0
1
Marty Legg
Director of Cloud Services
The complete security services provider
THREAT INTELLIGENCE
A NEW APPROACH TO
COMB...
2
THE CURRENT SECURITY LANDSCAPE
EXPANDING PERIMETER
SILOED SOLUTIONS
DROWNING IN DATA
ASYMETRIC BATTLE
MORE TECHNOLOGY
CO...
THE SECURITY CONUNDRUM
3
SECURITY
SPEND
CONTINUES
TO RISE
$30.1 billion
spend by 2017
Up from $9.6
billion in 2006
BUT SO
...
4
A NEW APPROACH
5
COMPLETE SECURITY PROCESS
REMEDIATION
CONTEXTUAL
RISK PROFILE
CORRELATED
THREAT AND
SECURITY
INTELLIGENCE
EARLY
THREAT
D...
WHICH PRESENTS NEW CHALLENGES
6
MORE HARDWARE
MORE COMPLEXITY
MORE RESOURCES
DIVERSE SKILLS
MORE COSTS
CLOUD SERVICES CHANGE THE GAME
7
GLOBAL
CONTEXT
LEVERAGE
HARDWARE
IMPROVE SPEED TO
REMEDIATE
LOWER
COST
IMPROVE THREAT
DET...
8
INTELLIGENCE
AS A SERVICE
ACCESS
AS A SERVICE
SECURITY
AS A SERVICE
CLOUD SECURITY
ARCHITECTURES
EXPERT INTERPRETATION
Over 500 customers
24x 7 SOC
Cyber Threat Special Opps Unit
SensePost world class consultancy
9
CUST...
HUNDREDS
OF SECURITY INCIDENTS
IDENTIFIED
10
SIEM PLATFORM
Class Leading
24 x 7 SOC
Management & response
REMEDIATION
SENS...
WHAT INTELLIGENCE AS A SERVICE DELIVERS
11
REALTIME
RISKPROFILING
ASSURED
COMPLIANCE
EARLIERTHREAT
DETECTION
BIGDATA
VALUE...
DELIVERY MODEL
12
Our beliefs
MONITOR
Affinity
Secure
Operational
monitoring,
trend
analysis, and
alerting
LOG
MANAGEMENT
...
13
summary
CURRENT
MODEL IS
BROKEN
Defence in
depth with
siloed point
solutions
WE NEED A
COMPLETE
SECURITY
PROCESS
ADPR m...
14
THANK YOU
Marty Legg
Director of Cloud Services
SecureData
The complete security services provider
Marty.Legg@secdata.c...
Upcoming SlideShare
Loading in...5
×

Infosec 2014: Intelligence as a Service: The Future of Frontline Security

192

Published on

Featuring Marty Legg, Cloud Services Director SecureData

Security technology continues to change with expanding perimeters, massive data, and siloed solutions causing an all-out asymmetric battle! In the middle of it all, large organizations must ensure the highest security while up against ever changing technology, complex regulations, and the need for more specialists and more skills training across the board.

Today’s security landscape causes a strategic security conundrum. Security spend continues to rise … $9.6B in 2006; $22B in 2012; and by 2017 it’s estimated to hit more than $30B. And yet … 621 breaches were reported in the last 12 months, up 23 percent over the past 3 years.

So why are we not winning the battle?

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
192
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
19
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Infosec 2014: Intelligence as a Service: The Future of Frontline Security"

  1. 1. 1 Marty Legg Director of Cloud Services The complete security services provider THREAT INTELLIGENCE A NEW APPROACH TO COMBATING CYBERCRIME SecureData www.secdata.com | +44 (0) 1622 723400
  2. 2. 2 THE CURRENT SECURITY LANDSCAPE EXPANDING PERIMETER SILOED SOLUTIONS DROWNING IN DATA ASYMETRIC BATTLE MORE TECHNOLOGY COMPLEX REGULATIONS MORE SPECIALISTS MORE SKILLS TRAINING
  3. 3. THE SECURITY CONUNDRUM 3 SECURITY SPEND CONTINUES TO RISE $30.1 billion spend by 2017 Up from $9.6 billion in 2006 BUT SO DOES THE NUMBER OF BREACHES 621 reported in the last 12 months Up 23% over three years WE ARE NOT WINNING THE BATTLE Organisations on the front line need a new approach
  4. 4. 4 A NEW APPROACH
  5. 5. 5 COMPLETE SECURITY PROCESS REMEDIATION CONTEXTUAL RISK PROFILE CORRELATED THREAT AND SECURITY INTELLIGENCE EARLY THREAT DETECTION REAL-TIME RISK ASSESSMENT AUTOMATED NETWORK PROTECTION THREAT PREVENTION EXPERTISE AND PROCESS RAPID AND EXPERIENCED RESPONSE
  6. 6. WHICH PRESENTS NEW CHALLENGES 6 MORE HARDWARE MORE COMPLEXITY MORE RESOURCES DIVERSE SKILLS MORE COSTS
  7. 7. CLOUD SERVICES CHANGE THE GAME 7 GLOBAL CONTEXT LEVERAGE HARDWARE IMPROVE SPEED TO REMEDIATE LOWER COST IMPROVE THREAT DETECTION LEVERAGE PEOPLE WE CAN ABSTRACT INTELLIGENCE CENTRAL BRAIN AND DELIVER IT AS A SERVICE INFRASTRUCTURE CUSTOMER OPERATIONS SECUREDATA SOC
  8. 8. 8 INTELLIGENCE AS A SERVICE ACCESS AS A SERVICE SECURITY AS A SERVICE CLOUD SECURITY ARCHITECTURES
  9. 9. EXPERT INTERPRETATION Over 500 customers 24x 7 SOC Cyber Threat Special Opps Unit SensePost world class consultancy 9 CUSTOMER ENVIRONMENT All logs from your existing network and security devices CONTEXTUAL ENVIRONMENT Relevant feeds of macro security data SINGLE SOURCE OF CONTEXTUAL THREAT INTELLIGENCE FASTER ADVANCED THREAT DETECTION RAPID INCIDENT RESPONSE CRUNCHES & CORRELATES DATA THREAT INTELLI- GENCE FEEDS OPEN SOURCE DATA OUR SECURITY EXPERTISE CRITICAL SYSTEM DATA KEY SERVICE COMPONENTS ASSESSES RISK APPLIES PROTECTION DETECTS THREATS RESPONDS & REMEDIATES UNIQUE, POWERFUL CLOUD BRAIN Best in class hardware Proprietary software Big Data analytics engine Management tools SECURITY BIG DATA Collection Unification Correlation Link analysis OUTPUTS Custom, complete, contextual security intelligence Real time Actionable
  10. 10. HUNDREDS OF SECURITY INCIDENTS IDENTIFIED 10 SIEM PLATFORM Class Leading 24 x 7 SOC Management & response REMEDIATION SENSEPOST Advanced Intelligence White Glove Response HARDWARE TECHNOLOGY SOFTWARE ALGORITHM ANALYTICS Risk Mgmt Tool AFFINITY SECURE MALTEGO Big Data Analytics SDN Network Management Tools EXPERT PEOPLE MILLIONS OF LOGS COLLECTED AND ANALYSED TENS OF ALERTS INVESTIGATED INDIVIDUAL THREATS WITH ACTIONABLE INTELLIGENCE REVIEW THREAT FEEDS Contextual Threat Intelligence CUSTOMER ENVIRONMENT CUSTOMER ENVIRONMENT EXTERNAL LANDSCAPE CUSTOMER VULNERABILITY Scanning INTELLIGENT BRAIN FUNCTION
  11. 11. WHAT INTELLIGENCE AS A SERVICE DELIVERS 11 REALTIME RISKPROFILING ASSURED COMPLIANCE EARLIERTHREAT DETECTION BIGDATA VALUECREATION RESOURCE EFICIENCY FASTER REMEDIATION REDUCED DISRUPTION STRATEGIC REQUIREMENTS: COMPLETE END-TO-END SECURITY APPROACH REAL-TIME RISK ASSESSMENT CONTEXTUAL RISK PROFILE CORRELATED THREAT INTELLIGENCE EARLY THREAT DETECTION AUTOMATED NETWORK PROTECTION THREAT PREVENTION EXPERTISE AND PROCESS RAPID AND EXPERIENCED RESPONSE CORE SECURITY FUNCTIONS: UNDERTAKES (REPLACES OR COMPLEMENTS) KEY FUNCTIONS
  12. 12. DELIVERY MODEL 12 Our beliefs MONITOR Affinity Secure Operational monitoring, trend analysis, and alerting LOG MANAGEMENT Collection of logs from multiple customer systems for Event and Incident Management COMPLIANCE & REPORTING Produce PCI or other compliance reports on a regular basis CORRELATION Allows full scope of reporting and alarms on multiple events correlated with time. ADVANCED INTELLIGENCE Allows time- bound correlation of events on multiple platforms Threat Analytics Big Data threat analytics with customised transforms Remediation Forensic threat inspection and remediation 1 2 3 4 5 BASE CUSTOM MATURITY / PHASE SENSE POST WHITE GLOVE SERVICE VULNERABILITY SCANNING RISK CONTROL SECURE DATA SOC MANAGED SERVICES THREAT MANAGER ADDITIONAL SERVICES
  13. 13. 13 summary CURRENT MODEL IS BROKEN Defence in depth with siloed point solutions WE NEED A COMPLETE SECURITY PROCESS ADPR must underpin all solutions LEVERAGE SOLUTIONS AND PEOPLE IN THE CLOUD Scale, Expertise and lower cost GLOBALISED THREAT INTELLIGENCE Centralised database of threat intelligence and analytics EARLIER THREAT DETECTION / REMEDIATION Contextualised actionable threat intelligence LOWER COST No hardware, no software, less resource consumable service
  14. 14. 14 THANK YOU Marty Legg Director of Cloud Services SecureData The complete security services provider Marty.Legg@secdata.com www.secdata.com | +44 (0) 1622 723400
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×