2. Exclusive Networks Ltd, Alresford House, Mill Lane, Alton, GU34 2QJ
Tel: 0845 521 7217
www.exclusive-networks.co.uk
Page 2
Ever more alarming ‘facts’ about the heightened
risks of the digital environment, a security
landscape built on prevention, and the reality of
breaches becoming more widespread and likely.
The CARM approach from Exclusive Networks allows channel partners to
swiftly identify gaps in customer security, provides complementary solutions
that deliver effective, integrated, and sustainable security against known,
advanced and evolving threats, realising significant business gains in the
process.
3. Exclusive Networks Ltd, Alresford House, Mill Lane, Alton, GU34 2QJ
Tel: 0845 521 7217
www.exclusive-networks.co.uk
Page 3
Introduction
Because the pace of change in the digital world is ever increasing, it is widely recognised and commented on,
that the rate, variety and severity of cyberattacks is increasing either in step, or more worryingly, ahead of the
ability of organisations to maintain a secure digital presence. Accepting a security breach rather than simply
trying to prevent it is the new norm. This presents a huge challenge to organisations with systems built around
prevention and perimeter defence, a challenge amplified by new compliance requirements.
Questions we ask ourselves:
What to invest in and divest of?
Where are attacks likely to come from?
What’s our security legacy?
Where is our soft-spot?
What compliance regulations to meet?
What, critically, is coming down the barrel next?
There is a lot of general information and guidance, much government generated, about what organisations should
do and a blizzard of scaremongering and ‘essential’ advice often frightening organisations into action, that whilst
might address a particular element of the security landscape, rarely provides a complete picture. What is less clear
is how to develop a strategy for dealing with today’s threats, what to do when breached and safeguarding against
tomorrow’s emerging threats.
Factor in the difficulty of knowing whose solutions to deploy out of the thousands on the market and what works
best with what and the picture becomes very complex and only serves to ratchet up the fear factor. For channel
partners, the demands from customers increase in line with their need and perception of risk and the onus to
research, test, deploy and support solutions right for each and every one of their customers across the security
spectrum, without taking unnecessary risks, becomes white hot. Where to turn to for researched, objective, proven
& channel friendly solutions that address the complete security need, provide partners with complementary revenue
streams and significantly reduce their operational costs?
The answer:
CARM – Cyber Attack Remediation and Mitigation provides channel
partners with the framework and tools to confidently identify gaps in
their customers’ security regime, how to most effectively close them
and tighten their security policies to ensure compliance. CARM applies
to customers of all sizes, in all markets irrespective of their current
security profile and incorporates best-of-breed vendor solutions.
4. Exclusive Networks Ltd, Alresford House, Mill Lane, Alton, GU34 2QJ
Tel: 0845 521 7217
www.exclusive-networks.co.uk
Page 4
A CARM Approach is a Controlled Approach
CARM is built around the central tenet that in today’s world, cybersecurity, to be effective, needs to deal with
more than prevention and perimeter security, it has to factor in the expectation that a breach will occur. At the
heart of the CARM concept and framework is the ability to deliver an integrated security capability built around
the three core axes of:
This then provides the route to create an effective, integrated and complete security system across all
platforms within all organisations. It is also scalable and recognising that one size doesn’t fit all, provides
solutions relevant to the circumstances and requirements of each customer, dovetailing with existing
customer security systems. CARM allows customers to tailor their security requirement and select vendors
and technologies from each of the axes to fill any gaps in their current security capabilities and importantly, in
accordance to the level of their security need – Essential, Core or Advanced.
5. Exclusive Networks Ltd, Alresford House, Mill Lane, Alton, GU34 2QJ
Tel: 0845 521 7217
www.exclusive-networks.co.uk
Page 5
Find the Gaps
It’s critical to point out that CARM is not a product or a marketing programme.
The CARM framework allows channel partners to evaluate customers’ current security capabilities, identify
potential gaps and show how a strategic end-to-end cybersecurity framework turns cybersecurity from a
reactive posture into a pro-active, controlled operation across customers’ businesses and in doing so, realising
significant benefits for them:
For channel partners the advantages of embracing CARM are many. The vendor solutions within the three
core axes are at the forefront of their field and have had the relevant level of due diligence, research and
testing done by Exclusive Networks to ensure they are effective, work together and are fully committed to the
channel. With the heavy lifting of key technology and vendor evaluation done, partners can access emerging
technologies relatively risk free and have business issues like the compromise between security and putting the
brakes on business operation and agility already considered and covered. This in turn frees up their time to be
more customer focused and concentrate on delivering the benefits their customers need to maintain and grow
their online and digital presence and ultimately, their competitive edge.
Delivers threat
landscape security
- current and emerging
Ensures compliance
to current and
future regulation
Reduces reactivity and
time to detect, react
and mitigate
Improves uptime, and hence
productivity and profit in the
short term and customer
loyalty and growth
prospects in the
long-term
Raises their security
capabilities
Increases control and
understanding
6. Exclusive Networks Ltd, Alresford House, Mill Lane, Alton, GU34 2QJ
Tel: 0845 521 7217
www.exclusive-networks.co.uk
Page 6
Essential Elements of Complete Security
With past security systems being either completely or predominantly focused
on prevention there is a truism, borne out in research, that if an attack
succeeds and a breach occurs then most organisations will be woefully
unprepared for what to do in the event of this.
It has been the case for the last few years that there is a considerable and potential business limiting gap,
between the time to compromise or breach and the time to detect and respond. Typically a compromise will
happen in minutes, whereas a detection and response time is at best in days, most often in in weeks and at
worst in months. One report showed the typical detection gap to be 146 days, or over four months.
As stressed, CARM is predicated on the fact that given an attacker needs to get lucky only once then
organisations with an effective security system need to be lucky all the time. CARM integrates the three axes
of Prevention, Detection and Reaction into a security life-cycle and assuming that on occasion the attacker
will be successful at beating prevention mechanisms, is ready armed to significantly reduce any detection
and reaction gaps.
7. Exclusive Networks Ltd, Alresford House, Mill Lane, Alton, GU34 2QJ
Tel: 0845 521 7217
www.exclusive-networks.co.uk
Page 7
Mind all the Gaps
Each axis contains proven vendor solutions that are focused on the key attack types and their nature. All work
together and as already mentioned, can be deployed in conjunction with a customer’s existing legacy security
regime, all together, or only the element required – it is all driven by customer situation and need. The functional
security areas addressed by each axis are:
Endpoint Respons
Network Response
SIEM
PREVENTION
the ability to defend:
NG Firewall Platform
PIM
Endpoint Protection
Vulnerability Assessment and Patch
Management
Encryption
Email Protection
Key Generation and Management
Web Application Firewall
Privilege Access Management
Cloud Access Security Brokerage
File Access and MDM
Distributed Denial of Service
Mobile Security
Strong Authentication
NG Firewall Platform
Network Packet Caputre
Endpoint Response
Strong Authentication
Virtual Execution (sandbox)
PIM
Email Protection
Encryption
Web Application Firewall
User Entity Behaviour Analytics
Cloud Access Security Brokerage
Privilege Access Management
Distributed Denial of Service
File Access and MDM
SIEM
Mobile Security
DETECTION
the ability to identify
and respond:
REACTION
the ability to remediate and
forensically investigate:
8. Exclusive Networks Ltd, Alresford House, Mill Lane, Alton, GU34 2QJ
Tel: 0845 521 7217
www.exclusive-networks.co.uk
Page 8
NG FireWall Platform
EndPoint Protection
Email Protection
Encryption
Firewall General PC security Intursion detect
security
Security icons
Encryption Servailance/
Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability
search
Identity Password/Access Security tools Professional
services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
General PC security Intursion detect
security
Security icons
Encryption Servailance/
Monitoring
ivery WIFI Mobile SIEM Web security
Discovery Analytics Email security Vulnerability
search
Password/Access Security tools Professional
services
Patch
on Key logging Restrictions Service accounts Compliance
port Email Session recording General security Enforce/InformSession recording
etect
y
ons
Encryption Servailance/
Monitoring
SIEM Web security
s Email security Vulnerability
search
ools Professional
services
Patch
ns Service accounts Compliance
EESSSENTIALL
CCOORREE
Firewall General PC
Security Delivery WI
DDOS Disco
Identity Password
Integration Key log
Import/Export Em
Forensics Mon
tect
y
ons
Encryption Servailance/
Monitoring
SIEM Web security
s Email security Vulnerability
search
ools Professional
services
Patch
ns Service accounts Compliance
ording General security Enforce/Informording
ponse SIEM
Firewall General PC security Intursion d
securi
Security ic
Security Delivery WIFI Mobile
DDOS Discovery Analyti
Identity Password/Access Security t
Integration Key logging Restricti
Import/Export Email Session rec
Forensics
Session rec
Money End point Res
Firewall General PC security Intursion detect
security
Security icons
Encrypt
Security Delivery WIFI Mobile SIEM
DDOS Discovery Analytics Email sec
Identity Password/Access Security tools Professio
service
Integration Key logging Restrictions Service acc
Import/Export Email Session recording General se
Forensics
Session recording
Money End point Response SIEM
Web Application Firewall
EndPoint Response
SIEM
Virtual Execution (sandbox)
Distributed Denial of Services
Privilege Access Management
Strong Authentication
PIM
Vulnerability Assessment
and Patch Management
Key Generation and Management
User Entity Behaviour Analytics
Mobile Security
Network Plumbing
Firewall General PC security Intursion detect
security
Security icons
Encryption Servailance/
Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability
search
Identity Password/Access Security tools Professional
services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect
security
Security icons
Encryption Servailance/
Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability
search
Identity Password/Access Security tools Professional
services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect
security
Security icons
Encryption Servailance/
Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability
search
Identity Password/Access Security tools Professional
services
Patch
Integration Key logging Restrictions Service accounts Compliance
Firewall General PC security Intursion detect
security
Security icons
Encryption Servailance/
Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability
search
Identity Password/Access Security tools Professional
services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect
security
Security icons
Encryption Servailance/
Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability
search
Identity Password/Access Security tools Professional
services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect
security
Security icons
Encryption Servailance/
Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability
search
Identity Password/Access Security tools Professional
services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect
security
Security icons
Encryption Servailance/
Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability
search
Identity Password/Access Security tools Professional
services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect
security
Security icons
Encryption Servailance/
Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability
search
Identity Password/Access Security tools Professional
services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect
security
Security icons
Encryption Servailance/
Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability
search
Identity Password/Access Security tools Professional
services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect
security
Security icons
Encryption Servailance/
Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability
search
Identity Password/Access Security tools Professional
services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect
security
Security icons
Encryption Servailance/
Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability
search
Identity Password/Access Security tools Professional
services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect
security
Security icons
Encryption Servailance/
Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability
search
Identity Password/Access Security tools Professional
services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect
security
Security icons
Encryption Servailance/
Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability
search
Identity Password/Access Security tools Professional
services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewa
Security D
DDOS
Identit
Integrat
Import/Ex
Forens
Firewall General PC security Intursion detect
security
Security icons
Encrypt
Security Delivery WIFI Mobile SIEM
DDOS Discovery Analytics Email sec
Identity Password/Access Security tools Professio
service
Integration Key logging Restrictions Service acc
Import/Export Email Session recording General se
Forensics
Session recording
Money End point Response SIEM
Minding All the Gaps, All the Time
The CARM framework delivers the pathway for channel partners to close any gaps their customers may have
and deliver replacement or complementary security solutions relevant to each one.
However, circumstances change, either in customers’ businesses and markets, regulatory frameworks,
solution technologies and most importantly, the nature of attacks and their vectors. CARM solutions and
vendors are continuously monitored in terms of suitability and effectiveness and updated to ensure that
customers have the most effective technologies to hand. Should the security needs of customers change,
then CARM can help identify new gaps and determine a security pathway to ensure there is a solution ready
to implement seamlessly, to meet these needs and for each of the three axes. The Security Adoption Curve
delivers appropriate security according to need and highlights what is required to go to the next security level.
9. Exclusive Networks Ltd, Alresford House, Mill Lane, Alton, GU34 2QJ
Tel: 0845 521 7217
www.exclusive-networks.co.uk
Page 9
For more information visit
www.exclusive-networks.co.uk
EndPoint Response
Cloud Access Security Brokerage
File Access and MDM
Network Packet Capture
Network Response
ADVAVAV NCED
C security Intursion detect
security
Security icons
Encryption Servailance/
Monitoring
IFI Mobile SIEM Web security
overy Analytics Email security Vulnerability
search
d/Access Security tools Professional
services
Patch
gging Restrictions Service accounts Compliance
mail Session recording General security Enforce/InformSession recording
ney End point Response SIEM
detect
ity
cons
Encryption Servailance/
Monitoring
e SIEM Web security
ics Email security Vulnerability
search
tools Professional
services
Patch
ions Service accounts Compliance
cording General security Enforce/Informcording
sponse SIEM
tion Servailance/
Monitoring
M Web security
curity Vulnerability
search
onal
es
Patch
counts Compliance
ecurity Enforce/Inform
M
all General PC security Intursion detect
security
Security icons
Encryption Servailance/
Monitoring
Delivery WIFI Mobile SIEM Web security
S Discovery Analytics Email security Vulnerability
search
ty Password/Access Security tools Professional
services
Patch
tion Key logging Restrictions Service accounts Compliance
xport Email Session recording General security Enforce/Inform
sics
Session recording
Money End point Response SIEM
tion Servailance/
Monitoring
M Web security
curity Vulnerability
search
onal
es
Patch
counts Compliance
ecurity Enforce/Inform
M
10. Exclusive Networks Ltd, Alresford House, Mill Lane, Alton, GU34 2QJ
Tel: 0845 521 7217
www.exclusive-networks.co.uk
Page 10
Summary
By adopting a CARM approach, channel partners are able to swiftly and confidently help customers identify,
close and tighten up any security gaps, in their defences and reduce time to detect, react, mediate, analyse
and learn. Customers move from a defensive posture to a more forward facing one and are able to:
Rapidly detect, analyse, mitigate and resolve cyber breaches
Achieve their unique digital business objectives and meet regulatory compliance
Protect core data and infrastructure without slowing down the functioning of the business
Gain real-time visibility and reaction to traditional and emerging threats
Channel partners who have already adopted the CARM framework have benefited from an increase in
customer facing time and a reduction in time and resource needed to audit, analyse, research and recommend
solutions to customer security issues. Current partners have had the following experience and seen their
customers realise significant business benefits.
11. Exclusive Networks Ltd, Alresford House, Mill Lane, Alton, GU34 2QJ
Tel: 0845 521 7217
www.exclusive-networks.co.uk
Page 11
CARM Vendors
Exclusive Networks’ vendors undergo a stringent and ongoing evaluation of their technology and ability to
work with the channel, to ensure channel partners are able to recommend and rely on the solutions and
support delivered. The vendors that map to each of the key CARM components are:
The Smart Route To Visibility™
12. Page 12
Exclusive Networks Ltd, Alresford House, Mill Lane, Alton, GU34 2QJ
Tel: 0845 521 7217
www.exclusive-networks.co.uk
The Reality Driving the Need for
It has been mentioned already that there is a blizzard of facts, stats and prophecies that combine to create a
climate of fear and uncertainty. It is the catalyst behind the CARM approach, and to reinforce why now is the
time to take a CARM approach and move on from prevention base security. Here are some key trends and
facts that are researched and credible that partners can share with their customers.
EV
5
1.
EVENTS OCCUR
ERY SECOND
MALWARE
206
DAYS
THE AVERAGE TIME
TO IDENTIFY AN
ATTACK2.
50BILLIONÔTHINGSÕ CONNECTED TO THE
INTERNET BY 20208.
59%OF ORGANISATIONS
EXPECT THE NUMBER OF
SECURITY INCIDENTS
TO INCREASE NEXT YEAR 3.
THOSE ON THE
DIGITAL FRONTIER HAVE
2-3X FASTER
PROFIT MARGIN GROWTH
DIGITAL
PUBLIC SECTOR CIOs EXPECT A RISE OF
IN 2016 BY 35%7.PROCESSES
WERE COMPROMISED MORE THAN
A YEAR AFTER THE VULNERABILITY
AND EXPOSURE WAS
PUBLISHED1.
OF EXPLOITED
99.9
%
VULNERABILITIES
THE AVERAGE LOSS FOR A
OF 1,000 RECORDS
IS BETWEEN $52,000
AND $87,000 1.
BREACH
FROM NOW UNITL 2020,
THE DIGITAL UNIVERSE
WILL DOUBLE EVERY
TWO YEARS5.
IN 82%OF INCIDENTSEND USER DEVICES WERE AN ISSUE
51% OF CIOs
ARE CONCERNED THAT
THE DIGITAL TORRENT
IS COMING FASTER
THAN THEY CAN COPE 4.
DATAIN THE
DIGITAL UNIVERSE
THAT REQUIRES PROTECTION
IS GROWING FASTER THAN
THE DIGITAL UNIVERSE ITSELF 5.
OF ORGANISATIONS HAD A
SECURITY
BREACHIN THE LAST YEAR RELATING TO3.
SOCIAL NETWORK SITES
13%
1. Source: 2015 Data Breach Investigations Report, Verizon
2. Source: 2015 Cost of Data Breach Study: Global Analysis, Ponemon Institute,
May 2015
3. Source: 2015 Information Security Breaches Survey Technical Report, HM
Government
4. Source: Gartner, January 14 2014, Press Release