Risk Analytics for Cyber Security

Transcription

1 Risk Analytics for Cyber Security Justin Coker, VP EMEA, Skybox Security IT Challenges 2015, Belgium 2nd October (0)

2 Risk Analytics For Cyber Security 2014 Skybox Security Inc. 2

3 Agenda Cyber Risk - The Management Challenge Risk Analytics - Attack Surface Visibility Making Use of Risk Analytics Network Security Management Vulnerability and Threat Management 2014 Skybox Security Inc. 3

4 WEF Global Risks Landscape 2014 Cyber Attacks #5 Top Global Risk in Terms of Likelihood While cyberspace has proved largely resilient to attacks and other disruptions so far, its underlying dynamic has always been such that attackers have an easier time than defenders. There are reasons to believe that resilience is gradually being undermined, allowing this dynamic of vulnerability to become more impactful Skybox Security Inc. 4

5 Lloyds Risk Index 2013 The World Catches Up With Cyber Risk It appears that businesses across the world have encountered a partial reality check about the degree of cyber risk. Their sense of preparedness to deal with the level of risk, however, still appears remarkably complacent Skybox Security Inc. 5

6 Cyber Espionage Incidents tripled over last year s already much increased number Patch ALL THE THINGS Segment your network Stop lateral movement within your network 2014 Skybox Security Inc. 6

7 Enterprises are Unable to Defend Against Cyber Attacks 63,000 Hacking incidents reported in Million Data records lost at Target stores alone 1 9M EUR Coordinated ATM heist 2 Annual cost of cyber attacks reported by enterprise 2 Sources: Verizon Data Breach Report, Ponemon Cost of Cyber Crime Study 2014 Skybox Security Inc. 7

8 Security Management is Challenging Today Problems our customers face Too much output from security tools Lack of visibility across silos Maintaining continuous compliance Making agile and secure changes Understanding risk implications Evolving threat landscape 2014 Skybox Security Inc. 8

9 Skybox Security Overview Risk Analytics for Cyber Security Market leader. 10 years in the market Used by 6 of the top 10 global banks Powerful security management platform Clients include: 2014 Skybox Security Inc. 9

10 View Of The Battlefield 2014 Skybox Security Inc. 10

11 Attackers Understand Your Attack Surface You Don t Expansion Drivers Contraction Drivers Vulnerabilities Network segmentation Endpoints Fixing vulnerabilities Exploits Technical Controls Network Access Hours to attack, months to defend 2014 Skybox Security Inc. 11

12 Use Risk Analytics to Understand Your Attack Surface - Continuously Network Visibility: Topology Routing Policies Firewalls Endpoints Visibility: Software Patches Vulnerabilities Classification Attack Vectors Risk Metrics Remediation Plan Network Visualization Contextual Analysis 2014 Skybox Security Inc. 12

13 Models are all around us 2014 Skybox Security Inc. 13

14 We Combine Data from 80 Different Systems All integrated with Skybox 2014 Skybox Security Inc. 14

15 Our Clients Can See The Battlefield!

16 Network Visibility Complete understanding of network topology, segmentation and connectivity Hosts, devices, zones Firewall rules(acls) Routing, NAT, VPN Path Analysis Firewall allows port open from the internet 2014 Skybox Security Inc. 16

17 Scanless Vulnerability Discovery (Passive) Hosts & Network Devices System config repository Create a profile of the products Installed products, missing patches (CPE) Apply rules to extract vulnerabilities Vuln List (CVE) ~50x FASTER THAN ACTIVE SCANNER 2014 Skybox Security Inc. 17

18 Risk and Exposure Based Prioritization Enabling Optimal and Timely Remediation Look for Hot Spots Vulnerability Severity Vendor Security Bulletins Business Units Geo/ Tech Group Look for Attack Vectors Attack Vectors Virtual pen test Target concentrations of vulns to reduce overall risk Target specific high risk attack vectors to assets Target attack vectors against critical assets 2014 Skybox Security Inc. 19

19 Skybox Product Portfolio Risk Analytics Platform Network model, security context, visualization, predictive analytics, workflow, reporting, dashboards, API Vulnerability and threat intelligence Solutions Vulnerability & Threat Management Vulnerability assessment and prioritization Threat impact analysis Security Policy Management Firewall assessment and optimization Network compliance monitoring Scalable, Context-Aware, Automated, Actionable Network change management 2014 Skybox Security Inc. 20

20 Skybox A Critical Component of Next Gen Cyber Security Operations Center (SOC) Cyber Security Analysts IT-GRC - Integrated Security Dashboard & Reporting Risk Analytics Security Information & Event Management Security intelligence to minimise risk exposure Event monitoring to detect & respond to incidents 2014 Skybox Security Inc. 21

21 In Summary Risk Approach - Focus on the Attack Surface Continuous visibility of attack surface is critical Combine network and endpoint data Use analytics to examine attack vectors Integrate into Security Processes Drive automation at every step Stay ahead of the attacks 2014 Skybox Security Inc. 22

22 Thank you. See the Skybox solutions at our stand Skybox Security Inc. 23