Reducing the Threat Window
|
|
- Drusilla Howard
- 8 years ago
- Views:
Transcription
1 INFONETICS RESEARCH WHITE PAPER The Importance of Security Orchestration and Automation January Campbell Technology Parkway Suite 200 Campbell California t f Silicon Valley, CA Boston, MA London, UK
2 Table of Contents INTRODUCTION 1 ENTERPRISES INVESTING HEAVILY IN THREAT MITIGATION 1 THE THREAT WINDOW IS STILL WIDE OPEN 3 INVESTING TO CLOSE THE THREAT WINDOW 4 THE NEED FOR ORCHESTRATION AND AUTOMATION 6 WHITE PAPER AUTHOR 7 ABOUT INFONETICS RESEARCH 7 REPORT REPRINTS AND CUSTOM RESEARCH 7 List of Exhibits Exhibit 1 Enterprise Threat Mitigation Spending Plans 2 Exhibit 2 POS Intrusion Timespan 3 Exhibit 3 Security Investment Drivers 4 Exhibit 4 Security Investment Barriers 5
3 INTRODUCTION A constant stream of high-profile data thefts has everyone on high alert. More than 2,000 disclosed breaches totally almost a billion individual personal records were stolen in 2013, and with major announced breaches from huge brands like JP Morgan Chase and ebay dominating the news in 2014, it seems that hackers are finding more success than ever. The Target breach of 2013 in particular paints a very interesting picture of the current state of threat mitigation at large enterprises, particularly the need to shrink the exposure window when a threat event does occur. ENTERPRISES INVESTING HEAVILY IN THREAT MITIGATION Security isn t a simple problem that can be easily solved by spending more money. Target has a significant IT security budget and a wide range of controls in place, but they still managed to get taken to the tune of 40M credit card numbers and 70M customer records. The average enterprise also has a wide range of security solutions in place; data from a recent Infonetics research survey of 123 IT security decision-makers shows that buyers are purchase a wide range of threat mitigation platforms, and many have plans to increase their investment in those platforms. This chart shows two important things; companies have a wide range of security controls in place (often more than a dozen disparate solutions from 5 or more vendors), and they re only adding more. 1
4 Exhibit 1 Enterprise Threat Mitigation Spending Plans Web security 59% 36% 2% 4% Security client software 56% 39% 2% 2% Messaging security 53% 44% 1% 2% Security Technologies Data loss prevention Advanced threat protection Firewall/UTM/ next gen firewall SIEM/log management and analysis Network access control/management 53% 51% 46% 46% 45% 39% 4% 4% 40% 5% 4% 47% 3% 3% 41% 2% 11% 48% 2% 5% Vulnerability management/ assessment 43% 49% 3% 5% DDoS mitigation 37% 49% 6% 8% IPS 37% 53% 2% 9% Sandboxing/virtual execution 35% 50% 3% 11% 0% 20% 40% 60% 80% 100% Percent of Respondents Increase Keep flat Decrease Not investing/ Don't know Source: Next Generation Threat Prevention Strategies and Vendor Leadership Spending increases are based on the notion that we re in an escalating threat environment with a wide range of new advanced persistent threats, and buyers are looking for protection against data theft and accidental data loss. So are they wrong in spending on new threat mitigation technologies knowing that a large company like Target had firewalls, anti-malware software, and even advanced threat detection solutions like FireEye in place? Not exactly. 2
5 THE THREAT WINDOW IS STILL WIDE OPEN The practical problem many companies face is how to effectively deal with an attack once it happens, because the attacks will happen. The Target attack started with malware installed on POS (point of sale) terminals; the network was first breached on November 12, 2013, and they tested and installed the malware between the 15th and the 30th, when Symantec and FireEye products identified malicious activities and triggered alerts. Attackers even had time to upgrade the malware, and started stealing data on December 2, which triggered another FireEye alert. That s nearly a month between the network breach and exfiltration, with multiple alerts raised, and malware is continuing to run. On December 12, the Department of Justice notified Target of the breach, and Target confirmed the breach and removed most of the malware by the 15th, over one month after the first alerts were triggered. Target, although it is among the most publicly known victims of cybercrime, isn t alone; the Verizon report looked at 169 POS intrusion events in 2013, and the chart below shows the timeline for compromise, exfiltration, and discovery. The data couldn t be more clear: in 88% of these events, data was stolen within minutes of compromises that weren t discovered for many more weeks. Exhibit 2 POS Intrusion Timespan Source: Verizon Data Breach Incident Report 3
6 INVESTING TO CLOSE THE THREAT WINDOW Looking at more data from the same survey, we see that enterprises recognize the key problems: they want to protect against advanced malware and make sure data isn t stolen or accidentally leaked. Many respondents also understand that decreasing the time to discovery and resolution are a key part of their security strategy: almost ¾ of respondents rate these issues as strong drivers for investing in new security solutions. Exhibit 3 Security Investment Drivers Protect against advanced malware 80% Protect against theft of data/financial loss 80% Protect against advanced persistent threats 78% Reduce security complexity 75% Decrease time to threat resolution 74% Factors Decrease time to threat discovery Protect against denial of service attacks Upgrade performance of security infrastructure Protect network from employees browsing the Web/using social networking sites Prevent accidental leakage of confidential data 74% 73% 73% 72% 71% Reduce operational costs 70% Regulatory requirement/ demonstrate compliance 67% Add sandboxing/virtual execution technology 63% 0% 20% 40% 60% 80% 100% Percent of Respondents Rating 6 or 7 Source: Next Generation Threat Prevention Strategies and Vendor Leadership 4
7 Many IT professionals are having trouble coming to grips with exactly how to shrink the gap between threat exposure and discovery/mitigation. Even though many companies are going through a process of rationalizing and consolidating security platforms, it s unreasonable to assume that the average company will have 1 security solution, from 1 vendor, with 1 policy and management interface ever. Even if companies cut the number of threat mitigation platforms they used in half, they d still likely be managing 4-6 different platforms from multiple vendors. One obvious route to take then, is to look for third-party security orchestration and automation solutions that are able the take in feeds from their individual platforms, understand the data, then feed back configuration and policy changes to firewalls, IPS platforms, DDoS mitigation systems, security clients, and advanced threat protection platforms with minimal (or no) human intervention. Though these tools exist, and while many companies understand that closing the exposure gap is a key part of the security investment strategy, based on the survey data we gathered, less than 30% see the lack of automation tools as an investment barrier. Exhibit 4 Security Investment Barriers Cost 38% Poor management platforms 35% Performance 35% Barriers Products/services don t provide complete protection Security infrastructure complexity Available platforms don t provide adequate protection Lack of innovation from security vendors Can t decide between buying products and services 35% 33% 32% 31% 28% Lack of automation tools 28% Lack of integration/coordination between security solutions 28% Difficult to deploy 28% Difficult to manage 27% 0% 10% 20% 30% 40% Percent of Respondents Rating 6 or 7 Source: Next Generation Threat Prevention Strategies and Vendor Leadership 5
8 THE NEED FOR ORCHESTRATION AND AUTOMATION In most cyber-attacks, just as in the Target case, it is safe to assume there were multiple security controls in place that threw up red flags prior to discovery. There are many security products on the market that can help distill and correlate events (SIEM solutions), and SIEM solutions are commonly used in enterprises to discover such events. What s missing in most cases is a central console for orchestrating all the diverse security platforms enterprises have installed, allowing them to talk to each other and change behavior, configurations, or access policies in response to correlated events, and then to take the final, and much more difficult, step of automating the orchestration process in cases where the decision to act is simple. What should have been the next step in Target s process when FireEye threw up each alert, and why instead did the process stop at the alert? Might that alert could have automatically triggered a chain of events that could have significantly shortened the window the attackers had to steal data? As an IT industry, we re very good at building solutions that can identify and, in some cases, automatically block individual events. But to significantly reduce the threat window, vendors need to help their enterprise customers deploy orchestration and automation solutions. Complex multi-vendor threat mitigation deployments are here to stay, and security teams could be much more effectively used if they didn t have to spend so much of their time dealing with manual configuration and analysis tasks. 6
9 WHITE PAPER AUTHOR Jeff Wilson Principal Analyst, Security Infonetics Research Commissioned by CSG Invotas to educate the industry about the need for security orchestration and automation tools, this paper was written autonomously by analyst Jeff Wilson based on Infonetics independent research. ABOUT INFONETICS RESEARCH Infonetics Research is an international market research and consulting analyst firm serving the communications industry since A leader in defining and tracking emerging and established technologies in all world regions, Infonetics helps clients plan, strategize, and compete more effectively. REPORT REPRINTS AND CUSTOM RESEARCH To learn about distributing excerpts from Infonetics reports or custom research, please contact: North America (West) and Asia Pacific Larry Howard, Vice President, larry@infonetics.com, North America (East, Midwest, Texas), Latin America, and EMEA Scott Coyne, Senior Account Director, scott@infonetics.com, Greater China, Southeast Asia, and India 大 中 华 区 及 东 南 亚 地 区 Jeffrey Song, Market Analyst 市 场 分 析 师 及 客 户 经 理 jeffrey@infonetics.com,
Reducing the Security Threat Window
I N F O N E T I C S R E S E A R C H S P E C I A L R E P O R T Reducing the Security Threat Window Infonetics Research Special Report Written by Analyst Jeff Wilson July 2014 Contents Businesses Are Increasing
More informationProtecting DNS Infrastructure
INFONETICS RESEARCH WHITE PAPER Protecting DNS Infrastructure An Internet Utility that Demands New Security Solutions November 2014 695 Campbell Technology Parkway Suite 200 Campbell California 95008 t
More informationData Center Security Strategies and Vendor Leadership: North American Enterprise Survey
INFONETICS RESEARCH SURVEY EXCERPTS Data Center Security Strategies and Vendor Leadership: North American Enterprise Survey Report Excerpts August 2014 By Analyst Jeff Wilson Table of Contents BIG CHANGES
More informationData Center Security
Data Center Security Products Biannual Worldwide and Regional Market Share, Size, and Forecasts: Excerpts Data Center Security The Increasing Requirements for Data Center-Class Performance WHITE PAPER:
More informationHigh-End Firewall Strategies
I N F O N E T I C S R E S E A R C H S U R V E Y E X C E R P T S High-End Firewall Strategies Infonetics Research Survey Excerpts Written by Jeff Wilson October 2013 Contents Introduction 1 Respondents
More informationData Center Security Strategies and Vendor Leadership Survey
Report Excerpts: Data Center Security Strategies and Vendor Leadership Survey By Jeff Wilson Principal Analyst, Security Infonetics Research BACKGROUND To understand how enterprises view key vendors in
More informationDelivering Security Virtually Everywhere with SDN and NFV
INFONETICS RESEARCH WHITE PAPER Delivering Security Virtually Everywhere with SDN and NFV April 2015 By Principal Analyst Jeff Wilson 695 Campbell Technology Parkway Suite 200 Campbell California 95008
More informationAnalyzing Security for Retailers An analysis of what retailers can do to improve their network security
Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Clone Systems Business Security Intelligence Properly Secure Every Business Network Executive Summary
More informationReducing Downtime Costs with Network-Based IPS
Reducing Downtime Costs with Network-Based IPS April 2007 900 East Hamilton Avenue Suite 230 San Jose California 95008 t 408.583.0011 f 408.583.0031 www.infonetics.com Silicon Valley, CA Boston, MA London,
More informationDDoS Prevention Appliances
IHS INFONETICS RESEARCH REPORT EXCERPTS DDoS Prevention Appliances Biannual Worldwide and Regional Market Share and Forecasts: 1st Edition Excerpts June 2015 By Research Director Jeff Wilson 695 C ampbell
More informationProtecting Your Data From The Inside Out UBA, Insider Threats and Least Privilege in only 10 minutes!
We protect your most sensitive information from insider threats. Protecting Your Data From The Inside Out UBA, Insider Threats and Least Privilege in only 10 minutes! VARONIS SYSTEMS About Me Dietrich
More informationData Center Security Products. Data Center Security. Biannual Worldwide and Regional Market Share, Size, and Forecasts: Excerpts
Data Center Security Products Biannual Worldwide and Regional Market Share, Size, and Forecasts: Excerpts Data Center Security Virtual Appliances Ready for Prime Time? WHITE PAPER: AGILE NETWORK SECURITY
More informationAttack Intelligence: Why It Matters
Attack Intelligence: Why It Matters WHITE PAPER Core Security +1 617.399-6980 info@coresecurity.com www.coresecurity.com A Proactive Strategy Attacks against your organization are more prevalent than ever,
More informationSINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry
SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry DATA BREACH A FICTIONAL CASE STUDY THE FIRST SIGNS OF TROUBLE Friday, 5.20 pm :
More informationAddressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave
More informationExecutive Summary 3. Snowden and Retail Breaches Influencing Security Strategies 3. Attackers are on the Inside Protect Your Privileges 3
GLOBAL ADVANCED THREAT LANDSCAPE SURVEY 2014 TABLE OF CONTENTS Executive Summary 3 Snowden and Retail Breaches Influencing Security Strategies 3 Attackers are on the Inside Protect Your Privileges 3 Third-Party
More information1 Introduction... 2 2 Product Description... 3 3 Strengths and Challenges... 5 4 Copyright... 5
KuppingerCole Report EXECUTIVE VIEW by Alexei Balaganski May 2015 is a business-critical application security solution for SAP environments. It provides a context-aware, secure and cloud-ready platform
More informationReducing Cyber Risk in Your Organization
Reducing Cyber Risk in Your Organization White Paper 2016 The First Step to Reducing Cyber Risk Understanding Your Cyber Assets With nearly 80,000 cyber security incidents worldwide in 2014 and more than
More informationPreempting Business Risk with RSA SIEM and CORE Security Predictive Security Intelligence Solutions
Preempting Business Risk with RSA SIEM and CORE Security Predictive Security Intelligence Solutions CORE Security +1 617.399-6980 info@coresecurity.com www.coresecurity.com blog.coresecurity.com Preempting
More informationAddressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense
A Trend Micro Whitepaper I February 2016 Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense How Trend Micro Deep Security Can Help: A Mapping to the SANS Top 20 Critical
More informationSecurity and Privacy of Electronic Medical Records
White Paper Security and Privacy of Electronic Medical Records McAfee SIEM and FairWarning team up to deliver a unified solution Table of Contents Executive Overview 3 Healthcare Privacy and Security Drivers
More informationTrend Micro Cloud Security for Citrix CloudPlatform
Trend Micro Cloud Security for Citrix CloudPlatform Proven Security Solutions for Public, Private and Hybrid Clouds 2 Trend Micro Provides Security for Citrix CloudPlatform Organizations today are embracing
More informationPreparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS
Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS CONTENTS PAGE RECONNAISSANCE STAGE 4 INCURSION STAGE 5 DISCOVERY STAGE 6 CAPTURE STAGE 7 EXFILTRATION STAGE
More informationPerforming Advanced Incident Response Interactive Exercise
Performing Advanced Incident Response Interactive Exercise Post-Conference Summary Merlin Namuth Robert Huber SCENARIO 1 - PHISHING EMAILS... 3... 3 Mitigations... 3 SCENARIO 2 - IDS ALERT FOR PSEXEC...
More informationAttachment A. Identification of Risks/Cybersecurity Governance
Attachment A Identification of Risks/Cybersecurity Governance 1. For each of the following practices employed by the Firm for management of information security assets, please provide the month and year
More informationExternal Supplier Control Requirements
External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must
More informationFull-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform
Full-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform Solution Brief Full-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform Finding
More informationREPORT HIGHLIGHTS. Infonetics: Videoconferencing is up as market moves to lower-cost solutions
REPORT HIGHLIGHTS Lead Analyst: Matthias Machowinski Directing Analyst, Enterprise Networks and Video Infonetics Research +1-408-583-3363 matthias@infonetics.com Twitter: @infonetics Infonetics: Videoconferencing
More informationDETECT AND RESPOND TO THREATS FROM THE DATA CENTER TO THE CLOUD
SOLUTION OVERVIEW: ALERT LOGIC THREAT MANAGER WITH ACTIVEWATCH DETECT AND RESPOND TO THREATS FROM THE DATA CENTER TO THE CLOUD Protecting your infrastructure requires you to detect threats, identify suspicious
More informationContinuous Network Monitoring
Continuous Network Monitoring Eliminate periodic assessment processes that expose security and compliance programs to failure Continuous Network Monitoring Continuous network monitoring and assessment
More informationCyber Security Metrics Dashboards & Analytics
Cyber Security Metrics Dashboards & Analytics Feb, 2014 Robert J. Michalsky Principal, Cyber Security NJVC, LLC Proprietary Data UNCLASSIFIED Agenda Healthcare Sector Threats Recent History Security Metrics
More informationUnified Security Management and Open Threat Exchange
13/09/2014 Unified Security Management and Open Threat Exchange RICHARD KIRK SENIOR VICE PRESIDENT 11 SEPTEMBER 2014 Agenda! A quick intro to AlienVault Unified Security Management (USM)! Overview of the
More informationCONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
More information$22k. Payment Card Data Breaches: What You Need to Know About Your Risk and Liability. First Data Market Insight
Need to Know About Your Risk and Liability Many small merchants are surprised to learn that they can be held liable for tens of thousands of dollars in fines and other expenses when a card data breach
More informationWebsense Data Security Gateway and Citrix NetScaler SDX Platform Overview
Websense Data Security Gateway and Citrix NetScaler SDX Platform Overview 2 The next generation of SDX platform provides the foundation for further integration. Today, Citrix NetScaler SDX appliances enable
More informationInfonetics Research White Paper Infonetics Research, Inc.
Infonetics Research White Paper Hybrid E-mail Security: Integrating SaaS and On-Premise Solutions By JEFF WILSON Principal Analyst, Security JUNE 2010 Hybrid e- mail security E-mail-borne threats and spam
More informationIMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE
IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE Solution Brief SUMMARY New security threats demand a new approach to security management. Security teams need a security analytics architecture that can handle
More informationFile Integrity Monitoring: A Critical Piece in the Security Puzzle. Challenges and Solutions
File Integrity Monitoring Challenges and Solutions Introduction (TOC page) A key component to any information security program is awareness of data breaches, and yet every day, hackers are using malware
More informationDEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER
DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND Introduction > New security threats are emerging all the time, from new forms of malware and web application exploits that target
More informationTechnology Blueprint. Protect Your Email Servers. Guard the data and availability that enable business-critical communications
Technology Blueprint Protect Your Email Servers Guard the data and availability that enable business-critical communications LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL 1 2 4 5 3 Security
More informationWhy a Network-based Security Solution is Better than Using Point Solutions Architectures
Why a Network-based Security Solution is Better than Using Point Solutions Architectures In This Paper Many threats today rely on newly discovered vulnerabilities or exploits CPE-based solutions alone
More informationCyber Risk Management
Cyber Risk Management A short guide to best practice Insight October 2014 So what exactly is 'cyber risk'? In essence, cyber risk means the risk connected to online activity and internet trading but also
More informationSecurity strategies to stay off the Børsen front page
Security strategies to stay off the Børsen front page Steve Durkin, Channel Director for Europe, Q1 Labs, an IBM Company 1 2012 IBM Corporation Given the dynamic nature of the challenge, measuring the
More informationWAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales
WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales The Cost of Cybercrime Sony $171m PlayStation 3 data breach (April 2011) $3 trillion
More informationCybersecurity and internal audit. August 15, 2014
Cybersecurity and internal audit August 15, 2014 arket insights: what we are seeing so far? 60% of organizations see increased risk from using social networking, cloud computing and personal mobile devices
More informationSecurity Intelligence Services. www.kaspersky.com
Kaspersky Security Intelligence Services. Threat Intelligence Services www.kaspersky.com THREAT INTELLIGENCE SERVICES Tracking, analyzing, interpreting and mitigating constantly evolving IT security threats
More informationImpact of Data Breaches
Research Note Impact of Data Breaches By: Divya Yadav Copyright 2014, ASA Institute for Risk & Innovation Applicable Sectors: IT, Retail Keywords: Hacking, Cyber security, Data breach, Malware Abstract:
More informationInformation Security Addressing Your Advanced Threats
Information Security Addressing Your Advanced Threats Where We are Going Information Security Landscape The Threats You Face How To Protect Yourself This Will Not Be Boring What Is Information Security?
More informationDemystifying Cyber Insurance. Jamie Monck-Mason & Andrew Hill. Introduction. What is cyber? Nomenclature
Demystifying Cyber Insurance Jamie Monck-Mason & Andrew Hill Introduction What is cyber? Nomenclature 1 What specific risks does cyber insurance cover? First party risks - losses arising from a data breach
More informationOTN, MPLS, and Control Plane Strategies
Global Service Provider Survey Excerpts: OTN, MPLS, and Control Plane Strategies By Andrew Schmitt Principal Analyst, Optical Infonetics Research SUMMARY: OTN SWITCHING POISED TO GO MAINSTREAM OTN switching
More informationIncident Response. Proactive Incident Management. Sean Curran Director
Incident Response Proactive Incident Management Sean Curran Director Agenda Incident Response Overview 3 Drivers for Incident Response 5 Incident Response Approach 11 Proactive Incident Response 17 2 2013
More informationPractice Good Enterprise Security Management. Presented by Laurence CHAN, MTR Corporation Limited
Practice Good Enterprise Security Management Presented by Laurence CHAN, MTR Corporation Limited About Me Manager Information Security o o o o Policy formulation and governance Incident response Incident
More informationCombating a new generation of cybercriminal with in-depth security monitoring
Cybersecurity Services Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored.
More informationWHITE PAPER Cloud-Based, Automated Breach Detection. The Seculert Platform
WHITE PAPER Cloud-Based, Automated Breach Detection The Seculert Platform Table of Contents Introduction 3 Automatic Traffic Log Analysis 4 Elastic Sandbox 5 Botnet Interception 7 Speed and Precision 9
More informationTHREAT VISIBILITY & VULNERABILITY ASSESSMENT
THREAT VISIBILITY & VULNERABILITY ASSESSMENT Date: April 15, 2015 IKANOW Analysts: Casey Pence IKANOW Platform Build: 1.34 11921 Freedom Drive, Reston, VA 20190 IKANOW.com TABLE OF CONTENTS 1 Key Findings
More informationData Breach Lessons Learned. June 11, 2015
Data Breach Lessons Learned June 11, 2015 Introduction John Adams, CISM, CISA, CISSP Associate Director Security & Privacy 410.707.2829 john.adams@protiviti.com Powerful Insights. Proven Delivery. Kevin
More informationCyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte
Cyber security Time for a new paradigm Stéphane Hurtaud Partner Information & Technology Risk Deloitte 90 More than ever, cyberspace is a land of opportunity but also a dangerous world. As public and private
More informationDefending Against Data Beaches: Internal Controls for Cybersecurity
Defending Against Data Beaches: Internal Controls for Cybersecurity Presented by: Michael Walter, Managing Director and Chris Manning, Associate Director Protiviti Atlanta Office Agenda Defining Cybersecurity
More informationBYOD and Your Business
BYOD and Your Business Learn about the BYOD trend, the risks associated with this trend, and how to successfully adopt BYOD while securing your network. Agenda The rise of BYOD Security risks associated
More informationA Websense Research Brief Prevent Data Loss and Comply with Payment Card Industry Data Security Standards
A Websense Research Brief Prevent Loss and Comply with Payment Card Industry Security Standards Prevent Loss and Comply with Payment Card Industry Security Standards Standards for Credit Card Security
More informationSession 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness
Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness Wayne A. Wheeler The Aerospace Corporation GSAW 2015, Los Angeles, CA, March 2015 Agenda Emerging cyber
More informationCHAPTER 3 : INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC
: INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS 1 FIVE KEY RECOMMENDATIONS During 2014, NTT Group supported response efforts for a variety of incidents. Review of these engagements revealed some observations
More informationKEY STEPS FOLLOWING A DATA BREACH
KEY STEPS FOLLOWING A DATA BREACH Introduction This document provides key recommended steps to be taken following the discovery of a data breach. The document does not constitute an exhaustive guideline,
More informationWhitepaper. Advanced Threat Hunting with Carbon Black
Advanced Threat Hunting with Carbon Black TABLE OF CONTENTS Overview Threat Hunting Defined Existing Challenges and Solutions Prioritize Endpoint Data Collection Over Detection Leverage Comprehensive Threat
More informationOvercoming Five Critical Cybersecurity Gaps
Overcoming Five Critical Cybersecurity Gaps How Active Threat Protection Addresses the Problems that Security Technology Doesn t Solve An esentire White Paper Copyright 2015 esentire, Inc. All rights reserved.
More informationAdvanced Threats: The New World Order
Advanced Threats: The New World Order Gary Lau Technology Consulting Manager Greater China gary.lau@rsa.com 1 Agenda Change of Threat Landscape and Business Impact Case Sharing Korean Incidents EMC CIRC
More informationGetting Ahead of Advanced Threats
Getting Ahead of Advanced Threats Advanced Security Solutions for Trusted IT Chezki Gil Territory Manager Israel & Greece 1 Threats are Evolving Rapidly Criminals Petty criminal s Unsophisticated Organized
More informationEnd-user Security Analytics Strengthens Protection with ArcSight
Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security
More informationTowards Threat Wisdom
Towards Threat Wisdom Duncan Brown dbrown@idc.com @duncanwbrown What our world looks like Incidents Threats 48% 1 1mpd 2 Infections x14 3 Sources: 1. PwC, The Global State of Information Security Survey
More informationIntelligent Security Design, Development and Acquisition
PAGE 1 Intelligent Security Design, Development and Acquisition Presented by Kashif Dhatwani Security Practice Director BIAS Corporation Agenda PAGE 2 Introduction Security Challenges Securing the New
More informationBeyondInsight Version 5.6 New and Updated Features
BeyondInsight Version 5.6 New and Updated Features BeyondInsight 5.6 Expands Risk Visibility Across New Endpoint, Cloud and Firewall Environments; Adds Proactive Threat Alerts The BeyondInsight IT Risk
More informationAppendix. Key Areas of Concern. i. Inadequate coverage of cybersecurity risk assessment exercises
Appendix Key Areas of Concern i. Inadequate coverage of cybersecurity risk assessment exercises The scope coverage of cybersecurity risk assessment exercises, such as cybersecurity control gap analysis
More informationThe dramatic growth in mobile device malware. continues to escalate at an ever-accelerating. pace. These threats continue to become more
The dramatic growth in mobile device malware continues to escalate at an ever-accelerating pace. These threats continue to become more sophisticated while the barrier to entry remains low. As specific
More informationReducing the Cost and Complexity of Web Vulnerability Management
WHITE PAPER: REDUCING THE COST AND COMPLEXITY OF WEB..... VULNERABILITY.............. MANAGEMENT..................... Reducing the Cost and Complexity of Web Vulnerability Management Who should read this
More informationWhat s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.
What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things. AGENDA Current State of Information Security Data Breach Statics Data Breach Case Studies Why current
More informationTeradata and Protegrity High-Value Protection for High-Value Data
Teradata and Protegrity High-Value Protection for High-Value Data 03.16 EB7178 DATA SECURITY Table of Contents 2 Data-Centric Security: Providing High-Value Protection for High-Value Data 3 Visibility:
More informationPACB One-Day Cybersecurity Workshop
PACB One-Day Cybersecurity Workshop WHAT IS CYBERSECURITY? PRESENTED BY: JON WALDMAN, SBS CISA, CRISC 1 Contact Information Jon Waldman Partner, Senior IS Consultant CISA, CRISC Masters of Info Assurance
More informationThe Next Generation Security Operations Center
The Next Generation Security Operations Center Vassil Barsakov Regional Manager, CEE & CIS RSA, the Security Division of EMC 1 Threats are Evolving Rapidly Criminals Petty criminals Unsophisticated Organized
More informationWHITE PAPER. Attack the Attacker HOW A MANAGED SECURITY SERVICE IMPROVES EFFICIENCY AND SAVES COST
WHITE PAPER Attack the Attacker HOW A MANAGED SECURITY SERVICE IMPROVES EFFICIENCY AND SAVES COST Table of Contents THE SECURITY MAZE... 3 THE CHALLENGE... 4 THE IMPORTANCE OF MONITORING.... 6 RAPID INCIDENT
More informationProtect Your Universe with ArcSight
Protect Your Universe with ArcSight The ArcSight SIEM Platform: Prevent Data Theft Enforce Compliance Defeat Cybercrime Before ArcSight, it was difficult to know in realtime what was happening from an
More informationHow Managed Services Has Changed Remote Infrastructure Management. Presented by: Bill Whitney March 26, 2008
How Managed Services Has Changed Remote Infrastructure Management Presented by: Bill Whitney March 26, 2008 Why are businesses looking to partners such as Managed Service Providers (MSPs) for remote infrastructure
More informationAverage annual cost of security incidents
Breaches reported Annual number of data breaches Average annual cost of security incidents Among companies with revenues over $1 billion Regulatory mandates 900 800 700 600 500 400 300 200 100 0 2011 2012
More informationWHITE PAPER: THREAT INTELLIGENCE RANKING
WHITE PAPER: THREAT INTELLIGENCE RANKING SEPTEMBER 2015 2 HOW WELL DO YOU KNOW YOUR THREAT DATA? HOW THREAT INTELLIGENCE FEED MODELING CAN SAVE MONEY AND PREVENT BREACHES Who are the bad guys? What makes
More informationOCIE CYBERSECURITY INITIATIVE
Topic: Cybersecurity Examinations Key Takeaways: OCIE will be conducting examinations of more than 50 registered brokerdealers and registered investment advisers, focusing on areas related to cybersecurity.
More informationPersistence Mechanisms as Indicators of Compromise
Persistence Persistence Mechanisms as Indicators of Compromise An automated technology for identifying cyber attacks designed to survive indefinitely the reboot process on PCs White Paper Date: October
More informationAdvanced Threat Detection: Necessary but Not Sufficient The First Installment in the Blinded By the Hype Series
Advanced Threat Detection: Necessary but Not Sufficient The First Installment in the Blinded By the Hype Series Whitepaper Advanced Threat Detection: Necessary but Not Sufficient 2 Executive Summary Promotion
More informationRational AppScan & Ounce Products
IBM Software Group Rational AppScan & Ounce Products Presenters Tony Sisson and Frank Sassano 2007 IBM Corporation IBM Software Group The Alarming Truth CheckFree warns 5 million customers after hack http://infosecurity.us/?p=5168
More informationBest Practices for Avoiding Getting Speared Like a Phish
Best Practices for Avoiding Getting Speared Like a Phish Thoughts from in-house 2016 MRIS Erik M Feig General Counsel MRIS ACC NCR Small Law Department Initiative May, 2016 Erik.feig@mris.net PANELISTS
More informationReduce Your Network's Attack Surface
WHITE PAPER Reduce Your Network's Attack Surface Ixia's ThreatARMOR Frees Up Security Resources and Personnel The Threat Landscape When you re dealing with network security, one of the primary measurements
More informationRISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION
RISKY BUSINESS SEMINAR CYBER LIABILITY DISCUSSION October 23, 2015 THREAT ENVIRONMENT Growing incentive for insiders to abuse access to sensitive data for financial gain Disgruntled current and former
More informationWHITE PAPER WHAT HAPPENED?
WHITE PAPER WHAT HAPPENED? ENSURING YOU HAVE THE DATA YOU NEED FOR EFFECTIVE FORENSICS AFTER A DATA BREACH Over the past ten years there have been more than 75 data breaches in which a million or more
More informationExtreme Networks Security Analytics G2 Vulnerability Manager
DATA SHEET Extreme Networks Security Analytics G2 Vulnerability Manager Improve security and compliance by prioritizing security gaps for resolution HIGHLIGHTS Help prevent security breaches by discovering
More informationWhite Paper THE FOUR ATTACK VECTORS TO PREVENT OR DETECT RETAILER BREACHES. By James Christiansen, VP, Information Risk Management
White Paper THE FOUR ATTACK VECTORS TO PREVENT OR DETECT RETAILER BREACHES By James Christiansen, VP, Information Risk Management Executive Summary Security breaches in the retail sector are becoming more
More informationSolutions Brochure. Security that. Security Connected for Financial Services
Solutions Brochure Security that Builds Equity Security Connected for Financial Services Safeguard Your Assets Security should provide leverage for your business, fending off attacks while reducing risk
More informationCountering Cyber Attacks with Big Data and Analytics
June 2015 Countering Cyber Attacks with Big Data and Analytics Frost & Sullivan Analysis by Sandy Borthick Big Data & Analytics (BDA) Volume 3, Number 6 Countering Cyber Attacks with Big Data and Analytics
More informationWHITE PAPER. Managed Security. Five Reasons to Adopt a Managed Security Service
WHITE PAPER Managed Security Five Reasons to Adopt a Managed Security Service Introduction Cyber security presents many organizations with a painful dilemma. On the one hand, they re increasingly vulnerable
More informationThe Recover Report. It s business. But it s personal.
The Recover Report It s business. But it s personal. Executive summary The Recover Report The perpetrators This report examines a sample of 150 data theft cases handled by Mishcon de Reya. Our research
More informationHow To Create Situational Awareness
SIEM: The Integralis Difference January, 2013 Avoid the SIEM Pitfalls Get it right the first time Common SIEM challenges Maintaining staffing levels 24/7 Blended skills set, continuous building of rules
More informationAs global mobile internet penetration increases the cybercrime and cyberterrorism vector is extended
As global mobile internet penetration increases the cybercrime and cyberterrorism vector is extended Global Cybercrime has an estimated cost of US$ 110 Billion per year Every second, 18 adults become a
More information