Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Relentless 7 steps for cyber security operation

21,806 views

Published on

Cyber security must be treated like a never-ending process of continuous development. Learn More about Why your cyber security operation can never rest and what are the seven ways to keep it one step ahead.
Article Link: https://business.f-secure.com/7-ways-to-keep-cyber-security-operation-ahead/

Published in: Technology
  • Be the first to comment

Relentless 7 steps for cyber security operation

  1. 1. RELENTLESS Why your cyber security operation can never rest and seven ways to keep it one step ahead
  2. 2. SAY WHAT YOU WANT ABOUT CYBER SECURITY
  3. 3. IT
  4. 4. NEVER
  5. 5. GETS
  6. 6. BORING
  7. 7. On the one hand, you’re dealing with a threat landscape that won’t stop changing, with new hackers and tactics and threats emerging every day.
  8. 8. On the other, you’re dealing with rapid change in your own infrastructure, with new users and apps and data and devices…
  9. 9. IN SHORT, CYBERSECURITY NEVERSTOPS.
  10. 10. You can’t stop your business from developing the new applications it needs.
  11. 11. You can’t stop attackers from discovering and distributing new ways to breach your defenses.
  12. 12. And you certainly can’t afford to stop patching your systems and learning from the latest threat intelligence.
  13. 13. IF YOU SLOW DOWN YOU’RE JUST MAKING YOURSELF AN EASY TARGET.
  14. 14. It’s what makes cyber security so endlessly interesting and ruthlessly challenging all at once.
  15. 15. But even though change is the only constant, cyber defenses are often still too rigid.
  16. 16. MOBILE+DYNAMIC Endpoints are but the ability to monitor and manage them has struggled to keep up.
  17. 17. HUMAN+VERSATILE Attackers are but too many defenses are automated and homogenous.
  18. 18. + USER PRODUCTIVITY Processes get in the way of so it’s no surprise that people find ways around them.
  19. 19. HERE’S THE CHALLENGE: CYBER SECURITY CAN’T BE TREATED LIKE A STATIC, PREVENTATIVE DISCIPLINE.
  20. 20. And it can’t be seen as just an IT thing, either. If you’re going to deliver innovative new services, cyber security needs to be at the heart of everything you do. This is about growth, too.
  21. 21. Cyber security must be treated like a never-ending process of continuous improvement.
  22. 22. A process that evolves and adapts as rapidly as the criminals trying so hard to beat us.
  23. 23. predict respond preventdetect One that takes a holistic approach to every aspect of cyber security, to predict, prevent, detect and respond to emerging threats with confidence and speed.
  24. 24. And one that supports businesses to meet their evolving strategic goals.
  25. 25. WECALLTHIS APPROACH LIVESECURITY.
  26. 26. And we believe it takes a tacit commitment to seven fundamental principles to effectively predict, prevent, detect and respond to attacks.
  27. 27. 1. IT TAKES MAN AND MACHINE TO WIN.
  28. 28. Attackers combine people, process and technology to get past your defences. You need the same thing the right combination of people, process and technology to fend them off.
  29. 29. It takes the scalability of software to secure all your endpoints and constantly incorporate the latest threat intelligence.
  30. 30. But it takes real-world human and hacker expertise to assess your operations, find vulnerabilities, configure your software the right way and then respond to the right signs.
  31. 31. 2 LOCAL AND INDUSTRY-SPECIFIC EXPERTISE MATTERS
  32. 32. Different industries need to deal with different types of attacks and regulations.
  33. 33. It takes a very different approach to cyber security to protect a global brand’s intellectual property than it does to protect a bank’s sensitive data in a highly regulated environment.
  34. 34. You can deliver effective security because you understand your industry’s unique needs. So any partners you work with will need to have the same, specific expertise your industry needs.
  35. 35. When you move into new markets, your cyber security operations need to adapt to the situation on the ground. For example, the new EU General Data Protection Regulation (GDPR) changes the way businesses handle EU citizens’ data.
  36. 36. Unless you can take these regional and industry-specific nuances into account, you can’t appropriately organize and prioritize your cyber strategy.
  37. 37. 3 YOU CANNOT IGNORE THE LATEST THREAT INTELLIGENCE
  38. 38. Every single week of every single month, new threats, tactics and malware emerge to exploit vulnerabilities. From Sony to Yahoo to Ashley Madison, we’ve already seen the level of all-out extortion tactics hackers will increasingly use. And IoT botnets, for example, will only become a bigger problem as businesses make strategic moves into IoT technology.
  39. 39. The trouble is that too many cyber security operations don’t have the time or infrastructure to deal with this rate of change.
  40. 40. Keeping up with the latest threat intelligence can be a struggle. Applying it across the cyber security operation can be even tougher. But it’s a vital foundation for constantly improving your defenses.
  41. 41. 4 CYBER SECURITY MUST BE AGILE
  42. 42. Attackers can pivot in an instant, seizing new opportunities the moment they open up.
  43. 43. It’s essential that you have at least as much agility to stay ahead of them. That starts with a versatile foundation of processes.
  44. 44. To get it right, you need to be able to predict potential incidents, prevent the vast majority from ever happening, detect them when they do happen and then respond quickly and appropriately once you’ve been breached. predict respond preventdetect
  45. 45. That calls for everything from patch management to crisis management to be prepared. A lot of which might seem like very basic cyber security for most of us but it can also be very effective.
  46. 46. Starting with a solid foundation of endpoint protection and adding advanced technology such as analytics and vulnerability management on top makes sense to help predict and prevent incidents.
  47. 47. But equally, unless you’ve got a predetermined and rehearsed plan for things like breach detection or incident response, you’ll find your company in a state of chaos when something does go wrong.
  48. 48. 5 A DISTRIBUTED ATTACK SURFACE CALLS FOR DISTRIBUTED SECURITY
  49. 49. Attackers should never know your own infrastructure better than you do. A successful business relies on clear, constant visibility across complex organizational and IT infrastructures. And today’s mobile workforces depend on constant access to data and services through an ever-growing array of devices.
  50. 50. But the increasingly distributed and dynamic nature of corporate infrastructures makes it incredibly hard for IT and security leaders to see the edges of their attack surface and even harder to protect it.
  51. 51. Until you prioritize a centralized view of every endpoint in your networks, you’ll always be flying blind. But just seeing every endpoint isn’t enough you’ve also got to harden every potentially vulnerable device.
  52. 52. 80%80% In fact, in 80% of the incidents we’ve responded to, patch management would’ve prevented access. This kind of endpoint protection should be second nature for cyber security operations. It’s low-hanging fruit and it gets the job done.
  53. 53. 6 COMPLIANCE IS TABLE STAKES
  54. 54. Regulatory compliance is vital for any business – it’s an essential safeguard for the entireorganization,fromthe boardroom to the shopfloor. Regulators set the minimum requirements. But that’s just the starting point, not the end goal.
  55. 55. Most large companies will be compliant but it hasn’t prevented them from being breached. Take Yahoo, for example, regulatory compliance didn’t stop hackers stealing 500 million user accounts.1 1. http://fortune.com/2016/09/22/yahoo-hack/
  56. 56. For instance, payment regulations such as PCI-DSS don’t cover the full spectrum of preventative defences you could need, let alone the predictive, responsive and detection capabilities you should also consider. Regulators will react to known issues and compel businesses to fix them, but it takes a proactive approach to keep ahead of the persistent innovation of attackers.
  57. 57. Regulations are an important starting point for cyber security. But cyber attackers move faster than regulators do. So a relentlessly proactive approach to cyber security is essential.
  58. 58. 7 7 YOU’RE NEVER DONE
  59. 59. If you take one thing away from this, we’d hope it is this in cyber security, you’re never done.
  60. 60. THIS MUCH WEKNOW:
  61. 61. Your attackers will never relent. So your cyber security operation can never relent. That means it must constantly evolve and improve.
  62. 62. So rather than expecting a silver bullet technology to come and save the day, it’s important to confront the fundamental reality of cyber security…
  63. 63. REACTING ISN’TENOUGH.
  64. 64. You need a proactive process that’s designed to continuously improve and adapt. Only then can you effectively predict, prevent, detect and respond to incidents.
  65. 65. The average cost of a data breach is now $4 million3 . 2. 2014 Cyber attack to cost Sony $35 million in IT repairs, Computer World, 2015 3. 2016 Cost of Data Breach study, Ponemon Institute, sponsored by IBM THE STAKES HAVENEVER BEENHIGHER²
  66. 66. The corporate victims have never been more varied. From retail giants and global financial institutions to hospitals and universities.
  67. 67. And the role of the cyber security professional has never been harder. But when you’re armed with the right people, processes and tools there’s nothing more rewarding
  68. 68. ANDNOTHING MOREIMPORTANT.
  69. 69. BEHINDTHESCENESOF AREALWORLDBREACH Breaches are inevitable. But most companies are worryingly underprepared to handle the consequences of one. Read ‘The Chaos of a Corporate Attack’ to find out how one company was breached and how they reacted. Read the eBook Use our stress test to learn more about the current state of your cyber security operations. Find out what you’re getting right – and where you need to make changes. Take the stress test ANDPUTYOUR SECURITYOPERATION TOTHETEST
  70. 70. And our cyber security experts (and white-hat hackers) are constantly bringing back new insights, tactics and lessons learned from their experiences out on the frontline of cyber security. It’s how our Live Security approach powers scalable software that continuously improves to predict, prevent, detect and respond to breaches. So if you’re looking for an approach to cyber security that’s relentlessly moving forward, we should talk. WE’RE F-SECURE

×