Your SlideShare is downloading. ×

Battling Savvy Cyber Thieves - SCMagazine

165

Published on

The methods cyber attackers use to infiltrate networks are endless. There is no doubt that the more sophisticated bad guys looking to steal specific data have enlisted surreptitious ways to achieve …

The methods cyber attackers use to infiltrate networks are endless. There is no doubt that the more sophisticated bad guys looking to steal specific data have enlisted surreptitious ways to achieve their ends. From targeting specific employees with convincing phishing emails that encourage them to download malware-riddled attachments to taking advantage of vulnerable web apps, these miscreants find myriad ways to gain entry to networks so that they can siphon off sensitive data – most often unnoticed for days, weeks or even months. Implementing a combination of just the right policies and plans, along with the most effective technologies to support them, is paramount. In this 20/20, we talk to a leading industry expert to learn how cyber crooks are making off with critical data and what methods and types of technologies you should consider to stop them in their tracks.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
165
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Battling Savvy Cyber Thieves Speaker: Roger Thornton, CTO, AlienVault
  • 2. Prevention has proven to be elusive 2013 “Cost of Cybercrime Study”, Ponemon Institute A detailed study of 56 “Large US firms” Results: 102 successful intrusions between them Every Week!
  • 3. “There are two types of companies that use computers. Victims of crime that know they are victims of crime and victims of crime that don’t have a clue yet.” James Routh, 2007 CISO Depository Trust Clearing Corporation
  • 4. “How would you change your strategy if you knew for certain that you were going to be compromised?” Martin Roesch, 2013 Founder & CTO Sourcefire, Author SNORT
  • 5. So many security technologies to choose from Given the 10 most recommended technologies and the pricing range, an organization could expect to spend anywhere from $225,000 to $1.46m in its first year, including technology and staff. Source: The Real Cost of Security, 451 Research, April 2013 Factor into this:  Initial Licensing Costs  Implementation / Optimization Costs  Ongoing Management Costs  Renewal Costs  Integration of all the security technologies  Training of personnel/incoming personnel
  • 6. Questions for SIEM Vendors HINT: PRINT THIS OUT FOR THE NEXT TIME THEY CALL YOU…. 1. How long from installation to security insight? 2. integration work measured in years, months or hours? 3. Do you simply integrate data from security tools (SIEM), or embed tools and orchestrate into effective incident response workflows (USM)? e.g. asset inventories, IDS, vulnerability scans, netflows, etc. 4. What is the real TCO - licensing, consulting, implementation and maintenance/tuning fees? 5. A list of alarms or step-by-step instructions on how to confirm, respond and mitigate threats? 6. Is there a community for threat sharing? If so, how large, broad and open?

×