CyberSecurity Innovation Assessing your Organizations Vulnerability to a Cyber breach

Transcription

1 CyberSecurity Innovation Assessing your Organizations Vulnerability to a Cyber breach Steve Mullan Co Founder of Cognition Secure Ltd

2 Thank You 7/12/2015 Copyright Cognition Secure Ltd 2015 The 5th CAE Annual Conference SM PUBLIC

3 The Evolving Face (and audience) of IT Security 2006 ISA Firewall VPN Throughput Nears 150Mbps ISAserver.org 2010 Consolidate Network Security to Reduce Cost and Maximise Enterprise Protection 2015 Coming into Focus: Cyber Security Operational Risk 7/12/2015 Copyright Cognition Secure Ltd 2015 The 5th CAE Annual Conference SM PUBLIC

4 Cognition A Cyber Security Integrator What is cyber security? Cyber security can be described as the digital or human measures you can take to reduce the risk and harm to your company's information and information based systems through theft, alteration or destruction. (HM Government Report to Non Exec Directors, Dec 14) Digital AND Human PEOPLE PROCESS TECHNOLOGY 7/12/2015 Copyright Cognition Secure Ltd 2015 The 5th CAE Annual Conference SM PUBLIC

5 So why is Cyber Security Integration so important? Traditional Security still has an important role to play Dec 2014 report 317 Million new pieces of malware, 1 Million/day Adopt a policy for implementing Innovative & Emerging Technology Integrate the solutions correctly it s not about rip & replace or about single point solutions, a multi layered approach. 7/12/2015 Copyright Cognition Secure Ltd 2015 The 5th CAE Annual Conference SM PUBLIC

6 WhiteHat Sentinel Andrew Lawton VP EMEA WhiteHat Security

7 The Reality 6

8 Internal Audit and Cybersecurity Definition: An independent, objective assurance and consulting activity designed to add value and improve an organisation s operations. It helps an organisation accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes This definition of internal audit is taken from the International Standards for the Professional Practice of Internal Auditing of the Institute of Internal Auditors WhiteHat Security, Inc. 7

9 Current challenges Application security is normally annual pentest plus scanning. 1. No consistency Data is delivered in different formats 2. Lack of trust Data is often false positive 3. No standardisation Assessments are undertaken in different ways 4. No disciplined approach assessments adhoc or annual 2014 WhiteHat Security, Inc. 8

10 ABOUT WHITEHAT Company Overview Pioneer in Application Security Founder: Jeremiah Grossman Headquartered in Santa Clara CA Employees: 370+ (180 security engineers) Customers: 900+ Long term customers strategic partner and trusted advisor Websites under assessment: 45,000 WhiteHat a leader in the Gartner Magic Quadrant for Application Security Testing 2013 and 2014 Whitehat a Leader in the Forrester Wave: Application Security Review

11 A Comprehensive Approach To Threats

12 The Value Visibility

13 Whitehat Security Index

14 Enhanced Reporting

15 Key Value Deliverable Value Expert and professional team Highly accurate assessments Unlimited consulting hours through Ask a question feature An extension of your security team Remediation advice provided Continuous assessment Catch vulns in new code as it is pushed and zero days as they happen The business apps changes all the time so the assessments must continue all the time Zero false positive output Saves a huge amount of time and money in filtering through the noise Means that data can be trusted to be fed into automation XML API Open XML API allows simple integration with security and compliance infrastructure Out of the box with: o F5 ASM o Imperva o RSA Archer o Jira

16 Internal Audit and Whitehat Definition: An independent, objective assurance and consulting activity designed to add value and improve an organisation s operations. It helps an organisation accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes This definition of internal audit is taken from the International Standards for the Professional Practice of Internal Auditing of the Institute of Internal Auditors WhiteHat Security, Inc. 15

17 WhiteHat Security Summary Differentiators Strategic partner for end to end security in the SDLC Continuous and unlimited assessments Zero false positives Threat Research Centre Overlay One service covering code in development and live applications Massive speed and scalability throughout SDLC Production safe Value Save time and money on determining what needs action Clear information on vulnerability and remediation to communicate from security to developers Access to security team to help an extension of your team Integrates with and feeds actionable intelligence into your security infrastructure Clear metrics and analysis trending and drill down capability Validation Happy customers 94% renewal rate Gartner and Forrester position us as a Leader

18 We pre We prevent. DDoS Attacks Data breach

19 DDoS attack

20 Web Application Security Bank ransomed Customers blackmailed Account & transaction details published online

21

22 Application Breaches

23 Data breach Network security Databases Applications

24 Zenedge solution Databases Applications

25 Simple Process driven Security Intelligence

26

27

28 Imagine there s no malware Paul Davis VP EMEA December, 2015

29 Current Threat Prevention Solutions: Good vs Bad Mistakes are inevitable and costly 28

30 Can I get infected by just surfing a site? Yes! Malware can be injected into your system without clicking on any downloads, plugins or intentionally opening any files! Drive By Malware, Malvertising, etc. Numerous Examples Forbes.com Sept 2015 Yahoo Aug Huffington Post 2014 Menlo Security, Inc. 29

31 Why it s so easy to get infected with a single click... Website Lines of Source Code on Front Page # Of Different Domains Connected To (In Background) Lines of Source Code Executed from Different Domains Total Lines of Code You Are Exposed To! 2, ,168 9,723 User 36 Sites Forbes Connects to in the Background. These Random Sites Execute Code in Your Browser! Adsafeprotected.com Realtime.co Sharethrough.com Forbesmig.com Googletagservices.com Liftdna.com Media.net etc Menlo Security, Inc. 30

32 UAE Top 25 Sites Average # Scripts per site 18 Average # Domains serving scripts 7 Average Amount of code downloaded 1.3 MB Top site for #scripts? facebook.com (85) Top site for #3 rd party domains? Abs cbnnews.com (23) Top Site for amount of script code? Gulfnews.com (3.3MB) 2014 Menlo Security, Inc. 31

33 Isolation Security Promising, but Challenging Completely contain and execute Web content, including any malware Significant promise No false positives or negatives The potential for perfect security Significant challenges to date Hard to deploy (endpoint software) Poor user experience Brittle 2015 Menlo Security Inc., Confidential 32

34 Menlo Security is Introducing a New Isolation Platform Eliminates malware from the Web & Public (SaaS) or private cloud deployment No endpoint software any device, OS, browser No latency or impact on user experience 2015 Menlo Security, Inc. 33 CONFIDENTIAL

35 Eliminate Web Malware Internet Users All content (good and bad) executes in Disposable Virtual Containers Native user experience Malware free Execute, Render 100% safe rendering info Dispose (every domain, every session) Adaptive Clientless Rendering (ACR) Any Device Any OS Any Browser Open up the Web and reduce risk 2015 Menlo Security Inc., Confidential 34

36 Powerful Platform Supports Multiple Use Cases Isolate uncategorized Web sites all Web sites Eliminate Java and Flash Read only for social sites Proxy replacement security (links & phishing) Prevent attacks; Reduce trouble tickets, alerts & patching 2014 Menlo Security, Inc

37

38 Panel Discussion: Q1: What are some of the simple things that people can do to reduce risk in the organisation? 7/12/2015 Copyright Cognition Secure Ltd 2015 The 5th CAE Annual Conference SM PUBLIC

39 Panel Discussion: Q2: Why do organisations find it so hard to measure and reduce the risk associated with cyber attack? 7/12/2015 Copyright Cognition Secure Ltd 2015 The 5th CAE Annual Conference SM PUBLIC

40 Panel Discussion: Q3: How much responsibility should Internal Audit & Risk take for their Organisations Cyber Security policy? 7/12/2015 Copyright Cognition Secure Ltd 2015 The 5th CAE Annual Conference SM PUBLIC

41 Panel Discussion: Q4: With Dubai planning to transition to a Smart City over the next couple of years, what role could you play in this to assist the enablement? 7/12/2015 Copyright Cognition Secure Ltd 2015 The 5th CAE Annual Conference SM PUBLIC

42 Panel Discussion: Q5: My organisation currently runs annual Penetration testing surely that s a sufficient measure for my risk strategy. 7/12/2015 Copyright Cognition Secure Ltd 2015 The 5th CAE Annual Conference SM PUBLIC

43 Panel Discussion: Q6: The Internet of Things (IoT) is a phenomenon which will be critical to a range of industries across the Middle East. How will we take steps to ensure we can implement IoT securely. 7/12/2015 Copyright Cognition Secure Ltd 2015 The 5th CAE Annual Conference SM PUBLIC

44 Panel Discussion: Q7: Moving forward, where do you see an Organisations IT Security department reporting into? 7/12/2015 Copyright Cognition Secure Ltd 2015 The 5th CAE Annual Conference SM PUBLIC

45 Conclusion An effective Security Posture needs to incorporate: People Process Technology Innovative Technology is vital for dealing with the threat of the Unknown and reducing your business risk exposure You need to have a starting point and an understanding of where you are today otherwise how do you know if you re making improvements Ensure your organisation adopts a Proactive stance on it s Cyber Security Strategy it s a question of when, not if 7/12/2015 Copyright Cognition Secure Ltd 2015 The 5th CAE Annual Conference SM PUBLIC

46 Steve Mullan Cognition Secure Ltd Thank you Andrew Lawton WhiteHat Security Simon Minton ZenEdge Paul Davis Menlo Security 7/12/2015 Copyright Cognition Secure Ltd 2015 The 5th CAE Annual Conference SM PUBLIC