Risk Analytics: One Intelligent View
•Download as PPTX, PDF•
1 like•917 views
Skybox presentation from Security Interest Group Switzerland December 2014 meeting exploring current challenges of network security including vulnerability management and firewall change management.
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (17)
Similar to Risk Analytics: One Intelligent View
Similar to Risk Analytics: One Intelligent View (20)
More from Skybox Security
More from Skybox Security (18)
Recently uploaded
Recently uploaded (20)
Risk Analytics: One Intelligent View
- 1. SIGS _ Dec 2014 Security Interest Group Switzerland
- 2. Risk Analytics – One Intelligent View Thomas Wendrich, Director CEUR, Skybox Security Simon Roe, EMEA Channel Presales Director November 2014 www.skyboxsecurity.com thomas.wendrich@skyboxsecurity.com +49 40 31979956
- 3. Agenda Cyber Risk - The Management Challenge – Facts and Figures Live Demo Summary © 2014 Skybox Security Inc. 3
- 4. Lloyds Risk Index 2013 “The World Catches Up With Cyber Risk” “It appears that businesses across the world have encountered a partial reality check about the degree of cyber risk. Their sense of preparedness to deal with the level of risk, however, still appears remarkably complacent.” © 2014 Skybox Security Inc. 4
- 5. Verizon Data Breach Investigations Reports Incidents tripled over last year’s already much increased number 97% of breaches were avoidable through simple or intermediate controls (2012) © 2014 Skybox Security Inc. 5
- 6. Security Management is Challenging Today Problems our customers face Too much output from security tools Lack of visibility across silos Maintaining continuous compliance Making agile and secure changes Understanding risk implications Evolving threat landscape © 2014 Skybox Security Inc. 6
- 7. Seeing the Battlefield “The battlefield is a scene of constant chaos. The winner will be the one who controls that chaos , both his own and the enemies” NAPOLEON BONAPARTE © 2014 Skybox Security Inc. 7
- 8. Risk Analytics For Cyber Security? © 2014 Skybox Security Inc. 8
- 9. Attackers Understand Your Attack Surface …You Don’t Expansion Drivers Vulnerabilities Endpoints Exploits Network access © 2014 Skybox Security Inc. 9 Contraction Drivers Network segmentation Fixing vulnerabilities Technical controls Hours to attack, months to defend
- 10. Recent Snowden Leak Backs This Up KEY OBJECTIVE! Source – TED Talk October 2013 – Mikko Hyponnen, Chief Risk Officer F-Secure © 2014 Skybox Security Inc. 10
- 11. Is there a solution? © 2014 Skybox Security Inc. 11
- 12. Use Risk Analytics to Understand Your Attack Surface—Continuously Network Visibility: Topology Routing Policies Firewalls © 2014 Skybox Security Inc. 12 Endpoints Visibility: Software Patches Vulnerabilities Classification Attack Vectors Risk Metrics Remediation Plans Network Visualization Contextual Analysis
- 13. Agenda Live Demo – Simon Roe – Overview © 2014 Skybox Security Inc. 13
- 14. Agenda Summary – Thomas Wendrich © 2014 Skybox Security Inc. 14
- 15. What Do You See?
- 16. Combine Data & Give It Battlefield Context √ 80+ Vendors integrated with Skybox © 2014 Skybox Security Inc. 16
- 17. Skybox – A Critical Component of Next Generation Cyber SOC Design Cyber Security Analysts IT-GRC - Integrated Security Dashboard & Reporting Risk Analytics Security intelligence to minimize risk exposure © 2014 Skybox Security Inc. 17 Security Information & Event Management Event monitoring to detect & respond to incidents
- 18. Skybox Company Snapshot Leading provider of risk analytics solutions for security management & cyber defense © 2014 Skybox Security Inc. 18 Founded 2002 Revenue Growth 50%+ Customers 400+ Countries 40 Headquarters San Jose R&D Center Israel Identify security gaps in minutes, not weeks
- 19. 400+ Enterprise Customers in 40+ Countries Financial Services © 2014 Skybox Security Inc. 19 Technology Healthcare Government & Defense Consumer Service Providers Energy & Utilities
- 20. Network Security Management with Skybox © 2014 Skybox Security Inc. 20 Monitor Compliance Model Network Understand network context Analyze Firewalls Manage Changes Rule and configuration checks Access path analysis Rule optimization Change tracking Automated audits PCI DSS FISMA NERC NIST Custom Policies Automate security assessments Verify controls continuously Change Request Tech Details Assess Risks Make Change Reconcile Verify Optimize change process Network topology view Normalize data from 70+ systems Access simulation
- 21. © 2014 Skybox Security Inc. 21
- 22. SIGS _ Dec 2014 Security Interest Group Switzerland Thomas Wendrich, Director CEUR, Skybox Security Simon Roe, EMEA Channel Presales Director November 2014 www.skyboxsecurity.com thomas.wendrich@skyboxsecurity.com +49 40 31979956
Editor's Notes
- Der Lloyds Risk Index Report von 2013. Wo steht ‘Cyber Risk’
- Remember from 2012 report – 97% of breaches were avoidable through simple or intermediate controls
- Alternative to slide #2 Key Points: Bring in some of the issues that you see with existing customers or specific industry challenges Today’s networks are more complex than ever, and that complexity impacts how you address vulnerability and threat management, network security management
- Battle of Austerlitz ... drawing which shows Napoleon directing the battle from Zuran Hill The view of the battlefield from the Zuran Hill, which was Napoleon's command post during the early stages of the battle, are to Austerlitz what the Lion Mound is to Waterloo. An excellent viewing platform. Despite the far from perfect weather the whole of the left and centre of the battlefield was laid out before us. From the Santon on our left, to the Post House directly in front and the Pratzen Heights on our right. True the area around Telnitz on the far right were out of sight, and true also that in the early stages of the battle this was a critical area. But the main French attack would be launched on the Pratzen Heights and this was an ideal observation platform for the coming attack.
- Battle of Austerlitz ... drawing which shows Napoleon directing the battle from Zuran Hill The view of the battlefield from the Zuran Hill, which was Napoleon's command post during the early stages of the battle, are to Austerlitz what the Lion Mound is to Waterloo. An excellent viewing platform. Despite the far from perfect weather the whole of the left and centre of the battlefield was laid out before us. From the Santon on our left, to the Post House directly in front and the Pratzen Heights on our right. True the area around Telnitz on the far right were out of sight, and true also that in the early stages of the battle this was a critical area. But the main French attack would be launched on the Pratzen Heights and this was an ideal observation platform for the coming attack.
- TED Talk October 2013 – Mikko Hyponnen
- Modelling, as so many industries have embraced
- Interviewer: I understand that the merger of [Company A] and [Company B] was a massive undertaking. What was the situation in 2009? Mr. Finan: Global financial situation in 2009, led to forced merger of [Company A] and [Company B], short time-frame, government oversight. Interviewer: What was the role of your IT team in all of this? Mr. Finan: Merge the two networks, both environments of 100,000 IP nodes each. Risk committee looking for a solution to merge the two networks and reduce risk.
- Skybox is able to integrate and work with data from nearly 80 different devices and systems, giving you the widest view of your Network and potential risks. When you’re a skybox customer, one of the perks is that you’ll have the most accurate view of your network, enabling you to respond correctly when faced with some difficult security questions.
- Effectively, the Risk Analytics component is what Gartner called out (Advanced Analytics) as the next opportunity for MSSPs *Monitoring of network intrusions in the context of customer vulnerabilities, computing the attack surfaces and understanding what needs to be done to PREVENT attacks *Targeted Attacks & APTs – same issue; like vulnerability assessment, malware detection
- Access simulation Automated firewall analytics Comprehensive network model: view the network topology and see the impact of security controls Access analysis: identify access paths to critical assets Compliance monitoring: show compliance against PCI, NIST and other requirements Firewall change management Products used in this solution: Firewall Assurance, Network Assurance, Change Manager Skybox provides a “next-generation” solution for Network Security Management that solves some of the main headaches in managing firewalls and other network devices. Skybox helps achieve and demonstrate compliance – as needed, to maintain continuous compliance with compliance regulations and organizational policies. Change Manager: Skybox provides a complete secure change workflow from an initial change request to planning and executing network changes, and making sure that changes are completed as requested. Skybox is based on technology that allows security teams to see the network topology, making it easier to see and understand the interaction of network devices, security controls, information assets, and policies