Cyber: The Catalyst to Transform the Security Program Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA
A Common Language? Hyper Connected World Rapid IT Evolution Agile Targeted Threat Cyber in The Risk Register Cyber in The News Cyber is a boardroom issue CYBER RISK
The Motivation of Cyber Crime I N F R A S T R U C T U R E I N F O R M A T I O N I D E N T I T Y INFRASTRUCTURE INFORMATION IDENTITY
The Impact of Cyber Crime I M A G E L E G A L F I N A N C I A L LEGAL BRAND & IMAGE FINANCIAL
60% OF ORGANIZATIONS HAVE >25 INCIDENTS EACH MONTH 1 77% HAVE ROGUE CLOUD DEPLOYMENTS 2 6X INCREASE IN MOBILE MALWARE LAST YEAR 3 243 AVERAGE # OF DAYS TO DISCOVER A BREACH 4 1. Ponenom Institute, 2013 State of the Endpoint 2. Symantec, Internet Security Threat Report 2013 3. Juniper Networks, Malware targeting mobile phones grew by 614% between 2012 and 2013. 4. Mandiant, M-Trends 2013: Attack the Security Gap
Today s approach needs to be REIMAGINED
To Start, We Must Review our Approach to Security 60% PREPARE OF DETECT & PREVENT ORGANIZATIONS HAVE >25 INCIDENTS RESPOND EACH MONTH 1 RECOVER INCIDENT TIMELINE
The Cyber Risk Reality Cyber Risk Challenges Requirements for Cyber Security Lack of Business Ownership Organisational ownership does not support or understand the desired level of cyber risk Break-Through the Glass Ceiling Between IT & the Business People & Process Poor cyber security appreciation, inappropriate staff behaviours & non-enforcement of compliance to security policies Evolving Technologies Evolving IT Trends (Cloud, mobility, virtualisation & Internet of Things) increase complexity & cost to defend against cyber risks PEOPLE Security Architecture lack of integration across security controls provide opportunities for targeted cyber attacks PROCESS TECHNOLOGY Lack of Visibility Lack of situational awareness results and poor incident visibility Review Security Program & Become Risk Aware
Some of the Tough Questions Being Asked: How can we Be better prepared and aware of our security posture? Be proactive and prevent attacks? Respond faster to contain impact and remediate an attack? How can we measure and demonstrate the value of our spending on Security?
Cyber Security: There is no. Organisations already have security controls, policies and processes in place Some are better at Security than others
Most are Focused on PREVENT PREPARE PREVENT DETECT & RESPOND RECOVER UNDERSTAND MY SECURITY & RISK POSTURE PROTECT COMPANY INFORMATION FROM MALICIOUS ATTACK AND MISUSE PROVIDE RAPID DETECTION AND RESPONSE TO SECURITY INCIDENTS REDUCE TIME TO RECOVERY TO MAINTAIN BUSINESS CONTINUITY TRANSFORM RISK MANAGEMENT RESPONSE PLANNING INCIDENT TIMELINE
ADVANCED & EMERGING THREATS A Closer Look at the Cyber Risk Model PREPARE PREVENT DETECT & RESPOND RECOVER INFRASTRUCTURE & INFORMATION ASSESSMENT MOBILE & PRODUCTIVE WORKFORCE MALICIOUS or MISGUIDED USER BACKUP / RESTORE LEVERAGE THREAT INTELIGENCE UNDERSTAND MY USER SECURITY AWARENESS & RISK / IT SKILLS POSTURE ANALYSIS SUPPLY CHAIN RISK ASSESSMENT PROTECT EVOLVING COMPANY DATA INFORMATION CENTER FROM MALICIOUS ATTACK AND MISUSE INDUSTRIAL IT / INTERNET OF THINGS PROVIDE SECURITY RAPID DETECTION MONITORING AND RESPONSE TO INCIDENT SECURITY MANAGEMENT INCIDENTS REDUCE DISASTER TIME TO RECOVERY TO MAINTAIN BUSINESS BUSINESS CONTINUITY CONTINUITY BUSINESS ALIGNMENT INCIDENT RESPONSE & FORENSICS
Tough Questions We can help Answer Together PREPARE PREVENT PREPARE RECOVER Help me prepare for a Cyber incident Help me get better visibility into my estate Help me understand if I am being targeted Help me protect my organization from targeted attacks Help me secure my business critical systems from cyber threats Help me protect my information in an increasingly mobile workforce Help me understand if I have been breached Help me monitor internal security events and correlate to external threats Help me respond to cyber incidents Help me restore my systems & data after I have been breached Help me maintain business uptime during an incident
Benefits of Transforming the Security Program Business Risk Managers Secure More Budget! 1 Business Risk Managers Reduce Incidents! 1 90% REDUCTION 3x More IT Budget More Information Security Budget 1.7x Only 1 in 4 Security leaders can effectively communicate IT risk to business peers Audit Deficiencies Less Data Loss Incidents Business Disruptions What are they doing differently? Automate assessments across 69% Business Risk Managers their IT environment Collect and report on data 61% at least bi-weekly Reduce Breach costs! 2 75% Leverage dashboards and scorecards to visualize IT risks 11% decrease for a Strong Security Posture 10% decrease for Incident Response Plan 6% decrease where CISO appointed 4% decrease when consultants engaged 1 Source: IBM, 2012 2 Source: IT Policy Compliance Group, 2012 3 Source: Ponemon, 2013
Increasing benefits and influence Cyber: Driving The Transformation of IT & Security Risk 3% At Risk Reactive Mode: Respond to incidents and requests Awareness Mode: More comprehensive security controls, beginning to integrate in silos 35% Transactional IT Seen as IT TACTICAL NOT VALUED Resource Informed Mode: More holistic view of threat landscape, & IT infrastructure anticipate issues, look for efficiencies IT Seen as a COMMODITY Innovative Mode: Measurable and auditable IT, Partnering proactive, and preventative risk-based approach IT Seen as an PARTNER Trusted Strategic Ally Mode: Innovative offerings, business alignment, dynamic IT seen as a TRUSTED ALLY 1 2 3 4 5 Initial Repeatable Defined Managed Optimised 43% 19% Functional Maturity
How Can Symantec Help You?
Symantec Offering and Technology Alignment PREPARE PREVENT DETECT & RESPOND RECOVER BUSINESS CONTINUITY PLATFORM DATA CENTER SECURITY ediscovery MOBILE & PRODUCTIVE WORKFORCE INTEGRATED BACKUP GATEWAY SECURITY DATA LOSS PREVENTION INTERNET SECURITY SERVICES DEEPSIGHT & GLOBAL INTELIGENCE NETWORK
Information Security Services Future Offerings Security Assurance Program Offering Ongoing security assessments and strategic reviews & recommendations Value PREPARE Access to Knowledge and skill sets needed for strategic security planning Security Simulation and Development Program Cyber War Games and LiveFire Exercises PREPARE Expertise, skill set development and cyber readiness through real life simulations Sets teams up for success Advanced Threat Protection Advanced Threat Protection across the enterprise DETECT & RESPOND Enable enterprises to rapidly and effectively contain, investigate and remediate advanced threats Monitoring and Intelligence (MSS) Comprehensive 24x7 security monitoring & intelligence DETECT & RESPOND Identify, prioritize, and respond to incidents and fill critical skill set gaps Incident Response Advanced Incident Response & Forensics support Immediate access to critical knowledge and skill sets during incident response DETECT & RESPOND 21
Thank you! Mike Smart SYMANTEC PROPRIETARY/CONFIDENTIAL INTERNAL USE ONLY Copyright 2012 Symantec Corporation. All rights reserved.