6. A Single Lens View is Doomed
• Studying a problem
from every angle and
every level always
leads to more
practical solutions
and quicker
(re)action.
6
17. Cyber Risk Intelligence
17
Who We Are & What We Do
•Engineering team led by former
US Intelligence Analysts
•Business intelligence approach to
cybersecurity
– Massive data warehouse and
powerful cyber risk analytics
– Practical “risk-sensing” solutions
•Founded in 2013
•Series A Financing 2014
18. Additional Resources
18
• Cyber Risk Report – A Look at the 1st Half of 2014
http://info.surfwatchlabs.com/Sample-Cyber-Risk-Report
• Whitepaper – Big Data, Big Mess: Cyber Risk Intelligence
Through “Complete Context”
http://info.surfwatchlabs.com/big-data-security-analytics
• Webinar – Tips to Shore up Cyber Risks in the Supply Chain
https://webinar.informationweek.com/18797?keycode=CAA1AC
Physical and online transactions – all provide gateways to bad guys to steal information, whether banking info, ss#, PII, credit card info, access credentials and more.
C-suite and board is ultimately responsible as we’ve seen in the Target breach and others…
When it comes to addressing cyber risks the common approach is to look inward at the company’s network, employees, etc. This is an important aspect of improving security but it is only part of the puzzle. Understanding your institution’s cyber risk also requires looking outside your company walls… Continuous awareness of our own cyber risks compared to what’s possible and what’s happening around us right now is one of the missing pieces in current cyberdefense practices.
We focus so much on looking down the barrel of individual microscopes, we get lost in all the low-level noise that’s far too focused on only a few dimensions of the problem.
This is an exact piece of information out of a threat intelligence system. It is low-level and has no immediately understood meaning to a business. Even a security professional needs to go research this and determine if it is relevant to their organization’s specific business domain and industry.
For the enterprise – requires teams of security analysts to manually research these types of alerts every day, taking anywhere from 15-20min per alert to an entire day to understand relevancy and impact
For small business – low-level threat intelligence isn’t relevant because skillset to process it isn’t there. But in a complete business context it is something a small business can understand and act on or use to keep tabs on their third party provider/outsourcer
Has your accounting software been named a “back door” for cybercriminals?
What types of systems are trending as targets in my industry sector?
What software and systems used in my supply chain have been exploited this year? In each instance, how was the attack carried out?
Helps organizations immediately understand the potential for cyber-attacks, determine the impact to their business and proactively address threats head on.
For the enterprise – highly relevant, timely and accurate risk intelligence that is consumable by all invested parties in the enterprise (security, C-level, business analyst, risk officers)
For the small bus – security analytics powering applications purpose-built for small business to make cyber simple…
At the core is SurfWatch Analytics – automatically collects, standardizes and analyzes volumes of structured and unstructured information (data inputs at bottom going into the engine). Analytics are available through API access and through monthly executive-level reports that include the analytics with additional insights from SurfWatch Cyber Analysts. Data comes from social, news and blogs, security and threat data feeds, vulnerability databases, etc. PLUS from SurfWatch users (through HackSurfer, Risk Monitor, Market)
Analytics is the foundation:
We are building applications for SMB (Risk Monitor and Market)
Data and analytics powers the HackSurfer security community
Powers custom applications and integrations (cyber defense, threat intel, news services, etc.)