• Like
  • Save
Out With the Old, In With the New – Reinvent and Justify Your 2013 Security Strategy
Upcoming SlideShare
Loading in...5
×
 

Out With the Old, In With the New – Reinvent and Justify Your 2013 Security Strategy

on

  • 884 views

It’s a new era for IT security teams. Tasked with ensuring the success of business-changing IT initiatives from mobile and BYOD to virtualization and cloud services, CISOs are finding that existing ...

It’s a new era for IT security teams. Tasked with ensuring the success of business-changing IT initiatives from mobile and BYOD to virtualization and cloud services, CISOs are finding that existing security controls and processes create complexity instead of reducing risks. At the same time, highly publicized breaches and new forms of attacks have raised awareness of the business impact of cyber threats to the board level. It’s time for a hard look at your current security program. Can you demonstrate an effective security strategy that will protect your company’s vital services, systems and data?

Gidi Cohen challenges you to reinvent your security approach. More than offering just a few ideas, Cohen will examine why some popular security controls are no longer effective at minimizing risks, and explore proven next-generation techniques to increase your ability to see, measure, and gain control over business risks.

Presented by Gidi Cohen, CEO and Founder - Skybox Security at the CISO Summit in San Francisco, CA.

Statistics

Views

Total Views
884
Views on SlideShare
884
Embed Views
0

Actions

Likes
0
Downloads
20
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Out With the Old, In With the New – Reinvent and Justify Your 2013 Security Strategy Out With the Old, In With the New – Reinvent and Justify Your 2013 Security Strategy Presentation Transcript

    • Out with the Old, in with the New CISO Strategy for 2013 presented by Gidi Cohen CEO and Founder, Skybox Security December 7, 2012 www.skyboxsecurity.com © 2012 Skybox Security 1
    • Skybox Security OverviewLeader in ProactiveSecurity Risk Management• Predictive risk analytics for best decision support• Designed for continuous, scalable operation• Complete portfolio on a common platformGlobal 2000 Customers• Proven effective in complex networks• Financial Services, Government, Defense, Tech, Energy, Retail, Service Providers, Manufacturing• “ This is the best tool we have for getting all of our risk information in one place.” - USAID © 2012 Skybox Security 2
    • Security Challenges in a Changing World100% Uptime BYOD DemandsRapidly Mutating BYOC (Cloud)Threats data and appsRoll-out New Services © 2012 Skybox Security 3
    • 2013 Top Goals for the CISO Protect Information Deliver Business Be a Trusted Assets Value Advisor Common thread... RISK• Identify risks • Timely, cost-effective • Communicate risks• Ensure effective risk mitigation in business language risk controls • Supports business goals (Source: Forrester, Role Job Description: CISO, March 2012) © 2012 Skybox Security 4
    • Strong Security Risk Management Program is Essential Continuous, ScalableThreats Infrastructure ImpactChange Mitigation ExecRequests Options Reports © 2012 Skybox Security 5
    • How Do You Manage Risks Today? Vulnerability Scanners ProtectInformation SIEM Assets IT GRC © 2012 Skybox Security 6
    • 2012 Skybox Survey: Vulnerability Management Challenges How often do you scan? How much coverage? 350 300 To keep pace with threats? 250 Daily updates 90%+ hosts 200 Too Little, Too Late 150 Critical systems, DMZ 100 Partner/External networks Avg. scan: 30 daysFrequency Avg. scan: 60-90 days 50-75% of hosts 50 <50% of hostsx/year 0 10% 20% 30% 40% 50% 60% 70% 80% 90% % of Network Scanned © 2012 Skybox Security 7
    • Vulnerability Assessments: Just Not Effective Reasons that respondents don’t scan more often We are concerned about disruptions from scanning 59% We don’t have the resources to analyze more frequent scan data 58% We dont have the resources to deal with Disruptive, Inaccurate Picture of Risk broader patching activity 41%Some hosts are not scannable due to their use 34% The cost of licenses is prohibitive 29% Unable to gain credentialed access to scan portions of the network 12% We just don’t need to scan more 5% © 2012 Skybox Security 8
    • Is a Vulnerability Scanner Sufficient for Security Risk Management? Updated Continuously Lacks network contextThreats Infrastructure ImpactChange Mitigation ExecRequests Options Reports © 2012 Skybox Security 9
    • SIEM – Monitoring, not Prevention Pre-event Post-event Event! Anticipate risks Monitor events Prevent attacks Incident response Reactive, Incomplete Risk Picture(Regarding SIEM) "If the question is, Does it stophackers? then the answer is no. Its not supposedto stop anything.“ Dr. Anton Chuvakin, Gartner © 2012 Skybox Security 10
    • Is a GRC Tool Sufficient for Security Risk Management? Updated Continuously Policy view only Lacks network context Threats Infrastructure ImpactChange No operationalMitigation ExecRequests guidance Options Reports © 2012 Skybox Security 11
    • “Insanity: Doing the samething over and over againand expecting differentresults." -- Albert Einstein © 2012 Skybox Security 12
    • Success Story – Global Brewing Company On the surface… • Firewall rulesets bloated • Service performance issues Dig deeper… • Unable to see infrastructure • Unable to anticipate impact of planned changes CISO’s visionary goal • Fundamentally different approachOperations on all continents to security managementMany centralized services © 2012 Skybox Security 13
    • Brewing Company – Integrated Approach for Security Management Enabled by modeling Updated Continuously and simulationThreats Infrastructure ImpactChange Change Mitigation Firewall ExecRisk OperationalRequests Planning Optimization Options Metrics Metrics Reports © 2012 Skybox Security 14
    • Brewing Company - Results Clear Visibility • Enabled clear view of the infrastructure for network architecture planning Improved Security • Able to quickly assess potential risks of changes Lower Maintenance Time • Consolidated and optimized firewalls Improved Performance • Increased use of centralized resources Better Internal Communications • Reports on operational and risk metrics © 2012 Skybox Security 15
    • Leveraging Risk Analytics, Modeling and Simulation Vulnerabilities Change Exposes • CVE 2011-203 a Vulnerability • CVE 2009-722 • CVE 2012-490IPS SignaturesNot Enabled Likely Attack Available Scenario Access Path © 2012 Skybox Security 16
    • Common Use Cases for SRM Continuous Risk Mitigation • Threat• Compliance intelligence• Change • Vulnerability • Attack prediction discovery Management • APT and• Optimization • Prioritization Malware • Remediation simulation planning Network Security Future SOC Management Enabled by Risk Analytics © 2012 Skybox Security 17
    • Blueprint for Network Security Management ITSM Integration Network Security Change ManagementCorporatePolicies Business Compliance & Risk Analytics MetricsBest PracticePolicy Operational Metrics Normalized device configuration repository Compliance Reports Firewalls Network Devices 18
    • Enabling Business Needs, Securely © 2012 Skybox Security 19
    • Continuous Risk Mitigation (Next-Gen Vulnerability Management) Most Critical ActionsVulnerabilities Threats © 2012 Skybox Security 20
    • Risk-Driven Security Operations Center IT GRC/Security Dashboard – consolidated reportingSecurity Risk Security Information &Management (SRM) Event Management (SIEM)Proactive, pre-attack Post-attack incidentrisk mitigation management © 2012 Skybox Security - Confidential 21
    • Adapt and ThriveEnable Business Needs• Support roll-out of new business services• Quantify risks and communicate optionsManage Risks Effectively• Monitor risks continuously• Include proactive risk-management in operationsTreat Security as a Business • Communicate security impact in business terms • Drive cost-efficient operations © 2012 Skybox Security 22
    • Automate daily security tasksMaintain compliance, prevent attacksThank you!www.skyboxsecurity.com © 2012 Skybox Security 23