Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

How Companies Can Reduce Cyber Risk

150 views

Published on

Learn how ServiceNow and Tenable partner to streamline how companies reduce cyber risk.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

How Companies Can Reduce Cyber Risk

  1. 1. 1 © 2018 ServiceNow All Rights Reserved© 2018 ServiceNow All Rights Reserved ServiceNow and Tenable Streamlining How Companies Reduce Cyber Risk April 2018
  2. 2. 2 © 2018 ServiceNow All Rights Reserved Agenda Vulnerability management challenges Tenable overview ServiceNow Vulnerability Response overview The combined solution CARFAX case study Q&A
  3. 3. 3 © 2018 ServiceNow All Rights Reserved Vulnerabilities Are Still Big News
  4. 4. 4 © 2018 ServiceNow All Rights Reserved Software Vulnerabilities: Single Largest Factor in Enterprise Breaches Source: Forrester’s Vendor Landscape: Vulnerability Management, 2017 Software Vulnerabilities Are The Leading Means Of External Attacks — It’s Time To Do Something About It Software vulnerability (Software exploit) 42% User interaction (phishing, malicious link, or email attachment 37% Use of stolen credentials (logins, encryption keys) 36% 34%Web application (SQL injection, cross-site scripting, remote file inclusion 25%DDOS 24%Strategic web compromise (watering hole attack) 22%DNS 19%Mobile malware 13%Exploitation of lost/stolen asset Top external intrusion method (multiple responses accepted)
  5. 5. 5 © 2018 ServiceNow All Rights Reserved But Response Times Fall Short… 1-Source: HPE Cyber Security Report, 2016 2-Source: Verizon Data Breach Investigations Report, 2018 Top 10 exploited vulnerabilities were over a year old 48% were five or more years old1 68% Of breaches took months or longer to discover2
  6. 6. 7 © 2018 ServiceNow All Rights Reserved The Vulnerability Backlog is Piling Up • 61% of vulnerabilities are patched within a month • Leftovers are likely NEVER to be patched Source: Verizon Data Breach Investigations Report, 2017
  7. 7. 8 © 2018 ServiceNow All Rights Reserved Manual Processes and Siloed Tools Delay Remediation Time lost coordinating patching across teams per vulnerability 12DAYS 2018 Ponemon Institute survey of nearly 3,000 IT security professionals,
  8. 8. 9 © 2018 ServiceNow All Rights Reserved Vulnerability Managers Can’t Keep Up Too Many Vulnerabilities, Manual Prioritization Manual Tools Slow Remediation Inefficient Patching Process due to Silos Security IT
  9. 9. 10 © 2018 ServiceNow All Rights Reserved Automating Security Response Is the Future IPSUM SED sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim adsde minimets. technology prediction for 2018 by Forrester Forrester: The Top Technology Trends To Watch: 2018-2020 #3 adoption of SOAR tools expected by 2020 Gartner: Innovation Insight on Security Orchestration, Automation and Response 15x CSO: Our top 7 cyber security predictions for 2018 automation of threat- detection tasks will increase in 2018
  10. 10. 11 © 2018 ServiceNow All Rights Reserved Combining vulnerability assessment with an enterprise security response platform to quickly and effectively remediate security weaknesses. +
  11. 11. 12 © 2018 ServiceNow All Rights Reserved About Tenable 50% 22%24K Customers Globally Fortune 500 Global 2000
  12. 12. 13 © 2018 ServiceNow All Rights Reserved The attack surface is expanding 3 Server Desktop Network infrastructure ICS/SCADAIndustrial IoT Web app Mobile Laptop Enterprise IoT Virtual machine Cloud Container IT Cloud IoT
  13. 13. 14 © 2018 ServiceNow All Rights Reserved Creating a Cyber Exposure Gap 4 Server Desktop Network infrastructure ICS/SCADA Web app Mobile Laptop Enterprise IoT Virtual machine Cloud Container IT Cloud IoT Industrial IoT
  14. 14. 15 © 2018 ServiceNow All Rights Reserved Cyber Exposure builds on Vulnerability Management 15 See More DoMore Cyber Exposure Breadth of visibility: Any asset on any computing platform Vulnerability Management Traditional IT assets Technical metrics Cyber Exposure Depth of insight: Prioritization, benchmarking, decision support Cyber Exposure
  15. 15. 16 © 2018 ServiceNow All Rights Reserved The three key questions 16 ? Where are we exposed? Where should we prioritize based on risk? How are we reducing exposure over time? ? ?
  16. 16. 17 © 2018 ServiceNow All Rights Reserved Secure & Compliant ScalableMulti-Instance Intelligent Automation Engine BUSINESS APPSIT SECURITY HRCUSTOMER SERVICE WorkflowService Catalog Knowledge Base Developer Tools Contextual Collaboration Single Database Service Portal Subscription & Notification Performance Forecasting Predictive Modeling OrchestrationReports & Dashboards Anomaly Detection Nonstop Cloud Cloud Services Now Platform™ Peer Benchmarking ServiceNow System of Action™
  17. 17. 18 © 2018 ServiceNow All Rights Reserved Secure & Compliant ScalableMulti-Instance Intelligent Automation Engine WorkflowService Catalog Knowledge Base Developer Tools Contextual Collaboration Single Database Service Portal Subscription & Notification Performance Forecasting Predictive Modeling OrchestrationReports & Dashboards Anomaly Detection Peer Benchmarking Introducing ServiceNow Security Operations Security Incident Response Workflow Automation & Orchestration Deep IT Integration Vulnerability Response Threat Intelligence
  18. 18. 19 © 2018 ServiceNow All Rights Reserved Comprehensive vulnerability and attack surface management • Third-party vulnerability and configuration scanner integration • Asset-centric prioritization • Change request integration • Remediation workflow automation • Advanced reporting for Security and IT Vulnerability Response
  19. 19. 20 © 2018 ServiceNow All Rights Reserved Understand and Prioritize Business Impact Before Taking Action Vulnerability Mission Critical Service / Application Vulnerability • Avoid business disruption when patching or taking systems offline • See the broad impact of an vulnerability affecting multiple systems • Immediately know who owns an asset Business App Service Outage
  20. 20. 21 © 2018 ServiceNow All Rights Reserved Automated Workflow and Orchestration
  21. 21. 22 © 2018 ServiceNow All Rights Reserved Decrease Response Time and Increase Visibility with ServiceNow Remediate Faster Know Your Security Posture Coordinate Security and IT
  22. 22. 23 © 2018 ServiceNow All Rights Reserved Assess AnalyzeFix Measure Tenable+ServiceNow: Addressing the Full Cyber Exposure Lifecycle 23 IoT OT Cloud IT Discover Identify and map every asset for visibility across any computing environment Understand the state of all assets, including vulnerabilities, misconfigurations and other health indicators Understand exposures in context, to prioritize remediation based on asset criticality, threat context and vulnerability severity Model and analyze cyber exposure to make better business and technology decisions Prioritize which exposures to fix first, if at all, and apply the appropriate remediation technique
  23. 23. 24 © 2018 ServiceNow All Rights Reserved Joint Solution – Functional Overview Validate Prioritize Coordinate Remediate Synchronize Discover/Assess ! For Vulnerability Response
  24. 24. 25 © 2018 ServiceNow All Rights Reserved Tenable and ServiceNow Benefits • Automation and orchestration dramatically reduce response time & reduce errors • Prioritization reduces cyber risk by remediating the most important items first • Integrated IT and SecOps data and communication improves overall operational efficiency • Parallel, repeatable, and measurable workflows scale remediation Streamlining How Companies Rapidly Reduce Cyber Risk
  25. 25. 26 © 2018 ServiceNow All Rights Reserved© 2018 ServiceNow All Rights Reserved Jered Bare IT Security Analyst
  26. 26. 27 © 2018 ServiceNow All Rights Reserved Before Security Operations…
  27. 27. 28 © 2018 ServiceNow All Rights Reserved The Challenges Small team – Must manage general security plus day to day.
  28. 28. 29 © 2018 ServiceNow All Rights Reserved Our Team… Manager Security Architect Vulnerability Manager
  29. 29. 30 © 2018 ServiceNow All Rights Reserved Our Team Modified Manager Security Architect Vulnerability Manager
  30. 30. 31 © 2018 ServiceNow All Rights Reserved Our Team 2.0 Manager Me (VM + everything else)
  31. 31. 32 © 2018 ServiceNow All Rights Reserved The Challenges Communication – Not streamlined. Emails and walk-ups. Small team – Must manage general security plus day to day.
  32. 32. 33 © 2018 ServiceNow All Rights Reserved
  33. 33. 34 © 2018 ServiceNow All Rights Reserved Pffff, sure, whatev…
  34. 34. 35 © 2018 ServiceNow All Rights Reserved The Challenges Small team – Must manage general security plus day to day. Communication – Not streamlined. Emails and walk-ups. Multiple reporting tools – External and internal scanners.
  35. 35. 36 © 2018 ServiceNow All Rights Reserved External Scanner PDF, Excel, custom report Internal Scanner 1 PDF, Excel, custom report Internal Scanner 2 PDF, Excel, custom report
  36. 36. 37 © 2018 ServiceNow All Rights Reserved The Challenges Multiple reporting tools – External and internal scanners. Remediation visibility – Did IT Ops remediate the vulnerabilities? Small team – Must manage general security plus day to day. Communication – Not streamlined. Emails and walk-ups.
  37. 37. 38 © 2018 ServiceNow All Rights Reserved Remediation • Are machines getting patched? – If the vulnerability doesn’t disappear from the scan, we don’t know. • Measuring to Policy – Do we know which machines meet our patch policy? • Metric Capturing – How to we measure real- time metrics?
  38. 38. 39 © 2018 ServiceNow All Rights Reserved The Challenges Multiple reporting tools – External and internal scanners. Remediation visibility – Did IT Ops remediate the vulnerabilities? Small team – Must manage general security plus day to day. Communication – Not streamlined. Emails and walk-ups.
  39. 39. 40 © 2018 ServiceNow All Rights Reserved Where We Are Now…
  40. 40. 41 © 2018 ServiceNow All Rights Reserved Current Environment Centralized place for all vulnerabilities – All tools integrated into one system.
  41. 41. 42 © 2018 ServiceNow All Rights Reserved
  42. 42. 43 © 2018 ServiceNow All Rights Reserved Current Environment Centralized place for all vulnerabilities – All tools integrated into one system. Easier process – From emails/walk-ups to automated ticketing and assignment.
  43. 43. 44 © 2018 ServiceNow All Rights Reserved No Visibility with Manual and Unstructured Remediation Process Document and email icons made by Dimitry Miroliubov from www.flaticon.com ???
  44. 44. 45 © 2018 ServiceNow All Rights Reserved
  45. 45. 46 © 2018 ServiceNow All Rights Reserved Current Environment Dashboards and metrics – Real-time dashboards show risk posture. Centralized place for all vulnerabilities – All tools integrated into one system. Easier process – From emails/walk-ups to automated ticketing and assignment.
  46. 46. 47 © 2018 ServiceNow All Rights Reserved Dashboards and Metrics
  47. 47. 48 © 2018 ServiceNow All Rights Reserved Dashboards and Metrics
  48. 48. 49 © 2018 ServiceNow All Rights Reserved Current Environment Dashboards and metrics – Real-time dashboards show risk posture. Remediation efficiency – Faster remediation times across the board. Centralized place for all vulnerabilities – All tools integrated into one system. Easier process – From emails/walk-ups to automated ticketing and assignment.
  49. 49. 50 © 2018 ServiceNow All Rights Reserved Remediation Efficiency • Time – Decreased our time spend from 10 minutes – 1 hours to 2– 3 minutes. • Metrics – Now reporting on all machines that do not meet patch policy. • Focus – Can now focus on more important tasks.
  50. 50. 51 © 2018 ServiceNow All Rights Reserved Current Environment Dashboards and metrics – Real-time dashboards show risk posture. Remediation efficiency – Faster remediation times across the board. Centralized place for all vulnerabilities – All tools integrated into one system. Easier process – From emails/walk-ups to automated ticketing and assignment.
  51. 51. 52 © 2018 ServiceNow All Rights Reserved Where We Are Going from Here…
  52. 52. 53 © 2018 ServiceNow All Rights Reserved CARFAX Roadmap • Expand the program – Add other tools – Expand across teams • Build our Incident Response (IR) plan – Automation and workflow – Define SLAs • Keep improving – Update workflows – Embrace automation – Make security “built-in”
  53. 53. 54 © 2018 ServiceNow All Rights Reserved Tenable and ServiceNow Benefits • Automation and orchestration dramatically reduce response time & reduce errors • Prioritization reduces cyber risk by remediating the most important items first • Integrated IT and SecOps data and communication improves overall operational efficiency • Parallel, repeatable, and measurable workflows scale remediation Streamlining How Companies Rapidly Reduce Cyber Risk
  54. 54. 55 © 2018 ServiceNow All Rights Reserved Tenable for ServiceNow App Available on the ServiceNow Store
  55. 55. 56 © 2018 ServiceNow All Rights Reserved Thank You!

×