FUTURE-DRIVEN CYBERSECURITY - The best vaccine against risk #TRUECYBERSECURITY - Kaspersky
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Kaspersky for Business FUTURE-DRIVEN CYBERSECURITY The best vaccine against risk #TRUECYBERSECURITY
2
FUTURE-DRIVEN CYBERSECURITY
THE BEST VACCINE AGAINST RISK SIX TRENDS AND THE CHALLENGES THEY BRING
HEALTHCARE 2018: If ever there was a need to have faith in
human nature restored, consider that global
«DEATH IS JUST healthcare spending almost always grows
A TECHNICAL PROBLEM» faster than GDP. We care about life, and we
want to improve it, year after year. Collectively,
Yuval Noah Harari (Historian), Homo Deus (2016) we are determined to bring the power of
science and human ingenuity to where it is
needed most.
According to bestselling author and historian, Healthcare spending is increasing at
Yuval Noah Harari, such optimistic prophecies a projected annual rate of 4.1% between
about human life expectancy are due to the 2017 and 2021 - up from 1.3% in 2012-2016.
‘breakneck development of fields such as genetic Cybersecurity Ventures predicts that global
engineering, regenerative medicine and healthcare cybersecurity spending will
nanotechnology.’ His proclamation sounds glib exceed $65-billion cumulatively between
and it is hard to imagine humans approaching their 2018 and 2021.
final days with such a sanguine approach.
That is until you consider the sheer healthcare
technology revolution that has been underway
in recent years.
SIX TRENDS AND THE CHALLENGES Data security
THEY BRING becomes a matter of life or death
The flip side of relying on technology to extend
life is that when that technology is breached, life Data authenticity
itself is put at risk. In this paper we will look at six takes centre stage
key cybersecurity issues facing the Healthcare
sector in 2018 and beyond – and shine the
spotlight on the threats they bring with them.
When it comes to healthcare data, an attack can
Ransomware
$ – your money or your life
damage far more than reputation alone.
We want to live: Global healthcare spending The role of human
almost always grows faster than GDP beings – the enemy within?
Harari (2016) reports that Google Ventures is
investing 36% of its $2 billion portfolio in life
sciences start-ups. Yet fathoming the enormity Mobile healthcare
of this confidence in the future of healthcare
technology does not require Harari’s devices and the
Oxford PhD.
Internet of Things
Beyond the utopian headlines and dreams
of immortality lies the fact that the life
expectancy graphis probably the only index Regulation
that has consistently shown an upwards curve,
facing neither slump nor recession.
None of this is any accident at all.3
FUTURE-DRIVEN CYBERSECURITY
THE BEST VACCINE AGAINST RISK TREND#1 DATA SECURITY BECOMES A MATTER OF LIFE OR DEATH
TREND #1
Data Security Threat Spotlight:
DATA SECURITY BECOMES Direct to the Heart of the Problem
A MATTER OF LIFE When data security is a matter of life or death,
OR DEATH cyberdefense becomes a fourth emergency
service. This is never more acute than when
First do no harm – keeping patients it comes to intra-patient technology and the
and their data safe data that sustains it. Pacemakers, automatic
defibrillators and other technological implants
are especially vulnerable.
Digital healthcare technology is a wide and
In 2017, “almost half a million pacemakers
ambitious field of intersecting disciplines which
were recalled by the US Food and Drug
together represent nothing less than the (very)
Administration (FDA) due to fears that their
human struggle for longer, healthier and – above
lax cybersecurity could be hacked to run
all – better lives. It is hard to imagine a more noble
the batteries down or even alter the patient’s
application for the revolutionary technology that
heartbeat.”
labs and minds across the world now produce.
Source: The Guardian (UK)
The responsibility for healing the sick no longer
lies with physicians alone. Rather, the expertise,
determination and collaboration in healthcare
CLINICAL DATA TECHNOLOGY
technology involves the contribution of specialists
from multiple fields. In the healthcare technology
revolution, physicians must now join hands with In the second aspect, the technology concerns
programmers, psychologists, other clinicians, data itself with the enormous flood of data that arises
scientists, pharmacologists, wearables developers from the interface between the patient and the
and even logistic experts (to name just a few). healthcare system. In a traditional clinical setting,
this would include everything from personal data,
Healthcare technology is revolutionizing the way
appointment diaries, ECG/oxygen saturation/blood
clinicians approach everything from prevention and
pressure readings and other physical monitoring
diagnosis to treatment and monitoring of ailments
data, to symptomatology reported by the patient
both physical and mental. Broadly, the healthcare
themselves.
technology field can be analysed as having
two orientations. This category of data is already swelling, and
it faces the exact same threats and risks as data
INTRA-PATIENT TECHNOLOGY everywhere, except in this case it pertains to the
most precious asset that any individual has: their
own body (and perhaps mind). When it comes to
In the first case, healthcare technology is oriented
sensitivity, the stakes are raised in healthcare data,
towards the patient – the human body itself. This
more than almost any other field.
aspect concerns technology such as wearable
blood sugar monitors, contraceptive devices, Yet this enormous mine of data is poised to be
automatic defibrillators and perhaps (eventually) augmented beyond previous expectations, thanks
artificial organs, that are implanted into the body to the constant data input from the proliferation of
to prevent death and enhance life. healthcare technology devices and apps. Constant
monitoring of physiological and even psychological
states is now possible, far beyond the clinic walls,
thanks to wearables and implants and other intra-
patient innovations. Apps convert smart phones,
watches and tablets into life-extending
health-monitors.4
FUTURE-DRIVEN CYBERSECURITY
THE BEST VACCINE AGAINST RISK TREND#2 DATA AUTHENTICITY TAKES CENTRE STAGE
THE INTERNET OF THINGS, WHY STEAL CREDIT CARD DETAILS WHEN
OR THE THE INTERNET OF BODIES? YOU CAN STEAL AN ENTIRE IDENTITY?
Uniting these two broad aspects of healthcare
technology is the new interconnectedness between
Bundles of stolen
the two, and now between healthcare technology medical data from up
and the wider Internet of Things. to 140-million
And just as the number of links in the healthcare patients are for sale
technology data chain grows, so too does the online.
number of possible entry sites for system-fatal
cyber infection. Create fake IDs
In a sense, healthcare technology may become Buying drugs or medical
a distinct subset of the Iota, one which we might equipment
call the Internet of Bodies, with rules, challenges
Selling the information
and benefits of its own.
4.1% With the biometric ID revolution in full swing,
tampering with personal physiological details
ANNUALLY SPENDING IS INCREASING
is more lucrative than ever. Consider that KFC
even allowed customers to ‘pay with their faces’
$56-billion at an outlet in China – building a direct connection
between the customer’s face and their
SPENDING IS SET TO EXCEED (or their victim’s) bank account. While changing
CUMULATIVELY TO 2021 your bank details may be straightforward,
reclaiming your entire identity – putting your
140-million authentic vital statistics back where they belong –
is far harder.
patients Stolen medical records provide data that is a
goldmine for criminals who can use it to carry out
BUNDLES OF STOLEN MEDICAL DATA a wide range of fraudulent activities – create fake
ARE FOR SALE ONLINE. IDs to buy drugs or medical equipment, file bogus
insurance claims, obtain health services they
wouldn’t otherwise qualify for, etc. – or just sell
TREND #2 the information so others can do the same.
DATA AUTHENTICITY Yet these examples are only the beginning
TAKES CENTRE STAGE of the problem. When it comes to health, authenticity
of data is literally a matter of life or death.
Compromised medical records are a matter This is about far more than identity theft.
of life or death
The question is, what happens to the patients
whose records are tampered with or stolen?
Healthcare records typically contain date of birth, Bereft of accurate and authentic data, clinicians
address, phone numbers, email address, medical are more prone to misdiagnosis or inappropriate
insurance details, social security numbers, work medication, putting patients’ lives at risk.
information and comprehensive historical and Now that electronic records have almost fully
current health data. They’re about as complete replaced written records, a cyber-attack could lead
a dataset of an individual’s life as exists and they’re to the erasure of decades of vital health data,
a social engineer’s paradise. with extremely serious consequences.5
FUTURE-DRIVEN CYBERSECURITY
THE BEST VACCINE AGAINST RISK TREND#3 RANSOMWARE: YOUR MONEY OR YOUR LIFE!
Data Authenticity Threat Spotlight: Allscripts, was hit by a major SamSam ransomware
A New Lease of Life for Medical attack focusing primarily on their Electronic
Insurance Fraud Prescriptions for Controlled Substances services.
Approximately 1,500 medical practices
Health data identity theft forms the foundation
were affected.
of medical insurance fraud, and there is clearly
a market out there, hungry for illegally obtained Sadly, it is easy to understand why healthcare
data: anything to help bring down premium costs. was the top target for ransomware in 2017.
When lives hang in the balance, ransomware
Incidents of compromised medical data are
victims are unlikely to hesitate when it comes
relentless and show no signs of abating.
to paying the ransom demanded for the release
Around 1.13 million patient records were
of health records.
compromised in 110 healthcare data breaches
in the first quarter. A full 45% of cross-industry ransomware
1
In July 2018 in Singapore, hackers breached incidents targeted healthcare systems.
their government’s health database, accessing Ransomware accounts for an unhealthy 85% of
2
the data of approximately 1.5 million patients all malware in the sector. And there’s more bad news:
(including the Prime Minister’s), for almost Ransomware attacks on healthcare organizations
3
a week. In the UK, the National Health Service’s are expected to quadruple by 2020.
NHS Digital department suffered a data breach In spite of the blistering pace of digital
in which 150,000 patients had their confidential transformation in healthcare, the sector has not
data shared without their permission. always managed to stay up to date with the latest
cyber risks. As a result, investment in cybersecurity
continues to lag behind that expected of
industries facing a similar threat level.
TREND #3 RANSOMWARE: This is partly due to a cultural problem within
YOUR MONEY OR YOUR healthcare – clinicians, nurses and others in
patient-facing roles are often less likely to adopt
LIFE! technical innovations than professionals in
Patient safety involves timely access office-based industries. This leads to a tendency
to information. What happens when that to rely on legacy technology – and is entirely
information isn’t available? understandable given the time pressures that
clinicians face.
Unfortunately, cyber-criminals see the continuing
WannaCry – the biggest ransomware attack
reliance on legacy technology as an invitation to
in history – brought Britain’s National Health
a feeding frenzy. They exploit vulnerabilities inexisting
Service to its knees in 2017. Entire systems were
(legacy) technology, preying on outdated,
unavailable, critical records out of reach, and
unpatched connected devices to gain access
appointment diaries sent into freefall.
to the organization’s systems.
Non-urgent procedures and appointments were
postponed, leaving people in pain and clinics at
breaking point. Queues of anxious patients and AWARENESS IS HALF THE CURE
family members formed at hospitals and clinics
around the country, but once they reached the 32% of healthcare professionals in a recent study
4
front, it was most definitely a severe case said that ransomware is their biggest security
of ‘Computer Says No.’ concern. A shocking 50% of healthcare
The havoc wrought by WannaCry in Britain’s ransomware victims fail to get all of their data
health service is just one example of a growing back, even after paying up.
trend. In January 2018, electronic health record
and practice management software provider
1
Beazley 2018 Breach Briefing 4
Cybersecurity and Healthcare - HIMSS 2018 Survey
2
2018 Data Breach Investigations Report, Verizon 3
Cybersecurity Ventures, 20176
FUTURE-DRIVEN CYBERSECURITY
THE BEST VACCINE AGAINST RISK TREND#4 THE ENEMY WITHIN? HUMAN BEINGS
AND INTERNAL ACTORS
becomes even more complicated. Sadly, it would
50% appear that humans are not the only locus of
OF HEALTHCARE ORGANIZATIONS
autoimmune disease – the healthcare system can
WHO PAY RANSOMWARE DEMANDS be seen to be attacking itself.
DON’T GET THEIR DATA BACK.
If that pronouncement sounds over-dramatic,
consider that healthcare is the only industry that has
more internal actors behind breaches than external:
5
Ransomware Threat Spotlight: 56% internal compared to 43% external.
Legacy Technology and a Poor Prognosis
after WannaCry?
The WannaCry ransomware attack wrought 56%
havoc on Britain’s NHS, with a phenomenal 80 HEALTHCARE HAS MORE INTERNAL
of 236 NHS trusts across England disrupted, BREACHES THAN EXTERNAL
as well as a further 603 NHS organisations,
including 595 GP practices. The system that ought to protect itself is instead
attacking itself. This problem is exacerbated by the
In spite of this, the healthcare industry’s reliance
huge number of people who have access to
on legacy technology and ‘old habits’ means that
corporate healthcare networks – from the most
the threat of further ransomware attacks is by no
senior to the most junior – including contractors.
means that the threat of further ransomware
attacks is by no means in the past. In July 2017, an employee with international
The UK Department of Health and Social Care healthinsurer BUPA copied and stole records from
(DHSC) released a report containing 22 the company’s international health insurance plan
‘lessons learned’, with recommendations on for frequent travellers and customers who work
how to avoid more attacks. Over a year later, the abroad.The resulting data breach affected half
DHSC admitted it still did not know what these a million customers.
recommendations would cost or when they
would be implemented.
The Enemy Within Threat Spotlight:
Perhaps the saddest part about the WannaCry
Physician, heal thyself
attack (and others like it) is the fact that there was
already a simple patch available that would have What drives these internal breaches? 40% of
prevented it. The patient – in this case the health internal actors are motivated by financial gain
service itself – had simply failed to comply with (such as tax fraud, selling or using stolen
the medication regimen prescribed. information to access credit), 31% do it for fun
or curiosity and 10% do it because it’s convenient.
Honest mistakes also feature – when it comes
to security incidents, healthcare is almost seven
TREND #4 times more likely to feature a casual error than
other verticals. This point is heavily related to
THE ENEMY WITHIN? the over-reliance on unpatched legacy systems
HUMAN BEINGS AND within an industry slow to adapt to digital
transformation.
INTERNAL ACTORS 62% of errors are due to incorrect delivery –
Healthcare’s own autoimmune cyber disease for example, sending an email or SMS
intended for one person to somebody else.
Misuse is a less honest problem, involving
Identifying and defeating an external pathogen is privilege/access abuse in a full 74% of events.
challenging enough. But when the body attacks
itself, as in autoimmune diseases, the clinical picture
5
2018 Data Breach Investigations Report, Verizon7
FUTURE-DRIVEN CYBERSECURITY
THE BEST VACCINE AGAINST RISK TREND#5 MOBILE HEALTHCARE DEVICES AND THE INTERNET
OF THINGS
TREND #5 THE HUMBLE PAGER AND ITS
ALL-TOO-NUMEROUS HEIRS
MOBILE HEALTHCARE
DEVICES AND THE INTERNET Doctors were using pagers long before they were
fashionable – glancing at the little device clipped
OF THINGS to their waistbands before frantically darting off
somewhere to save one life or another.
“Learn to see. Realize that everything connects to
In fact, pagers (arguably the first ever connected
everything else.”Leonardo da Vinci
mobile device) were invented all the way back
in 1949, expressly for doctors, by an engineer called
Prophetic as ever, inventor, artist and polymath Alfred J. Gross. Pagers are now just one example
Leonardo da Vinci might not have been surprised of a legacy technology that the healthcare
industry still uses – perhaps to its detriment.
at the advent of the Internet of Things, which
is now revolutionizing the way patients access
THE GLOBAL MARKET FOR MOBILE
medical services.
HEALTHCARE APPLICATIONS IS
Many hospitals and already have thousands of VALUED AT $28.32-BILLION – and
is expected to reach $102.35
IoT devices connected to their networks,
-billion by 2023.
covering almost every aspect of patient care, from
cardio diagnostics, continuous glucose monitoring Technology has evolved considerably from the
systems, activity trackers for cancer patients, pagers invented by Mr Gross. Doctors and medical
connected inhalers, ingestible sensors and staff now routinely use mobile devices for decision
coagulation testers to real-time geo-location, support and consultation, sharing information and
elderly monitoring systems, and even connected images. But an unsecured device can cause havoc.
contact lenses, and all manner of sensor. The growing number of social media apps that
And it’s not slowing down. Cisco estimates that the automatically access data stored on mobile devices
means that confidential data from an unsecured
number of IoT devices will be three times as high
device can easily be made public even by mistake,
as the global population by 2021, leading, perhaps,
let alone intentionally. In an industry where IT
to the Internet of Bodies, when human beings
training takes a poor second place after critical
ourselves are connected to the Things around us medical training and specialty-specific continuing
(capitalization intentional). professional development demands, such errors
More devices means more attack vectors. are endemic.
20% of organizations (in all sectors) suffered Mobile communications and Mobile Medical
6
at least one IoT attack in the last three years – Applications offer new ways to revolutionize
and in the last year alone, there was a 525% the way we receive and deliver healthcare, offering
increase in vulnerabilities in medical devices.
7
detailed, pinpointed diagnoses and prescriptions
that can be instantly titrated and perfected on
Yet most hospitals don’t even know how many a real-time basis.
8
of these devices they have, and only 55% have
These innovations, from health monitoring
security controls in place to protect them.
to medication management share a goal that is
no less than extending the lifespan (and quality
VULNERABILITIES of life) of human beings everywhere. Returning
IN MEDICAL DEVICES to Harari’s proclamation that death itself will come
INCREASED BY 525% to be seen as a mere technical problem, investors
everywhere are reaching deep into their pockets.
ONLY 55% OF HOSPITALS HAVE While the heroes of myths and legends once
SECURITY CONTROLS IN PLACE FOR searched for the elusive nectar, elixir or spring
THEIR IOT DEVICES. of everlasting life, today’s heroes are collectively
building a global market for mobile health
6
Gartner Research, 2018 8
PwC, “Uncovering the potential of the Internet of Things,” 2016,
7
HRI analysis of data reported by US Industrial Control Systems Cyber Will try to find something more recent
Emergency Response Team (ICS-CERT)8
FUTURE-DRIVEN CYBERSECURITY
THE BEST VACCINE AGAINST RISK TREND#6 REGULATIONS AND COMPLIANCE LOOM LARGE
applications that is valued at $28.32 billion and In the US, the HIPPA (The Health Insurance
9
expected to reach $102.35 billion by 2023. Portability and Accountability Act) was set up to
The vision is that this new market will consign protect personal information collected and
guesswork, instinct and human error to history. stored in medical records – their Security Rule
focuses specifically on safeguarding electronically
protected health information.
Mobile Healthcare Devices Threat Spotlight: Meanwhile, in the UK, the NIS Directive has
MyFitnessPal Data Theft established network security requirements for
operators of essential services and digital service
In March 2018, 150-million MyFitnessPal
providers in various sectors, including healthcare.
accounts were breached. The stolen data
It also sets out minimum security measures and
included usernames, email addresses and necessary incident notification mechanisms.
scrambled passwords, in an attack symptomatic
of the growing attraction that mobile medical
applications hold for cyber criminals. With Regulations Threat Spotlight: The Punitive
healthcare apps now tracking everything from Cost of Non-Compliance
food consumption to fertility (including sexual Healthcare organizations are obliged to adhere
activity) and sleep, the temptation for criminals, to these regulations and directives – failure to
and the threat to users are only going to do so could prove fatal to licensing, and
continue to multiply. significantly reduce the longevity of business-
critical contracts. Potential human and
reputational costs aside, HIPAA has a maximum
non-compliance penalty of $1.5-million for
TREND #6 violations and a strict monitoring and audit
programme following a breach.
REGULATIONS AND
COMPLIANCE LOOM LARGE
Cybersecurity is a patient trust and safety issue.
This includes privacy.
Healthcare organizations hold priceless personal
patient information – they’re obliged to take its
care almost as seriously as that of their patients
themselves. In January 2018, Norway’s Health
South-East RHF admitted that they had suffered
a serious data breach and that the health records
of 2.9 million Norwegian citizens may have been
exposed. The company was heavily criticized for
waiting a week to report the breach (a delay which
would have fallen foul of the time-sensitive
reporting requirements of the GDPR had the
regulation been in effect at the time).
There are various regulatory, compliance and
standards frameworks that address medical data
and IT security in healthcare. Briefly, the EU’s
GDPR (General Data Protection Regulation)
includes a set of definitions directly related to
healthcare data: ‘data concerning health’,
genetic data” and “biometric data”.
9
Health App Market - Industry Trends, Opportunities and Forecasts
to 20239
FUTURE-DRIVEN CYBERSECURITY
THE BEST VACCINE AGAINST RISK
HOW TO PROTECT YOUR COMPANY? – CHOOSE
SCENARIO THAT FITS YOU THE BEST
Kaspersky Lab solutions guarantees proven protection against cyberattacks for every
single kind of healthcare organization.
While the healthcare sector is booming and leveraging a powerful wealth of new technologies,
10
cybercriminals are launching some 938 attacks per minute, trying to bring businesses to their knees.
In spite of today's extremely volatile and challenging environment, Kaspersky Lab has the perfect
solution to protect your data - and your business continuity.
Just use the table below to choose the one that suits your company best, and feel free to get
in touch at any time if you’d like to have a chat about how we can help at Kaspersky.com.
How to use the table
All of our solutions guarantee proven protection for your business but, since every organization
has its own particular set of needs, we’ve divided our recommendations into three groups
to make it easier for you to get the perfect fit.
Good offers sufficient protection for a broad range of cybersecurity requirements.
Better comes with additional defences and threat intelligence products.
Best brings the most advanced and thorough protection in the world, together with
enhanced management tools.
KASPERSKY PRODUCT PORTFOLIO MAPPING
Solution Good Better Best
WHAT: Kaspersky WHAT: Kaspersky WHAT: Kaspersky
Endpoint Security Endpoint Security for Endpoint Security for
for Business + Business + Business +
Kaspersky Maintenance Kaspersky CyberSafety Kaspersky CyberSafety
Service Agreement Plus Online Platform Training Management Games +
Kaspersky Modules + Kaspersky Kaspersky Maintenance
Endpoint Security HOW: Maintenance Service Service Agreement
Patient and staff data Agreement Business Business
secured against theft,
loss or corruption HOW: HOW:
(HIPS, encryption, Patient and staff data Patient and staff data
device and web secured against theft, secured against theft,
control), with extended loss or corruption loss or corruption
and premium support (HIPS, encryption, (HIPS, encryption,
programs. device and web device and web
control),with extended control), with extended
FIPS 140.2 certified and premium support
and premium support
encryption functions programs and
programs and online
and management interactive face-to-face
workshop to develop
of OS-embedded workshops to develop
essential staff IT
encryption to achieve essential staff IT
competencies.
key compliance goals competencies.
(e.g. GDPR).
10
Total, global number of adware and malware detections by Kaspersky Lab products for Windows and Mac computers.10
FUTURE-DRIVEN CYBERSECURITY
THE BEST VACCINE AGAINST RISK
Solution Good Better Best
FIPS 140.2 certified FIPS 140.2 certified
encryption functions encryption functions
and management and management
of OS-embedded of OS-embedded
encryption to achieve encryption to achieve
key compliance goals key compliance goals
(including GDPR). (including GDPR).
WHAT: Kaspersky WHAT: Kaspersky WHAT: Kaspersky
Hybrid Cloud Security Hybrid Cloud Security + Hybrid Cloud Security
Kaspersky Security for Enterprise + Kaspersky
HOW: Storage Security for Storage
Proven security for
Kaspersky physical, virtual and HOW: HOW:
Hybrid Cloud cloud workloads, Extra layer of defence No compromise –
Security as well as for data for data in rest with comprehensive security
storage and data protection against controls, real time OS
transmission systems lingering malware, and data integrity
for your entire hybrid active ransomware monitoring, system
cloud, even for and ransomware-like hardening and
complex geographically wiper attacks advanced network
distributed hybrid conducted via the IDS to fulfil the stringent
architectures network and demands of multiple
(legacy on-premise, connected storage. international healthcare
data center-located data regulations.
and public cloud).
Built to handle vast
Edge-to-edge quantities of patient
manageability, and other sensitive
flexibility and visibility data and protect the
via an enterprise-level largest and the most
security orchestration complex infrastructures
console. while maintaining full
Compliance visibility and granular
enablement to secure control.
patients’ health and
payment data in line
with HIPAA, PCI DSS
and GDPR regulations.
WHAT: Kaspersky WHAT: Kaspersky Anti WHAT: Kaspersky Anti
Secure Mail Gateway + Targeted Attack Targeted Attack
Kaspersky Secure Web Platform + Kaspersky Platform + Kaspersky
Gateway Endpoint Detection Endpoint Detection
and Response and Response + Kaspersky
Kaspersky
Cybersecurity Services
Threat Management
and Defense11
FUTURE-DRIVEN CYBERSECURITY
THE BEST VACCINE AGAINST RISK
Solution Good Better Best
HOW: HOW: HOW:
The functions part Specialized protection In addition to the
of a preventative from advanced threats offering described in
approach to targeted and targeted attack Better scenario on the
attacks providing support the automated left, enrichment
automated email threat multi-dimensional of products with access
prevention, delivering threat discovery on the to Kaspersky Lab’s
outstanding protection proxy, web, email and global knowledge
for traffic running endpoints levels. One base about threats,
through mail servers solid event correlation training for specialists,
against spam, phishing core based on machine as well as round-the-
and generic and learning and clock analysis
advanced malware retrospective data of information security
threats and protection analysing forms the events and prompt
from the dangers most complete picture response to incidents
of the World Wide of all stages of the helping organizations
Web, blocking anything attack and provide quickly detect malicious
dangerous on the centralized response acts and prevent future
web traffic capabilities, simplifying attacks.
and expediting crucial
threat containment
and neutralizing
procedures.
WHAT: Kaspersky WHAT: Kaspersky WHAT: Kaspersky
DDoS Protection DDoS Protection DDoS Protection
(always-on) Ultimate (on-demand) Connect Plus (always-on)
OR Kaspersky DDoS
HOW: Protection Connect HOW:
Protects web servers Always-on BGP
Kaspersky HOW: redirection, with traffic
by redirecting traffic
DDoS Protection and changing DNS Faster on-demand BGP automatically passed
records of protected redirection and through scrubbing
resources, making in-house control over centers, while Kaspersky
sure these always when to execute engineers immediately
travel through mitigation – traffic only run detailed checks
Kaspersky ‘scrubbing goes through scrubbing to optimize mitigation
centers’, with legitimate centers in case of attack. based on size, type and
traffic returned to you sophistication of DDoS
Covers up to 300 Mbit,
‘clean.’ attack.
with the option to
A totally transparent boost capabilities with Covers bandwidth up
process end-to-end Kaspersky DDoS to 2 Gbit; ideal for
and suitable for Protection Connect, life-critical services
bandwidths of up and cover more such as remotely
to 30 Mbit, with the bandwidth. accessible diagnostics/
option to purchase surgery services, and
more. for organizations with
a large number of
protected resources.12
FUTURE-DRIVEN CYBERSECURITY
THE BEST VACCINE AGAINST RISK
Solution Good Better Best
WHAT: Kaspersky WHAT: Kaspersky WHAT: Kaspersky
Embedded Systems Embedded Systems Embedded Systems
Security Security + Kaspersky Security + Kaspersky
Maintenance Service Maintenance Service
HOW:
Agreement Agreement + Equipment
Kaspersky Mandatory protection based on Kaspersky
even for devices with HOW: Secure Operating System
IoT Security
weak, vulnerable Mandatory protection
hardware with low even for devices with HOW:
processing power weak, vulnerable The use of Kaspersky
and legacy software, hardware with low Operating System
meeting compliance processing power and network equipment
requirements. legacy software, guarantees security-
meeting compliance by-design, slashing
requirements. the risk of compromise,
Managed services espionage, sabotage
ensure the smooth or DDoS (includes DDoS
running of the entire attacks launched by
institution's security, criminals ‘hijacking’ the
reducing probability network, as well as
of life-threatening those launched against
process disruption. it from external sources).
Mandatory protection
even for devices with
weak, vulnerable
hardware with low
processing power and
legacy software,
meeting compliance
requirements.
WHAT: Penetration WHAT: Penetration WHAT: Penetration
Testing + Application Testing, Application Testing, Application
Security Assessment + Security Assessment, Security Assessment,
Incident Response Incident Response Incident Response training,
training + Threat Data training, Threat Data Threat Data Feeds +
Kaspersky Feeds Feeds + Smart Smart Technologies and
Threat Intelligence Technologies and IoT Security Assessment,
HOW: IoT Security Assessment, Threat Lookup, Cloud
and Cybersecurity
Services Prevents IoT/IoB/ Threat Lookup, Cloud Sandbox, Customer-
computer-aided Sandbox + Customer- specific Threat
misdiagnosis, specific Threat Intelligence Reporting,
medication errors Intelligence Reporting, Incident Response
and manipulation Incident Response retainer + APT
of personal data by retainer Intelligence Reporting,
remediating Digital Forensics training,
vulnerabilities early, Malware Analysis and
while ensuring HIPAA Reverse Engineering
and GDPR compliance. training13
FUTURE-DRIVEN CYBERSECURITY
THE BEST VACCINE AGAINST RISK PRODUCT SECTION
Solution Good Better Best
Builds vital internal HOW: HOW:
incident response External threat Digital Forensics and
capabilities intelligence maps Malware Analysis and
to effectively counter internal events to Reverse Engineering
targeted attacks, external actors, trainings build vital
ransomware and while supply-chain internal capabilities,
commodity threats. vulnerabilities and boosted by a qualified
External threat potential internal Kaspersky partner
intelligence maps actors are kept on hand to respond
internal events constantly under to more complex and
to external actors – the microscope – sophisticated incidents.
allowing for efficient allowing for efficient
External threat
defense strategies defense strategies
intelligence maps
against ransomware, against ransomware,
internal events
commodity and commodity and
to external actors,
advanced attacks. advanced attacks.
while supply-chain
Builds vital internal vulnerabilities and
incident response potential internal
capabilities, boosted actors are kept
by a qualified Kaspersky constantly under
partner on hand to the microscope –
respond to more allowing for efficient
complex and defense strategies
sophisticated incidents. against ransomware,
commodity and
advanced attacks.
WHAT: Advanced Authentication, Automated Fraud Analytics
HOW:
Advanced Authentication Protects the external perimeter
to guarantee the security of priceless repositories of sensitive
Kaspersky personal information, with frictionless and continuous
Fraud Prevention authentication, cutting the costs of second factor for legitimate
users while keeping fraud detection rates high in real-time.
Automated Fraud Analytics thoroughly analyzes events
to uncover complicated fraud cases and allow for accurate
and timely incident response decisions; with true machine learning,
forensic capabilities, and access to valuable real-time session and
behavioural data.You can also read
