[SANS Webinar] A Closer Look at Isolation: Hype or Next Gen Security?

The use of the public cloud to deliver new services has led to digital innovation, and cybercriminals are no exception. They’re innovating, too, and moving quickly to exploit crises such as the Australian Bushfires and the global COVID-19 outbreak for financial gain. The increasing success of COVID-19–related attacks is shown in Menlo Security’s data. From February 25 to March 25, 2020, our data shows a 32X increase in the number of successful daily attacks, and these phishing strategies continue to work. According to the 2020 CyberEdge report, 69 percent of security professionals believe they will experience a successful cyberattack in 2020, and their concerns are not unfounded.

An alternative approach is to not trust anything on the network and ensure granular access as and when required—an approach known as Zero Trust. The challenge with adopting a Zero Trust approach is balancing necessary security measures with end-user productivity. By applying a Zero Trust approach to users accessing the Internet, you can eliminate 99 percent of attacks. So how do you adopt Zero Trust Internet access?

In this webinar, we’ll discuss the key issues to be addressed from the 2020 CyberEdge report relating to web and email security. Then we’ll dive into the practicalities of adopting Zero Trust Internet to improve web security.
In this Session You Will Learn:

Examples of sophisticated attacks
Real-life use cases of when Zero Trust Internet powered by an Isolation Core™ has eliminated the risk of malware attacks
Three key questions to ask when adopting Zero Trust Internet

**Please note polling will not be live during this session.

Many organizations rely on a sandbox to protect against sophisticated email or malware threats. Sandboxes observe machine behavior and any deviation from the norm is flagged as suspicious and blocked. On the other hand, attackers have now figured out how to outsmart sandboxes and design attacks that appear normal to evade detection. So as attackers improve their evasion techniques, how do you prevent and protect your business?

In this webinar, Vinay Pidathala, Director of Security Research at Menlo Security, will discuss the techniques actively being used by attackers to evade sandboxes. He will also share how Internet Isolation defends against these by helping companies achieve a Zero Trust Internet.

Discover:

- How attackers bypass sandboxes and what is the best way to thwart these attacks
- Real life examples of sandbox failures and how Internet Isolation protected against attacks
- Why Internet Isolation is critical to a modern security architecture

In this fireside chat, IDC’s VP, Michael Suby, and Menlo Security’s CTO, Kowsik Guruswamy, discuss the challenges, opportunities, and how to allocate security budgets when migrating to cloud-delivered security.

With the new norm of working from home, security teams are struggling to use on-premises security to protect remote workers. Today’s security architecture does not have the capacity to handle the surge of remote workers businesses are facing today. Enterprises are turning to cloud-based secure web gateways (SWGs) to secure these challenges.

So what are the challenges your organization might face when migrating to a cloud-based SWG, and how can you avoid them?

Join this on-demand fireside chat and enjoy an informative discussion from industry experts—IDC’s Research VP, Security Products Group, Michael Suby, and Menlo Security’s CTO, Kowsik Guruswamy—on what they are seeing from customers dealing with migrating to a cloud-delivered security architecture

Learn:

- Key customer challenges when dealing with remote workers and global office environments
- How customers are assigning security budgets in the new landscape
- Why you can’t just move your existing security architecture to the cloud

Menlo Security’s Cloud Data Loss Prevention (DLP) is powered by an Isolation Core™ to reliably identify and stop data exfiltration. The Cloud DLP suite offers a solution that organizations of any size can use to prevent data leaks and save money. Protect your PII (personally identifiable information), customer, patient, and other sensitive data that should not be publicly available.

Legacy security platforms can’t keep up with the architecture changes driven by digital transformation, remote working, and cloud migration. Hackers are exploiting these outdated security stacks, so it’s time for a change!

As modern enterprises implement their cloud transformation, CISOs need to understand how to overcome the security risks.

Join Menlo Security’s CTO, Kowsik Guruswamy, as he discusses the five key cloud security considerations a CISO should recognize in securing their organization’s transition to the cloud.

Understand and learn:

1. Why granular access to enterprise apps enables digital transformation.
2. How to enable Zero Trust Internet access to protect against all Internet threats.
3. How to safeguard against data leakage and SaaS governance.
4. How to ensure complete visibility to SSL traffic and protect against SSL threats.
5. How browser interactions enable continuous threat monitoring

It isn’t that we struggle to define the zero trust security model. It’s that we ignore the real challenge, says Jack Miller of Menlo Security. We need to shift our view of authentication and access from “innocent until proven guilty” to “guilty until proven innocent.”

In this video interview with Information Security Media Group, Miller discusses:

The application of this new view to access.
The role of Internet isolation in this model.
The need for new education to ensure maximum adoption.

When it comes to dealing with cyberattacks, 61% of IT professionals are not satisfied with the de facto cybersecurity protection method of after-the-fact investigations. Does this frustration sound familiar?

The top three IT pain points have not been alleviated with this method. Users continue to click phishing links, IT teams don’t trust their end users, and there is still a distinct lack of cybersecurity experts. In addition, the typical answer to a data breach or ransomware attack is still reimaging the infected machine, causing worlds of pain for everyone involved.

Data collected by 451 Research reflects a growing and commonly accepted trend: Phishing and staff shortages are the norm, and your budget isn’t factoring in the cost of an attack.

Thankfully, approaches such as isolation can be an efficient way of tackling key areas of concern for security teams.

In this webinar, experts from Menlo Security and 451 Research will discuss:

- How customer surveys indicate current IT pain points
- The industry’s biggest projects
- Why isolation-based solutions are seeing an increase in customer spending

The Menlo Security Global Cloud Proxy provides fast, secure web access to applications like Office 365 and enables IT departments to scale security services for large organizations while reducing operational costs.

"Trusted” Websites Are Not as Safe as First Thought!

Today, attackers leverage the web’s ubiquity and users’ trust to infect devices and propagate malware. Website categorization has been compromised. Phishing and spear-phishing attacks drive today’s most significant data breaches, and clicking on apparently legitimate links within phishing emails exposes users to credential theft or malware infections, and possibly ransomware. “Trusted” websites are not as safe as first thought, and the list goes on.

Whether users are accessing it for business or pleasure, the Internet today is no longer a place that can be trusted.

Watch this webinar to learn how you can protect your users and lower your odds of a web-borne, companywide cyberattack.

Discover:

- Why the internet remains a dangerous place
- Best practices for lowering the odds of a cyberattack
- Newer technologies that are solving this problem

Secure Office 365 and Secure G Suite from Menlo Security provide unprecedented levels of protection against malware and phishing to help your business safely access email and the Internet with cloud-based isolation. Built on top of our Global Cloud Proxy, these solutions provide faster, more secure SaaS usage with direct-to-Internet connectivity for branches and end users.

Secure Office 365 and Secure G Suite offer equivalent feature sets to match the desired software package.

Menlo Security Experts Panel will discuss some of the top Cyber-attacks across 2020 and their real-world examples, to then provide predictions on what your organisation should look out for this year across 2021.

Experts will inform about the internet-based dangers that children now face every day and provide ways you can help your kids navigate these hazards. You will receive an armoury of practical tips and tools, and cost-free cybersecurity software to keep your whole family safe online.

The Menlo Security team is delighted to bring you this webinar and to be a part of the solution that ensures the online safety of your family, both at work and at home.

Today’s CIOs and CISOs play a critical role in business continuity. Their most pressing issue is enabling remote workers to be secure, while being productive. Many companies leverage VPNs, but are discovering that they’re running out of capacity and bandwidth when nearly all of their workforce is becoming remote overnight.

With such a large remote workforce, the attack surface is expanding because workers and data are outside of the traditional perimeter, causing CIOs and CISOs to consider VPN alternatives.

Join this webinar and hear your peer—Menlo Security’s CTO, Kowsik Guruswamy—on what he is seeing from customers dealing with these challenges and learn:

- What are the technical and security challenges of a company operating with a large remote workforce
- What types of attacks or security issues are exacerbated (phishing and SaaS attacks) when workers are remote
- What is the best strategy to relieve VPN issues and what are the alternatives to migrate to
- What are the long-term implications for what we’ve learned during the current crisis

You’ll also hear about some special, limited-time programs that Menlo Security has initiated to help customers stay secure and agile as they make the transition to supporting a global remote workforce.*

The Good, the Bad, and the Ugly: How Security Will Change in 2021

In 2020, Menlo Threat Labs noticed that attackers shifted from using their own infrastructure to using legitimate infrastructure. They’re leveraging techniques that abuse legitimate design functionality in websites and the technologies that build them, so current security products and SOC analysts find it harder to identify these threats.

Join Menlo’s CTO Kowsik Guruswamy, Head of Global Professional Services and former CISO Jack Miller, and Director of Security Research Vinay Pidathala as they discuss and debate through real-world examples of these attacks. Find out what to watch for in 2021 so you can set the right priorities for your company.

We Will Cover:

- Phishing—What key campaigns and change in tactics we anticipate
- Malicious File Behavior—How legitimate files, like Word, will continue to bypass traditional detect-and-respond solutions
- Business Email Compromise (BEC)—What changes in BEC attacks to expect from this growing attack vector
- CnC—How these communication channels are changing

A recent study by CyberEdge found that, 62 percent of organizations have been affected by ransomware, and 90 percent of breaches were caused by phishing and ransomware.

While today's current email solutions still largely operate on detect-and-respond technology, every data loss incident highlights their inability to provide adequate protection.

So why continue to accept the same old failed security approaches?

Isolation transforms email security by enabling a read-only mode that protects users from link-based email threats. This method provides 100 percent protection against phishing attacks when correctly configured, with no impact to the end-user.

In This Webinar, Attendees Will Learn:

- How to secure your enterprise even when users click on unsafe links or download ransomware.
- Why email gateway solutions need isolation to protect against zero-day threats.
- Which isolation techniques can prevent phishing attacks.
- How to deploy isolation in 10 minutes, without impacting users.