1 / 31

Best Practices Revealed: A Blueprint for a Modern Enterprise Security Program

Best Practices Revealed: A Blueprint for a Modern Enterprise Security Program J. Daniel Culpepper Director of Sales Engineering, RiskSense, Inc. Cyber Security State of the Market.

Gabriel
Download Presentation

Best Practices Revealed: A Blueprint for a Modern Enterprise Security Program

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Best Practices Revealed: A Blueprint for a Modern Enterprise Security Program J. Daniel Culpepper Director of Sales Engineering, RiskSense, Inc.

  2. Cyber Security State of the Market “Enterprises are overly dependent on blocking and prevention mechanisms that are decreasingly effective against advanced attacks.” Source: Gartner, Designing an Adaptive Security Architecture for Protection from Advanced Attacks, January 2016 2

  3. Total IT Security Spend $116 billion +26.1% $92 billion +19.6% $76.9 billion +8.2% $71.1 billion +7.9% $65.9 billion 2019 2013 2014 2015 2016 Source: Gartner, Gartner Says Worldwide Information Security Spending Will Grow Almost…, August 2014; Gartner Summit, June 2016 3

  4. Cyber Reality Check Source: http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/; as of April 25, 2017 4

  5. A Growing Attack Surface Partner, Contractor Access- Environmental Controls, POS, CRM Bluetooth Web Properties Email and Web Traffic Mobile Phone Smart Watch Remote Offices Tablet Public Internet Mobile Workers Google TV Apple TV Netflix Appliances Mobile Connectivity Lights Security Systems VPN Cloud Deployments- Amazon Web Services, Google, MS Azure Vendor Supply Chain Munich Branch Office Gaming Systems Computer 5 Paris Branch Office Entertainment Third-Party Datacenter Applications Headquarters Wi-Fi Engine computer GPS

  6. Today’s Cyber Security Challenges + + + + Manual Data Aggregation and Analysis ReactiveMitigation A Growing Attack Surface Lack of Context Silo-Based Security Tools 6

  7. Cyber Security Facts 95% 99% 84% of compliance and cyber insurance policies now require continuous diagnostics and mitigation. of the exploited vulnerabilities were compromised more than a year after the CVE was published of cyber-attacks today are targeting the application layerrequiring a more holistic approach to cyber security. Sources: 2016 Verizon Data Breach Report; Gartner Summit 2016; 2017 Global Risk Management Survey 7

  8. Today’s Cyber Security Approach 8

  9. Cyber Security Limitations |One Dimensional Network layer is primary defense perimeter 9

  10. Fact Check: Cyber Risk is Everywhere Source: Verizon 2016 Data Breach Report 10

  11. Cyber Security Limitations |NVD-Focus Source: RiskSense Research Center 11

  12. Fact Check: Time-to-Remediation Matters Source: Verizon 2016 Data Breach Report 12

  13. Today’s Cyber Security Limitations |CVE-Focus 10 9 Scanner Reported CVVS 8 Threat-Contextualized Severity Score 7 6 5 Severity 4 3 POODLE Vulnerability 2 1 0 250,000 300,000 0 50,000 100,000 150,000 200,000 Vulnerability Count 13

  14. Emerging Market Requirements • The ongoing skills and expertise shortage, and increasing escalation in the threat activity, will hasten the move to full and semi-automationof operational activities. • To enable a truly adaptive and risk-basedresponse to advanced threats, the core of a next-generation security protection process will be continuous, pervasive monitoring, and visibility that are constantly analyzed for indications of compromise. • Enterprise monitoring should be pervasive and encompass as many layers of the IT stack as possible, including network activity, endpoints, system interactions, application transactions and user activity monitoring. Source: Gartner, Designing an Adaptive Security Architecture for Protection from Advanced Attacks, January 2016 Gartner, Innovation Tech Insight for Security Operations, Analytics and Reporting, November 2015 14

  15. Action vs. Reaction LEADING LAGGING Cyber Risk Management Vulnerability • Configuration • Network • Policy • Proactive Reactive Attack 15

  16. Cyber Risk vs. Threat and Vulnerability Management 16

  17. Best Practices in Cyber Risk Management Collaborative and Converged Analytics Disjointed Analysis • Result • Slow, heavy and burdensome • Complex to maintain • Limited stakeholder participation • Fragmented visibility • Result • Fast and streamlined • Reduces complexity • Broader stakeholder participation • Holistic visibility 17

  18. An Intelligence-Driven Approach 18

  19. Connecting the Dots Compliance and Regulatory Reporting SCAP Data Risk Scoring and Orchestration Score Attack Vectors Customer Segmentation Darkweb Ease of Exploitation Exploit Analysis NVD and Vendors Access Vectors Security Controls Exploit Pulse Threat Business Criticality Vulnerability 19

  20. Identify and Prioritize Risk-based prioritization Contextualized with external threat data (e.g., malware) 20

  21. Analyze | Asset and Organizational Level Security Score Methodology (RS3) • CVE • CWE • OWASP • Database Vulnerabilities • Exploit • Malware • CVVS • Default Passwords • Proof of Concept • IP Reputation • IP-Based Accessibility • Firewall Rules • User-Specific Business Criticality • Business Criticality from Asset Management System 21

  22. Visualize 22

  23. Cover Network, Applications, and Databases Cyber risk score for a system, consisting of applications, databases, and network components.

  24. Analyze | Application Layer Visualization of application attack path analysis 24

  25. Orchestrate Assign tickets and trigger pre-defined workflows 25

  26. Pro-Active Cyber Risk Management | Benefits ShortensTime-to-Remediation StrengthensSecurityPrograms IncreasesOperationalEfficiency MinimizesCyberRisks ImprovesCyberHygiene 26

  27. Success Stories One of the nation’s largest universities was able to Testimonials: “RiskSense lets us cut the data and take a different view and helps us prioritize what we should be working on. That’s where we really found a lot of value.” –CISO, Fortune 200 Telecom Company 27

  28. Questions and Answers Session 28

  29. RiskSense |Who We Are • Pioneer in a $2.5 billion market • Privately held with investments from Paladin Capital, Sun Mountain Capital, EPIC Venture, Jump Capital, and CenturyLink • Growing 50+% year-over-year since 2013 • Software-as-a-Service and Managed Services business model • 150+ customers • Close to 100 employees • Offices in Albuquerque, NM and in Sunnyvale, CA • Research, innovation-driven 29

  30. The Solution |The RiskSense Platform 30

  31. DON’T REACT TO ATTACKS. BE PRO-ACTIVE! Contact RiskSense at+1 505.217.9422 • info@risksense.com 31

More Related