Scaling API-first – The story of a global engineering organization
Cytegic presentation 02 12
1. www.cytegic.com
Company Confidential
This presentation and the information herein, are the exclusive properties of Cytegic Ltd., and shall not be disclosed, in whole or in part, to any third party or utilized for any purpose
other than the express purpose for which it has been provided. Viewers of this presentation are not permitted to copy, distribute, retransmit or modify any of the information in this
presentation, whether in electronic or hard copy form, without the express prior written permission of Cytegic Ltd. The company may update, amend, supplement or otherwise alter
the information without prior notice.
Cytegic Cyber Security
Management Solution
15-12-02
2. | Proprietary & Confidential
Agenda
2
1. Introduction
2. Your Needs
3. Cytegic Solution
4. Next Steps
3. | Proprietary & Confidential
Why Cybersecurity Management Solutions?
3
“JPMorgan Chase will have spent more than $250 million annually on
cybersecurity by the end of 2014, with approximately 1,000 people
focused on the initiative. This effort will continue to grow
exponentially over the years" Jamie Dimon
76% of respondents said they are more
concerned about cybersecurity threats this
year than in the previous 12 months, up from
59% the year before. -PWC
87% of US chief executives said they were worried that cyber
threats could impact growth prospects, up from 69% the year
before.- PWC
Cybersecurity management requires day-to-day operational
commitment to transform from reactive to pro-active!
4. | Proprietary & Confidential
Business Focus
4
Cytegic is a must have - the flood of threat
intelligence and defensive information can no longer
be analysed manually
Cytegic provides multiple facets of an end-to-end -
cyber risk and security management solution
Common language for cyber risk and security
professionals – both operationally and strategically
Monitor threats and maturity of defences
Measure adherence to compliance standards both
internal and external on a day to day basis
Manage and fully optimize cybersecurity posture
5. | Proprietary & Confidential
Cytegic Integrated Solution
5
Dynamic Trend
Analysis
Cyber Maturity
Assessment
Cyber Decision
Support System
12. | Proprietary & Confidential
Controls – Prioritized for Improvement
12
The Control Gauge
Color Bar =
Relative Importance
Grey Bar =
Maturity Score %
Infrastructure Controls
Preventative Controls
Detective Controls
13. | Proprietary & Confidential
CyMA Environment Control Maturities
13
Control Maturities
• Environment View
• Drill down to Criteria
• Input to Threat
Analysis in CDSS
• Contextual
• Simulations
14. | Proprietary & Confidential
CyMA Control Maturities
14
Detailed Control Analysis
• Automated collection of
control configuration facts
• Drill down to criteria
• Sort and Rank
• Eliminate from analysis if
not implemented
16. | Proprietary & Confidential 16
Remote Terminal
Server
CISO Screen - Threats
What Threat Agents are
we facing?
What Attack Methods are
we susceptible to?
System
s
Softwar
e
Faciliti
es
17. | Proprietary & Confidential
Trends in the Threats Landscape
17
The Threat Agents
The Attack Methods
19. | Proprietary & Confidential
DyTA Threat Charts
Attackers Activity over time
with filters for:
• Use of Attack Methods
• Targeted Assets
• Geo Region Targets
• Industry Segment Activity
22. | Proprietary & Confidential
Overall Risk Scores
22
Environment Threat Level Asset Threat Level
Increased Attacker Activity will increase over all Threat Levels
Increased Control Maturities will decrease over all Threat Levels
25. | Proprietary & Confidential
Cytegic an End-to-End Solution
A must have for ensuring the
safety of your business assets
Operational and Actionable
Exposure and Compliance
Strategic Risk Appetite
CRO CISO C-Suite
26. | Proprietary & Confidential
Case Study – CDSS
26
The CISO of a large bank wished to perform cybersecurity assessments regarding the
impact of migrating the CRM to the Cloud.
Key requirements were:
• Independent assessment capability
• Quick implementation (a technical assessment of new technology was due)
• Ability to conduct dynamic assessments using up to date intelligence.
Results:
Decision to utilize
cloud technology
Improve buy- in with the
management; justify IT
security spending using
real data
Conduct frequent
assessments without
having to rely on extremal
auditors and / or additional
budget
Produced unbiased
results
This presentation contains a rough outline for speaker notes
Please contribute as reflects the things you focus on – so that we can all benefit
Modify this page as necessary for your meeting.
Look at additional slides to construct other narratives.
This narrative is focused on showing what the end state is (realizing our value prop) – assuming the viewer likes that
And them showing them how you get to that end state
A comprehensive cyber management solution.
Cyber defense is very expensive – and managers are not seeing any reduction in losses
Cyber threat awareness is growing substantially
Growing fear of the threat of cyber impacts
A workable solution is a day to day proposition
A must have due sheer complexity
Cytegic is an end to end – operational tool set
Targeted at CISO, CRO and C-Suite
Monitor Measure Manage
An integrated solution – must have -
Cycle begins with the CRO
- what is our exposure
- what can we tolerate
CRO Screen – a concise focused screen showing for each Asset
- the trend for trend of threats
- the actual risk index indicating threat level
- a risk index threshold – indicative of appetite
- the value of the impact of asset compromise
A detailed view of the level assets under pressure of compromising
- Confidentiality of the asset
- integrity in terms of accuracy, completeness and viability of the asset
- a level of the availability of the asset in performing its proper business function
The correspondence to business loss in terms of impact dollars
Now that we have a high level view of the
- Threat Level
- our acceptable threshold
- and the potential loss/exposure to the business
We can learn more about the organizaion
This is the View of the over-all operational landscape that
A CISO needs to understand in order comply with the guidelines
Set up by CRO an the C-Suite
- overall risk index - Environment threat levels - Defensive controls – remediation importance
- assets at risk - Threat Agents and Attack Methods
If we Drill down to the Environment Screen we can
View the relevant controls
Lets look at these in detail
There are three types of Control Groups
- Infrastructure
- Preventive
- Detective
Color bar shows relative importance – which of all the controls need to be remediated – ranked
Grey BAR – maturity calculated in CyMA
CyMA is the facet which collects facts about the controls from configuration files
It constructs a portrait of all the controls deployed and their relative maturities
Those maturities are used in the CDSS analytical engine
A List and status of controls
- YES/NO controls which are not present/relevant in the environment are removed so as not to skew scores
- this is as opposed to controls which are required but not implemented
Maturity
- based on all the collected indicators of maturity from control configuration files which are collected automatically
Completeness
- a ration showing all the indicators avail relative to those answered – a proxy for confidence
Drill Down
- go to each indicator/criterion and examine how it is scored
Now that we have a sense of our
1. Risk Appetite as seen by the CRO
2. had the CISO examine the overall Control posture for each of the environments in organization
We can look at the threat profile the company faces
1. How are Attacker threats distributed over geo-pol and industry sectors
2. What attack methods are trending in those geo-pol and industry sectors
Again at the environment level we can examine
A prioritized – ranked list of Threat Agents and Attack methods
The threats we face
Attackers
Attack methods
Where does this data come from? [see next screen]
DyTA is an Intelligence platform
Gather OSINT for the WEB – hacker blogs, respected industry watchers, etc
Additional Sources such as SixGill (Dark Net) and Isight available
Data is scrubbed, semantically analyzed and keyed against a taxonomy of Cyber Terms
This graph – shows relative activity levels of attackers based on several relevant filters
Used in the CDSS analysis of Threats
Same threat data shown as a scatter plot with
- forecasted trending (going out 30 days)
- pattern matching for key events such as pre-christmas spike patters
Filter down to specific – geopol, industry, use of attack methods, assets of interest
Weekly feeds for timely analysis and assessments
CDSS churns all the threat data, geo-pol, industry sector, environment controls in place, control maturities
And renders all this as
1. Enterprise and Environment Threat Levels
2. Controls requiring mediation
As we started all this data goes in to showing the
The Environment Threat level and the assets at risk give us a complete portrait of our business
CDSS permits what if scenarios so that proposed courses of action can be understood
Increased Attack Methods will increase over all Threat Levels
Increased Control Maturities will decrease over all Threat Levels
CRO Screen – We end where we started
- all the analysis and data collection yields these exposure and threshold positions
- Feed back from the simulation capabilities in CDSS permit us to test remediated
configurations that now yield acceptable exposure profiles and risk appetite