 4,500 160 4,000 140 3,500 120 3,000 100 2,500 80 2,000 60 1,500 40 1,000 20 500 0 0 Jan Apr Jul Oct Jan Apr Jul Oct '11 '12 Cumulative Android Families 2011-2012 Cumulative Android Variants 2011-2012 Internet Security Threat Report 2013 :: Volume 18 28
Vulnerabilities & Mobile Malware Platform Vulnerabilities Device Type # of Threats Apple iOS 387 Apple iOS Malware 1 Android 13 Android Malware 103 Blackberry 13 Symbian Malware 3 Windows Mobile 2 Windows Malware 1 Today there is no significant link between mobile OS vulnerabilities and exploitation by malware In the future that may change Internet Security Threat Report 2013 :: Volume 18 29
What Does Mobile Malware Do? Mobile Threats by Type Steal Information 32% Traditional Threats 25% Track User 15% Send Content 13% Adware/Annoyance 8% Reconfigure device 8% 0% 5% 10% 15% 20% 25% 30% 35% Internet Security Threat Report 2013 :: Volume 18 30
Information Stealing Malware Android.Sumzand 1. User received email with link to download app 2. Steals contact information 3. Harvested email addressed used to spam threat to others Internet Security Threat Report 2013 :: Volume 18 31
Mitigating Mobile Threats • Remotely wipe devices in case of theft or loss Device Management • Update devices with applications as needed without physical access • Get visibility and control of devices, users and applications • Guard mobile device against malware and spam Device Security • Prevent the device from becoming a vulnerability • Enforce compliance across organization, including security standards & passwords • Identify confidential data on mobile devices and use technologies to prevent future exposure Content Security • Protect data from moving between applications • Encrypt mobile devices to prevent lost devices from turning into lost confidential data • Provide strong authentication and authorization for access to enterprise Identity and Access applications and resources • Ensure safe access to enterprise resources from right devices with right postures Mobile Application • Use application management capabilities to protect sensitive data in BYOD scenarios or where full MDM capabilities are undesirable Management Internet Security Threat Report 2013 :: Volume 18 32
MAC MALWARE Internet Security Threat Report 2013 :: Volume 18 33
Mac Malware Trend 10 new Mac families of malware in 2012 6 4 3 3 1 2007 2008 2009 2010 2011 2012 Internet Security Threat Report 2013 :: Volume 18 34
Mac Malware Only 2.5% of threats found on Macs are Mac malware Internet Security Threat Report 2013 :: Volume 18 35
Flashback But in 2012 1 Mac Threat infected 600,000 machines Internet Security Threat Report 2013 :: Volume 18 36
Thwarting Mac Attacks: Defense Layered Endpoint Protection • Use robust endpoint protection on your Macs – they are not immune to malware • Monitor globally for network intrusions, propagation attempts and other Layered Network Protection suspicious traffic patterns, including using reputation-based technologies • Network protection is more than just blacklisting • Ensure employees become the first line of defense against socially engineered Security Awareness Training attacks, such as phishing, spear phishing, and other types of attacks Configuration & Patch • Ensure all operating system and application patches are evaluated and deployed in a timely manner Management Program • Ensure adherence to formal, secure configuration standards Internet Security Threat Report 2013 :: Volume 18 37
Stay Informed symantec.com/threatreport Security Response Website Twitter.com/threatintel Internet Security Threat Report 2013 :: Volume 18 38
Thank you! INSERT PRESENTER INFORMATION HERE Copyright © 2013 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. 04/13 21284433 This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Internet Security Threat Report 2013 :: Volume 18 39

Recommended

Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012
Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012
Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012Symantec
 
Symantec Internet Security Threat Report 2014 - Volume 19
Symantec Internet Security Threat Report 2014 - Volume 19Symantec Internet Security Threat Report 2014 - Volume 19
Symantec Internet Security Threat Report 2014 - Volume 19Symantec
 
RSA 2013 Session: Mobile Security Smackdown: How Government “Pwned” The Priva...
RSA 2013 Session: Mobile Security Smackdown: How Government “Pwned” The Priva...RSA 2013 Session: Mobile Security Smackdown: How Government “Pwned” The Priva...
RSA 2013 Session: Mobile Security Smackdown: How Government “Pwned” The Priva...Symantec
 
Symantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec
 
Symantec Security Refresh Webinar
Symantec Security Refresh WebinarSymantec Security Refresh Webinar
Symantec Security Refresh WebinarArrow ECS UK
 
Implementing security on android application
Implementing security on android applicationImplementing security on android application
Implementing security on android applicationIAEME Publication
 
Ey giss-under-cyber-attack
Ey giss-under-cyber-attackEy giss-under-cyber-attack
Ey giss-under-cyber-attackКомсс Файквэе
 
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...Symantec
 

Recommended

Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012
Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012
Symantec Internet Security Threat Report 2011 Trends Volume 17 April 2012Symantec
 
Symantec Internet Security Threat Report 2014 - Volume 19
Symantec Internet Security Threat Report 2014 - Volume 19Symantec Internet Security Threat Report 2014 - Volume 19
Symantec Internet Security Threat Report 2014 - Volume 19Symantec
 
RSA 2013 Session: Mobile Security Smackdown: How Government “Pwned” The Priva...
RSA 2013 Session: Mobile Security Smackdown: How Government “Pwned” The Priva...RSA 2013 Session: Mobile Security Smackdown: How Government “Pwned” The Priva...
RSA 2013 Session: Mobile Security Smackdown: How Government “Pwned” The Priva...Symantec
 
Symantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec's Internet Security Threat Report for the Government Sector
Symantec's Internet Security Threat Report for the Government SectorSymantec
 
Symantec Security Refresh Webinar
Symantec Security Refresh WebinarSymantec Security Refresh Webinar
Symantec Security Refresh WebinarArrow ECS UK
 
Implementing security on android application
Implementing security on android applicationImplementing security on android application
Implementing security on android applicationIAEME Publication
 
Ey giss-under-cyber-attack
Ey giss-under-cyber-attackEy giss-under-cyber-attack
Ey giss-under-cyber-attackКомсс Файквэе
 
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...
Internet Security Threat Report 2014 :: Volume 19 Appendices - The hardcore n...Symantec
 
Istr19 en
Istr19 enIstr19 en
Istr19 enAnjoum .
 
5 main trends in cyber security for 2020
5 main trends in cyber security for 20205 main trends in cyber security for 2020
5 main trends in cyber security for 2020Agnieszka Guźniczak-Beim
 
Mobile threat report_q3_2013
Mobile threat report_q3_2013Mobile threat report_q3_2013
Mobile threat report_q3_2013Комсс Файквэе
 
Symantec Report On Rogue Security Software
Symantec Report On Rogue Security SoftwareSymantec Report On Rogue Security Software
Symantec Report On Rogue Security SoftwareSymantec
 
Scansafe Annual Global Threat Report 2009
Scansafe Annual Global Threat Report 2009Scansafe Annual Global Threat Report 2009
Scansafe Annual Global Threat Report 2009Kim Jensen
 
Mobile malware and enterprise security v 1.2_0
Mobile malware and enterprise security v 1.2_0Mobile malware and enterprise security v 1.2_0
Mobile malware and enterprise security v 1.2_0Javier Gonzalez
 
Mobile security hakin9_Revista
Mobile security hakin9_RevistaMobile security hakin9_Revista
Mobile security hakin9_Revistathe_ro0t
 
Symantec Website Security Threat Report 2014 - RapidSSLOnline
Symantec Website Security Threat Report 2014 - RapidSSLOnlineSymantec Website Security Threat Report 2014 - RapidSSLOnline
Symantec Website Security Threat Report 2014 - RapidSSLOnlineRapidSSLOnline.com
 
Enabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMSEnabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMSPaul Walsh
 
IBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence IndexIBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence IndexAndreanne Clarke
 
Istr number 23 internet security threat repor 2018 symantec
Istr number 23 internet security threat repor 2018 symantecIstr number 23 internet security threat repor 2018 symantec
Istr number 23 internet security threat repor 2018 symantecSoluciona Facil
 
Symantec Intelligence Report
Symantec Intelligence ReportSymantec Intelligence Report
Symantec Intelligence ReportSymantec
 
11 Reasons Why Your Company Could Be In Danger
11 Reasons Why Your Company Could Be In Danger11 Reasons Why Your Company Could Be In Danger
11 Reasons Why Your Company Could Be In DangerCopper Mobile, Inc.
 
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” WorldTrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” WorldInfinigate Group
 
Grift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a rideGrift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a rideRoen Branham
 
Lessons v on fraud awareness (digital forensics) [autosaved]
Lessons v on fraud awareness (digital forensics) [autosaved]Lessons v on fraud awareness (digital forensics) [autosaved]
Lessons v on fraud awareness (digital forensics) [autosaved]Kolluru N Rao
 
Symantec Intelligence Report - Oct 2015
Symantec Intelligence Report - Oct 2015Symantec Intelligence Report - Oct 2015
Symantec Intelligence Report - Oct 2015CheapSSLUSA
 
Digital Threat Landscape
Digital Threat LandscapeDigital Threat Landscape
Digital Threat LandscapeQuick Heal Technologies Ltd.
 
Symantec Cyber Security Intelligence Report
Symantec Cyber Security Intelligence ReportSymantec Cyber Security Intelligence Report
Symantec Cyber Security Intelligence ReportSymantec
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shiftsmalvvv
 
Mobile Learning - A Quick Start Guide
Mobile Learning - A Quick Start GuideMobile Learning - A Quick Start Guide
Mobile Learning - A Quick Start GuideUpside Learning Solutions
 
Why content curation is a new form of communication
Why content curation is a new form of communicationWhy content curation is a new form of communication
Why content curation is a new form of communicationScoop.it
 

More Related Content

What's hot

Symantec Report On Rogue Security Software
Symantec Report On Rogue Security SoftwareSymantec Report On Rogue Security Software
Symantec Report On Rogue Security SoftwareSymantec
 
Scansafe Annual Global Threat Report 2009
Scansafe Annual Global Threat Report 2009Scansafe Annual Global Threat Report 2009
Scansafe Annual Global Threat Report 2009Kim Jensen
 
Mobile malware and enterprise security v 1.2_0
Mobile malware and enterprise security v 1.2_0Mobile malware and enterprise security v 1.2_0
Mobile malware and enterprise security v 1.2_0Javier Gonzalez
 
Mobile security hakin9_Revista
Mobile security hakin9_RevistaMobile security hakin9_Revista
Mobile security hakin9_Revistathe_ro0t
 
Symantec Website Security Threat Report 2014 - RapidSSLOnline
Symantec Website Security Threat Report 2014 - RapidSSLOnlineSymantec Website Security Threat Report 2014 - RapidSSLOnline
Symantec Website Security Threat Report 2014 - RapidSSLOnlineRapidSSLOnline.com
 
Enabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMSEnabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMSPaul Walsh
 
IBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence IndexIBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence IndexAndreanne Clarke
 
Istr number 23 internet security threat repor 2018 symantec
Istr number 23 internet security threat repor 2018 symantecIstr number 23 internet security threat repor 2018 symantec
Istr number 23 internet security threat repor 2018 symantecSoluciona Facil
 
Symantec Intelligence Report
Symantec Intelligence ReportSymantec Intelligence Report
Symantec Intelligence ReportSymantec
 
11 Reasons Why Your Company Could Be In Danger
11 Reasons Why Your Company Could Be In Danger11 Reasons Why Your Company Could Be In Danger
11 Reasons Why Your Company Could Be In DangerCopper Mobile, Inc.
 
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” WorldTrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” WorldInfinigate Group
 
Grift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a rideGrift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a rideRoen Branham
 
Lessons v on fraud awareness (digital forensics) [autosaved]
Lessons v on fraud awareness (digital forensics) [autosaved]Lessons v on fraud awareness (digital forensics) [autosaved]
Lessons v on fraud awareness (digital forensics) [autosaved]Kolluru N Rao
 
Symantec Intelligence Report - Oct 2015
Symantec Intelligence Report - Oct 2015Symantec Intelligence Report - Oct 2015
Symantec Intelligence Report - Oct 2015CheapSSLUSA
 
Symantec Cyber Security Intelligence Report
Symantec Cyber Security Intelligence ReportSymantec Cyber Security Intelligence Report
Symantec Cyber Security Intelligence ReportSymantec
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shiftsmalvvv
 

What's hot (20)

Istr19 en
Istr19 enIstr19 en
Istr19 en
 
5 main trends in cyber security for 2020
5 main trends in cyber security for 20205 main trends in cyber security for 2020
5 main trends in cyber security for 2020
 
Mobile threat report_q3_2013
Mobile threat report_q3_2013Mobile threat report_q3_2013
Mobile threat report_q3_2013
 
Symantec Report On Rogue Security Software
Symantec Report On Rogue Security SoftwareSymantec Report On Rogue Security Software
Symantec Report On Rogue Security Software
 
Scansafe Annual Global Threat Report 2009
Scansafe Annual Global Threat Report 2009Scansafe Annual Global Threat Report 2009
Scansafe Annual Global Threat Report 2009
 
Mobile malware and enterprise security v 1.2_0
Mobile malware and enterprise security v 1.2_0Mobile malware and enterprise security v 1.2_0
Mobile malware and enterprise security v 1.2_0
 
Mobile security hakin9_Revista
Mobile security hakin9_RevistaMobile security hakin9_Revista
Mobile security hakin9_Revista
 
Symantec Website Security Threat Report 2014 - RapidSSLOnline
Symantec Website Security Threat Report 2014 - RapidSSLOnlineSymantec Website Security Threat Report 2014 - RapidSSLOnline
Symantec Website Security Threat Report 2014 - RapidSSLOnline
 
Enabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMSEnabling a Zero Trust strategy for SMS
Enabling a Zero Trust strategy for SMS
 
IBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence IndexIBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence Index
 
Istr number 23 internet security threat repor 2018 symantec
Istr number 23 internet security threat repor 2018 symantecIstr number 23 internet security threat repor 2018 symantec
Istr number 23 internet security threat repor 2018 symantec
 
Symantec Intelligence Report
Symantec Intelligence ReportSymantec Intelligence Report
Symantec Intelligence Report
 
11 Reasons Why Your Company Could Be In Danger
11 Reasons Why Your Company Could Be In Danger11 Reasons Why Your Company Could Be In Danger
11 Reasons Why Your Company Could Be In Danger
 
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” WorldTrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
TrendLabs 2012 Annual Security Roundup: Evolved Threats in a “Post-PC” World
 
Grift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a rideGrift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a ride
 
Lessons v on fraud awareness (digital forensics) [autosaved]
Lessons v on fraud awareness (digital forensics) [autosaved]Lessons v on fraud awareness (digital forensics) [autosaved]
Lessons v on fraud awareness (digital forensics) [autosaved]
 
Symantec Intelligence Report - Oct 2015
Symantec Intelligence Report - Oct 2015Symantec Intelligence Report - Oct 2015
Symantec Intelligence Report - Oct 2015
 
Digital Threat Landscape
Digital Threat LandscapeDigital Threat Landscape
Digital Threat Landscape
 
Symantec Cyber Security Intelligence Report
Symantec Cyber Security Intelligence ReportSymantec Cyber Security Intelligence Report
Symantec Cyber Security Intelligence Report
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
 

Viewers also liked

Why content curation is a new form of communication
Why content curation is a new form of communicationWhy content curation is a new form of communication
Why content curation is a new form of communicationScoop.it
 
Idées d'usages pédagogiques de twitter
Idées d'usages pédagogiques de twitterIdées d'usages pédagogiques de twitter
Idées d'usages pédagogiques de twitterPedago Lu
 
Driving Innovation in Public Education
Driving Innovation in Public EducationDriving Innovation in Public Education
Driving Innovation in Public EducationChris Kennedy
 
Preparing our students for Web 3.0 learning
Preparing our students for Web 3.0 learningPreparing our students for Web 3.0 learning
Preparing our students for Web 3.0 learningJudy O'Connell
 
Leading in Context Manifesto
Leading in Context ManifestoLeading in Context Manifesto
Leading in Context Manifesto7Lenses
 
Introduction to Slide Design: 7 Rules for Creating Effective Slides
Introduction to Slide Design: 7 Rules for Creating Effective SlidesIntroduction to Slide Design: 7 Rules for Creating Effective Slides
Introduction to Slide Design: 7 Rules for Creating Effective SlidesAlex Rister
 
Curriculum 2.0 - A 21st century literacy curriculum
Curriculum 2.0 - A 21st century literacy curriculumCurriculum 2.0 - A 21st century literacy curriculum
Curriculum 2.0 - A 21st century literacy curriculumJustin Medved
 
Take Charge of Your Digital Life
Take Charge of Your Digital LifeTake Charge of Your Digital Life
Take Charge of Your Digital Lifeemilyensign
 
From Information Literacy to Transliteracy: Preparing our Students for Open L...
From Information Literacy to Transliteracy: Preparing our Students for Open L...From Information Literacy to Transliteracy: Preparing our Students for Open L...
From Information Literacy to Transliteracy: Preparing our Students for Open L...Dana Longley
 
Survival of the Savviest: Content Curation & Professional Development
Survival of the Savviest: Content Curation & Professional DevelopmentSurvival of the Savviest: Content Curation & Professional Development
Survival of the Savviest: Content Curation & Professional DevelopmentScoop.it
 
Build your Personal Learning Environment
Build your Personal Learning EnvironmentBuild your Personal Learning Environment
Build your Personal Learning EnvironmentAlexander Mikroyannidis
 
Learning In The 21st Century
Learning In The 21st CenturyLearning In The 21st Century
Learning In The 21st CenturyJennifer Dorman
 
The 21st Century Learner SlideShare
The 21st Century Learner SlideShareThe 21st Century Learner SlideShare
The 21st Century Learner SlideSharewilemmed
 
Equip and Empower Every Student for Success
Equip and Empower Every Student for SuccessEquip and Empower Every Student for Success
Equip and Empower Every Student for SuccessKarenJan
 
Creating joyful learning within a democratic classroom
Creating joyful learning within a democratic classroomCreating joyful learning within a democratic classroom
Creating joyful learning within a democratic classroomrohadimpd
 

Viewers also liked (20)

Mobile Learning - A Quick Start Guide
Mobile Learning - A Quick Start GuideMobile Learning - A Quick Start Guide
Mobile Learning - A Quick Start Guide
 
Why content curation is a new form of communication
Why content curation is a new form of communicationWhy content curation is a new form of communication
Why content curation is a new form of communication
 
Idées d'usages pédagogiques de twitter
Idées d'usages pédagogiques de twitterIdées d'usages pédagogiques de twitter
Idées d'usages pédagogiques de twitter
 
Driving Innovation in Public Education
Driving Innovation in Public EducationDriving Innovation in Public Education
Driving Innovation in Public Education
 
Learning2learn
Learning2learnLearning2learn
Learning2learn
 
Preparing our students for Web 3.0 learning
Preparing our students for Web 3.0 learningPreparing our students for Web 3.0 learning
Preparing our students for Web 3.0 learning
 
Leading in Context Manifesto
Leading in Context ManifestoLeading in Context Manifesto
Leading in Context Manifesto
 
Introduction to Slide Design: 7 Rules for Creating Effective Slides
Introduction to Slide Design: 7 Rules for Creating Effective SlidesIntroduction to Slide Design: 7 Rules for Creating Effective Slides
Introduction to Slide Design: 7 Rules for Creating Effective Slides
 
Curation web
Curation webCuration web
Curation web
 
Curriculum 2.0 - A 21st century literacy curriculum
Curriculum 2.0 - A 21st century literacy curriculumCurriculum 2.0 - A 21st century literacy curriculum
Curriculum 2.0 - A 21st century literacy curriculum
 
Take Charge of Your Digital Life
Take Charge of Your Digital LifeTake Charge of Your Digital Life
Take Charge of Your Digital Life
 
From Information Literacy to Transliteracy: Preparing our Students for Open L...
From Information Literacy to Transliteracy: Preparing our Students for Open L...From Information Literacy to Transliteracy: Preparing our Students for Open L...
From Information Literacy to Transliteracy: Preparing our Students for Open L...
 
Survival of the Savviest: Content Curation & Professional Development
Survival of the Savviest: Content Curation & Professional DevelopmentSurvival of the Savviest: Content Curation & Professional Development
Survival of the Savviest: Content Curation & Professional Development
 
Build your Personal Learning Environment
Build your Personal Learning EnvironmentBuild your Personal Learning Environment
Build your Personal Learning Environment
 
Learning In The 21st Century
Learning In The 21st CenturyLearning In The 21st Century
Learning In The 21st Century
 
The 21st Century Learner SlideShare
The 21st Century Learner SlideShareThe 21st Century Learner SlideShare
The 21st Century Learner SlideShare
 
Equip and Empower Every Student for Success
Equip and Empower Every Student for SuccessEquip and Empower Every Student for Success
Equip and Empower Every Student for Success
 
Creating joyful learning within a democratic classroom
Creating joyful learning within a democratic classroomCreating joyful learning within a democratic classroom
Creating joyful learning within a democratic classroom
 
RES2016406
RES2016406RES2016406
RES2016406
 
21st century LEARNER
21st century LEARNER21st century LEARNER
21st century LEARNER
 

Similar to ISTR Volume 18

Attackers Vs. Defenders: Restoring the Equilibrium
Attackers Vs. Defenders: Restoring the EquilibriumAttackers Vs. Defenders: Restoring the Equilibrium
Attackers Vs. Defenders: Restoring the EquilibriumRadware
 
The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012
The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012
The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012Lumension
 
Who\'s Next? Patterns and Trends in Targeted Attacks.
Who\'s Next? Patterns and Trends in Targeted Attacks.Who\'s Next? Patterns and Trends in Targeted Attacks.
Who\'s Next? Patterns and Trends in Targeted Attacks.martin_lee1969
 
Proofpoint Outbound/DLP Survey Results
Proofpoint Outbound/DLP Survey ResultsProofpoint Outbound/DLP Survey Results
Proofpoint Outbound/DLP Survey Resultsshapetech
 
SMBs: The Threat Ahead
SMBs: The Threat AheadSMBs: The Threat Ahead
SMBs: The Threat Aheadmartin_lee1969
 
Edgescan vulnerability stats report 2020
Edgescan vulnerability stats report 2020Edgescan vulnerability stats report 2020
Edgescan vulnerability stats report 2020Eoin Keary
 
EndpointSecurityConcerns2014
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014Peggy Lawless
 
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...International Federation of Accountants
 
Developing Your Security Foundation: A Guide for Nonprofits During the Pandem...
Developing Your Security Foundation: A Guide for Nonprofits During the Pandem...Developing Your Security Foundation: A Guide for Nonprofits During the Pandem...
Developing Your Security Foundation: A Guide for Nonprofits During the Pandem...TechSoup
 
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the BoardroomSecuring the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the BoardroomIBM Security
 
Web Application Security: Connecting the Dots
Web Application Security: Connecting the DotsWeb Application Security: Connecting the Dots
Web Application Security: Connecting the DotsInnoTech
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSantiago Cavanna
 
The Internet Is a Dog-Eat-Dog World, and Your App Is Clad in Milk-Bone Underwear
The Internet Is a Dog-Eat-Dog World, and Your App Is Clad in Milk-Bone UnderwearThe Internet Is a Dog-Eat-Dog World, and Your App Is Clad in Milk-Bone Underwear
The Internet Is a Dog-Eat-Dog World, and Your App Is Clad in Milk-Bone UnderwearBob Wall
 
Data growth-protection-trends-research-results
Data growth-protection-trends-research-resultsData growth-protection-trends-research-results
Data growth-protection-trends-research-resultsAccenture
 

Similar to ISTR Volume 18 (20)

Attackers Vs. Defenders: Restoring the Equilibrium
Attackers Vs. Defenders: Restoring the EquilibriumAttackers Vs. Defenders: Restoring the Equilibrium
Attackers Vs. Defenders: Restoring the Equilibrium
 
The Cyber Threat Landscape
The Cyber Threat LandscapeThe Cyber Threat Landscape
The Cyber Threat Landscape
 
The software-security-risk-report
The software-security-risk-reportThe software-security-risk-report
The software-security-risk-report
 
The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012
The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012
The Shifting State of Endpoint Risk: Key Strategies to Implement in 2012
 
Who\'s Next? Patterns and Trends in Targeted Attacks.
Who\'s Next? Patterns and Trends in Targeted Attacks.Who\'s Next? Patterns and Trends in Targeted Attacks.
Who\'s Next? Patterns and Trends in Targeted Attacks.
 
Proofpoint Outbound/DLP Survey Results
Proofpoint Outbound/DLP Survey ResultsProofpoint Outbound/DLP Survey Results
Proofpoint Outbound/DLP Survey Results
 
Progressive Times - May 2012
Progressive Times - May 2012Progressive Times - May 2012
Progressive Times - May 2012
 
SMBs: The Threat Ahead
SMBs: The Threat AheadSMBs: The Threat Ahead
SMBs: The Threat Ahead
 
Edgescan vulnerability stats report 2020
Edgescan vulnerability stats report 2020Edgescan vulnerability stats report 2020
Edgescan vulnerability stats report 2020
 
EndpointSecurityConcerns2014
EndpointSecurityConcerns2014EndpointSecurityConcerns2014
EndpointSecurityConcerns2014
 
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
Responding to Cybersecurity Threats: What SMEs and Professional Accountants N...
 
Developing Your Security Foundation: A Guide for Nonprofits During the Pandem...
Developing Your Security Foundation: A Guide for Nonprofits During the Pandem...Developing Your Security Foundation: A Guide for Nonprofits During the Pandem...
Developing Your Security Foundation: A Guide for Nonprofits During the Pandem...
 
We present Bugscout
We present BugscoutWe present Bugscout
We present Bugscout
 
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the BoardroomSecuring the C-Suite: Cybersecurity Perspectives from the Boardroom
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
 
Web Application Security: Connecting the Dots
Web Application Security: Connecting the DotsWeb Application Security: Connecting the Dots
Web Application Security: Connecting the Dots
 
Segurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago CavannaSegurinfo2014 Santiago Cavanna
Segurinfo2014 Santiago Cavanna
 
Reputational Risk
Reputational RiskReputational Risk
Reputational Risk
 
The Internet Is a Dog-Eat-Dog World, and Your App Is Clad in Milk-Bone Underwear
The Internet Is a Dog-Eat-Dog World, and Your App Is Clad in Milk-Bone UnderwearThe Internet Is a Dog-Eat-Dog World, and Your App Is Clad in Milk-Bone Underwear
The Internet Is a Dog-Eat-Dog World, and Your App Is Clad in Milk-Bone Underwear
 
Data growth-protection-trends-research-results
Data growth-protection-trends-research-resultsData growth-protection-trends-research-results
Data growth-protection-trends-research-results
 
CyberDen 2020
CyberDen 2020CyberDen 2020
CyberDen 2020
 

More from Symantec

Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec
 

More from Symantec (20)

Symantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of BroadcomSymantec Enterprise Security Products are now part of Broadcom
Symantec Enterprise Security Products are now part of Broadcom
 
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
Symantec Webinar | National Cyber Security Awareness Month: Fostering a Secur...
 
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect ITSymantec Webinar | National Cyber Security Awareness Month: Protect IT
Symantec Webinar | National Cyber Security Awareness Month: Protect IT
 
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure ITSymantec Webinar | National Cyber Security Awareness Month: Secure IT
Symantec Webinar | National Cyber Security Awareness Month: Secure IT
 
Symantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own ITSymantec Webinar | National Cyber Security Awareness Month - Own IT
Symantec Webinar | National Cyber Security Awareness Month - Own IT
 
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
Symantec Webinar: Preparing for the California Consumer Privacy Act (CCPA)
 
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CKSymantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
Symantec Webinar | How to Detect Targeted Ransomware with MITRE ATT&CK
 
Symantec Mobile Security Webinar
Symantec Mobile Security WebinarSymantec Mobile Security Webinar
Symantec Mobile Security Webinar
 
Symantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat ReportSymantec Webinar Cloud Security Threat Report
Symantec Webinar Cloud Security Threat Report
 
Symantec Cloud Security Threat Report
Symantec Cloud Security Threat ReportSymantec Cloud Security Threat Report
Symantec Cloud Security Threat Report
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB Projects
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
 
Symantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year OnSymantec Webinar: GDPR 1 Year On
Symantec Webinar: GDPR 1 Year On
 
Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019Symantec ISTR 24 Webcast 2019
Symantec ISTR 24 Webcast 2019
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front Lines
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
 
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
Symantec Webinar | Redefining Endpoint Security- How to Better Secure the End...
 
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy BearSymantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
Symantec Webinar Using Advanced Detection and MITRE ATT&CK to Cage Fancy Bear
 

Recently uploaded

A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsYoss Cohen
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Karmanjay Verma
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...itnewsafrica
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...itnewsafrica
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxAna-Maria Mihalceanu
 

Recently uploaded (20)

A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platforms
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance Toolbox
 

ISTR Volume 18

  • 2. TARGETED ATTACKS Internet Security Threat Report 2013 :: Volume 18 2
  • 3. Targeted Attacks in 2012 Internet Security Threat Report 2013 :: Volume 18 3
  • 4. Targeted Attacks by Industry Manufacturing 24% Finance, Insurance & Real Estate 19% Services – Non-Traditional 17% Government 12% Energy/Utilities 10% Services – Professional 8% Wholesale 2% Retail 2% Aerospace 2% Transportation, 1% Communications, Electric, Gas 0% 5% 10% 15% 20% 25% 30% Manufacturing moved to top position in 2012 But all industries are targeted Internet Security Threat Report 2013 :: Volume 18 4
  • 5. Targeted Attacks by Company Size 50% 2,501+ 50% 1 to 2,500 Employees 9% 1,501 to 2,500 2,501+ 2% 1,001 to 1,500 3% 501 to 1,000 5% 251 to 500 50% 31% 31% 1 to 250 growth since 2011 Greatest growth in 2012 is at companies with <250 employees Internet Security Threat Report 2013 :: Volume 18 5
  • 6. Targeted Attacks by Job Function 30% R&D 27% Sales 25% 24% 20% C-Level 17% Shared Mailbox 15% Senior 13% 12% 10% Recruitment Media 5% 4% 3% PA 1% 0% Attacks may start with the ultimate target, but often look opportunistically for any entry into a company Internet Security Threat Report 2013 :: Volume 18 6
  • 7. Spear Phishing Watering Hole Attack Send an email to a person Infect a website and lie of interest in wait for them Targeted Attacks predominantly start as spear phishing attacks In 2012, Watering Hole Attacks emerged (popularized by the Elderwood Gang) Internet Security Threat Report 2013 :: Volume 18 7
  • 8. Effectiveness of Watering Hole Attacks Watering Hole Infected 500 All Within Attack in 2012 Companies 24 Hours Watering Hole attacks are targeted at specific groups Can capture a large number of victims in a very short time Internet Security Threat Report 2013 :: Volume 18 8
  • 9. Recent Example of Watering Hole Attack In 2013 this type of attack will become widely used Several high profile companies fell victim to just such an attack Internet Security Threat Report 2013 :: Volume 18 9
  • 10. Watering Hole Targeted iOS Developers In 2013 this type of attack will become widely used Several high profile companies fell victim to just such an attack Internet Security Threat Report 2013 :: Volume 18 10
  • 11. Thwarting Targeted Attacks • Human Intelligence regarding active and anticipated attack campaigns, targeted Security Intelligence attacks, and emerging threats • Use full capabilities of monitoring solutions to provide full visibility into security Holistic Security Monitoring posture and events across the entire enterprise footprint Removable Media Device • Restrict removable devices and functions to prevent malware infection Control Email & Web Gateway Filtering • Scan and monitor inbound/outbound email and web traffic and block accordingly • Discover data spills of confidential information that are targeted by attackers Data Loss Prevention • Detect and prevent exfiltration of confidential information that are targeted by attackers Encryption • Create and enforce security policies so all confidential information is encrypted Incident Preparedness & • Ensure formal Incident Response capabilities are in place and fully tested • Conduct periodic penetration tests and red-team exercises to evaluate defense Response and response capabilities from the perspective of an attacker Internet Security Threat Report 2013 :: Volume 18 11
  • 12. SPAM TRENDS Internet Security Threat Report 2013 :: Volume 18 12
  • 13. Spam Decline 79% January 2011 Global Spam Rates 2011-2012 69% 90% October 2012 80% 70% 60% 50% 40% 30% 20% 10% 0% Jan- Apr Jul Oct Jan- Apr Jul Oct 11 12 Spam has declined for second year in a row (as % of email) Botnet takedowns continue to have an affect Internet Security Threat Report 2013 :: Volume 18 13
  • 14. Pharmaceutical Spam Decline Pharmaceutical Spam Rates 2011-2012 70% 60% 50% 40% 30% 20% 10% 0% Jan- Apr Jul Oct Jan- Apr Jul Oct 11 12 Internet Security Threat Report 2013 :: Volume 18 14
  • 15. The Risk of Spam Continues 1 in 414 1 in 283 Emails are a phishing attack Emails are a malware attack of all email is spam Internet Security Threat Report 2013 :: Volume 18 15
  • 16. Thwarting Spam-borne Attacks: Defense • Human Intelligence regarding active and anticipated attack campaigns, targeted Security Intelligence attacks, and emerging threats Email & Web Gateway Filtering • Scan and monitor inbound/outbound email and web traffic and block accordingly • Detect and block new and unknown threats based on global reputation Advanced Reputation Security and ranking • Use more than just AV – use full functionality of endpoint protection including Layered Endpoint Protection heuristics, reputation-based, behavior-based and other technologies • Restrict removable devices and turn off auto-run to prevent malware infection Holistic Network Monitoring • Monitor globally for network intrusions, propagation attempts and other suspicious traffic patterns, including using reputation-based technologies & Layered Defenses • Network protection is more than just blacklisting • Ensure employees become the first line of defense against socially engineered Security Awareness Training attacks, such as phishing, spear phishing, and other types of attacks Internet Security Threat Report 2013 :: Volume 18 16
  • 17. VULNERABILITIES Internet Security Threat Report 2013 :: Volume 18 17
  • 18. Zero-Day Vulnerabilities 16 14 15 14 14 12 13 Total Volume 12 Stuxnet 10 Elderwood 8 9 8 6 2 4 4 4 3 2 0 2006 2007 2008 2009 2010 2011 2012 One group can significantly affect yearly numbers Elderwood Gang drove the rise in zero-day vulnerabilities Internet Security Threat Report 2013 :: Volume 18 18
  • 19. All Vulnerabilities 7,000 6,000 6,253 5,562 5,000 5,291 4,842 4,989 4,644 4,814 4,000 3,000 2,000 1,000 0 2006 2007 2008 2009 2010 2011 2012 No significant rise or fall in discovery of new vulnerabilities in last 6 years Internet Security Threat Report 2013 :: Volume 18 19
  • 20. 30% Increase in web attacks blocked… 247,350 190,370 2011 2012 Internet Security Threat Report 2013 :: Volume 18 20
  • 21. Our Websites are Being Used Against Us 53% 61% of legitimate websites have unpatched vulnerabilities of web sites serving malware are legitimate sites 25% have critical vulnerabilities unpatched Internet Security Threat Report 2013 :: Volume 18 21
  • 22. Our Websites are Being Used Against Us In 2012, one threat infected more than 1 million websites Its payload was FakeAV The next time it’s likely to be ransomware Internet Security Threat Report 2013 :: Volume 18 22
  • 23. Internet Security Threat Report 2013 :: Volume 18 23
  • 24. Internet Security Threat Report 2013 :: Volume 18 24
  • 25. Ransomware Number of criminal gangs Estimated amount extorted involved in this cybercrime from victims in 2012 Average number of attacks seen from one threat in 18 day period Internet Security Threat Report 2013 :: Volume 18 25
  • 26. Protecting Against Vulnerabilities: Defense Vulnerability • Routine, frequent vulnerability assessments and penetrations tests to identify vulnerabilities in applications, systems, and mobile devices Management Program • Formal process for addressing identified vulnerabilities Configuration & Patch • Ensure all operating system and application patches are evaluated and deployed in a timely manner Management Program • Ensure adherence to formal, secure configuration standards • Leverage application virtualization technologies to reduce risk when legacy web Application Virtualization browsers and older versions of 3rd party applications like JAVA or Adobe Reader must be used for compatibility reasons Advanced Reputation Security • Detect and block new and unknown threats based on global reputation and ranking • Use more than just AV – use full functionality of endpoint protection including Layered Endpoint Protection heuristics, reputation-based, behavior-based and other technologies • Restrict removable devices and turn off auto-run to prevent malware infection • Monitor globally for network intrusions, propagation attempts and other Layered Network Protection suspicious traffic patterns, including using reputation-based technologies • Network protection is more than just blacklisting Internet Security Threat Report 2013 :: Volume 18 26
  • 27. MOBILE TRENDS Internet Security Threat Report 2013 :: Volume 18 27
  • 28. Android Malware Growth 200 5,000 180 4,500 160 4,000 140 3,500 120 3,000 100 2,500 80 2,000 60 1,500 40 1,000 20 500 0 0 Jan Apr Jul Oct Jan Apr Jul Oct '11 '12 Cumulative Android Families 2011-2012 Cumulative Android Variants 2011-2012 Internet Security Threat Report 2013 :: Volume 18 28
  • 29. Vulnerabilities & Mobile Malware Platform Vulnerabilities Device Type # of Threats Apple iOS 387 Apple iOS Malware 1 Android 13 Android Malware 103 Blackberry 13 Symbian Malware 3 Windows Mobile 2 Windows Malware 1 Today there is no significant link between mobile OS vulnerabilities and exploitation by malware In the future that may change Internet Security Threat Report 2013 :: Volume 18 29
  • 30. What Does Mobile Malware Do? Mobile Threats by Type Steal Information 32% Traditional Threats 25% Track User 15% Send Content 13% Adware/Annoyance 8% Reconfigure device 8% 0% 5% 10% 15% 20% 25% 30% 35% Internet Security Threat Report 2013 :: Volume 18 30
  • 31. Information Stealing Malware Android.Sumzand 1. User received email with link to download app 2. Steals contact information 3. Harvested email addressed used to spam threat to others Internet Security Threat Report 2013 :: Volume 18 31
  • 32. Mitigating Mobile Threats • Remotely wipe devices in case of theft or loss Device Management • Update devices with applications as needed without physical access • Get visibility and control of devices, users and applications • Guard mobile device against malware and spam Device Security • Prevent the device from becoming a vulnerability • Enforce compliance across organization, including security standards & passwords • Identify confidential data on mobile devices and use technologies to prevent future exposure Content Security • Protect data from moving between applications • Encrypt mobile devices to prevent lost devices from turning into lost confidential data • Provide strong authentication and authorization for access to enterprise Identity and Access applications and resources • Ensure safe access to enterprise resources from right devices with right postures Mobile Application • Use application management capabilities to protect sensitive data in BYOD scenarios or where full MDM capabilities are undesirable Management Internet Security Threat Report 2013 :: Volume 18 32
  • 33. MAC MALWARE Internet Security Threat Report 2013 :: Volume 18 33
  • 34. Mac Malware Trend 10 new Mac families of malware in 2012 6 4 3 3 1 2007 2008 2009 2010 2011 2012 Internet Security Threat Report 2013 :: Volume 18 34
  • 35. Mac Malware Only 2.5% of threats found on Macs are Mac malware Internet Security Threat Report 2013 :: Volume 18 35
  • 36. Flashback But in 2012 1 Mac Threat infected 600,000 machines Internet Security Threat Report 2013 :: Volume 18 36
  • 37. Thwarting Mac Attacks: Defense Layered Endpoint Protection • Use robust endpoint protection on your Macs – they are not immune to malware • Monitor globally for network intrusions, propagation attempts and other Layered Network Protection suspicious traffic patterns, including using reputation-based technologies • Network protection is more than just blacklisting • Ensure employees become the first line of defense against socially engineered Security Awareness Training attacks, such as phishing, spear phishing, and other types of attacks Configuration & Patch • Ensure all operating system and application patches are evaluated and deployed in a timely manner Management Program • Ensure adherence to formal, secure configuration standards Internet Security Threat Report 2013 :: Volume 18 37
  • 38. Stay Informed symantec.com/threatreport Security Response Website Twitter.com/threatintel Internet Security Threat Report 2013 :: Volume 18 38
  • 39. Thank you! INSERT PRESENTER INFORMATION HERE Copyright © 2013 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. 04/13 21284433 This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Internet Security Threat Report 2013 :: Volume 18 39