Emerging Technologies & the State of the SOC. John Kindervag, Vice President and Principal Analyst
|
|
- Marjorie Horton
- 8 years ago
- Views:
Transcription
1
2 Emerging Technologies & the State of the SOC John Kindervag, Vice President and Principal Analyst
3 2014 In Review 2015 Forrester Research, Inc. Reproduction Prohibited 3
4 2015 is bad too! 2015 Forrester Research, Inc. Reproduction Prohibited 4
5 Companies are Naïve about Compromise Q4. How many business-impacting attacks or breaches has your organization experienced (whether publicly announced or not) in the past 12 months? Q6. How were these attacks or breaches discovered? Select all that apply More than % 7% Internal detection Internal detection External detection External detection Other third-party 40% 30% 16% 4% 73% % Q5. What is the likelihood your IT systems have been compromised within the past 12 months and you are unaware? % Highly likely Somewhat likely 4% 11% None 21% 45 respondents at orgs. that did not experience an attack Not that likely Highly unlikely 27% 58% Base: 180 IT security decision-makers at US, UK, German, and Brazilian-based companies that have implemented or evaluated SIM/SIEM or security analytics technology Source: A commissioned study conducted by Forrester Consulting on behalf of RSA, September Forrester Research, Inc. Reproduction Prohibited 5
6 Thinking about creating a SOC? Source: ((CC BY-SA 2.0) 2015 Forrester Research, Inc. Reproduction Prohibited 6 6
7 SOC Operations are Complex Source: Security Operations Center (SOC) Staffing, August Forrester Research, Inc. Reproduction Prohibited 7
8 SOC Operations are Overwhelming Source: Security Operations Center (SOC) Staffing, August Forrester Research, Inc. Reproduction Prohibited 8 8
9 Staffing an SOC is expensive Source: April 20, 2010, SOC 2.0: Virtualizing Security Operations Forrester report 2015 Forrester Research, Inc. Reproduction Prohibited 9
10 SOC Core Technologies Past Present Future SIM/NAV Security Analytics Automated Response Data Insights Action Actionable INTEL (is not action) 2015 Forrester Research, Inc. Reproduction Prohibited 10
11 Future Security Operations must be Virtual Social Action Oriented Automated Customer Obsessed 2015 Forrester Research, Inc. Reproduction Prohibited 11
12 Future Security Operations must be Virtual Social Action Oriented Automated Customer Obsessed 2015 Forrester Research, Inc. Reproduction Prohibited 12
13 Security Operations Center 1.0 Source: NASA ( Forrester Research, Inc. Reproduction Prohibited 13
14 Full time staff is dedicated to threats Q24. Does your organization have a centralized team within the security organization responsible for threat detection and response (e.g., SOC, CIRC, CIRT, incidence response team)? Yes, we have a team of full-time staffers with primary responsibility for threat detection and response Yes, we have a team of full-time staffers to address threat detection and response, but it isn't their primary responsibility Yes, we use a combination of full-time staffers and an MSSP to address threat detection and response 17% 28% 36% No, but we outsource threat detection and response to an MSSP 5% No, but we plan to have a dedicated team within the next 12 months 8% No, but we plan to fully or partially outsource threat detection and response within the next 12 months No, and we have no plans to form a team or outsource 2% 4% Base: 180 IT security decision-makers at US, UK, German, and Brazilian-based companies that have implemented or evaluated SIM/SIEM or security analytics technology Source: A commissioned study conducted by Forrester Consulting on behalf of RSA, September Forrester Research, Inc. Reproduction Prohibited 14
15 SOC 2.0 is virtual SOC 2.0 is not a place. SOC 2.0 is not a big projection screen. SOC 2.0 is not a fancy motorized chair. SOC 2.0 is a PHONE. SOC 2.0 is a BROWSER. SOC 2.0 is a PERSON. SOC 2.0 is INFORMATION. SOC 2.0 is SOCIAL Forrester Research, Inc. Reproduction Prohibited 15
16 Building SOC 2.0 Identify core people. Not typical SOC engineers Training and experience Identify core technologies. Security Analytics Security Information Management (SIM) Network Analysis and Visibility (NAV) Forensics and Sandboxes 2015 Forrester Research, Inc. Reproduction Prohibited 16
17 Future Security Operations must be Virtual Social Action Oriented Automated Customer Obsessed 2015 Forrester Research, Inc. Reproduction Prohibited 17
18 We need to move from a culture of need to know to a culture of need to share. BAE Systems Source: November 19, 2009 Harnessing Social Networking To Drive Transformation Forrester report 2015 Forrester Research, Inc. Reproduction Prohibited 18
19 The social SOC Strategic partners: SANS MITRE Threats and attacks Managed svcs. partners Vendor tech support VARs and consultants Leverage the hacker ethic. Strategic Commercial partners Corporate network Corp VSOC Ad-hoc SOC cloud Publicly available information Bill Joy s Law: No matter who you are, most of the smartest people work for someone else. Source: April 20, 2010, SOC 2.0: Virtualizing Security Operations Forrester report 2015 Forrester Research, Inc. Reproduction Prohibited 19
20 Companies must embrace social SOC Traditional SOC costs are high. Staffing Transaction costs Labor elasticity is an issue. It leverages existing skilled resources. The social SOC is scale-free. Companies will collaborate because operational costs will plummet. Threat Intelligence Sharing 2015 Forrester Research, Inc. Reproduction Prohibited 20
21 Future Security Operations must be Virtual Social Action Oriented Automated Customer Obsessed 2015 Forrester Research, Inc. Reproduction Prohibited 21
22 We are drowning in data and starving for insight. Global Bank 2015 Forrester Research, Inc. Reproduction Prohibited 22
23 Security Analytics Leverages Big Data Reporting and Presentation Engine Data Analytics Engine IT Big Data Store 2015 Forrester Research, Inc. Reproduction Prohibited 23
24 Multiple data sources are collected for SA Q17. From which data sources does your organization currently collect, parse, query, and analyze data in your security analytics solutions? From which sources would you like to collect and analyze data? Currently collect and analyze Would like to collect and analyze Currently collect, but don't analyze No plans/need Security device logs Server logs Network device logs Database logs Database activity monitoring tools Network flow data Network traffic metadata Application logs Endpoint security status and logs Full network packet data Cloud applications Other SYSLOG sources Data from other SIMs 55% 59% 53% 58% 47% 47% 36% 48% 46% 38% 31% 34% 31% 29% 30% 21% 34% 30% 25% 26% 21% 30% 28% 38% 25% 27% 19% 16% 16% 16% 21% 25% 27% 33% 12% 2% 14% 2% 16% 5% 17% 4% 18% 3% 4% 8% 8% 7% 6% 6% 9% 7% Traditional log management/sim NAV NAV Base: 99 IT security decision-makers at US, UK, German, and Brazilian-based companies that have implemented security analytics technology Source: A commissioned study conducted by Forrester Consulting on behalf of RSA, September Forrester Research, Inc. Reproduction Prohibited 24
25 Link to Action with Insight Insights team All Data Right data Insights-to-execution process Effective actions Possible Actions Security Analytics Source: April 27, 2015, Digital Insight Is The New Currency Of Business Forrester report 2015 Forrester Research, Inc. Reproduction Prohibited 25
26 Security analytic-generated data improves insight Q21. How often is security analytic-generated data used to improve estimates of the likelihood and impact of threats during risk assessments? Rarely 8% Regularly 52% Occasionally 39% Base: 100 IT security decision-makers at US, UK, German, and Brazilian-based companies that have implemented security analytics technology Source: A commissioned study conducted by Forrester Consulting on behalf of RSA, September Forrester Research, Inc. Reproduction Prohibited 26
27 Future Security Operations must be Virtual Social Action Oriented Automated Customer Obsessed 2015 Forrester Research, Inc. Reproduction Prohibited 27
28 We want to move faster but Q28. What are the desired outcomes from increasing your organization s security? Select all that apply Faster response to attacks and suspicious activity 72% Greater visibility into threats and network activity 47% Improved understanding of risks specific to our organization 41% Better collaboration and alignment between security and the business 41% Base: 180 IT security decision-makers at US, UK, German, and Brazilian-based companies that have implemented or evaluated SIM/SIEM or security analytics technology Source: A commissioned study conducted by Forrester Consulting on behalf of RSA, September Forrester Research, Inc. Reproduction Prohibited 28
29 Security processes are too manual! Insight Automate! Action 2015 Forrester Research, Inc. Reproduction Prohibited 29
30 Source: Forrester Research, Inc. Reproduction Prohibited 30
31 Define Policy to automate response Declared Policy Sec Analytics 2015 Forrester Research, Inc. Reproduction Prohibited 31
32 Define Policy to automate response Declared Policy Sec Analytics IT Data 2015 Forrester Research, Inc. Reproduction Prohibited 32
33 Define Policy to automate response Declared Policy Data Identity Sec Analytics IT Data 2015 Forrester Research, Inc. Reproduction Prohibited 33
34 Response Index Engine Define Policy to automate response Declared Policy Data Identity Sec Analytics IT Data 2015 Forrester Research, Inc. Reproduction Prohibited 34
35 Confidence Level Response Index Low High Alert, Report and Stop Alert and Report No Response Low Impact High 2015 Forrester Research, Inc. Reproduction Prohibited 35
36 Response Index Engine Define Policy to automate response Data Identity Declared Policy Sec Analytics High RIE Engine: If conf = x then block, else report Automatic Response Because the response is defined by declared policy, Sec is empowered to act. IT Data Low Report 2015 Forrester Research, Inc. Reproduction Prohibited 36
37 Future Security Operations must be Virtual Social Action Oriented Automated Customer Obsessed 2015 Forrester Research, Inc. Reproduction Prohibited 37
38 We Have Entered The Age Of The Customer October 2013 Competitive Strategy In The Age Of The Customer 2015 Forrester Research, Inc. Reproduction Prohibited 38
39 Age of the Cutomer Transform the customer experience Turn big data into business insights Age of the Customer Embrace the mobile mind shift Become a digital disruptor 2015 Forrester Research, Inc. Reproduction Prohibited 39
40 Prevention is Dead? Intrusion Breach Prevention Detection 2015 Forrester Research, Inc. Reproduction Prohibited 40
41 Future Security Operations must be Virtual Social Action Oriented Automated Customer Obsessed 2015 Forrester Research, Inc. Reproduction Prohibited 41
42 Panel: Secrets of the SOC - Ask the Experts Your Burning Questions 3:45 PM Room E353A David Gray, RSA, ACD Practice Consultant Laura MacDonald, EMC Corporation, Sr. Manager, CIRC Strategic Services Kevin Maffett, State Farm Insurance, Compliance Director Kevin Young, Adobe Systems, Manager, Security Operations 2015 Forrester Research, Inc. Reproduction Prohibited 42
43 Thank you John Kindervag +1 forrester.com
Bridging the gap between COTS tool alerting and raw data analysis
Article Bridging the gap between COTS tool alerting and raw data analysis An article on how the use of metadata in cybersecurity solutions raises the situational awareness of network activity, leading
More informationAdvanced SOC Design. Next Generation Security Operations. Shane Harsch Senior Solutions Principal, MBA GCED CISSP RSA
Advanced SOC Design Next Generation Security Operations Shane Harsch Senior Solutions Principal, MBA GCED CISSP RSA 1 ! Why/How security investments need to shift! Key functions of a Security Operations
More informationDiscover & Investigate Advanced Threats. OVERVIEW
Discover & Investigate Advanced Threats. OVERVIEW HIGHLIGHTS Introducing RSA Security Analytics, Providing: Security monitoring Incident investigation Compliance reporting Providing Big Data Security Analytics
More informationDetect & Investigate Threats. OVERVIEW
Detect & Investigate Threats. OVERVIEW HIGHLIGHTS Introducing RSA Security Analytics, Providing: Security monitoring Incident investigation Compliance reporting Providing Big Data Security Analytics Enterprise-wide
More informationAdvanced Threats: The New World Order
Advanced Threats: The New World Order Gary Lau Technology Consulting Manager Greater China gary.lau@rsa.com 1 Agenda Change of Threat Landscape and Business Impact Case Sharing Korean Incidents EMC CIRC
More informationOperational Lessons from the RSA/EMC CIRC: People, Process, & Threat Intel
Operational Lessons from the RSA/EMC CIRC: People, Process, & Threat Intel @Ben_Smith Ben Smith, CISSP Field CTO (US East), Security Portfolio A Security Maturity Path CONTROLS COMPLIANCE IT RISK BUSINESS
More informationRashmi Knowles Chief Security Architect EMEA
Rashmi Knowles Chief Security Architect EMEA AGENDA Transformation of IT New cyber-security challenges Intelligence Driven Security Security Analytics Q&A 2 ENTERPRISE DATA CENTER ADVANCED SECURITY A UNIQUE
More informationCapacity Management Benefits For The Cloud
A Custom Technology Adoption Profile Commissioned By BMC Software November 2014 Capacity Management Benefits For The Cloud Introduction There are many benefits that enterprises can realize by moving workloads
More informationA Forrester Consulting Thought Leadership Paper Commissioned By RSA. December 2015
A Forrester Consulting Thought Leadership Paper Commissioned By RSA December 2015 Security Analytics Is The Cornerstone Of Modern Detection And Response Organizations Must Evolve Beyond SIEM To Address
More informationTowards Threat Wisdom
Towards Threat Wisdom Duncan Brown dbrown@idc.com @duncanwbrown What our world looks like Incidents Threats 48% 1 1mpd 2 Infections x14 3 Sources: 1. PwC, The Global State of Information Security Survey
More informationAdvanced Visibility. Moving Beyond a Log Centric View. Matthew Gardiner, RSA & Richard Nichols, RSA
Advanced Visibility Moving Beyond a Log Centric View Matthew Gardiner, RSA & Richard Nichols, RSA 1 Security is getting measurability worse Percent of breaches where time to compromise (red)/time to Discovery
More informationBIG DATA. Shaun McLagan General Manager, RSA Australia and New Zealand CHANGING THE REALM OF POSSIBILITY IN SECURITY
BIG DATA CHANGING THE REALM OF POSSIBILITY IN SECURITY Shaun McLagan General Manager, RSA Australia and New Zealand 1 Things have changed #2 Buzz word 2012 Big Data only behind something called Fiscal
More informationZero Trust Requires Effective Business-Centric Application Segmentation
Zero Trust Requires Effective Business-Centric Application Segmentation GET STARTED Zero Trust Requires Effective Business-Centric Application Segmentation To protect the network from today s sophisticated
More informationBest Practices For Public Cloud Security Part Three Of A Three-Part Series On Public Cloud Security
A Forrester Consulting Thought Leadership Paper Commissioned By Trend Micro February 2015 Best Practices For Public Cloud Security Part Three Of A Three-Part Series On Public Cloud Security Table Of Contents
More informationIMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE
IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE Solution Brief SUMMARY New security threats demand a new approach to security management. Security teams need a security analytics architecture that can handle
More informationWhat s New in Security Analytics 10.4. Be the Hunter.. Not the Hunted
What s New in Security Analytics 10.4 Be the Hunter.. Not the Hunted Attackers Are Outpacing Detection Attacker Capabilities Time To Discovery Source: VERIZON 2014 DATA BREACH INVESTIGATIONS REPORT 2 TRANSFORM
More informationRSA Security Analytics
RSA Security Analytics This is what SIEM was Meant to Be 1 The Original Intent of SIEM Single compliance & security interface Compliance yes, but security? Analyze & prioritize alerts across various sources
More informationCLOSING THE GAP ON BREACH READINESS INSIGHTS FROM THE SECURITY FOR BUSINESS INNOVATION COUNCIL
CLOSING THE GAP ON BREACH READINESS INSIGHTS FROM THE SECURITY FOR BUSINESS INNOVATION COUNCIL OVERVIEW This e-book contains insights on breach readiness, response and resiliency based on in-depth interviews
More informationTHE 2014 THREAT DETECTION CHECKLIST. Six ways to tell a criminal from a customer.
THE 2014 THREAT DETECTION CHECKLIST Six ways to tell a criminal from a customer. Telling criminals from customers online isn t getting any easier. Attackers target the entire online user lifecycle from
More informationIntelligence Driven Security
Intelligence Driven Security RSA Advanced Cyber Defense Workshop Shane Harsch Senior Solutions Principal, RSA 1 Agenda Approach & Activities Operations Intelligence Infrastructure Reporting & Top Findings
More informationEvaluating, choosing and implementing a SIEM solution. Dan Han, Virginia Commonwealth University
Evaluating, choosing and implementing a SIEM solution Dan Han, Virginia Commonwealth University A little about me Worked in IT for about 15 years Worked in Application Development, Desktop Support, Server
More informationTOP INNOVATIONS FOR CYBERSECURITY
1 TOP INNOVATIONS FOR CYBERSECURITY MATTHEW S TOP 10 SECURITY INNOVATIONS FOR THE PRESENT & NEAR FUTURE MATTHEW GARDINER, SR. MANAGER, RSA SECURITY 2 ROADMAP INFORMATION DISCLAIMER EMC makes no representation
More informationThe Next Generation Security Operations Center
The Next Generation Security Operations Center Vassil Barsakov Regional Manager, CEE & CIS RSA, the Security Division of EMC 1 Threats are Evolving Rapidly Criminals Petty criminals Unsophisticated Organized
More informationTrustwave blocks Web-borne malware - guaranteed, or your money back
Trustwave blocks Web-borne malware - guaranteed, or your money back Analyst: Adrian Sanabria 16 Jul, 2014 Today, Trustwave makes a bold announcement a zero malware guarantee. The anti-malware market has
More informationE-Guide Log management best practices: Six tips for success
E-Guide Log management best practices: Six tips for success The right log management tool can go a long way toward reducing the burden of managing enterprise system log data. However, the right tool can
More informationwith Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief
RSA Solution Brief Streamlining Security Operations with Managing RSA the Lifecycle of Data Loss Prevention and Encryption RSA envision Keys with Solutions RSA Key Manager RSA Solution Brief 1 Who is asking
More informationClose The Gaps Left By Traditional Vulnerability Management Through Continuous Monitoring Organizations Find Real Value With Continuous Monitoring
A Forrester Consulting Thought Leadership Paper Commissioned By Tenable Network Security February 2014 Close The Gaps Left By Traditional Vulnerability Management Through Continuous Monitoring Organizations
More informationEvolution Of Cyber Threats & Defense Approaches
Evolution Of Cyber Threats & Defense Approaches Antony Abraham IT Architect, Information Security, State Farm Kevin McIntyre Tech Lead, Information Security, State Farm Agenda About State Farm Evolution
More informationCombating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center
Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored. It takes an average
More informationIBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer
IBM Security QRadar SIEM & Fortinet / FortiAnalyzer Introducing new functionality for IBM QRadar Security Intelligence Platform: integration with Fortinet s firewalls and logs forwarded by FortiAnalyzer.
More informationBUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports
BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports Building a Security Operation Center Agenda: Auditing Your Network Environment Selecting Effective Security
More informationProtecting Customer Experience Against Distributed Denial Of Service (DDoS)
A Custom Technology Adoption Profile Commissioned By Bell Canada June 2014 Protecting Customer Experience Against Distributed Denial Of Service (DDoS) Introduction In today s age of the customer, a company
More informationEndpoint Threat Detection without the Pain
WHITEPAPER Endpoint Threat Detection without the Pain Contents Motivated Adversaries, Too Many Alerts, Not Enough Actionable Information: Incident Response is Getting Harder... 1 A New Solution, with a
More informationSecurity Analytics for Smart Grid
Security Analytics for Smart Grid Dr. Robert W. Griffin Chief Security Architect RSA, the Security Division of EMC robert.griffin@rsa.com blogs.rsa.com/author/griffin @RobtWesGriffin 1 No Shortage of Hard
More informationRSA Security Anatomy of an Attack Lessons learned
RSA Security Anatomy of an Attack Lessons learned Malcolm Dundas Account Executive John Hurley Senior Technology Consultant 1 Agenda Advanced Enterprise/ Threats The RSA Breach A chronology of the attack
More informationESG Brief. Overview. 2014 by The Enterprise Strategy Group, Inc. All Rights Reserved.
ESG Brief Webroot Delivers Enterprise-Class Threat Intelligence to Security Technology Providers and Large Organizations Date: September 2014 Author: Jon Oltsik, Senior Principal Analyst; Kyle Prigmore,
More informationWHITE PAPER SPLUNK SOFTWARE AS A SIEM
SPLUNK SOFTWARE AS A SIEM Improve your security posture by using Splunk as your SIEM HIGHLIGHTS Splunk software can be used to operate security operations centers (SOC) of any size (large, med, small)
More informationWHITE PAPER Cloud-Based, Automated Breach Detection. The Seculert Platform
WHITE PAPER Cloud-Based, Automated Breach Detection The Seculert Platform Table of Contents Introduction 3 Automatic Traffic Log Analysis 4 Elastic Sandbox 5 Botnet Interception 7 Speed and Precision 9
More informationThe Sophos Security Heartbeat:
The Sophos Security Heartbeat: Enabling Synchronized Security Today organizations deploy multiple layers of security to provide what they perceive as best protection ; a defense-in-depth approach that
More informationMaking Leaders Successful Every Day
Making Leaders Successful Every Day Data Center Architecture Trends In The Era Of Big Data Charlie Dai, Principal Consulting Analyst May 25, 2014 Big Data Drives The Age of The Customer Transform the customer
More informationIBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems
IBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems Proactively address regulatory compliance requirements and protect sensitive data in real time Highlights Monitor and audit data activity
More informationTake the Red Pill: Becoming One with Your Computing Environment using Security Intelligence
Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence Chris Poulin Security Strategist, IBM Reboot Privacy & Security Conference 2013 1 2012 IBM Corporation Securing
More informationCHANGING THE SECURITY MONITORING STATUS QUO Solving SIEM problems with RSA Security Analytics
CHANGING THE SECURITY MONITORING STATUS QUO Solving SIEM problems with RSA Security Analytics TRADITIONAL SIEMS ARE SHOWING THEIR AGE Security Information and Event Management (SIEM) tools have been a
More information1. Understanding Big Data
Big Data and its Real Impact on Your Security & Privacy Framework: A Pragmatic Overview Erik Luysterborg Partner, Deloitte EMEA Data Protection & Privacy leader Prague, SCCE, March 22 nd 2016 1. 2016 Deloitte
More informationAfter the Attack: RSA's Security Operations Transformed
After the Attack: RSA's Security Operations Transformed Ben Smith, CISSP RSA Field CTO (East), Security Portfolio Senior Member, ISSA Northern Virginia 1 The Environment ~ 2,000 security devices ~55M security
More informationApplication Performance Management Is Critical To Business Success
A Custom Technology February 2014 Adoption Profile Commissioned By IBM Application Performance Management Is Critical To Business Success 1 Introduction We have entered the age of the customer, an era
More informationTHE EVOLUTION OF SIEM
THE EVOLUTION OF SIEM WHY IT IS CRITICAL TO MOVE BEYOND LOGS Despite increasing investments in security, breaches are still occurring at an alarming rate. 43% Traditional SIEMs have not evolved to meet
More informationIncrease insight. Reduce risk. Feel confident.
Increase insight. Reduce risk. Feel confident. Define critical goals with enhanced visibility then enable security and compliance across your complex IT infrastructure. VIRTUALIZATION + CLOUD NETWORKING
More informationCyber Threats Insights from history and current operations. Prepared by Cognitio May 5, 2015
Cyber Threats Insights from history and current operations Prepared by Cognitio May 5, 2015 About Cognitio Cognitio is a strategic consulting and engineering firm led by a team of former senior technology
More informationAnalyzing Security for Retailers An analysis of what retailers can do to improve their network security
Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Clone Systems Business Security Intelligence Properly Secure Every Business Network Executive Summary
More informationIntegrating MSS, SEP and NGFW to catch targeted APTs
#SymVisionEmea #SymVisionEmea Integrating MSS, SEP and NGFW to catch targeted APTs Tom Davison Information Security Practice Manager, UK&I Antonio Forzieri EMEA Solution Lead, Cyber Security 2 Information
More informationThe session is about to commence. Please switch your phone to silent!
The session is about to commence. Please switch your phone to silent! 1 Defend with Confidence Against Advanced Threats Nicholas Chia SE Manager, SEA RSA 2 TRUST? Years to earn, seconds to break 3 Market
More informationThe Future of the Advanced SOC
The Future of the Advanced SOC Developing a platform for more effective security management and compliance Steven Van Ormer RSA Technical Security Consultant 1 Agenda Today s Security Landscape and Why
More informationHybrid Cloud Adoption Gains Momentum
Redefining The Role Of IT As Digital Transformation Takes Center Stage GET STARTED Evaluating The Trends In Hybrid Cloud Adoption Organizations have been adopting cloud solutions, both public and private,
More informationThe Risks Of Do It Yourself Disaster Recovery
A Custom Technology Adoption Profile Commissioned by IBM The Risks Of Do It Yourself Disaster Recovery Firms Bringing Disaster Recovery Back In-House Face Significant Challenges In Resources, Funding,
More informationECOMMERCE AND MERCHANT FRAUD PREVENTION
ECOMMERCE AND MERCHANT FRAUD PREVENTION Copyright 2012 EMC Corporation. All rights reserved. 2 Several major trends are having significant impact on security Mobile Cloud Big Data Social Media Networked
More informationSQRRL ENTERPRISE Building the Modern Security Operations Center (SOC)
Target. Hunt. Disrupt. SQRRL ENTERPRISE Building the Modern Security Operations Center (SOC) WHAT ARE WE TALKING ABOUT TODAY? Who I Am Defining the SOC Functions of a SOC Do you even need a SOC? Organization
More informationSMBs File Storage Needs Are Growing, But 57% Underestimate File Server Costs 45% Are Interested In Cloud Options
A Custom Technology Adoption Profile Commissioned by Egnyte SMBs File Storage Needs Are Growing, But 57% Underestimate File Server Costs 45% Are Interested In Cloud Options September 30, 2011 Many SMBs
More informationGETTING REAL ABOUT SECURITY MANAGEMENT AND "BIG DATA"
GETTING REAL ABOUT SECURITY MANAGEMENT AND "BIG DATA" A Roadmap for "Big Data" in Security Analytics ESSENTIALS This paper examines: Escalating complexity of the security management environment, from threats
More informationSECURITY ANALYTICS MOVES TO REAL-TIME PROTECTION
SECURITY ANALYTICS MOVES TO REAL-TIME PROTECTION How ThreatBLADES add real-time threat scanning and alerting to the Analytics Platform INTRODUCTION: analytics solutions have become an essential weapon
More informationCyber threat intelligence and the lessons from law enforcement. kpmg.com.au
Cyber threat intelligence and the lessons from law enforcement kpmg.com.au Introduction Cyber security breaches are rarely out of the media s eye. As adversary sophistication increases, many organisations
More informationHow To Manage Log Management
: Leveraging the Best in Database Security, Security Event Management and Change Management to Achieve Transparency LogLogic, Inc 110 Rose Orchard Way, Ste. 200 San Jose, CA 95134 United States US Toll
More informationyou us MSSP are a Managed Security Service Provider looking to offer Advanced Malware Protection Services
MSSP you us are a Managed Security Service Provider looking to offer Advanced Malware Protection Services Lastline is the only company with 10+ years of academic research focused on detecting advanced
More informationHOSTING. Managed Security Solutions. Managed Security. ECSC Solutions
Managed Security Managed Security MANAGED SECURITY SOLUTIONS I would highly recommend for your company s network review... were by far the best company IT Manager, Credit Management Agency Presenting IT
More informationWhite. Paper. Rethinking Endpoint Security. February 2015
White Paper Rethinking Endpoint Security By Jon OItsik, Senior Principal Analyst With Kyle Prigmore, Associate Analyst February 2015 This ESG White Paper was commissioned by RSA Security and is distributed
More informationBREAKING THE KILL CHAIN AN EARLY WARNING SYSTEM FOR ADVANCED THREAT
BREAKING THE KILL CHAIN AN EARLY WARNING SYSTEM FOR ADVANCED THREAT Rashmi Knowles RSA, The Security Division of EMC Session ID: Session Classification: SPO-W07 Intermediate APT1 maintained access to
More informationFirms Turn To Next- Generation Firewalls To Tackle Evolving IT Threats
A Custom Technology Adoption Profile Commissioned By Fortinet April 2014 1 Firms Turn To Next- Generation Firewalls To Tackle Evolving IT Threats Introduction With the advancement of technology, IT security
More informationHow To Buy Nitro Security
McAfee Acquires NitroSecurity McAfee announced that it has closed the acquisition of privately owned NitroSecurity. 1. Who is NitroSecurity? What do they do? NitroSecurity develops high-performance security
More informationProtecting Your Data From The Inside Out UBA, Insider Threats and Least Privilege in only 10 minutes!
We protect your most sensitive information from insider threats. Protecting Your Data From The Inside Out UBA, Insider Threats and Least Privilege in only 10 minutes! VARONIS SYSTEMS About Me Dietrich
More informationLog Management Solution for IT Big Data
Log Management Solution for IT Big Data 1 IT Big Data Solution A SCALABLE LOG INTELLIGENCE PLATFORM FOR SECURITY, COMPLIANCE, AND IT OPERATIONS More than 1,300 customers across a variety of industries
More informationThe Need for Intelligent Network Security: Adapting IPS for today s Threats
The Need for Intelligent Network Security: Adapting IPS for today s Threats James Tucker Security Engineer Sourcefire Nordics A Bit of History It started with passive IDS. Burglar alarm for the network
More informationUnder the Hood of the IBM Threat Protection System
Under the Hood of the System The Nuts and Bolts of the Dynamic Attack Chain 1 Balazs Csendes IBM Security Intelligence Leader, CEE balazs.csendes@cz.ibm.com 1 You are an... IT Security Manager at a retailer
More informationCisco Advanced Malware Protection for Endpoints
Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection
More informationData loss prevention and endpoint security. Survey findings
Data loss prevention and endpoint security Survey findings Table of Contents Overview 3 Executive summary 4 Half of companies have lost confidential information through removable media 5 Intellectual property
More informationBAY AREA COMMUNITY COLLEGE CONSORTIUM REQUEST FOR PROGRAM ENDORSEMENT - NEW CREDIT PROGRAM
BAY AREA COMMUNITY COLLEGE CONSORTIUM REQUEST FOR PROGRAM ENDORSEMENT - NEW CREDIT PROGRAM Complete (maximum 3 pages) and Email this document to: baccc@cabrillo.edu CC: Rock Pfotenhauer, Chair, Bay Area
More informationThe Importance of Cyber Threat Intelligence to a Strong Security Posture
The Importance of Cyber Threat Intelligence to a Strong Security Posture Sponsored by Webroot Independently conducted by Ponemon Institute LLC Publication Date: March 2015 Ponemon Institute Research Report
More informationaccess convergence management performance security
access convergence management performance security 2010 2009 2008 2007 WINNER 2007 WINNER 2008 WINNER 2009 WINNER 2010 Log Management Solution for IT Big Data 1 IT Big Data Solution A SCALABLE LOG INTELLIGENCE
More informationSession 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness
Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness Wayne A. Wheeler The Aerospace Corporation GSAW 2015, Los Angeles, CA, March 2015 Agenda Emerging cyber
More informationEnCase Analytics Product Overview
GUIDANCE SOFTWARE EnCase Analytics EnCase Analytics Product Overview Security Intelligence through Endpoint Analytics GUIDANCE SOFTWARE EnCase Analytics EnCase Analytics Key Benefits Find unknown and undiscovered
More informationRedefining Incident Response
Redefining Incident Response How to Close the Gap Between Cyber-Attack Identification and Remediation WHITE PAPER - How to Close the Gap Between Cyber-Attack Identification and Remediation 1 Table of Contents
More informationSecurity Operations. Key technologies for your Security Operations Center. Davide Veneziano - RSA Technology Consultant
Security Operations Key technologies for your Security Operations Center Davide Veneziano - RSA Technology Consultant 1 The evolving threat landscape The right route towards a SOC model The RSA advanced
More informationCombating a new generation of cybercriminal with in-depth security monitoring
Cybersecurity Services Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored.
More informationCompliance Guide ISO 27002. Compliance Guide. September 2015. Contents. Introduction 1. Detailed Controls Mapping 2.
ISO 27002 Compliance Guide September 2015 Contents Compliance Guide 01 02 03 Introduction 1 Detailed Controls Mapping 2 About Rapid7 7 01 INTRODUCTION If you re looking for a comprehensive, global framework
More informationAN EXECUTIVE S GUIDE TO BUDGETING FOR SECURITY INFORMATION & EVENT MANAGEMENT
WHITE PAPER AN EXECUTIVE S GUIDE TO BUDGETING FOR SECURITY INFORMATION & EVENT MANAGEMENT COST ANALYSIS OF TWO DELIVERY MODELS: SELF-MANAGED SIEM VS. MANAGED SIEM SERVICES AN EXECUTIVE S GUIDE TO BUDGETING
More informationWeb Security. Discovering, Analyzing and Mitigating Web Security Threats
Web Security Discovering, Analyzing and Mitigating Web Security Threats Expectations and Outcomes Mitigation strategies from an infrastructure, architecture, and coding perspective Real-world implementations
More informationContinuous Third-Party Security Monitoring Powers Business Objectives And Vendor Accountability
A Custom Technology Adoption Profile Commissioned By BitSight Technologies Continuous Third-Party Security Monitoring Powers Business Objectives And Vendor Accountability Introduction As concerns around
More informationEnterprise Organizations Need Contextual- security Analytics Date: October 2014 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Enterprise Organizations Need Contextual- security Analytics Date: October 2014 Author: Jon Oltsik, Senior Principal Analyst Abstract: Large organizations have spent millions of dollars on security
More informationCORL Dodging Breaches from Dodgy Vendors
CORL Dodging Breaches from Dodgy Vendors Tackling Vendor Security Risk Management in Healthcare Introductions Cliff Baker 20 Years of Healthcare Security experience PricewaterhouseCoopers, HITRUST, Meditology
More informationData Growth Presents Challenges And Opportunities
A Custom Technology Adoption Profile Commissioned By AT&T August 2012 Introduction Today s CIO faces many challenges. Businesses are craving data as they look to remain competitive, and scour external
More informationHow RSA has helped EMC to secure its Virtual Infrastructure
How RSA has helped EMC to secure its Virtual Infrastructure A new solution, the RSA solution for Cloud Security and Compliance, has been developed and is now available to all of our customers. Luciano
More informationBest Practices in File Integrity Monitoring. Ed Jowett, CISSP ITIL Practitioner Sr. Systems Engineer, Tripwire Inc.
Best Practices in File Integrity Monitoring Ed Jowett, CISSP ITIL Practitioner Sr. Systems Engineer, Tripwire Inc. Who is Ed Jowett 2 Agenda Best Practices in FIM The 3 Main Drivers of FIM Lessons Learned
More informationLeverage Micro- Segmentation To Build A Zero Trust Network
A Forrester Consulting Thought Leadership Paper Commissioned By VMware July 2015 Leverage Micro- Segmentation To Build A Zero Trust Network Table Of Contents Executive Summary... 1 Current Security Implementations
More informationJoining Forces: Bringing Big Data to your Security Team
Joining Forces: Bringing Big Data to your Security Team Alaa Abdulnabi, CISSP RSA Regional Pre-Sales Manager Turkey, Middle East & Africa @AlaaAbdulnabi 1 Facteurs de mutation du marché Appareils mobiles
More informationSecuring business data. CNS White Paper. Cloud for Enterprise. Effective Management of Data Security
Securing business data CNS White Paper Cloud for Enterprise Effective Management of Data Security Jeff Finch, Head of Business Development, CNS Mosaic 2nd July 2015 Contents 1 Non-Disclosure Statement...
More informationAccenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges
Accenture Intelligent Security for the Digital Enterprise Archer s important role in solving today's pressing security challenges The opportunity to improve cyber security has never been greater 229 2,287
More informationRSA, The Security Division of EMC. Zamanta Anguiano Sales Manager RSA
RSA, The Security Division of EMC Zamanta Anguiano Sales Manager RSA The Age of the Hyperextended Enterprise BUSINESS ISSUES IMPACT Innovation Collaboration Exploding Information Supply Chain Customer
More information