WEB OFFICE OF THE CSO - PDF Free Download

2016 年全球威脅報告無懼前行製作呈獻 FORCEPOINT Security Labs

......... 06... WEB... 02 06 10 20... 22 OFFICE OF THE CSO... 25... 29 2016 02

Microsoft Office Forcepoint Security Labs (SI) Office of the CSO (OoCSO)

Forcepoint 2016 Forcepoint Security Labs 1. Forcepoint 5 30% 1 40% 2 2. JAKU Forcepoint (TTP) SI JAKU Locky 3. WEB Web 92% URL 44.7% 20 2016 04

4. (CIO) (CISO) 80% IT 3 5. FORCEPOINT OFFICE OF THE CSO 2015 Forcepoint Office of the CSO (M&A) OoCSO Forcepoint M&A Websense Raytheon Cyber Products (RCP) Stonesoft (NGFW) FORCEPOINT Forcepoint 2016 1 14 Raytheon Company Vista Equity Partners Forcepoint Websense Raytheon Cyber Products Stonesoft Forcepoint Raytheon Raytheon Forcepoint

Forrester 2015 50% 4 ff ff ff ff USB Idaho National Laboratory USB 20% 5 2016 06

1 Raytheon 10 Forcepoint Ponemon Institute 6 2016 3 7 BYOD 2015 15% 8... 9 (PII) 10

Ponemon 11 40% (DLP) IT RFID IP IT ff ff ff ff ff GARTNER 2018 (UBA) 12 25% 2016 08

1 Forrester 13 12 39% 26% 56% 18% Forcepoint (M&A) Forcepoint SureView 30 USB Web Forcepoint SureView 1. FORCEPOINT 2. 3. 4.

IT 14 Forcepoint (TTP) SI SI TTP JAKU 2016 10

2 JAKU JAKU TTP JAKU Forcepoint Security Labs Security Labs Forcepoint 2015 10 JAKU TTP Forcepoint Richard Ford JAKU JAKU 93 348

JAKU 6 BITTORRENT 2016 12

2 19k JAKU 134

JAKU JAKU (IOC) 2016 5 4 Security Labs Forcepoint Kaspersky Dark Hotel (NCA) CERT-UK Europol Interpol FORCEPOINT 1. 15 2. Torrent 3. DEEPRED RAYTHEON FORCEPOINT DEEPRED 2016 8 DEF CON 2 2016 14

2 LOCKY Forcepoint Security Labs 16 SI FORCEPOINT LOCKY Forcepoint Locky Microsoft Office Forcepoint Security Labs Locky 128 AES SQL Locky Security Labs Locky Forcepoint Security Labs Locky (DGA) 17

DGA 14 Forcepoint 30 18 Forcepoint 23 19 20 3 2 5 21 CTB-Locker (C&C Server) Forcepoint 22 23 24 2016 GLOBAL THREAT REPORT 2016 16

2 2016 GLOBAL THREAT REPORT CTB-Locker AES-256 (Teslacrypt) RSA-2048 CryptoLocker CryptoWall FORCEPOINT 1. 2. 3. 4.

(NGFW) NGFW NGFW FORCEPOINT SECURITY LABS 4 5 6 7 Forcepoint Security Labs TOR ff IP IP (IP) RFC 791 25 IP IP 2016 18

2 ff TCP (TCP) RFC 793 26 TCP TCP ff TCP URG RFC 793 TCP (URG) 2016 1. 2. 3. (C&C) 4. 5. FORCEPOINT 1. 2.

WEB % Web 2015 Office Forcepoint Security Labs 2014 250% Dridex 27 28 Web Web 2015 Identity Theft Resource Center 2015 29 2015 f f 91.7% f f 2.34% f f 44.7% Web f f 68.4% 2014 88.5% Forcepoint Microsoft Office 2015 30 2014 2015 Forcepoint 2014 44.7% 2011 74.0% 2012 76.4% 2013 84.0% 2014 88.5% 2015 68.4% 2016 20

3 WEB 1. ZIP 2. SDOS/WINDOWS 3. 4. MICROSOFT WORD 97 5. MHT 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 1. * 3. 5. 7. 2. 4. 6. 8. * 8 FORCEPOINT 1. Web 2. Web 3.

Harvard Business Review Analytic Services 31 85% IT 60% 32 Ponemon 33 2016 22

4 IT f f 8% IT ff 71% IT * * 2015 1

80% IT IT IT 16% 34 IT 34% 35 IT IDG Enterprise 36 CIO 2016 IT CSA STAR Certification 37 FORCEPOINT 1. (DLP) (NGFW) IT 2. IT IT 3. IT Raytheon 38 2016 24

5 OoCSO THE OFFICE OF THE (S&P) 500 84% (IP) 39 IP

FORCEPOINT 2016 1 14 Websense Raytheon Cyber Products Stonesoft NGFW Forcepoint Websense RCP Stonesoft -DAVE BARTON FORCEPOINT CISO 2016 26

5 OoCSO RCP Websense IP Forcepoint Raytheon (M&A) Raytheon Development and Evaluation (CODE) Center Cyber Operations CODE Center Raytheon

IT Forcepoint Websense RCP Stonesoft IT Forcepoint.com M&A 2016 28

Forcepoint 2016 IT 360 Forcepoint Security Labs Office of the CSO

1. Ponemon Institute LLC. 2015 Cost of Cyber Crime Study: Global. October 2015. https://ssl.www8.hp.com/ww/en/secure/pdf/4aa5-5207enw.pdf 2. Ponemon Institute LLC. Privileged User Abuse & The Insider Threat. May 2014. http://www.raytheoncyber.com/rtnwcm/groups/cyber/documents/content/rtn_257010.pdf 3. Anderson, Ed; Nag, Sid, and Gartner, Inc. Forecast Overview: Public Cloud Services, Worldwide, 2016 Update. February 17, 2016. https://www. gartner.com/doc/3214717?ref=sitesearch&sthkw=security%20concerns%20cloud%20adoption&fnl=search&srcid=1-3478922254 4. Shey, Heidi. Understand The State Of Data Security And Privacy: 2015 To 2016. Forrester Research, Inc., 8 Jan. 2016. https://www.forrester.com/ report/understand+the+state+of+data+security+and+privacy+2015+to+2016/-/e-res117447 5. Mearian, Lucas. Government Tests Show Security s People Problem. Computerworld. July 6, 2011. http://www.computerworld.com/article/2510014/security0/government-tests-show-security-s-people-problem.html 6. Ponemon Institute LLC. Ponemon Study: The Unintentional Insider Risk in United States and German Organizations. July 30, 2015. http://www. raytheoncyber.com/spotlight/ponemon/index.html 7. Bank Director. Bank Director s 2016 Risk Practices Survey. March 21, 2016. http://www.bankdirector.com/download_file/view_inline/4996 8. Identity Theft Resource Center. 2015 Data Breaches ITRC Surveys & Studies ID Theft Blog. January 25, 2016. http://www.idtheftcenter.org/ ITRC-Surveys-Studies/2015databreaches.html 9. Forrester Research, Inc. Global Business Technographics Security Survey, 2015. July 2015. https://www.forrester.com/global Business Technographics Security Survey 2015/-/E-sus2957 10. Forrester Research, Inc. Global Business Technographics Devices And Security Workforce Survey, 2015. August 2015. https://www.forrester. com/global+business+technographics+devices+and+security+workforce+survey+2015/-/e-sus2971 11. Ponemon Institute LLC. Privileged User Abuse & The Insider Threat. May 2014. http://www.raytheoncyber.com/rtnwcm/groups/cyber/documents/content/rtn_257010.pdf 12. Litan, Avivah, and Gartner, Inc. Best Practices and Success Stories for User Behavior Analytics. March 4, 2015. https://www.gartner.com/ doc/2998124/best-practices-success-stories-user 13. Forrester Research, Inc. Global Business Technographics Security Survey, 2015. July 2015. https://www.forrester.com/global Business Technographics Security Survey 2015/-/E-sus2957 14. Forcepoint LLC. Cyber Dwell Time and Lateral Movement THE NEW CYBERSECURITY BLUEPRINT. https://www.forcepoint.com/resources/whitepapers/cyber-dwell-time-and-lateral-movement 15. Forcepoint LLC. Cyber Dwell Time and Lateral Movement THE NEW CYBERSECURITY BLUEPRINT. https://www.forcepoint.com/resources/whitepapers/cyber-dwell-time-and-lateral-movement 16. Vanian, Jonathan. Hollywood Hospital Pays Off Hackers To Restore Computer System. February 18, 2016. http://fortune.com/2016/02/18/hollywood-hospital-hackers-computer-system/ 17. Forcepoint Security Labs and Forcepoint LLC. Locky Ransomware - Encrypts Documents, Databases, Code, BitCoin Wallets and More... February 19, 2016. https://blogs.forcepoint.com/security-labs/locky-ransomware-encrypts-documents-databases-code-bitcoin-wallets-and-more 18. Forcepoint Security Labs and Forcepoint LLC. Locky s New DGA - Seeding the New Domains [RUSSIA UPDATE: 26/FEB/16]. February 25, 2016. https://blogs.forcepoint.com/security-labs/lockys-new-dga-seeding-new-domains 19. @Forcepointsec Twitter handle. March 22, 2016. Tweet, https://twitter.com/forcepointsec/status/712316915687948289 20. Winton, Richard. Hollywood Hospital Pays $17,000 in Bitcoin to Hackers; FBI Investigating. Los Angeles Times. February 18, 2016. http://www. latimes.com/business/technology/la-me-ln-hollywood-hospital-bitcoin-20160217-story.html 2016 30

21. Vijayan, Jai. With $325 Million In Extorted Payments CryptoWall 3 Highlights Ransomware Threat. Dark Reading. October 29, 2015. http:// www.darkreading.com/endpoint/with-$325-million-in-extorted-payments-cryptowall-3-highlights-ransomware-threat/d/d-id/1322899 22. Forcepoint LLC (formerly Websense). The Seven Stages of Advanced Threats. https://www.websense.com/assets/pdf/understanding-the-cyber-attack-infographic.pdf 23. Forcepoint Security Labs and Forcepoint LLC. TorrentLocker is Back and Targets Sweden & Italy. March 15, 2016. https://blogs.forcepoint. com/security-labs/torrentlocker-back-and-targets-sweden-italy 24. Forcepoint Security Labs and Forcepoint LLC. Locky s New DGA - Seeding the New Domains [RUSSIA UPDATE: 26/FEB/16]. February 25, 2016. https://blogs.forcepoint.com/security-labs/lockys-new-dga-seeding-new-domains 25. Information Sciences Institute; University of Southern California. DARPA INTERNET PROGRAM PROTOCOL SPECIFICATION. INTERNET PROTOCOL, September 1981. https://tools.ietf.org/html/rfc791 26. Information Sciences Institute; University of Southern California. DARPA INTERNET PROGRAM PROTOCOL SPECIFICATION. TRANSMIS- SION CONTROL PROTOCOL, September 1981. https://tools.ietf.org/html/rfc793 27. Forcepoint Security Labs and Forcepoint LLC. Dridex Down Under. November 5, 2015. https://blogs.forcepoint.com/security-labs/dridex-down-under 28. Forcepoint Security Labs and Forcepoint LLC. Accounts Payable in the Czech Republic Targeted by Dridex. August 4, 2015. https://blogs. forcepoint.com/security-labs/accounts-payable-czech-republic-targeted-dridex 29. Identity Theft Resource Center. 2015 Data Breaches ITRC Surveys & Studies ID Theft Blog. January 25, 2016. http://www.idtheftcenter. org/itrc-surveys-studies/2015databreaches.html 30. Forcepoint LLC. Websense 2015 Threat Report. April 8, 2015. https://www.websense.com/content/websense-2015-threat-report.aspx 31. Harvard Business Review. How the Cloud Looks from the Top: Achieving Competitive Advantage In the Age of Cloud Computing. 2011. https://hbr.org/resources/pdfs/tools/16700_hbr_microsoft%20report_long_webview.pdf 32. Anderson, Ed; Nag, Sid, and Gartner, Inc. Forecast Overview: Public Cloud Services, Worldwide, 2016 Update. February 17, 2016. https:// www.gartner.com/doc/3214717?ref=sitesearch&sthkw=security%20concerns%20cloud%20adoption&fnl=search&srcid=1-3478922254 33. Ponemon Institute LLC. The Challenges of Cloud Information Governance: A Global Data Security Study. October 2014. http://www2.gemalto.com/cloud-security-research/safenet-cloud-governance.pdf 34. VansonBourne. Shadow IT ITDMs Data Summary. p. 34. July 11, 2014. http://www.vansonbourne.com/files/1914/1225/3447/vb-shadow_ IT-ITDMs-Data-Summary.pdf 35. VansonBourne. Shadow IT BDM Data Summary. p. 24. July 22, 2014. http://www.vansonbourne.com/files/7614/1225/3401/vb-shadow_ IT-BDM-Data-Summary.pdf 36. IDG Enterprise. 2015 IDG enterprise cloud computing survey. November 17, 2015. http://www.idgenterprise.com/resource/research/2015-cloud-computing-study/ 37. CAS Cloud Security Alliance. https://cloudsecurityalliance.org/star/certification/ 38. Raytheon Company, Securing Our Future: Closing the Cyber Talent Gap. October 19, 2015. http://raytheon.mediaroom.com/2015-10-26-many-more-men-than-women-are-drawn-to-cybersecurity-careers-and-the-gap-is-widening-dramatically-new-survey-says 39. Ocean Tomo LLC. Intangible Asset Market Value Study. March 4, 2015. http://www.oceantomo.com/2015/03/04/2015-intangible-asset-market-value-study/

2016 FORCEPOINT Forcepoint Forcepoint THREATSEEKER INTELLIGENCE CLOUD 全球威脅 Threatseeker Intelligence Cloud Forcepoint 155 Threatseeker Forcepoint Threatseeker Forcepoint Forcepoint, LLC SureView ThreatSeeker TRITON Forcepoint, LLC Raytheon Raytheon Company