Infosec 2014: Intelligence as a Service: The Future of Frontline Security

  • 103 views
Uploaded on

Featuring Marty Legg, Cloud Services Director SecureData …

Featuring Marty Legg, Cloud Services Director SecureData

Security technology continues to change with expanding perimeters, massive data, and siloed solutions causing an all-out asymmetric battle! In the middle of it all, large organizations must ensure the highest security while up against ever changing technology, complex regulations, and the need for more specialists and more skills training across the board.

Today’s security landscape causes a strategic security conundrum. Security spend continues to rise … $9.6B in 2006; $22B in 2012; and by 2017 it’s estimated to hit more than $30B. And yet … 621 breaches were reported in the last 12 months, up 23 percent over the past 3 years.

So why are we not winning the battle?

More in: Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
103
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
8
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. 1 Marty Legg Director of Cloud Services The complete security services provider THREAT INTELLIGENCE A NEW APPROACH TO COMBATING CYBERCRIME SecureData www.secdata.com | +44 (0) 1622 723400
  • 2. 2 THE CURRENT SECURITY LANDSCAPE EXPANDING PERIMETER SILOED SOLUTIONS DROWNING IN DATA ASYMETRIC BATTLE MORE TECHNOLOGY COMPLEX REGULATIONS MORE SPECIALISTS MORE SKILLS TRAINING
  • 3. THE SECURITY CONUNDRUM 3 SECURITY SPEND CONTINUES TO RISE $30.1 billion spend by 2017 Up from $9.6 billion in 2006 BUT SO DOES THE NUMBER OF BREACHES 621 reported in the last 12 months Up 23% over three years WE ARE NOT WINNING THE BATTLE Organisations on the front line need a new approach
  • 4. 4 A NEW APPROACH
  • 5. 5 COMPLETE SECURITY PROCESS REMEDIATION CONTEXTUAL RISK PROFILE CORRELATED THREAT AND SECURITY INTELLIGENCE EARLY THREAT DETECTION REAL-TIME RISK ASSESSMENT AUTOMATED NETWORK PROTECTION THREAT PREVENTION EXPERTISE AND PROCESS RAPID AND EXPERIENCED RESPONSE
  • 6. WHICH PRESENTS NEW CHALLENGES 6 MORE HARDWARE MORE COMPLEXITY MORE RESOURCES DIVERSE SKILLS MORE COSTS
  • 7. CLOUD SERVICES CHANGE THE GAME 7 GLOBAL CONTEXT LEVERAGE HARDWARE IMPROVE SPEED TO REMEDIATE LOWER COST IMPROVE THREAT DETECTION LEVERAGE PEOPLE WE CAN ABSTRACT INTELLIGENCE CENTRAL BRAIN AND DELIVER IT AS A SERVICE INFRASTRUCTURE CUSTOMER OPERATIONS SECUREDATA SOC
  • 8. 8 INTELLIGENCE AS A SERVICE ACCESS AS A SERVICE SECURITY AS A SERVICE CLOUD SECURITY ARCHITECTURES
  • 9. EXPERT INTERPRETATION Over 500 customers 24x 7 SOC Cyber Threat Special Opps Unit SensePost world class consultancy 9 CUSTOMER ENVIRONMENT All logs from your existing network and security devices CONTEXTUAL ENVIRONMENT Relevant feeds of macro security data SINGLE SOURCE OF CONTEXTUAL THREAT INTELLIGENCE FASTER ADVANCED THREAT DETECTION RAPID INCIDENT RESPONSE CRUNCHES & CORRELATES DATA THREAT INTELLI- GENCE FEEDS OPEN SOURCE DATA OUR SECURITY EXPERTISE CRITICAL SYSTEM DATA KEY SERVICE COMPONENTS ASSESSES RISK APPLIES PROTECTION DETECTS THREATS RESPONDS & REMEDIATES UNIQUE, POWERFUL CLOUD BRAIN Best in class hardware Proprietary software Big Data analytics engine Management tools SECURITY BIG DATA Collection Unification Correlation Link analysis OUTPUTS Custom, complete, contextual security intelligence Real time Actionable
  • 10. HUNDREDS OF SECURITY INCIDENTS IDENTIFIED 10 SIEM PLATFORM Class Leading 24 x 7 SOC Management & response REMEDIATION SENSEPOST Advanced Intelligence White Glove Response HARDWARE TECHNOLOGY SOFTWARE ALGORITHM ANALYTICS Risk Mgmt Tool AFFINITY SECURE MALTEGO Big Data Analytics SDN Network Management Tools EXPERT PEOPLE MILLIONS OF LOGS COLLECTED AND ANALYSED TENS OF ALERTS INVESTIGATED INDIVIDUAL THREATS WITH ACTIONABLE INTELLIGENCE REVIEW THREAT FEEDS Contextual Threat Intelligence CUSTOMER ENVIRONMENT CUSTOMER ENVIRONMENT EXTERNAL LANDSCAPE CUSTOMER VULNERABILITY Scanning INTELLIGENT BRAIN FUNCTION
  • 11. WHAT INTELLIGENCE AS A SERVICE DELIVERS 11 REALTIME RISKPROFILING ASSURED COMPLIANCE EARLIERTHREAT DETECTION BIGDATA VALUECREATION RESOURCE EFICIENCY FASTER REMEDIATION REDUCED DISRUPTION STRATEGIC REQUIREMENTS: COMPLETE END-TO-END SECURITY APPROACH REAL-TIME RISK ASSESSMENT CONTEXTUAL RISK PROFILE CORRELATED THREAT INTELLIGENCE EARLY THREAT DETECTION AUTOMATED NETWORK PROTECTION THREAT PREVENTION EXPERTISE AND PROCESS RAPID AND EXPERIENCED RESPONSE CORE SECURITY FUNCTIONS: UNDERTAKES (REPLACES OR COMPLEMENTS) KEY FUNCTIONS
  • 12. DELIVERY MODEL 12 Our beliefs MONITOR Affinity Secure Operational monitoring, trend analysis, and alerting LOG MANAGEMENT Collection of logs from multiple customer systems for Event and Incident Management COMPLIANCE & REPORTING Produce PCI or other compliance reports on a regular basis CORRELATION Allows full scope of reporting and alarms on multiple events correlated with time. ADVANCED INTELLIGENCE Allows time- bound correlation of events on multiple platforms Threat Analytics Big Data threat analytics with customised transforms Remediation Forensic threat inspection and remediation 1 2 3 4 5 BASE CUSTOM MATURITY / PHASE SENSE POST WHITE GLOVE SERVICE VULNERABILITY SCANNING RISK CONTROL SECURE DATA SOC MANAGED SERVICES THREAT MANAGER ADDITIONAL SERVICES
  • 13. 13 summary CURRENT MODEL IS BROKEN Defence in depth with siloed point solutions WE NEED A COMPLETE SECURITY PROCESS ADPR must underpin all solutions LEVERAGE SOLUTIONS AND PEOPLE IN THE CLOUD Scale, Expertise and lower cost GLOBALISED THREAT INTELLIGENCE Centralised database of threat intelligence and analytics EARLIER THREAT DETECTION / REMEDIATION Contextualised actionable threat intelligence LOWER COST No hardware, no software, less resource consumable service
  • 14. 14 THANK YOU Marty Legg Director of Cloud Services SecureData The complete security services provider Marty.Legg@secdata.com www.secdata.com | +44 (0) 1622 723400