Tk Keanini, Cisco Systems: Not So Quiet on the Internet Front
1 like434 views
TK Keanini is a Principal Engineer and Product Line CTO for Security Analytics at Cisco Systems. He discussed Cisco's threat intelligence capabilities including over 250 threat intelligence researchers, millions of telemetry agents, over 1 billion daily web requests monitored, and over 20 billion threats blocked annually. He also discussed how Cisco shares threat intelligence through programs like Talos and partnerships with over 500 participants. Keanini advocated for stronger password strategies, easy backup solutions, and implementing visibility tools to improve cybersecurity defenses and make it more difficult for cybercriminals to operate profitably.
![You and your business sit
supply-side to the cybercrime
market
Cybercrime is [unfortunately] profitable
Breaches Markets
Dark Market
Consumers](https://image.slidesharecdn.com/3cdjsnqqt5of57gxlcs2-signature-55426638ca9cc2bd93f759b228601d8fa202a7a4d9b56cd03cb71bb887a4f5d0-poli-170316202107/85/Tk-Keanini-Cisco-Systems-Not-So-Quiet-on-the-Internet-Front-4-320.jpg)
Tk Keanini, Cisco Systems: Not So Quiet on the Internet Front
- 1. TK Keanini, Principal Engineer & Product Line CTO for Security Analytics Security Business Unit, Advanced Threat Group – Cisco Systems SxSW 2017 – W20 Group Battle stories from the Earth’s network Not so quiet on the Internet Front
- 2. TK: The past 52 years in a nutshell Hello My Name is TK Keanini Keanini (Pronounced Kay-Ah-Nee-Nee)
- 3. 250+ Full Time Threat Intel Researchers MILLIONS Of Telemetry Agents 4 Global Data Centers 1100+ Threat Traps 100+ Threat Intelligence Partners THREAT INTEL 1.5 MILLION Daily Malware Samples 600 BILLION Daily Email Messages 16 BILLION Daily Web Requests Honeypots Open Source Communities Vulnerability Discovery (Internal) Product Telemetry Internet-Wide Scanning 20 BILLION Threats Blocked INTEL SHARING TALOS INTEL BREAKDOWN Customer Data Sharing Programs Provider Coordination Program Open Source Intel Sharing 3rd Party Programs (MAPP) Industry Sharing Partnerships (ISACs) 500+ Participants
- 4. You and your business sit supply-side to the cybercrime market Cybercrime is [unfortunately] profitable Breaches Markets Dark Market Consumers
- 5. From a one man operation to a complex supply chain Spammers Infrastructure Malware Exploit Kits Ransomware Crypto Currency Botnets
- 8. How can you make it more expensive for cyber criminals to operate?
- 9. Password Strategy Pick something that you will use When offered, use two factor authentication https://twofactorauth.org/
- 10. Easy backup solutions If it is not easy to use, you are not going to be effective The yearly subscriptions to these online services are less than a single ransomware payment!!!
- 11. Visibility Tools Question 01: How much visibility do you have on your digital business? Question 02: Assume someone in your company has had their account compromised, how would you know? Question 03: When a breach happens, what data will function as your digital business ‘general ledger’?
- 12. • tkeanini1@cisco.com • Follow me on Twitter @tkeanini • Personal Blog: tkonsecurity.com • LinkedIn: www.linkedin.com/in/tkkeaninipub/ Contact Info THANK YOU
Editor's Notes
- #3: Keanini (Pronouned Kay-Ah-Nee-Nee) Musician Video Game Development (Broderbund) Cisco Morgan Stanley nCircle
- #4: 2.5 m blocks a sec if you count email
- #7: Able to Quantify Money Being made First reliable Estimate Actor responsible for ~50% Angler Activity Requests from 90K IP’s in Single Day Estimated $30 Million Annually Calculation Details 9000 Users Served Exploits 40% Compromised (3600) 62% of Payloads are Ransomware Average Ransom = $300 Percentage Users Paying = 2.9% Data for Entire Month Monthly Revenue ~$3.4 Million USD
- #8: Able to Quantify Money Being made First reliable Estimate Actor responsible for ~50% Angler Activity Requests from 90K IP’s in Single Day Estimated $30 Million Annually Calculation Details 9000 Users Served Exploits 40% Compromised (3600) 62% of Payloads are Ransomware Average Ransom = $300 Percentage Users Paying = 2.9% Data for Entire Month Monthly Revenue ~$3.4 Million USD