FUTURE-DRIVEN CYBERSECURITY - The best vaccine against risk #TRUECYBERSECURITY - Kaspersky
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
2 FUTURE-DRIVEN CYBERSECURITY THE BEST VACCINE AGAINST RISK SIX TRENDS AND THE CHALLENGES THEY BRING HEALTHCARE 2018: If ever there was a need to have faith in human nature restored, consider that global «DEATH IS JUST healthcare spending almost always grows A TECHNICAL PROBLEM» faster than GDP. We care about life, and we want to improve it, year after year. Collectively, Yuval Noah Harari (Historian), Homo Deus (2016) we are determined to bring the power of science and human ingenuity to where it is needed most. According to bestselling author and historian, Healthcare spending is increasing at Yuval Noah Harari, such optimistic prophecies a projected annual rate of 4.1% between about human life expectancy are due to the 2017 and 2021 - up from 1.3% in 2012-2016. ‘breakneck development of fields such as genetic Cybersecurity Ventures predicts that global engineering, regenerative medicine and healthcare cybersecurity spending will nanotechnology.’ His proclamation sounds glib exceed $65-billion cumulatively between and it is hard to imagine humans approaching their 2018 and 2021. final days with such a sanguine approach. That is until you consider the sheer healthcare technology revolution that has been underway in recent years. SIX TRENDS AND THE CHALLENGES Data security THEY BRING becomes a matter of life or death The flip side of relying on technology to extend life is that when that technology is breached, life Data authenticity itself is put at risk. In this paper we will look at six takes centre stage key cybersecurity issues facing the Healthcare sector in 2018 and beyond – and shine the spotlight on the threats they bring with them. When it comes to healthcare data, an attack can Ransomware $ – your money or your life damage far more than reputation alone. We want to live: Global healthcare spending The role of human almost always grows faster than GDP beings – the enemy within? Harari (2016) reports that Google Ventures is investing 36% of its $2 billion portfolio in life sciences start-ups. Yet fathoming the enormity Mobile healthcare of this confidence in the future of healthcare technology does not require Harari’s devices and the Oxford PhD. Internet of Things Beyond the utopian headlines and dreams of immortality lies the fact that the life expectancy graphis probably the only index Regulation that has consistently shown an upwards curve, facing neither slump nor recession. None of this is any accident at all.
3 FUTURE-DRIVEN CYBERSECURITY THE BEST VACCINE AGAINST RISK TREND#1 DATA SECURITY BECOMES A MATTER OF LIFE OR DEATH TREND #1 Data Security Threat Spotlight: DATA SECURITY BECOMES Direct to the Heart of the Problem A MATTER OF LIFE When data security is a matter of life or death, OR DEATH cyberdefense becomes a fourth emergency service. This is never more acute than when First do no harm – keeping patients it comes to intra-patient technology and the and their data safe data that sustains it. Pacemakers, automatic defibrillators and other technological implants are especially vulnerable. Digital healthcare technology is a wide and In 2017, “almost half a million pacemakers ambitious field of intersecting disciplines which were recalled by the US Food and Drug together represent nothing less than the (very) Administration (FDA) due to fears that their human struggle for longer, healthier and – above lax cybersecurity could be hacked to run all – better lives. It is hard to imagine a more noble the batteries down or even alter the patient’s application for the revolutionary technology that heartbeat.” labs and minds across the world now produce. Source: The Guardian (UK) The responsibility for healing the sick no longer lies with physicians alone. Rather, the expertise, determination and collaboration in healthcare CLINICAL DATA TECHNOLOGY technology involves the contribution of specialists from multiple fields. In the healthcare technology revolution, physicians must now join hands with In the second aspect, the technology concerns programmers, psychologists, other clinicians, data itself with the enormous flood of data that arises scientists, pharmacologists, wearables developers from the interface between the patient and the and even logistic experts (to name just a few). healthcare system. In a traditional clinical setting, this would include everything from personal data, Healthcare technology is revolutionizing the way appointment diaries, ECG/oxygen saturation/blood clinicians approach everything from prevention and pressure readings and other physical monitoring diagnosis to treatment and monitoring of ailments data, to symptomatology reported by the patient both physical and mental. Broadly, the healthcare themselves. technology field can be analysed as having two orientations. This category of data is already swelling, and it faces the exact same threats and risks as data INTRA-PATIENT TECHNOLOGY everywhere, except in this case it pertains to the most precious asset that any individual has: their own body (and perhaps mind). When it comes to In the first case, healthcare technology is oriented sensitivity, the stakes are raised in healthcare data, towards the patient – the human body itself. This more than almost any other field. aspect concerns technology such as wearable blood sugar monitors, contraceptive devices, Yet this enormous mine of data is poised to be automatic defibrillators and perhaps (eventually) augmented beyond previous expectations, thanks artificial organs, that are implanted into the body to the constant data input from the proliferation of to prevent death and enhance life. healthcare technology devices and apps. Constant monitoring of physiological and even psychological states is now possible, far beyond the clinic walls, thanks to wearables and implants and other intra- patient innovations. Apps convert smart phones, watches and tablets into life-extending health-monitors.
4 FUTURE-DRIVEN CYBERSECURITY THE BEST VACCINE AGAINST RISK TREND#2 DATA AUTHENTICITY TAKES CENTRE STAGE THE INTERNET OF THINGS, WHY STEAL CREDIT CARD DETAILS WHEN OR THE THE INTERNET OF BODIES? YOU CAN STEAL AN ENTIRE IDENTITY? Uniting these two broad aspects of healthcare technology is the new interconnectedness between Bundles of stolen the two, and now between healthcare technology medical data from up and the wider Internet of Things. to 140-million And just as the number of links in the healthcare patients are for sale technology data chain grows, so too does the online. number of possible entry sites for system-fatal cyber infection. Create fake IDs In a sense, healthcare technology may become Buying drugs or medical a distinct subset of the Iota, one which we might equipment call the Internet of Bodies, with rules, challenges Selling the information and benefits of its own. 4.1% With the biometric ID revolution in full swing, tampering with personal physiological details ANNUALLY SPENDING IS INCREASING is more lucrative than ever. Consider that KFC even allowed customers to ‘pay with their faces’ $56-billion at an outlet in China – building a direct connection between the customer’s face and their SPENDING IS SET TO EXCEED (or their victim’s) bank account. While changing CUMULATIVELY TO 2021 your bank details may be straightforward, reclaiming your entire identity – putting your 140-million authentic vital statistics back where they belong – is far harder. patients Stolen medical records provide data that is a goldmine for criminals who can use it to carry out BUNDLES OF STOLEN MEDICAL DATA a wide range of fraudulent activities – create fake ARE FOR SALE ONLINE. IDs to buy drugs or medical equipment, file bogus insurance claims, obtain health services they wouldn’t otherwise qualify for, etc. – or just sell TREND #2 the information so others can do the same. DATA AUTHENTICITY Yet these examples are only the beginning TAKES CENTRE STAGE of the problem. When it comes to health, authenticity of data is literally a matter of life or death. Compromised medical records are a matter This is about far more than identity theft. of life or death The question is, what happens to the patients whose records are tampered with or stolen? Healthcare records typically contain date of birth, Bereft of accurate and authentic data, clinicians address, phone numbers, email address, medical are more prone to misdiagnosis or inappropriate insurance details, social security numbers, work medication, putting patients’ lives at risk. information and comprehensive historical and Now that electronic records have almost fully current health data. They’re about as complete replaced written records, a cyber-attack could lead a dataset of an individual’s life as exists and they’re to the erasure of decades of vital health data, a social engineer’s paradise. with extremely serious consequences.
5 FUTURE-DRIVEN CYBERSECURITY THE BEST VACCINE AGAINST RISK TREND#3 RANSOMWARE: YOUR MONEY OR YOUR LIFE! Data Authenticity Threat Spotlight: Allscripts, was hit by a major SamSam ransomware A New Lease of Life for Medical attack focusing primarily on their Electronic Insurance Fraud Prescriptions for Controlled Substances services. Approximately 1,500 medical practices Health data identity theft forms the foundation were affected. of medical insurance fraud, and there is clearly a market out there, hungry for illegally obtained Sadly, it is easy to understand why healthcare data: anything to help bring down premium costs. was the top target for ransomware in 2017. When lives hang in the balance, ransomware Incidents of compromised medical data are victims are unlikely to hesitate when it comes relentless and show no signs of abating. to paying the ransom demanded for the release Around 1.13 million patient records were of health records. compromised in 110 healthcare data breaches in the first quarter. A full 45% of cross-industry ransomware 1 In July 2018 in Singapore, hackers breached incidents targeted healthcare systems. their government’s health database, accessing Ransomware accounts for an unhealthy 85% of 2 the data of approximately 1.5 million patients all malware in the sector. And there’s more bad news: (including the Prime Minister’s), for almost Ransomware attacks on healthcare organizations 3 a week. In the UK, the National Health Service’s are expected to quadruple by 2020. NHS Digital department suffered a data breach In spite of the blistering pace of digital in which 150,000 patients had their confidential transformation in healthcare, the sector has not data shared without their permission. always managed to stay up to date with the latest cyber risks. As a result, investment in cybersecurity continues to lag behind that expected of industries facing a similar threat level. TREND #3 RANSOMWARE: This is partly due to a cultural problem within YOUR MONEY OR YOUR healthcare – clinicians, nurses and others in patient-facing roles are often less likely to adopt LIFE! technical innovations than professionals in Patient safety involves timely access office-based industries. This leads to a tendency to information. What happens when that to rely on legacy technology – and is entirely information isn’t available? understandable given the time pressures that clinicians face. Unfortunately, cyber-criminals see the continuing WannaCry – the biggest ransomware attack reliance on legacy technology as an invitation to in history – brought Britain’s National Health a feeding frenzy. They exploit vulnerabilities inexisting Service to its knees in 2017. Entire systems were (legacy) technology, preying on outdated, unavailable, critical records out of reach, and unpatched connected devices to gain access appointment diaries sent into freefall. to the organization’s systems. Non-urgent procedures and appointments were postponed, leaving people in pain and clinics at breaking point. Queues of anxious patients and AWARENESS IS HALF THE CURE family members formed at hospitals and clinics around the country, but once they reached the 32% of healthcare professionals in a recent study 4 front, it was most definitely a severe case said that ransomware is their biggest security of ‘Computer Says No.’ concern. A shocking 50% of healthcare The havoc wrought by WannaCry in Britain’s ransomware victims fail to get all of their data health service is just one example of a growing back, even after paying up. trend. In January 2018, electronic health record and practice management software provider 1 Beazley 2018 Breach Briefing 4 Cybersecurity and Healthcare - HIMSS 2018 Survey 2 2018 Data Breach Investigations Report, Verizon 3 Cybersecurity Ventures, 2017
6 FUTURE-DRIVEN CYBERSECURITY THE BEST VACCINE AGAINST RISK TREND#4 THE ENEMY WITHIN? HUMAN BEINGS AND INTERNAL ACTORS becomes even more complicated. Sadly, it would 50% appear that humans are not the only locus of OF HEALTHCARE ORGANIZATIONS autoimmune disease – the healthcare system can WHO PAY RANSOMWARE DEMANDS be seen to be attacking itself. DON’T GET THEIR DATA BACK. If that pronouncement sounds over-dramatic, consider that healthcare is the only industry that has more internal actors behind breaches than external: 5 Ransomware Threat Spotlight: 56% internal compared to 43% external. Legacy Technology and a Poor Prognosis after WannaCry? The WannaCry ransomware attack wrought 56% havoc on Britain’s NHS, with a phenomenal 80 HEALTHCARE HAS MORE INTERNAL of 236 NHS trusts across England disrupted, BREACHES THAN EXTERNAL as well as a further 603 NHS organisations, including 595 GP practices. The system that ought to protect itself is instead attacking itself. This problem is exacerbated by the In spite of this, the healthcare industry’s reliance huge number of people who have access to on legacy technology and ‘old habits’ means that corporate healthcare networks – from the most the threat of further ransomware attacks is by no senior to the most junior – including contractors. means that the threat of further ransomware attacks is by no means in the past. In July 2017, an employee with international The UK Department of Health and Social Care healthinsurer BUPA copied and stole records from (DHSC) released a report containing 22 the company’s international health insurance plan ‘lessons learned’, with recommendations on for frequent travellers and customers who work how to avoid more attacks. Over a year later, the abroad.The resulting data breach affected half DHSC admitted it still did not know what these a million customers. recommendations would cost or when they would be implemented. The Enemy Within Threat Spotlight: Perhaps the saddest part about the WannaCry Physician, heal thyself attack (and others like it) is the fact that there was already a simple patch available that would have What drives these internal breaches? 40% of prevented it. The patient – in this case the health internal actors are motivated by financial gain service itself – had simply failed to comply with (such as tax fraud, selling or using stolen the medication regimen prescribed. information to access credit), 31% do it for fun or curiosity and 10% do it because it’s convenient. Honest mistakes also feature – when it comes to security incidents, healthcare is almost seven TREND #4 times more likely to feature a casual error than other verticals. This point is heavily related to THE ENEMY WITHIN? the over-reliance on unpatched legacy systems HUMAN BEINGS AND within an industry slow to adapt to digital transformation. INTERNAL ACTORS 62% of errors are due to incorrect delivery – Healthcare’s own autoimmune cyber disease for example, sending an email or SMS intended for one person to somebody else. Misuse is a less honest problem, involving Identifying and defeating an external pathogen is privilege/access abuse in a full 74% of events. challenging enough. But when the body attacks itself, as in autoimmune diseases, the clinical picture 5 2018 Data Breach Investigations Report, Verizon
7 FUTURE-DRIVEN CYBERSECURITY THE BEST VACCINE AGAINST RISK TREND#5 MOBILE HEALTHCARE DEVICES AND THE INTERNET OF THINGS TREND #5 THE HUMBLE PAGER AND ITS ALL-TOO-NUMEROUS HEIRS MOBILE HEALTHCARE DEVICES AND THE INTERNET Doctors were using pagers long before they were fashionable – glancing at the little device clipped OF THINGS to their waistbands before frantically darting off somewhere to save one life or another. “Learn to see. Realize that everything connects to In fact, pagers (arguably the first ever connected everything else.”Leonardo da Vinci mobile device) were invented all the way back in 1949, expressly for doctors, by an engineer called Prophetic as ever, inventor, artist and polymath Alfred J. Gross. Pagers are now just one example Leonardo da Vinci might not have been surprised of a legacy technology that the healthcare industry still uses – perhaps to its detriment. at the advent of the Internet of Things, which is now revolutionizing the way patients access THE GLOBAL MARKET FOR MOBILE medical services. HEALTHCARE APPLICATIONS IS Many hospitals and already have thousands of VALUED AT $28.32-BILLION – and is expected to reach $102.35 IoT devices connected to their networks, -billion by 2023. covering almost every aspect of patient care, from cardio diagnostics, continuous glucose monitoring Technology has evolved considerably from the systems, activity trackers for cancer patients, pagers invented by Mr Gross. Doctors and medical connected inhalers, ingestible sensors and staff now routinely use mobile devices for decision coagulation testers to real-time geo-location, support and consultation, sharing information and elderly monitoring systems, and even connected images. But an unsecured device can cause havoc. contact lenses, and all manner of sensor. The growing number of social media apps that And it’s not slowing down. Cisco estimates that the automatically access data stored on mobile devices means that confidential data from an unsecured number of IoT devices will be three times as high device can easily be made public even by mistake, as the global population by 2021, leading, perhaps, let alone intentionally. In an industry where IT to the Internet of Bodies, when human beings training takes a poor second place after critical ourselves are connected to the Things around us medical training and specialty-specific continuing (capitalization intentional). professional development demands, such errors More devices means more attack vectors. are endemic. 20% of organizations (in all sectors) suffered Mobile communications and Mobile Medical 6 at least one IoT attack in the last three years – Applications offer new ways to revolutionize and in the last year alone, there was a 525% the way we receive and deliver healthcare, offering increase in vulnerabilities in medical devices. 7 detailed, pinpointed diagnoses and prescriptions that can be instantly titrated and perfected on Yet most hospitals don’t even know how many a real-time basis. 8 of these devices they have, and only 55% have These innovations, from health monitoring security controls in place to protect them. to medication management share a goal that is no less than extending the lifespan (and quality VULNERABILITIES of life) of human beings everywhere. Returning IN MEDICAL DEVICES to Harari’s proclamation that death itself will come INCREASED BY 525% to be seen as a mere technical problem, investors everywhere are reaching deep into their pockets. ONLY 55% OF HOSPITALS HAVE While the heroes of myths and legends once SECURITY CONTROLS IN PLACE FOR searched for the elusive nectar, elixir or spring THEIR IOT DEVICES. of everlasting life, today’s heroes are collectively building a global market for mobile health 6 Gartner Research, 2018 8 PwC, “Uncovering the potential of the Internet of Things,” 2016, 7 HRI analysis of data reported by US Industrial Control Systems Cyber Will try to find something more recent Emergency Response Team (ICS-CERT)
8 FUTURE-DRIVEN CYBERSECURITY THE BEST VACCINE AGAINST RISK TREND#6 REGULATIONS AND COMPLIANCE LOOM LARGE applications that is valued at $28.32 billion and In the US, the HIPPA (The Health Insurance 9 expected to reach $102.35 billion by 2023. Portability and Accountability Act) was set up to The vision is that this new market will consign protect personal information collected and guesswork, instinct and human error to history. stored in medical records – their Security Rule focuses specifically on safeguarding electronically protected health information. Mobile Healthcare Devices Threat Spotlight: Meanwhile, in the UK, the NIS Directive has MyFitnessPal Data Theft established network security requirements for operators of essential services and digital service In March 2018, 150-million MyFitnessPal providers in various sectors, including healthcare. accounts were breached. The stolen data It also sets out minimum security measures and included usernames, email addresses and necessary incident notification mechanisms. scrambled passwords, in an attack symptomatic of the growing attraction that mobile medical applications hold for cyber criminals. With Regulations Threat Spotlight: The Punitive healthcare apps now tracking everything from Cost of Non-Compliance food consumption to fertility (including sexual Healthcare organizations are obliged to adhere activity) and sleep, the temptation for criminals, to these regulations and directives – failure to and the threat to users are only going to do so could prove fatal to licensing, and continue to multiply. significantly reduce the longevity of business- critical contracts. Potential human and reputational costs aside, HIPAA has a maximum non-compliance penalty of $1.5-million for TREND #6 violations and a strict monitoring and audit programme following a breach. REGULATIONS AND COMPLIANCE LOOM LARGE Cybersecurity is a patient trust and safety issue. This includes privacy. Healthcare organizations hold priceless personal patient information – they’re obliged to take its care almost as seriously as that of their patients themselves. In January 2018, Norway’s Health South-East RHF admitted that they had suffered a serious data breach and that the health records of 2.9 million Norwegian citizens may have been exposed. The company was heavily criticized for waiting a week to report the breach (a delay which would have fallen foul of the time-sensitive reporting requirements of the GDPR had the regulation been in effect at the time). There are various regulatory, compliance and standards frameworks that address medical data and IT security in healthcare. Briefly, the EU’s GDPR (General Data Protection Regulation) includes a set of definitions directly related to healthcare data: ‘data concerning health’, genetic data” and “biometric data”. 9 Health App Market - Industry Trends, Opportunities and Forecasts to 2023
9 FUTURE-DRIVEN CYBERSECURITY THE BEST VACCINE AGAINST RISK HOW TO PROTECT YOUR COMPANY? – CHOOSE SCENARIO THAT FITS YOU THE BEST Kaspersky Lab solutions guarantees proven protection against cyberattacks for every single kind of healthcare organization. While the healthcare sector is booming and leveraging a powerful wealth of new technologies, 10 cybercriminals are launching some 938 attacks per minute, trying to bring businesses to their knees. In spite of today's extremely volatile and challenging environment, Kaspersky Lab has the perfect solution to protect your data - and your business continuity. Just use the table below to choose the one that suits your company best, and feel free to get in touch at any time if you’d like to have a chat about how we can help at Kaspersky.com. How to use the table All of our solutions guarantee proven protection for your business but, since every organization has its own particular set of needs, we’ve divided our recommendations into three groups to make it easier for you to get the perfect fit. Good offers sufficient protection for a broad range of cybersecurity requirements. Better comes with additional defences and threat intelligence products. Best brings the most advanced and thorough protection in the world, together with enhanced management tools. KASPERSKY PRODUCT PORTFOLIO MAPPING Solution Good Better Best WHAT: Kaspersky WHAT: Kaspersky WHAT: Kaspersky Endpoint Security Endpoint Security for Endpoint Security for for Business + Business + Business + Kaspersky Maintenance Kaspersky CyberSafety Kaspersky CyberSafety Service Agreement Plus Online Platform Training Management Games + Kaspersky Modules + Kaspersky Kaspersky Maintenance Endpoint Security HOW: Maintenance Service Service Agreement Patient and staff data Agreement Business Business secured against theft, loss or corruption HOW: HOW: (HIPS, encryption, Patient and staff data Patient and staff data device and web secured against theft, secured against theft, control), with extended loss or corruption loss or corruption and premium support (HIPS, encryption, (HIPS, encryption, programs. device and web device and web control),with extended control), with extended FIPS 140.2 certified and premium support and premium support encryption functions programs and programs and online and management interactive face-to-face workshop to develop of OS-embedded workshops to develop essential staff IT encryption to achieve essential staff IT competencies. key compliance goals competencies. (e.g. GDPR). 10 Total, global number of adware and malware detections by Kaspersky Lab products for Windows and Mac computers.
10 FUTURE-DRIVEN CYBERSECURITY THE BEST VACCINE AGAINST RISK Solution Good Better Best FIPS 140.2 certified FIPS 140.2 certified encryption functions encryption functions and management and management of OS-embedded of OS-embedded encryption to achieve encryption to achieve key compliance goals key compliance goals (including GDPR). (including GDPR). WHAT: Kaspersky WHAT: Kaspersky WHAT: Kaspersky Hybrid Cloud Security Hybrid Cloud Security + Hybrid Cloud Security Kaspersky Security for Enterprise + Kaspersky HOW: Storage Security for Storage Proven security for Kaspersky physical, virtual and HOW: HOW: Hybrid Cloud cloud workloads, Extra layer of defence No compromise – Security as well as for data for data in rest with comprehensive security storage and data protection against controls, real time OS transmission systems lingering malware, and data integrity for your entire hybrid active ransomware monitoring, system cloud, even for and ransomware-like hardening and complex geographically wiper attacks advanced network distributed hybrid conducted via the IDS to fulfil the stringent architectures network and demands of multiple (legacy on-premise, connected storage. international healthcare data center-located data regulations. and public cloud). Built to handle vast Edge-to-edge quantities of patient manageability, and other sensitive flexibility and visibility data and protect the via an enterprise-level largest and the most security orchestration complex infrastructures console. while maintaining full Compliance visibility and granular enablement to secure control. patients’ health and payment data in line with HIPAA, PCI DSS and GDPR regulations. WHAT: Kaspersky WHAT: Kaspersky Anti WHAT: Kaspersky Anti Secure Mail Gateway + Targeted Attack Targeted Attack Kaspersky Secure Web Platform + Kaspersky Platform + Kaspersky Gateway Endpoint Detection Endpoint Detection and Response and Response + Kaspersky Kaspersky Cybersecurity Services Threat Management and Defense
11 FUTURE-DRIVEN CYBERSECURITY THE BEST VACCINE AGAINST RISK Solution Good Better Best HOW: HOW: HOW: The functions part Specialized protection In addition to the of a preventative from advanced threats offering described in approach to targeted and targeted attack Better scenario on the attacks providing support the automated left, enrichment automated email threat multi-dimensional of products with access prevention, delivering threat discovery on the to Kaspersky Lab’s outstanding protection proxy, web, email and global knowledge for traffic running endpoints levels. One base about threats, through mail servers solid event correlation training for specialists, against spam, phishing core based on machine as well as round-the- and generic and learning and clock analysis advanced malware retrospective data of information security threats and protection analysing forms the events and prompt from the dangers most complete picture response to incidents of the World Wide of all stages of the helping organizations Web, blocking anything attack and provide quickly detect malicious dangerous on the centralized response acts and prevent future web traffic capabilities, simplifying attacks. and expediting crucial threat containment and neutralizing procedures. WHAT: Kaspersky WHAT: Kaspersky WHAT: Kaspersky DDoS Protection DDoS Protection DDoS Protection (always-on) Ultimate (on-demand) Connect Plus (always-on) OR Kaspersky DDoS HOW: Protection Connect HOW: Protects web servers Always-on BGP Kaspersky HOW: redirection, with traffic by redirecting traffic DDoS Protection and changing DNS Faster on-demand BGP automatically passed records of protected redirection and through scrubbing resources, making in-house control over centers, while Kaspersky sure these always when to execute engineers immediately travel through mitigation – traffic only run detailed checks Kaspersky ‘scrubbing goes through scrubbing to optimize mitigation centers’, with legitimate centers in case of attack. based on size, type and traffic returned to you sophistication of DDoS Covers up to 300 Mbit, ‘clean.’ attack. with the option to A totally transparent boost capabilities with Covers bandwidth up process end-to-end Kaspersky DDoS to 2 Gbit; ideal for and suitable for Protection Connect, life-critical services bandwidths of up and cover more such as remotely to 30 Mbit, with the bandwidth. accessible diagnostics/ option to purchase surgery services, and more. for organizations with a large number of protected resources.
12 FUTURE-DRIVEN CYBERSECURITY THE BEST VACCINE AGAINST RISK Solution Good Better Best WHAT: Kaspersky WHAT: Kaspersky WHAT: Kaspersky Embedded Systems Embedded Systems Embedded Systems Security Security + Kaspersky Security + Kaspersky Maintenance Service Maintenance Service HOW: Agreement Agreement + Equipment Kaspersky Mandatory protection based on Kaspersky even for devices with HOW: Secure Operating System IoT Security weak, vulnerable Mandatory protection hardware with low even for devices with HOW: processing power weak, vulnerable The use of Kaspersky and legacy software, hardware with low Operating System meeting compliance processing power and network equipment requirements. legacy software, guarantees security- meeting compliance by-design, slashing requirements. the risk of compromise, Managed services espionage, sabotage ensure the smooth or DDoS (includes DDoS running of the entire attacks launched by institution's security, criminals ‘hijacking’ the reducing probability network, as well as of life-threatening those launched against process disruption. it from external sources). Mandatory protection even for devices with weak, vulnerable hardware with low processing power and legacy software, meeting compliance requirements. WHAT: Penetration WHAT: Penetration WHAT: Penetration Testing + Application Testing, Application Testing, Application Security Assessment + Security Assessment, Security Assessment, Incident Response Incident Response Incident Response training, training + Threat Data training, Threat Data Threat Data Feeds + Kaspersky Feeds Feeds + Smart Smart Technologies and Threat Intelligence Technologies and IoT Security Assessment, HOW: IoT Security Assessment, Threat Lookup, Cloud and Cybersecurity Services Prevents IoT/IoB/ Threat Lookup, Cloud Sandbox, Customer- computer-aided Sandbox + Customer- specific Threat misdiagnosis, specific Threat Intelligence Reporting, medication errors Intelligence Reporting, Incident Response and manipulation Incident Response retainer + APT of personal data by retainer Intelligence Reporting, remediating Digital Forensics training, vulnerabilities early, Malware Analysis and while ensuring HIPAA Reverse Engineering and GDPR compliance. training
13 FUTURE-DRIVEN CYBERSECURITY THE BEST VACCINE AGAINST RISK PRODUCT SECTION Solution Good Better Best Builds vital internal HOW: HOW: incident response External threat Digital Forensics and capabilities intelligence maps Malware Analysis and to effectively counter internal events to Reverse Engineering targeted attacks, external actors, trainings build vital ransomware and while supply-chain internal capabilities, commodity threats. vulnerabilities and boosted by a qualified External threat potential internal Kaspersky partner intelligence maps actors are kept on hand to respond internal events constantly under to more complex and to external actors – the microscope – sophisticated incidents. allowing for efficient allowing for efficient External threat defense strategies defense strategies intelligence maps against ransomware, against ransomware, internal events commodity and commodity and to external actors, advanced attacks. advanced attacks. while supply-chain Builds vital internal vulnerabilities and incident response potential internal capabilities, boosted actors are kept by a qualified Kaspersky constantly under partner on hand to the microscope – respond to more allowing for efficient complex and defense strategies sophisticated incidents. against ransomware, commodity and advanced attacks. WHAT: Advanced Authentication, Automated Fraud Analytics HOW: Advanced Authentication Protects the external perimeter to guarantee the security of priceless repositories of sensitive Kaspersky personal information, with frictionless and continuous Fraud Prevention authentication, cutting the costs of second factor for legitimate users while keeping fraud detection rates high in real-time. Automated Fraud Analytics thoroughly analyzes events to uncover complicated fraud cases and allow for accurate and timely incident response decisions; with true machine learning, forensic capabilities, and access to valuable real-time session and behavioural data.
You can also read