Slides zum Impulsreferat: Trends in Cybersecurity | Bettina Brandl - HCLSoftware | DNUG Stammtisch Wien | 25.09.2023

1. Copyright © 2023 HCL Software Limited | Confidential
Trends in Cybersecurity
Impact of AI on Cyber Security
EU Directive NIS2
How HCL Bigfix Can Help
AI Support in BigFix: New! “Runbook AI”
Discussion
Bettina Brandl
Sept. 25th, 2023

2. Copyright © 2023 HCL Software Limited | Confidential
Bettina Brandl
Head of Enterprise Security DACH
https://www.linkedin.com/in/bettina-brandl/

3. Copyright © 2023 HCL Software Limited | Confidential
Impact of AI on Cyber Security

4. Copyright © 2023 HCL Software Limited | Confidential
Source:
https://www.infosecurity-magazine.com/news/global-cyber-attacks-rise-7-q1-2023/ published 2023/04/28
+7%
Year-over-year increase in weekly cyberattacks
worldwide in Q1/2023
→ 1.248 attacks per week per organization!
+15% Increase in sectors Education and
Research & Development
→ 2,507 attacks per week
per organization!
1 out of 31 organizations worldwide
experienced a ransomware attack every week in
the first quarter of 2023
Image: Gerd Altmann via pixabay

5. Source: https://www.statista.com/statistics/204457/businesses-ransomware-attack-rate/ published 2023/08/30
Annual share of organizations affected by ransomware attacks worldwide
from 2018 to 2023
5
As of 2023, over 72% of businesses
worldwide were affected by ransomware
attacks. This figure represents an
increase from the previous five years and
was by far the highest figure reported.
Overall, since 2018, more than half of the
total survey respondents each year
stated that their organizations had been
victimized by ransomware.

6. 1
Increase in number and
frequency of cyber
attacks 2
More sophisticated
technology and
complexity of cyber
attacks
3
Higher and more
connectivity, faster
disclosure of security
vulnerabilities
Impact of AI on Cyber Security – Threat Potential
Image: Gerd Altmann via pixabay

7. 1
Automation of security
processes, seamless
integration between
Detection and
Remediation
2
Pattern and anomaly
detection, Improvement in
detection and more
efficient countermeasures
3
Full transparency about
infrastructure exposure
to threats
Impact of AI on Cyber Security – How to Respond
Image: Gerd Altmann via pixabay

8. Copyright © 2023 HCL Software Limited | Confidential
Response from the authorities:
The new EU directive NIS2

9. What is NIS 2
NIS stands for Network and Information Systems Security. The NIS2 Directive is the EU-wide legislation on cybersecurity. It contains
legal measures to increase the overall level of cybersecurity in the EU.
Image: Gerd Altmann via pixabay
Covering a larger
part of the economy
and society (more
sectors)
Systematic focus
on larger, medium-
sized and critical
players
Alignment of safety
requirements and
supervision and
enforcement
Streamlining
reporting
requirements
More operational
cooperation, incl.
EU cyber crisis
management

10. NIS 2 – Why is it Relevant
Image: Gerd Altmann via pixabay
Obligation to transpose until
Oct. 17th, 2024
up to €10M
Penalty or 2% of the
annual global revenue
Management bodies (managing directors and
board of directors) are liable for violations if
essential risk considerations have been
neglected or ignored.

11. NIS 2 – Relevant Sectors
Energy
Transportation
Healthcare
Drinking water
Waste water
Postal and Courier Services
Waste Management
Chemistry
Food
Processing / Manufacturing Industry
Digital service providers
Research (facultative)
Digital Infrastructure
Management of ICT Services B2B
Public Administration
Space
Banking and Financial market
infrastructures (DORA)
Image: Gerd Altmann via pixabay

12. Copyright © 2023 HCL Software Limited | Confidential
How HCL BigFix can help

13. 13
Endpoint Security is a Universal Challenge
In 2023, there are
about 3.5 million
unfulfilled
cybersecurity jobs
Skills
shortage
Regulatory fines
can cost millions
for large global
brands
Compliance
mandates
Nearly 1/3 of all
detected
vulnerabilities
remain
unremediated
after a year
Long remediation
times
A typical
organization
uses 14 endpoint
management tools
Too many tools
And agents
No consolidated
single manage-
ment view of all
endpoints
increases security
risk
Lack of
visibility
Endpoint Security
is essential, but
challenging
“things” to secure personal data records stolen lost to cybercrime

14. 14
The Economic Impact of BigFix
Addressing endpoint management challenges drives tangible value
No consolidated single
Management view of
all endpoints increases
security risk
Lack of
visibility
In 2023, there are about
3.5 million unfulfilled
cybersecurity jobs
Skills
shortage
Regulatory fines can
cost millions for large
global brands
Compliance
mandates
Nearly 1/3 of all
detected vulnerabilities
remain unremediated
after a year
Long remediation
times
A typical organization
uses 14 endpoint
management tools
Too many tools
And agents
Endpoint
Management
Challenges
One skillset leveraged
across all OS platforms
and device types
Simplified staffing,
fewer specialists
Eliminates configuration
drift, remediation effort,
and noncompliance
fines
Continuous
compliance
enforcement
Prioritize and speed
vulnerability remediation
across the fleet of
endpoints
Fast remediation of
vulnerabilities
A unified view
simplifies management
and control and
reduces risk
Consolidated view
of all endpoints
A single endpoint
management solution
reduces tool sprawl
and IT complexity
Single agent and
platform
BigFix delivers
Economic Impact
Reduced staffing
costs
Fewer fines for
noncompliance
Reduce security
risk
Reduced IT spend Improve visibility
and control

15. 15
HCL BigFix: THE Endpoint Management Platform
Support for 100 operating
systems and variants
Integrations with ServiceNow, Tenable,
Qualys, Nutanix, IBM, VMWare, AWS,
Google Cloud, Azure and others
User Workspace
Management
Deep automation for clients
and mobile to easily solve the
latest user endpoint demands
in the market
Secure Infrastructure
Automation
Intelligent automation
of servers and cloud assets
Security & risk management
compliance
Software Asset
Management
Software cost management
License optimization
Software auditing
CyberFOCUS Security
Management
Help alignment of security
and operations
Help C-suite balance
security and business
Prove cyber risk reduction

16. 16
BigFix: The Endpoint Management Platform
Analyze
An open data analytics platform
providing insights, historical and trend
reports
Discover inventory
• Discovery and enrollment
• Hardware and software inventory for
over 100k titles
Continuous compliance and patch
• CIS, PCI-DSS, DISA-STIG
• Eliminate configuration drift
Vulnerability remediation
Correlates vulnerabilities from Tenable
and Qualys to bridge the Sec/Ops gap
and reduce attack surface
Intelligent automation
Fully automated operations for any
endpoint
• Distribution
• Hardening
• Patch
• Compliance
Manage
• Desktop, server, cloud and mobile
• End user self-service
• Remote desktop control
• Power Management
Integrate
Integrations with 12+ market leading
products including ServiceNow,
Tenable, Qualys, QRadar and more

17. 17
Technology Explosion Creates Complexity
Every solution has
an agent
Every agent has
a console
Every console
requires a server
or cloud instance
Every tool requires
staff, training,
maintenance, and
support
Where does it
end?
At what cost?

18. 18
“Point in time” Versus Continuous Compliance
BigFix Agent…
Continuously enforces polices
Reports change immediately
99%+ compliance
commonly achieved!

19. 19
BigFix CyberFOCUS Technology
The industry’s first vulnerability
remediation solution that combines threat
intelligence-based CVE prioritization,
prescriptive analytics and the broadest
device coverage to help organizations
stay protected ahead of emerging
threats.

20. 20
CISA KEVs Exposure Analyzer
1. Identifies priority exposures to CVEs
in CISA’s Known Exploited Vulnerabilities
Catalog based on whether BigFix
patched the CVEs
2. Compares your environment to the
CISA-directed due dates for the CVEs,
and your performance against those due
dates
3. Provides information on number of
devices exposed and device vulnerability
density. Prescribes the biggest attack
surface gaps that need to be patched
4. Correlates the BigFix Patch Content
needed and the unpatched devices
regarding the CVEs in question to
protect the org

21. 21
Advanced Persistent Threat
CVE Analyzer
1. Confirms priority priority exposures to
CVEs known to be used by MITRE ATT&CK
Groups based on whether BigFix patched
the CVEs
2. Includes the CVE Remediation Simulator
to do instant, real-time ‘what if’ analysis of
changes in your vulnerability attack surface
to prescribe remediations having the most
protective power with the least disruption
3. Provides information on number of devices
exposed and device vulnerability density.
Prescribes the biggest attack surface gaps
that need to be patched
4. Correlates the BigFix patch content
needed and the unpatched devices
regarding the CVEs in question to provide
immediate protection

22. 22
Protection Level Agreements
Measure performance of remediation against
business-driven targets
Critical security patches for
online banking servers
for Cobalt Group CVEs
✓ Aligns IT Operations with Business
Objectives, balancing business
objectives/goals with cyber risk tolerance
✓ Leverages baselines that combine asset
criticality, CVE criticality, desired patch
levels, and compliance standards against
agreed-to organizational service levels
✓ PLA report shows remediation
performance against specific asset
groups

23. 23
BigFix Insights for Vulnerability Remediation

24. 24
BigFix Offerings Comparison
Key Capabilities BigFix
Patch
BigFix
Lifecycle
BigFix
Compliance
BigFix
Remediate
BigFix
Inventory
BigFix One
on Cloud
Comprehensive patching P P P P P
Pre-built and tested OS patch content P P P P P
Extended catalog of 3rd party apps for Windows P P P P
Vulnerability remediation with CyberFOCUS Analytics P P P P
Data analytics/integration platform P P P
Software and OS distribution and updates P P
Server automation / task sequencing P P
Desktop control and energy management P P
Configuration checklists for CIS, PCI-DSS, and DIST STIG
containing more than 20,000 checks
P P
Continuous compliance policy enforcement P P
Security configuration management P P
Multi-vendor anti-malware management P P
Hardware inventory P P
Software inventory with catalog of 100,000+ titles P P

25. 25
A Recognized Leader
Gartner Peer Insights for UEM Quadrant Knowledge Systems

26. BigFix Runbook AI

27. IT Administrator
27
Market Pains
Digital business transformation is driving the proliferation of new applications, services, tools and technologies that increase
the complexity of digital assets. and put a massive pressure on IT.
• Vast number of recurring
incidents, service requests,
tasks
• Repetitive tasks to automate
• Improper knowledge
management
• Inconsistent and variable quality
of operations
Service Desk
• Rising Operational Costs
• Acute shortage of skilled SMEs
and resources
• Long delays in isolating and
resolving IT faults
• Frequent SLA Breaches &
escalations
+ = Long Unplanned
Downtimes
Overloaded IT
Team
Revenue Loss

28. 28
Analyst Observations
Where is time spent during downtime incidents?
The survey found that after the loss or service or downtime, the root cause analysis,
identification of the resolution and execution of the identified solution represent for more
than the 60% of the interviewed people the most painful and time-consuming part of the
entire end-to-end incident resolution lifecycle
What are the greatest challenges in managing IT
infrastructure?
More than one response allowed

29. “Intelligent Automation of IT tasks and incident remediation is paramount for new-age enterprises to become truly agile, resilient and efficient”
How does the industry-wide breakup of incidents and tasks look like?
“Most common, repetitive
and standardized tasks”
“Less frequent occurrences,
fairly standardized”
“Occur once in a while and
are very non-standardized”
• Application Service Restarts
• Password Resets
• CPU, Memory, Disk Utilization
• Server Reboots, and more
• User Creation & Management
• Disk addition to VMs
• Provisioning of VMs
• Preventive Health Checks, and
many more
Repeaters
~30%
Runners
~45%
Rarities
~25%
29

30. 30
Dramatically reduce human
errors due to manual
execution of activities on a
device
Compress the MTTR – Mean
Time to Repair – IT task
(incidents, service requests or
change requests)
Fewer Errors
Less Time
Introducing BigFix Runbook AI
Minimize IT Cost by
empowering admins to
accomplish any operation
without specific knowledge of
the OS or Application
Lower IT Cost

31. BigFix Runbook AI: Enabling Continuous Automation
Fetch
Fetch Structured
and Unstructured
Data – Tickets;
Alerts; Events; Logs;
Knowledge Articles
Analyze and
identify what
to automate
Configure
Runbook for
automated
ticket
resolution
Using NLP,
understand
and
recommend
most relevant
solution
Autonomously
resolve issues and
automate tasks
Analyze Configure Recommend Resolve
Continuous Optimization & Expansion of
Automation Scope
31

32. hcltechsw.com
Thank you!

33. Copyright © 2023 HCL Software Limited | Confidential
The HCL BigFix platform is used to automate the discovery and remediation of
potential vulnerabilities, ensuring all endpoints, such as servers, mobile
devices, and laptops, are continuously secured and compliant.
Automation and AI capabilities are leveraged to enable Mondelēz International
to provide an intuitive, on-demand personalized user experience and
accelerated issue resolution to its 110,000 plus employees across 79
countries.
BigFix’s CyberFOCUS Dashboard helps Mondelēz to gain enhanced visibility
to their security posture.
33

34. Copyright © 2023 HCL Software Limited | Confidential
Success Stories BigFix worldwide: https://www.hcltechsw.com/resources/stories/list?product=BigFix&referrer=www.bigfix.com
Viessmann
Automate their entire complex patching using Server Automation.
Achieve high productivity by using HCL BigFix’ Tenable Integration.
Verbund Services AG
Patch their environment with reduced IT resources.
Most 3rd party application patches and OS patches are managed up to date using HCL
BigFix
Swiss Telecom Provider
Reduce annual software costs while fostering use of current, most secure, software versions.
HCL BigFix’ Patch Compliance and Security Compliance reports are used to maintain their
environment secure.

35. 35
HCL BigFix at a Glance
_____________________________________________________
100,000,000+ 47
endpoints managed worldwide. countries
_____________________________________________________
100+
supported operating systems
_____________________________________________________
100,000+
software titles inventoried
_____________________________________________________
500,000+
ready-to-deploy content
_____________________________________________________
20,000+
out-of-the-box compliance checks