Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Netwatcher Credit Union Tech Talk

215 views

Published on

Credit Union Tech Talk asked us to lead a webinar on cyber trends, managed detection and response and where NetWatcher fits

Published in: Business
  • Be the first to comment

  • Be the first to like this

Netwatcher Credit Union Tech Talk

  1. 1. HOW TO ENJOY EXPERT 24/7 THIRD PARTY MONITORING FOR LESS THAN $300 PER MONTH Scott B. Suhy, CEO Scott.Suhy@netwatcher.com ®
  2. 2. Agenda Copyright © 2017 NetWatcher All Rights Reserved. • Trends your Financial Institution needs to understand • A new trend “Managed Detection & Response” • NetWatcher’s Managed Detection & Response service 3/30/2017
  3. 3. Copyright © 2017 NetWatcher All Rights Reserved. The Gramm–Leach–Bliley Act – (for details 6801–6809) requires financial institutions to explain their information-sharing practices to their customers and to safeguard sensitive data. The Act contains three elements (Privacy Rule, Safeguards Rule and Pretexting Protection) regarding the privacy of information, of which businesses, primarily "financial institutions," need to be aware – (More from the FTC on complying with the Safeguards Rule). The Safeguards Rule requires an institution to develop, implement, and maintain a comprehensive information security program that is written, contains administrative, technical and physical safeguards, is “appropriate” to the institution’s size and complexity, as well as the nature and scope of its activities, and is appropriate to the sensitivity of the customer information at issue.
  4. 4. Managed Security Providers Security is the #1 Growth area for Managed Services Providers (MSPs)—CompTIA 5kopportunities HP IBM FireEye Palo Alto Etc… Security Sophistication Small Medium Large Size of Business Threat Intelligence SIEM End Point Technology Intrusion Detection Intrusion Protection …big gap… Firewall Anti-virus Customer demands and compliance mandates 15kopportunities MSSPs Copyright © 2017 NetWatcher All Rights Reserved. Trend #1 – SME’s Pressured to Have More Protection
  5. 5. Managed Security Providers Security is the #1 Growth area for Managed Services Providers (MSPs)—CompTIA 5kopportunities HP IBM FireEye Palo Alto Etc… Security Sophistication Small Medium Large Size of Business Threat Intelligence SIEM End Point Technology Intrusion Detection Intrusion Protection …big gap… Firewall Anti-virus Solutions expensive difficult to use security analysts don’t exist 15kopportunities MSSPs Copyright © 2017 NetWatcher All Rights Reserved. Trend #1 – SME’s Pressured to Have More Protection
  6. 6. Managed Security Providers Security is the #1 Growth area for Managed Services Providers (MSPs)—CompTIA 5kOrganizations HP IBM FireEye Palo Alto Etc… Security Sophistication Small Medium Large Size of Business Threat Intelligence SIEM End Point Technology Intrusion Detection Intrusion Protection …big gap… Firewall Anti-virus Solutions expensive difficult to use security analysts don’t exist Customer demands and compliance mandates 15kOrganizations MSSPs 5M+Organizations Copyright © 2017 NetWatcher All Rights Reserved. Trend #1 – SME’s Pressured to Have More Protection
  7. 7. Trend #2 – Giant Skills Gap in Cyber Security Copyright © 2017 NetWatcher All Rights Reserved. shortfall of 1.5 million security professionals by 2020 – Frost & Sullivan
  8. 8. Trend #3 - Known Vulnerabilities Copyright © 2017 NetWatcher All Rights Reserved. 44% of breaches came from vulnerabilities that are two to four years old… -- HP’s Cyber Risk Report http://www.cvedetails.com/vulnerability-list Think about it… Organized crime and foreign government employees are….
  9. 9. Trend #4 – Ransomware – as - service . Copyright © 2017 NetWatcher All Rights Reserved. TrueCrypter (late April) CryptXXX (mid April) 7ev3n-HONE$T (mid April) AutoLocky (mid April) Jigsaw (early April) CryptoHost (early April) Rokku (late March) KimcilWare (late March) Coverton (late March) Petya (late March) Maktub Locker (mid March) Nemucod .CRYPTED (mid March) Samas/Kazi (mid March) The Surprise (mid March) Pompous (early March) KeRanger (early March) Cerber (early March) CTB-Locker for web sites (mid February) Padcrypt (mid February) Locky (mid February) Umbrecrypt (early February) DMA Locker (early February) NanoLocker (late January) 7ev3n (late January) LeChiffre (mid January) Magic (mid January) CryptoJoker (early January) Ransom32 (early January)
  10. 10. Trend #4 – Ransomware – as - service . Copyright © 2017 NetWatcher All Rights Reserved. TrueCrypter (late April) CryptXXX (mid April) 7ev3n-HONE$T (mid April) AutoLocky (mid April) Jigsaw (early April) CryptoHost (early April) Rokku (late March) KimcilWare (late March) Coverton (late March) Petya (late March) Maktub Locker (mid March) Nemucod .CRYPTED (mid March) Samas/Kazi (mid March) The Surprise (mid March) Pompous (early March) KeRanger (early March) Cerber (early March) CTB-Locker for web sites (mid February) Padcrypt (mid February) Locky (mid February) Umbrecrypt (early February) DMA Locker (early February) NanoLocker (late January) 7ev3n (late January) LeChiffre (mid January) Magic (mid January) CryptoJoker (early January) Ransom32 (early January)
  11. 11. Trend #5 - Unintentional Insider Threat Copyright © 2017 NetWatcher All Rights Reserved. Clicking on a Phishing Message Browsing Explicit Web Sites Downloading Risky Software (TOR, Hola, BitTorrent etc..) Using Vulnerable Software (outdated Java and Flash) Sending Personally Identifiable Information in Clear Text
  12. 12. Trend #5 - Unintentional Insider Threat Copyright © 2017 NetWatcher All Rights Reserved. Clicking on a Phishing Message Browsing Explicit Web Sites Downloading Risky Software (TOR, Hola, BitTorrent etc..) Using Vulnerable Software (outdated Java and Flash) Sending Personally Identifiable Information in Clear Text
  13. 13. Trend #6 - Supply Chain Risk Copyright © 2017 NetWatcher All Rights Reserved. Do you have customer data? Do you provide your customers data to third party vendors? Do you provide your data to third party vendors? “It is abundantly clear that, in many respects,” Mr. Lawsky (New York State’s top financial regulator) said in the letter, “a firm’s level of cybersecurity is only as good as the security of its vendors.” -- NYTimes.com: After JPMorgan Cyberattack, a Push to Fortify Wall Street Banks Think “Business Associate Agreement/HIPAA” – Your customers are going to be expecting you to have great Cyber Security Controls. You should expect the same of your suppliers…
  14. 14. Trend #7 - Open Source Copyright © 2017 NetWatcher All Rights Reserved. • Doh! Shellshock… Heartbleed… POODLE… • Duh! They have the source code… • What is managing the BOM in the solutions built on Open Source?
  15. 15. Trend #7 - Open Source Copyright © 2017 NetWatcher All Rights Reserved. • Doh! Shellshock… Heartbleed… POODLE… • Duh! They have the source code… • What is managing the BOM in the solutions built on Open Source?
  16. 16. FACT – Your Customer’s are Weak on Cyber Security Copyright © 2017 NetWatcher All Rights Reserved.  Generally no security controls (users have admin access to machines, weak employee policy documents, no cyber training, no cyber liability insurance, sr. execs not schooled on the risks etc…)  Most are not aware that they have already been compromised!  Don’t keep firmware up to date on WIFI, Routers, Switches, Firewalls  Many do not change Default Passwords on equipment (see Shodan.io)  Most don’t know who their employees are talking to and what bad actor scans are making it through the firewall
  17. 17. FACT – Your Customer’s are Weak on Cyber Security Copyright © 2017 NetWatcher All Rights Reserved.  Generally no security controls (users have admin access to machines, weak employee policy documents, no cyber training, no cyber liability insurance, sr. execs not schooled on the risks etc…)  Most are not aware that they have already been compromised!  Don’t keep firmware up to date on WIFI, Routers, Switches, Firewalls  Many do not change Default Passwords on equipment (see Shodan.io)  Most don’t know who their employees are talking to and what bad actor scans are making it through the firewall
  18. 18. Copyright © 2017 NetWatcher All Rights Reserved. Example… Your 12 year old can do this…
  19. 19. Copyright © 2017 NetWatcher All Rights Reserved. Example… Your 12 year old can do this…
  20. 20. Copyright © 2017 NetWatcher All Rights Reserved. Example… Your 12 year old can do this… Click Here…
  21. 21. Copyright © 2017 NetWatcher All Rights Reserved. Example… Your 12 year old can do this…
  22. 22. Copyright © 2017 NetWatcher All Rights Reserved. Example… Your 12 year old can do this…
  23. 23. Will it Get Worse? Or Better? Copyright © 2017 NetWatcher All Rights Reserved. 2005 2015 2020 CyberAttackSurface InvolvementofOrganizedCrime&NationStates More Protection More Innovation Desire for Privacy More Surface to Attack More Organized Crime Convenience
  24. 24. What is Managed Detection & Response (MDR) www.netwatcher.com • Automated “Detection” to find issues 24x7 (Alarms) in concert with Threat Hunting across broad customer base • Cloud based correlation of events over different silo’s of information over time • Alerting, MSP integration, Analyst availability, “Response” Automation • Focused inside Perimeter versus Edge • Focused on what makes it through the traditional line of defense versus replacing traditional line of defense
  25. 25. Where NetWatcher’s MDR Service Fits 24x7 Continuous Monitoring for Exploits & Vulnerabilities www.netwatcher.com End Point Protection IPS/UTM/Firewall Keeps bad guy from Coming through the Front door… NetWatcher Continuous Monitoring Keeps employees from Letting bad guy through the Front door…
  26. 26. NetWatcher Service Delivery. www.netwatcher.com Sensor(s) (hardware or VM) that sits on the inside of customers network and listens for anomalies… (IDS, Netflow, SIEM, Scanner) Endpoint software (HIDS, Logs, Sensor-in-Cloud VPN/IDS) “Cloud based” Service that sends you necessary alerts when a serious security issue is discovered. (Advanced correlation) Security Analysts in Secure Operations Center (SOC)
  27. 27. Why NetWatcher?. www.netwatcher.com What is your Cyber Promiscuity Score™? Automation Hunting for exploits & malware hidden in infected computers, phones or tablets etc... Cyber Promiscuity issues (sometimes referred to as unintentional insider threats) that can lead to security problems such as your employees visiting compromised websites, out of date software or Personally Identifiable Information (PII) being sent over the internet in clear text.   Change the users behavior!
  28. 28. SMB Requirements www.netwatcher.com Accuracy  Multi-tenant cloud Ease of installation  Plug it in and it works Easy to Use  CPortal design, easy to understand alarms, CHS/CPS scores  Alarms sent via Text & eMail  Sensor in the Cloud endpoint module MSP Friendly  Single Pane of Glass MSP Portal  ConnectWise integration Affordable  Easy to understand pricing
  29. 29. DEMO www.netwatcher.com
  30. 30. Don’t Become One of These… www.netwatcher.com http://privacyrights.org/data-breach
  31. 31. www.netwatcher.com NetWatcher is committed to Financ
  32. 32. www.netwatcher.com NetWatcher is committed to Financ • NCUA Cyber Resources site (found here) • FFIEC Cyber Assessment Tool (found here) • Conference of State Bank Supervisors Executive Leadership of Cybersecurity Resource Guide (found here) • The FDIC Community Bank Cyber Exercise (found here) – Created to encourage community financial institutions to discuss operational risk issues and the potential impact of information technology disruptions on common banking functions. • FFIEC Handbook’s Section on Information Security (found here) • FDIC Framework for Cybersecurity (found here) - The article addresses some common cyber-attack strategies, the critical components of information security programs (corporate governance, threat intelligence, security awareness training, and patch-management programs), and actions taken by federal bank regulators to respond to cybersecurity threats. The article stresses that everyone within a financial institution, from entry-level staff to the board of directors, is responsible for prioritizing cybersecurity. The article includes information about several resources available to help educate and inform employees and directors on cybersecurity. • NIST Cyber Security Framework (found here)
  33. 33. Thank You! To Contact Us: lauren.sexton@netwatcher.com 571.308.3661 www.netwatcher.com Scott B. Suhy, CEO Scott.Suhy@netwatcher.com

×