KEMBAR78
Cyber security-briefing-presentation | PDF
Uploaded bysathiyamaha
PDF, PPTX994 views

Cyber security-briefing-presentation

This document summarizes an Intel briefing on cybersecurity trends, solutions, and opportunities. It discusses how computing trends have expanded the attack surface and opportunities for malware. It then introduces Intel and McAfee's partnership and hardware-enhanced security solutions that work below the operating system level to detect advanced threats. Examples of solutions using hardware acceleration for encryption and virtualization-based security are provided. The briefing argues that hardware-enhanced approaches can improve security by establishing layered defenses and isolating critical functions from malware.

Education
In this document
Powered by AI

Intel Cyber-Security Briefing led by John Skinner, focusing on trends, solutions, and opportunities in cybersecurity.

Session agenda covering Intel and McAfee collaboration, computing trends, hardware-enhanced security, and IT community opportunities.

Focus on innovation opportunities with Intel and McAfee, highlighting hardware-enhanced security and its benefits for various systems.

Discussion of computing trends like mobile, cloud, and virtualization, leading to increased risks and a larger attack surface.

Exploration of human vulnerabilities including mobile device theft, phishing attacks, and careless handling of data.

Description of defense-in-depth strategies like encryption, intrusion detection, and secure coding in traditional IT security.

Overview of different hacking motivations and the growing hacking software industry, valued at $11B/year.

Statistics indicating a surge in malware attacks between 2010-2011, surpassing prior years in frequency.

Insights into contemporary hacking tactics such as social engineering and the use of rootkits for stealth attacks.

Discussion on how modern attacks are evading traditional security measures by operating below the operating system.

Proposal for a new security approach that integrates security functions directly into hardware for better safety.

Introduction of Intel's DeepSAFE platform, designed for hardware-assisted security beyond the operating system.

Detailed explanation of features and benefits of the DeepSAFE security platform in preventing advanced threats.

Intel's hardware-based encryption solution which significantly speeds up operations for security applications.

Intel's Identity Protection Technology enables enhanced user security for remote access, improving account protection.

Explanation of how hardware-enhanced security strengthens virtualized servers and cloud environments for data protection.

Overview of various applications for hardware-enhanced security, from client management to data encryption.

Details on applying hardware-enhanced security across multiple layers to fortify defense mechanisms.

Strategies for securing connections and data from clients through cloud datacenters with integrated security.

Illustration of how hardware security features protect against zero-day attacks and strengthen authentication.

Intel and McAfee’s collaborative efforts to improve security across cloud environments and simplify compliance.

Recap of challenges in info security and the role of hardware-assisted security in offering vital solutions.

Expression of gratitude for audience participation in the briefing.

Legal disclaimers regarding Intel products, intellectual property rights, and performance testing specifications.

Download as PDF, PPTX
Intel® Cyber-Security Briefing: Trends, Solutions, and Opportunities John Skinner, Director, Secure Enterprise and Cloud, Intel Americas, Inc. May 2012
Agenda • Intel + McAfee: What it means • Computing trends and security implications • A new approach to improve cyber-security: –Hardware-enhanced Security • Examples of Hardware-assisted Security • Opportunity for the IT Community to Change The Game 2
Innovation Opportunities by working with Intel and McAfee • Change the way we all think about security problems and solutions • Innovate and Deliver new levels of protection not available with software-only solutions, employing hardware-enhanced security • Deliver intelligence-in-depth: Security that is integral to your hardware, network, systems, applications, and databases—and works together to protect your business Key Innovation Areas Next-Gen Secure Secure Cloud Hardware Endpoint Mobile Embedded Security Enhanced Security Devices Devices Platform Security
Computing Trends and Security Implications Escalating Threat Complexity Landscape of the IT Model Consumerization Growth of of IT Cloud Mobile Computing Devices Virtualization As a consequence: The size of the “Attack Surface” and the opportunities for Malicious Entry have expanded. 4
People: The New Network Perimeter Human Vulnerabilities and Risks Mobile Phishing Device Attacks Loss or and Spear Theft Phishing Corporate or Social Networking Personal Data Stolen Credentials Online Collaboration Tools Humans make mistakes: Lost Devices, “Found” USB drives, etc. 5
Traditional IT Security Strategy: Multiple Security Perimeters Response Monitoring, intrusion detection, Capability proactive and reactive response File and data encryption, File and Data enterprise rights management Secure coding, security Application specifications Platform Antivirus software, patching, minimum security specifications for systems Network Firewalls, demilitarized zone, data loss prevention a.k.a. “Defense in Depth” 6
A closer look at Hacking: The Motivations Have Expanded.... SLAMMER ZEUS AURORA STUXNET Hacking Organized State-Sponsored Physical for Fun Crime Cyber Espionage Harm Hacking Software Tools for Sale: $11B/year industry with 56% CAGR 7
“The Malware Tsunami” There were more malware attacks in 2010-2011 than in the previous 10 years combined! ? 60,000+ 6,000,000 2,000,000 Stealth per day per month per month Attacks new unique new botnet new malicious Non-detectable malware infections web sites malware and pieces advanced persistent threats
Tools of the Modern Hacker Candy Drop: Placing infected USB drives where humans will take them, and later plug them into their PC or other network-connected device. Social Engineering: Manipulating people to divulge data or “click here” Advanced Persistent Threat (APT): A long term, human-directed “campaign” to take control of a specific system or network – all while remaining undetected. Kernel-mode Rootkit: It lives and operates below the operating system, to control the OS and evade detection by OS-level security measures. Can cloak other malware, APT’s.
Attacks Are Moving “Down the Stack”, to Gain Greater Stealth and System Control Traditional attacks: Focused primarily on Attacks disable the application layer security products OS infected with APTs: Threats are hidden from security products Compromise virtual machine New stealth attacks: Ultimate APTs: Embed themselves Compromise platform below the OS and and devices below the Virtual Machine, so OS, using rootkits as they can evade current cloaks solutions APT: Advanced Persistent Threat 10
A New Approach Is Required: “Hardware-enhanced Security” • Move critical security processes down into the hardware – Encryption, Authentication, Manageability, and Platform Cleansing – Hardware is inherently less vulnerable to modification or corruption • Establish a security perimeter from the hardware layer up • Isolate the security services from the host OS (often the target) • Build in capability to monitor, maintain, repair, and recover Added Protection against: • Viruses and worms • Malware • Disabled software • Rootkits 11
Example of Hardware-enhanced Security: The DeepSAFE* Security Platform DeepSAFE is the first hardware- assisted security platform from Intel and McAfee. Platform capabilities include: • McAfee Deep Defender* product • Utilizes the isolation capabilities of Intel Virtualization Technology • Works “beyond” the OS, so it can’t be corrupted by OS or malware • Detects, blocks, and removes stealthy advanced persistent threats and malware • Foundation for future solutions from McAfee and Intel Next-generation “beyond the OS” security enabled by Intel® processor technology * Other names and brands may be claimed as the property of others.
Example of Hardware-enhanced Security: The DeepSAFE* Security Platform DeepSAFE is the first hardware- assisted security platform from Intel and McAfee. Platform capabilities include: • McAfee Deep Defender* product • Utilizes the isolation capabilities of Intel Virtualization Technology • Works “beyond” the OS, so it can’t be corrupted by OS or malware • Detects, blocks, and removes stealthy advanced persistent threats and malware • Foundation for future solutions from McAfee and Intel Next-generation “beyond the OS” security enabled by Intel® processor technology * Other names and brands may be claimed as the property of others.
Hardware-enhanced Security: Faster Encryption on PCs and Servers “There's a definite benefit to… Intel® AES-NI instructions… this is huge for corporate desktops/notebooks.” —Anandtech1 Intel® Core™ i5, Core™ i7, and Whole-disk Internet File Storage select Intel® Xeon® processors, with Intel® Advanced Encryption Standard Encryption Security Encryption New Instructions (Intel® AES-NI) Intel® AES-NI increases encryption operations up to 4x by using hardware and software together.2 1 The Clarkdale Review: Intel® Core™ i5 processor 661, Core™ i3 processor 540, and Core i3 processor 530, Anand Lal Shimpi, Anandtech, January 2010. http://www.anandtech.com/show/2901/5 . 2 Intel® Advanced Encryption Standard New Instructions (Intel® AES-NI) requires a computer system with an Intel AES-NI enabled processor, as well as non-Intel software to execute the instructions in the correct sequence. Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors. See full disclaimer at http://www.intel.com/performance 14 * Other names and brands may be claimed as the property of others.
Example of Hardware-enhanced Security: Intel® Identity Protection Technology Now built into your PC with Intel® IPT 1 Utilize PCs with Intel® IPT support Traditional hardware token 2 Choose a security software vendor1 Used for remote authorized users (VPN) and/or for the PC with Intel® IPT public web embedded tokens End Users Web Sites Organizations Add security that is Protect user accounts Secure method for authorized easy to use and limit losses users to remotely log in 1 Embedded tokens work with all Symantec VIP protected web sites as well as enabled VASCO protected sites. 15
Example of Hardware-enhanced Security for Virtualized Servers and Clouds Intel® AES-NI Apps1 Apps2 Built-in Encryption Apps2 Intel® TXT Enables VM OS1 OS2 OS2 migration based Intel® VT VM2 on security policy Protects VM Isolation VM1 VM2 Intel® TXT Hypervisor Hypervisor Works with the VMM to create Server Hardware 1 Server Hardware 2 “trusted” status with Intel® TXT with Intel® TXT Encrypt Isolate Comply Intel® AES-NI Intel® VT and Intel® TXT Intel® TXT delivers built-in encryption protects VM isolation and establishes “trusted” status acceleration for better data provides a more secure to enable migration based protection platform on security policy Establishing the foundation for more secure data centers Intel® AES-NI – Intel® Advanced Encryption Standard New Instructions; Intel® TXT – Intel® Trusted Execution Technology; Intel® VT – Intel® Virtualization Technology 16
Hardware-enhanced Security: Other Applications Remote Client Management and Remediation, Response Client Anti-Theft and Recovery Hardware-accelerated File and Data Whole-Disk Encryption Hardware-accelerated Application Data Encryption Embedded System, Virtualized Platform Server, and Cloud Security Identity Protection and Network Access Management Intel and its partners are applying Hardware-enhanced Security to “harden” each perimeter of defense. 17
Defense-in-Depth enhanced by Hardware-assisted Security Response McAfee EEPC File and Data McAfee EEPC Application Intel® VT Platform Network Intel and its partners are applying Hardware-enhanced Security to “harden” each perimeter of defense. 18
Enhancing End to End Cloud Security Build Foundation of Integrity: From Client to Network to Cloud Public/Private Clouds User & Intelligent (Servers, Network, Storage) Devices Private Cloud Secure the Connections Public Apps, data in flight, traffic Cloud 2 Secure Cloud Datacenters Secure the Devices Infrastructure & VM integrity, seamless federation, 3 Identity & access mgmt, platform integrity, data audit/compliance, data 1 protection protection 4 Common Security Standards
Example of How Hardware-enhanced PC Security can enhance Cloud Security Private Cloud Public Cloud Identity Strengthen Protect against Protect against Federation and Simplify Man in the Zero-Day Attacks Authentication Middle Attacks Salesforce.com Operating System Google.com CPU Authentication Data Protection Client Devices 20
Enhancing End to End Cloud Security Intel + McAfee: Toward Worry-Free Cloud Computing Deliver hardware-enhanced security to better protect data, users, Cloud Data Centers & traffic from client to cloud Tools to aggregate security information across clouds to automate & simplify policy setting & improve audit/compliance reporting New capabilities to automate client to cloud security and service levels, such as identity as a service Industry collaboration to accelerate broad adoption of security standards so IT can easily adopt cloud 21
Summary and Opportunity The info security challenge is escalating. Hardware-assisted Security is solving a variety of problems, many unsolvable by software-only. We all have opportunity to Change The Game: Intel/McAfee + Partners + Customers
Thank You!
Legal Notices and Disclaimers INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL® PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY RIGHTS IS GRANTED BY THIS DOCUMENT. EXCEPT AS PROVIDED IN INTEL’S TERMS AND CONDITIONS OF SALE FOR SUCH PRODUCTS, INTEL ASSUMES NO LIABILITY WHATSOEVER, AND INTEL DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY, RELATING TO SALE AND/OR USE OF INTEL ® PRODUCTS INCLUDING LIABILITY OR WARRANTIES RELATING TO FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR INFRINGEMENT OF ANY PATENT, COPYRIGHT OR OTHER INTELLECTUAL PROPERTY RIGHT. INTEL PRODUCTS ARE NOT INTENDED FOR USE IN MEDICAL, LIFE SAVING, OR LIFE SUSTAINING APPLICATIONS. Intel may make changes to specifications and product descriptions at any time, without notice. All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice. Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request. Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors. Performance tests, such as SYSmark* and MobileMark*, are measured using specific computer systems, components, software, operations and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products. For more information go to http://www.intel.com/performance Intel, Intel Inside, the Intel logo, Intel Core, and Xeon are trademarks of Intel Corporation in the United States and other countries. Security features enabled by Intel® AMT require an enabled chipset, network hardware and software and a corporate network connection. Intel AMT may not be available or certain capabilities may be limited over a host OS-based VPN or when connecting wirelessly, on battery power, sleeping, hibernating or powered off. Setup requires configuration and may require scripting with the management console or further integration into existing security frameworks, and modifications or implementation of new business processes. For more information, see http://www.intel.com/technology/manage/iamt. No system can provide absolute security under all conditions. Requires an enabled chipset, BIOS, firmware and software and a subscription with a capable Service Provider. Consult your system manufacturer and Service Provider for availability and functionality. Intel assumes no liability for lost or stolen data and/or systems or any other damages resulting thereof. For more information, visit http://www.intel.com/go/anti-theft Intel® vPro™ Technology is sophisticated and requires setup and activation. Availability of features and results will depend upon the setup and configuration of your hardware, software and IT environment. To learn more visit: http://www.intel.com/technology/vpro The original equipment manufacturer must provide TPM functionality, which requires a TPM-supported BIOS. TPM functionality must be initialized and may not be available in all countries. Intel® AES-NI requires a computer system with an AES-NI enabled processor, as well as non-Intel software to execute the instructions in the correct sequence. AES-NI is available on select Intel® processors. For availability, consult your reseller or system manufacturer. For more information, see http://software.intel.com/en-us/articles/intel-advanced-encryption-standard-instructions-aes-ni/ *Other names and brands may be claimed as the property of others. Copyright © 2012 Intel Corporation, All Rights Reserved

More Related Content

PPTX
Cybersecurity Attack Vectors: How to Protect Your Organization
byTriCorps Technologies
 
PPT
IT Security Awareness-v1.7.ppt
byOoXair
 
PPTX
malware analysis
by20CS201AkashR
 
PPTX
Ransomware by lokesh
byLokesh Bysani
 
PPTX
Ransomware
byArmor
 
PDF
Ransomware: History, Analysis, & Mitigation - PDF
byAndy Thompson
 
PPTX
Ransomware
byNick Miller
 
PDF
IDS Evasion Techniques
byTudor Damian
 
Cybersecurity Attack Vectors: How to Protect Your Organization
byTriCorps Technologies
 
IT Security Awareness-v1.7.ppt
byOoXair
 
malware analysis
by20CS201AkashR
 
Ransomware by lokesh
byLokesh Bysani
 
Ransomware
byArmor
 
Ransomware: History, Analysis, & Mitigation - PDF
byAndy Thompson
 
Ransomware
byNick Miller
 
IDS Evasion Techniques
byTudor Damian
 

What's hot

PDF
Web Application Penetration Testing
byPriyanka Aash
 
PPTX
Ransomware attacks reveton
byMumbere Joab
 
PDF
Introduction to Web Application Penetration Testing
byNetsparker
 
PDF
Penetration testing web application web application (in) security
byNahidul Kibria
 
PPTX
Network security
byEstiak Khan
 
PPT
Application Security
byMuhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
PPT
Introduction to Malware
byamiable_indian
 
PPTX
Virus
byProtik Roy
 
PPT
Cyber security vs information assurance
byVaughan Olufemi ACIB, AICEN, ANIM
 
PPTX
Ransomware Attack.pptx
byIkramSabir4
 
PPTX
cyber security
byBasineniUdaykumar
 
PDF
Analysing Ransomware
byNapier University
 
PPTX
Introduction to cyber security
bySelf-employed
 
PDF
Digital Anti-Forensics: Emerging trends in data transformation techniques
bySeccuris Inc.
 
PPSX
Cyber crime
bySanket Gogoi
 
PPTX
Types of cyber attacks
bykrishh sivakrishna
 
PPTX
Cyber security ppt
byCH Asim Zubair
 
PDF
Cyber Threat Intelligence
byMarlabs
 
PPTX
Cyber Threat Hunting Workshop
byDigit Oktavianto
 
PDF
Cyber Security Extortion: Defending Against Digital Shakedowns
byCrowdStrike
 
Web Application Penetration Testing
byPriyanka Aash
 
Ransomware attacks reveton
byMumbere Joab
 
Introduction to Web Application Penetration Testing
byNetsparker
 
Penetration testing web application web application (in) security
byNahidul Kibria
 
Network security
byEstiak Khan
 
Application Security
byMuhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
Introduction to Malware
byamiable_indian
 
Virus
byProtik Roy
 
Cyber security vs information assurance
byVaughan Olufemi ACIB, AICEN, ANIM
 
Ransomware Attack.pptx
byIkramSabir4
 
cyber security
byBasineniUdaykumar
 
Analysing Ransomware
byNapier University
 
Introduction to cyber security
bySelf-employed
 
Digital Anti-Forensics: Emerging trends in data transformation techniques
bySeccuris Inc.
 
Cyber crime
bySanket Gogoi
 
Types of cyber attacks
bykrishh sivakrishna
 
Cyber security ppt
byCH Asim Zubair
 
Cyber Threat Intelligence
byMarlabs
 
Cyber Threat Hunting Workshop
byDigit Oktavianto
 
Cyber Security Extortion: Defending Against Digital Shakedowns
byCrowdStrike
 

Similar to Cyber security-briefing-presentation

PDF
McAffee_Security and System Integrity in Embedded Devices
byIşınsu Akçetin
 
PDF
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
byAndris Soroka
 
PDF
RSA 2012 Virtualization Security February 2012
bySymantec
 
PPTX
Weaponised Malware & APT Attacks: Protect Against Next-Generation Threats
byLumension
 
PDF
Session 1: Windows 8 with Gerry Tessier
byCTE Solutions Inc.
 
PDF
Offensive malware usage and defense
byChristiaan Beek
 
PDF
Stealthy Threats Driving a New Approach to IT Security
byIntel IT Center
 
PPTX
8 Threats Your Anti-Virus Won't Stop
bySophos
 
PPTX
Fadi El Moussa Secure Cloud 2012 V2
byfadielmoussa
 
PDF
Issa chicago next generation tokenization ulf mattsson apr 2011
byUlf Mattsson
 
PDF
Day 3 p2 - security
byLilian Schaffer
 
PDF
Day 3 p2 - security
byLilian Schaffer
 
PPTX
Data Centre Evolution: Securing Your Journey to the Cloud
byTrend Micro (EMEA) Limited
 
PDF
Smau Bari 2012 Marco Soldi
bySMAU
 
PDF
NIC2012 - System Center Endpoint Protection 2012
byNicolai Henriksen
 
PDF
Intel IT Experts Tour Cyber Security - Matthew Rosenquist 2013
byMatthew Rosenquist
 
PPTX
The VDI InfoSec Conundrum
byVirtualTal
 
PPTX
Endpoint Protection
bySophos
 
PDF
S series presentation
bySergey Marunich
 
PPT
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBM
byArrow ECS UK
 
McAffee_Security and System Integrity in Embedded Devices
byIşınsu Akçetin
 
DSS ITSEC CONFERENCE - Lumension Security - Intelligent application whiteli...
byAndris Soroka
 
RSA 2012 Virtualization Security February 2012
bySymantec
 
Weaponised Malware & APT Attacks: Protect Against Next-Generation Threats
byLumension
 
Session 1: Windows 8 with Gerry Tessier
byCTE Solutions Inc.
 
Offensive malware usage and defense
byChristiaan Beek
 
Stealthy Threats Driving a New Approach to IT Security
byIntel IT Center
 
8 Threats Your Anti-Virus Won't Stop
bySophos
 
Fadi El Moussa Secure Cloud 2012 V2
byfadielmoussa
 
Issa chicago next generation tokenization ulf mattsson apr 2011
byUlf Mattsson
 
Day 3 p2 - security
byLilian Schaffer
 
Day 3 p2 - security
byLilian Schaffer
 
Data Centre Evolution: Securing Your Journey to the Cloud
byTrend Micro (EMEA) Limited
 
Smau Bari 2012 Marco Soldi
bySMAU
 
NIC2012 - System Center Endpoint Protection 2012
byNicolai Henriksen
 
Intel IT Experts Tour Cyber Security - Matthew Rosenquist 2013
byMatthew Rosenquist
 
The VDI InfoSec Conundrum
byVirtualTal
 
Endpoint Protection
bySophos
 
S series presentation
bySergey Marunich
 
Arrow ECS IBM Partner Jam - Security Update - Vicki Cooper - IBM
byArrow ECS UK
 

Recently uploaded

PPTX
Essay Type Answer Writing Analysis Workshop.pptx
byDhatriParmar
 
PPTX
THERAPEUTIC ENVIORNMENT.............pptx
byAneetaSharma15
 
PPTX
GAS chromatography ppt (Presentation) by Jatin Chauhan
byjatinchauhan1618
 
PDF
Admin Slides for Oct'25 semester (Progression)
byGreat Files
 
PPTX
Classification and Applied Aspects of Joints.pptx
byMathew Joseph
 
PDF
Nernst Distribution Law and factors affecting distribution constant
byMithil Fal Desai
 
PDF
Who Owns the Narrative? Data, Disinformation, and the Missing Voice of Academia
byIsmail Fahmi
 
PPTX
Basics for Conducting Bibliometric Analysis - Dr Ahsan Riaz
bySystematic Reviews Network (SRN)
 
PDF
Admin Slides for Oct'25 semester - PB1_MC5.pdf
byGreat Files
 
PPTX
How to Create a Manifest File in Odoo 18
byCeline George
 
PPTX
DO 34 s 2025 - ammendment of DO 24 s 2025.pptx
byJeanalynEstrellado3
 
PPTX
Welcome to our Open Evening 2025 Ballinrobe CS
byjacollins1515
 
PDF
The purpose of Ethics and Values in a project context webinar, 14 October 202...
byAssociation for Project Management
 
PDF
Umlando kaMufi. IsiZulu Ulimi Lwebele...
byNokwandaNzuza2
 
PPTX
Single entry System Vs Double entry System.pptx
bylavanyafranklin0804
 
PPTX
DBP - BITA Introduction Slides Oct 202526
byGreat Files
 
PDF
Total Quality Management : A presentation by a third year student.
byMbalenhle Ndlovu
 
PPTX
ILA 2025 Prague CLS Presentation of Leadership journal
byjohanalvehus
 
PDF
TUYỂN CHỌN 30 ĐỀ THI CHỌN HỌC SINH GIỎI LỚP 9 CÁC TỈNH NĂM 2024-2025 MÔN TIẾN...
byNguyen Thanh Tu Collection
 
PDF
History of Department of AIHC and Archaeology_BHU
byBanaras Hindu University
 
Essay Type Answer Writing Analysis Workshop.pptx
byDhatriParmar
 
THERAPEUTIC ENVIORNMENT.............pptx
byAneetaSharma15
 
GAS chromatography ppt (Presentation) by Jatin Chauhan
byjatinchauhan1618
 
Admin Slides for Oct'25 semester (Progression)
byGreat Files
 
Classification and Applied Aspects of Joints.pptx
byMathew Joseph
 
Nernst Distribution Law and factors affecting distribution constant
byMithil Fal Desai
 
Who Owns the Narrative? Data, Disinformation, and the Missing Voice of Academia
byIsmail Fahmi
 
Basics for Conducting Bibliometric Analysis - Dr Ahsan Riaz
bySystematic Reviews Network (SRN)
 
Admin Slides for Oct'25 semester - PB1_MC5.pdf
byGreat Files
 
How to Create a Manifest File in Odoo 18
byCeline George
 
DO 34 s 2025 - ammendment of DO 24 s 2025.pptx
byJeanalynEstrellado3
 
Welcome to our Open Evening 2025 Ballinrobe CS
byjacollins1515
 
The purpose of Ethics and Values in a project context webinar, 14 October 202...
byAssociation for Project Management
 
Umlando kaMufi. IsiZulu Ulimi Lwebele...
byNokwandaNzuza2
 
Single entry System Vs Double entry System.pptx
bylavanyafranklin0804
 
DBP - BITA Introduction Slides Oct 202526
byGreat Files
 
Total Quality Management : A presentation by a third year student.
byMbalenhle Ndlovu
 
ILA 2025 Prague CLS Presentation of Leadership journal
byjohanalvehus
 
TUYỂN CHỌN 30 ĐỀ THI CHỌN HỌC SINH GIỎI LỚP 9 CÁC TỈNH NĂM 2024-2025 MÔN TIẾN...
byNguyen Thanh Tu Collection
 
History of Department of AIHC and Archaeology_BHU
byBanaras Hindu University
 

Cyber security-briefing-presentation

  • 1.
    Intel® Cyber-Security Briefing: Trends,Solutions, and Opportunities John Skinner, Director, Secure Enterprise and Cloud, Intel Americas, Inc. May 2012
  • 2.
    Agenda • Intel +McAfee: What it means • Computing trends and security implications • A new approach to improve cyber-security: –Hardware-enhanced Security • Examples of Hardware-assisted Security • Opportunity for the IT Community to Change The Game 2
  • 3.
    Innovation Opportunities byworking with Intel and McAfee • Change the way we all think about security problems and solutions • Innovate and Deliver new levels of protection not available with software-only solutions, employing hardware-enhanced security • Deliver intelligence-in-depth: Security that is integral to your hardware, network, systems, applications, and databases—and works together to protect your business Key Innovation Areas Next-Gen Secure Secure Cloud Hardware Endpoint Mobile Embedded Security Enhanced Security Devices Devices Platform Security
  • 4.
    Computing Trends andSecurity Implications Escalating Threat Complexity Landscape of the IT Model Consumerization Growth of of IT Cloud Mobile Computing Devices Virtualization As a consequence: The size of the “Attack Surface” and the opportunities for Malicious Entry have expanded. 4
  • 5.
    People: The NewNetwork Perimeter Human Vulnerabilities and Risks Mobile Phishing Device Attacks Loss or and Spear Theft Phishing Corporate or Social Networking Personal Data Stolen Credentials Online Collaboration Tools Humans make mistakes: Lost Devices, “Found” USB drives, etc. 5
  • 6.
    Traditional IT SecurityStrategy: Multiple Security Perimeters Response Monitoring, intrusion detection, Capability proactive and reactive response File and data encryption, File and Data enterprise rights management Secure coding, security Application specifications Platform Antivirus software, patching, minimum security specifications for systems Network Firewalls, demilitarized zone, data loss prevention a.k.a. “Defense in Depth” 6
  • 7.
    A closer lookat Hacking: The Motivations Have Expanded.... SLAMMER ZEUS AURORA STUXNET Hacking Organized State-Sponsored Physical for Fun Crime Cyber Espionage Harm Hacking Software Tools for Sale: $11B/year industry with 56% CAGR 7
  • 8.
    “The Malware Tsunami” There were more malware attacks in 2010-2011 than in the previous 10 years combined! ? 60,000+ 6,000,000 2,000,000 Stealth per day per month per month Attacks new unique new botnet new malicious Non-detectable malware infections web sites malware and pieces advanced persistent threats
  • 9.
    Tools of theModern Hacker Candy Drop: Placing infected USB drives where humans will take them, and later plug them into their PC or other network-connected device. Social Engineering: Manipulating people to divulge data or “click here” Advanced Persistent Threat (APT): A long term, human-directed “campaign” to take control of a specific system or network – all while remaining undetected. Kernel-mode Rootkit: It lives and operates below the operating system, to control the OS and evade detection by OS-level security measures. Can cloak other malware, APT’s.
  • 10.
    Attacks Are Moving“Down the Stack”, to Gain Greater Stealth and System Control Traditional attacks: Focused primarily on Attacks disable the application layer security products OS infected with APTs: Threats are hidden from security products Compromise virtual machine New stealth attacks: Ultimate APTs: Embed themselves Compromise platform below the OS and and devices below the Virtual Machine, so OS, using rootkits as they can evade current cloaks solutions APT: Advanced Persistent Threat 10
  • 11.
    A New ApproachIs Required: “Hardware-enhanced Security” • Move critical security processes down into the hardware – Encryption, Authentication, Manageability, and Platform Cleansing – Hardware is inherently less vulnerable to modification or corruption • Establish a security perimeter from the hardware layer up • Isolate the security services from the host OS (often the target) • Build in capability to monitor, maintain, repair, and recover Added Protection against: • Viruses and worms • Malware • Disabled software • Rootkits 11
  • 12.
    Example of Hardware-enhancedSecurity: The DeepSAFE* Security Platform DeepSAFE is the first hardware- assisted security platform from Intel and McAfee. Platform capabilities include: • McAfee Deep Defender* product • Utilizes the isolation capabilities of Intel Virtualization Technology • Works “beyond” the OS, so it can’t be corrupted by OS or malware • Detects, blocks, and removes stealthy advanced persistent threats and malware • Foundation for future solutions from McAfee and Intel Next-generation “beyond the OS” security enabled by Intel® processor technology * Other names and brands may be claimed as the property of others.
  • 13.
    Example of Hardware-enhancedSecurity: The DeepSAFE* Security Platform DeepSAFE is the first hardware- assisted security platform from Intel and McAfee. Platform capabilities include: • McAfee Deep Defender* product • Utilizes the isolation capabilities of Intel Virtualization Technology • Works “beyond” the OS, so it can’t be corrupted by OS or malware • Detects, blocks, and removes stealthy advanced persistent threats and malware • Foundation for future solutions from McAfee and Intel Next-generation “beyond the OS” security enabled by Intel® processor technology * Other names and brands may be claimed as the property of others.
  • 14.
    Hardware-enhanced Security: Faster Encryptionon PCs and Servers “There's a definite benefit to… Intel® AES-NI instructions… this is huge for corporate desktops/notebooks.” —Anandtech1 Intel® Core™ i5, Core™ i7, and Whole-disk Internet File Storage select Intel® Xeon® processors, with Intel® Advanced Encryption Standard Encryption Security Encryption New Instructions (Intel® AES-NI) Intel® AES-NI increases encryption operations up to 4x by using hardware and software together.2 1 The Clarkdale Review: Intel® Core™ i5 processor 661, Core™ i3 processor 540, and Core i3 processor 530, Anand Lal Shimpi, Anandtech, January 2010. http://www.anandtech.com/show/2901/5 . 2 Intel® Advanced Encryption Standard New Instructions (Intel® AES-NI) requires a computer system with an Intel AES-NI enabled processor, as well as non-Intel software to execute the instructions in the correct sequence. Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors. See full disclaimer at http://www.intel.com/performance 14 * Other names and brands may be claimed as the property of others.
  • 15.
    Example of Hardware-enhancedSecurity: Intel® Identity Protection Technology Now built into your PC with Intel® IPT 1 Utilize PCs with Intel® IPT support Traditional hardware token 2 Choose a security software vendor1 Used for remote authorized users (VPN) and/or for the PC with Intel® IPT public web embedded tokens End Users Web Sites Organizations Add security that is Protect user accounts Secure method for authorized easy to use and limit losses users to remotely log in 1 Embedded tokens work with all Symantec VIP protected web sites as well as enabled VASCO protected sites. 15
  • 16.
    Example of Hardware-enhancedSecurity for Virtualized Servers and Clouds Intel® AES-NI Apps1 Apps2 Built-in Encryption Apps2 Intel® TXT Enables VM OS1 OS2 OS2 migration based Intel® VT VM2 on security policy Protects VM Isolation VM1 VM2 Intel® TXT Hypervisor Hypervisor Works with the VMM to create Server Hardware 1 Server Hardware 2 “trusted” status with Intel® TXT with Intel® TXT Encrypt Isolate Comply Intel® AES-NI Intel® VT and Intel® TXT Intel® TXT delivers built-in encryption protects VM isolation and establishes “trusted” status acceleration for better data provides a more secure to enable migration based protection platform on security policy Establishing the foundation for more secure data centers Intel® AES-NI – Intel® Advanced Encryption Standard New Instructions; Intel® TXT – Intel® Trusted Execution Technology; Intel® VT – Intel® Virtualization Technology 16
  • 17.
    Hardware-enhanced Security: OtherApplications Remote Client Management and Remediation, Response Client Anti-Theft and Recovery Hardware-accelerated File and Data Whole-Disk Encryption Hardware-accelerated Application Data Encryption Embedded System, Virtualized Platform Server, and Cloud Security Identity Protection and Network Access Management Intel and its partners are applying Hardware-enhanced Security to “harden” each perimeter of defense. 17
  • 18.
    Defense-in-Depth enhanced by Hardware-assistedSecurity Response McAfee EEPC File and Data McAfee EEPC Application Intel® VT Platform Network Intel and its partners are applying Hardware-enhanced Security to “harden” each perimeter of defense. 18
  • 19.
    Enhancing End toEnd Cloud Security Build Foundation of Integrity: From Client to Network to Cloud Public/Private Clouds User & Intelligent (Servers, Network, Storage) Devices Private Cloud Secure the Connections Public Apps, data in flight, traffic Cloud 2 Secure Cloud Datacenters Secure the Devices Infrastructure & VM integrity, seamless federation, 3 Identity & access mgmt, platform integrity, data audit/compliance, data 1 protection protection 4 Common Security Standards
  • 20.
    Example of HowHardware-enhanced PC Security can enhance Cloud Security Private Cloud Public Cloud Identity Strengthen Protect against Protect against Federation and Simplify Man in the Zero-Day Attacks Authentication Middle Attacks Salesforce.com Operating System Google.com CPU Authentication Data Protection Client Devices 20
  • 21.
    Enhancing End toEnd Cloud Security Intel + McAfee: Toward Worry-Free Cloud Computing Deliver hardware-enhanced security to better protect data, users, Cloud Data Centers & traffic from client to cloud Tools to aggregate security information across clouds to automate & simplify policy setting & improve audit/compliance reporting New capabilities to automate client to cloud security and service levels, such as identity as a service Industry collaboration to accelerate broad adoption of security standards so IT can easily adopt cloud 21
  • 22.
    Summary and Opportunity Theinfo security challenge is escalating. Hardware-assisted Security is solving a variety of problems, many unsolvable by software-only. We all have opportunity to Change The Game: Intel/McAfee + Partners + Customers
  • 23.
  • 24.
    Legal Notices andDisclaimers INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL® PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY RIGHTS IS GRANTED BY THIS DOCUMENT. EXCEPT AS PROVIDED IN INTEL’S TERMS AND CONDITIONS OF SALE FOR SUCH PRODUCTS, INTEL ASSUMES NO LIABILITY WHATSOEVER, AND INTEL DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY, RELATING TO SALE AND/OR USE OF INTEL ® PRODUCTS INCLUDING LIABILITY OR WARRANTIES RELATING TO FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR INFRINGEMENT OF ANY PATENT, COPYRIGHT OR OTHER INTELLECTUAL PROPERTY RIGHT. INTEL PRODUCTS ARE NOT INTENDED FOR USE IN MEDICAL, LIFE SAVING, OR LIFE SUSTAINING APPLICATIONS. Intel may make changes to specifications and product descriptions at any time, without notice. All products, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice. Intel, processors, chipsets, and desktop boards may contain design defects or errors known as errata, which may cause the product to deviate from published specifications. Current characterized errata are available on request. Software and workloads used in performance tests may have been optimized for performance only on Intel microprocessors. Performance tests, such as SYSmark* and MobileMark*, are measured using specific computer systems, components, software, operations and functions. Any change to any of those factors may cause the results to vary. You should consult other information and performance tests to assist you in fully evaluating your contemplated purchases, including the performance of that product when combined with other products. For more information go to http://www.intel.com/performance Intel, Intel Inside, the Intel logo, Intel Core, and Xeon are trademarks of Intel Corporation in the United States and other countries. Security features enabled by Intel® AMT require an enabled chipset, network hardware and software and a corporate network connection. Intel AMT may not be available or certain capabilities may be limited over a host OS-based VPN or when connecting wirelessly, on battery power, sleeping, hibernating or powered off. Setup requires configuration and may require scripting with the management console or further integration into existing security frameworks, and modifications or implementation of new business processes. For more information, see http://www.intel.com/technology/manage/iamt. No system can provide absolute security under all conditions. Requires an enabled chipset, BIOS, firmware and software and a subscription with a capable Service Provider. Consult your system manufacturer and Service Provider for availability and functionality. Intel assumes no liability for lost or stolen data and/or systems or any other damages resulting thereof. For more information, visit http://www.intel.com/go/anti-theft Intel® vPro™ Technology is sophisticated and requires setup and activation. Availability of features and results will depend upon the setup and configuration of your hardware, software and IT environment. To learn more visit: http://www.intel.com/technology/vpro The original equipment manufacturer must provide TPM functionality, which requires a TPM-supported BIOS. TPM functionality must be initialized and may not be available in all countries. Intel® AES-NI requires a computer system with an AES-NI enabled processor, as well as non-Intel software to execute the instructions in the correct sequence. AES-NI is available on select Intel® processors. For availability, consult your reseller or system manufacturer. For more information, see http://software.intel.com/en-us/articles/intel-advanced-encryption-standard-instructions-aes-ni/ *Other names and brands may be claimed as the property of others. Copyright © 2012 Intel Corporation, All Rights Reserved