SlideShare a Scribd company logo
1 of 35
Download to read offline
Copyright © 2023 HCL Software Limited | Confidential
Trends in Cybersecurity
Impact of AI on Cyber Security
EU Directive NIS2
How HCL Bigfix Can Help
AI Support in BigFix: New! “Runbook AI”
Discussion
Bettina Brandl
Sept. 25th, 2023
Copyright © 2023 HCL Software Limited | Confidential
Bettina Brandl
Head of Enterprise Security DACH
https://www.linkedin.com/in/bettina-brandl/
Copyright © 2023 HCL Software Limited | Confidential
Impact of AI on Cyber Security
Copyright © 2023 HCL Software Limited | Confidential
Source:
https://www.infosecurity-magazine.com/news/global-cyber-attacks-rise-7-q1-2023/ published 2023/04/28
+7%
Year-over-year increase in weekly cyberattacks
worldwide in Q1/2023
→ 1.248 attacks per week per organization!
+15% Increase in sectors Education and
Research & Development
→ 2,507 attacks per week
per organization!
1 out of 31 organizations worldwide
experienced a ransomware attack every week in
the first quarter of 2023
Image: Gerd Altmann via pixabay
Source: https://www.statista.com/statistics/204457/businesses-ransomware-attack-rate/ published 2023/08/30
Annual share of organizations affected by ransomware attacks worldwide
from 2018 to 2023
5
As of 2023, over 72% of businesses
worldwide were affected by ransomware
attacks. This figure represents an
increase from the previous five years and
was by far the highest figure reported.
Overall, since 2018, more than half of the
total survey respondents each year
stated that their organizations had been
victimized by ransomware.
1
Increase in number and
frequency of cyber
attacks 2
More sophisticated
technology and
complexity of cyber
attacks
3
Higher and more
connectivity, faster
disclosure of security
vulnerabilities
Impact of AI on Cyber Security – Threat Potential
Image: Gerd Altmann via pixabay
1
Automation of security
processes, seamless
integration between
Detection and
Remediation
2
Pattern and anomaly
detection, Improvement in
detection and more
efficient countermeasures
3
Full transparency about
infrastructure exposure
to threats
Impact of AI on Cyber Security – How to Respond
Image: Gerd Altmann via pixabay
Copyright © 2023 HCL Software Limited | Confidential
Response from the authorities:
The new EU directive NIS2
What is NIS 2
NIS stands for Network and Information Systems Security. The NIS2 Directive is the EU-wide legislation on cybersecurity. It contains
legal measures to increase the overall level of cybersecurity in the EU.
Image: Gerd Altmann via pixabay
Covering a larger
part of the economy
and society (more
sectors)
Systematic focus
on larger, medium-
sized and critical
players
Alignment of safety
requirements and
supervision and
enforcement
Streamlining
reporting
requirements
More operational
cooperation, incl.
EU cyber crisis
management
NIS 2 – Why is it Relevant
Image: Gerd Altmann via pixabay
Obligation to transpose until
Oct. 17th, 2024
up to €10M
Penalty or 2% of the
annual global revenue
Management bodies (managing directors and
board of directors) are liable for violations if
essential risk considerations have been
neglected or ignored.
NIS 2 – Relevant Sectors
Energy
Transportation
Healthcare
Drinking water
Waste water
Postal and Courier Services
Waste Management
Chemistry
Food
Processing / Manufacturing Industry
Digital service providers
Research (facultative)
Digital Infrastructure
Management of ICT Services B2B
Public Administration
Space
Banking and Financial market
infrastructures (DORA)
Image: Gerd Altmann via pixabay
Copyright © 2023 HCL Software Limited | Confidential
How HCL BigFix can help
13
Endpoint Security is a Universal Challenge
In 2023, there are
about 3.5 million
unfulfilled
cybersecurity jobs
Skills
shortage
Regulatory fines
can cost millions
for large global
brands
Compliance
mandates
Nearly 1/3 of all
detected
vulnerabilities
remain
unremediated
after a year
Long remediation
times
A typical
organization
uses 14 endpoint
management tools
Too many tools
And agents
No consolidated
single manage-
ment view of all
endpoints
increases security
risk
Lack of
visibility
Endpoint Security
is essential, but
challenging
“things” to secure personal data records stolen lost to cybercrime
14
The Economic Impact of BigFix
Addressing endpoint management challenges drives tangible value
No consolidated single
Management view of
all endpoints increases
security risk
Lack of
visibility
In 2023, there are about
3.5 million unfulfilled
cybersecurity jobs
Skills
shortage
Regulatory fines can
cost millions for large
global brands
Compliance
mandates
Nearly 1/3 of all
detected vulnerabilities
remain unremediated
after a year
Long remediation
times
A typical organization
uses 14 endpoint
management tools
Too many tools
And agents
Endpoint
Management
Challenges
One skillset leveraged
across all OS platforms
and device types
Simplified staffing,
fewer specialists
Eliminates configuration
drift, remediation effort,
and noncompliance
fines
Continuous
compliance
enforcement
Prioritize and speed
vulnerability remediation
across the fleet of
endpoints
Fast remediation of
vulnerabilities
A unified view
simplifies management
and control and
reduces risk
Consolidated view
of all endpoints
A single endpoint
management solution
reduces tool sprawl
and IT complexity
Single agent and
platform
BigFix delivers
Economic Impact
Reduced staffing
costs
Fewer fines for
noncompliance
Reduce security
risk
Reduced IT spend Improve visibility
and control
15
HCL BigFix: THE Endpoint Management Platform
Support for 100 operating
systems and variants
Integrations with ServiceNow, Tenable,
Qualys, Nutanix, IBM, VMWare, AWS,
Google Cloud, Azure and others
User Workspace
Management
Deep automation for clients
and mobile to easily solve the
latest user endpoint demands
in the market
Secure Infrastructure
Automation
Intelligent automation
of servers and cloud assets
Security & risk management
compliance
Software Asset
Management
Software cost management
License optimization
Software auditing
CyberFOCUS Security
Management
Help alignment of security
and operations
Help C-suite balance
security and business
Prove cyber risk reduction
16
BigFix: The Endpoint Management Platform
Analyze
An open data analytics platform
providing insights, historical and trend
reports
Discover inventory
• Discovery and enrollment
• Hardware and software inventory for
over 100k titles
Continuous compliance and patch
• CIS, PCI-DSS, DISA-STIG
• Eliminate configuration drift
Vulnerability remediation
Correlates vulnerabilities from Tenable
and Qualys to bridge the Sec/Ops gap
and reduce attack surface
Intelligent automation
Fully automated operations for any
endpoint
• Distribution
• Hardening
• Patch
• Compliance
Manage
• Desktop, server, cloud and mobile
• End user self-service
• Remote desktop control
• Power Management
Integrate
Integrations with 12+ market leading
products including ServiceNow,
Tenable, Qualys, QRadar and more
17
Technology Explosion Creates Complexity
Every solution has
an agent
Every agent has
a console
Every console
requires a server
or cloud instance
Every tool requires
staff, training,
maintenance, and
support
Where does it
end?
At what cost?
18
“Point in time” Versus Continuous Compliance
BigFix Agent…
Continuously enforces polices
Reports change immediately
99%+ compliance
commonly achieved!
19
BigFix CyberFOCUS Technology
The industry’s first vulnerability
remediation solution that combines threat
intelligence-based CVE prioritization,
prescriptive analytics and the broadest
device coverage to help organizations
stay protected ahead of emerging
threats.
20
CISA KEVs Exposure Analyzer
1. Identifies priority exposures to CVEs
in CISA’s Known Exploited Vulnerabilities
Catalog based on whether BigFix
patched the CVEs
2. Compares your environment to the
CISA-directed due dates for the CVEs,
and your performance against those due
dates
3. Provides information on number of
devices exposed and device vulnerability
density. Prescribes the biggest attack
surface gaps that need to be patched
4. Correlates the BigFix Patch Content
needed and the unpatched devices
regarding the CVEs in question to
protect the org
21
Advanced Persistent Threat
CVE Analyzer
1. Confirms priority priority exposures to
CVEs known to be used by MITRE ATT&CK
Groups based on whether BigFix patched
the CVEs
2. Includes the CVE Remediation Simulator
to do instant, real-time ‘what if’ analysis of
changes in your vulnerability attack surface
to prescribe remediations having the most
protective power with the least disruption
3. Provides information on number of devices
exposed and device vulnerability density.
Prescribes the biggest attack surface gaps
that need to be patched
4. Correlates the BigFix patch content
needed and the unpatched devices
regarding the CVEs in question to provide
immediate protection
22
Protection Level Agreements
Measure performance of remediation against
business-driven targets
Critical security patches for
online banking servers
for Cobalt Group CVEs
✓ Aligns IT Operations with Business
Objectives, balancing business
objectives/goals with cyber risk tolerance
✓ Leverages baselines that combine asset
criticality, CVE criticality, desired patch
levels, and compliance standards against
agreed-to organizational service levels
✓ PLA report shows remediation
performance against specific asset
groups
23
BigFix Insights for Vulnerability Remediation
24
BigFix Offerings Comparison
Key Capabilities BigFix
Patch
BigFix
Lifecycle
BigFix
Compliance
BigFix
Remediate
BigFix
Inventory
BigFix One
on Cloud
Comprehensive patching P P P P P
Pre-built and tested OS patch content P P P P P
Extended catalog of 3rd party apps for Windows P P P P
Vulnerability remediation with CyberFOCUS Analytics P P P P
Data analytics/integration platform P P P
Software and OS distribution and updates P P
Server automation / task sequencing P P
Desktop control and energy management P P
Configuration checklists for CIS, PCI-DSS, and DIST STIG
containing more than 20,000 checks
P P
Continuous compliance policy enforcement P P
Security configuration management P P
Multi-vendor anti-malware management P P
Hardware inventory P P
Software inventory with catalog of 100,000+ titles P P
25
A Recognized Leader
Gartner Peer Insights for UEM Quadrant Knowledge Systems
BigFix Runbook AI
IT Administrator
27
Market Pains
Digital business transformation is driving the proliferation of new applications, services, tools and technologies that increase
the complexity of digital assets. and put a massive pressure on IT.
• Vast number of recurring
incidents, service requests,
tasks
• Repetitive tasks to automate
• Improper knowledge
management
• Inconsistent and variable quality
of operations
Service Desk
• Rising Operational Costs
• Acute shortage of skilled SMEs
and resources
• Long delays in isolating and
resolving IT faults
• Frequent SLA Breaches &
escalations
+ = Long Unplanned
Downtimes
Overloaded IT
Team
Revenue Loss
28
Analyst Observations
Where is time spent during downtime incidents?
The survey found that after the loss or service or downtime, the root cause analysis,
identification of the resolution and execution of the identified solution represent for more
than the 60% of the interviewed people the most painful and time-consuming part of the
entire end-to-end incident resolution lifecycle
What are the greatest challenges in managing IT
infrastructure?
More than one response allowed
“Intelligent Automation of IT tasks and incident remediation is paramount for new-age enterprises to become truly agile, resilient and efficient”
How does the industry-wide breakup of incidents and tasks look like?
“Most common, repetitive
and standardized tasks”
“Less frequent occurrences,
fairly standardized”
“Occur once in a while and
are very non-standardized”
• Application Service Restarts
• Password Resets
• CPU, Memory, Disk Utilization
• Server Reboots, and more
• User Creation & Management
• Disk addition to VMs
• Provisioning of VMs
• Preventive Health Checks, and
many more
Repeaters
~30%
Runners
~45%
Rarities
~25%
29
30
Dramatically reduce human
errors due to manual
execution of activities on a
device
Compress the MTTR – Mean
Time to Repair – IT task
(incidents, service requests or
change requests)
Fewer Errors
Less Time
Introducing BigFix Runbook AI
Minimize IT Cost by
empowering admins to
accomplish any operation
without specific knowledge of
the OS or Application
Lower IT Cost
BigFix Runbook AI: Enabling Continuous Automation
Fetch
Fetch Structured
and Unstructured
Data – Tickets;
Alerts; Events; Logs;
Knowledge Articles
Analyze and
identify what
to automate
Configure
Runbook for
automated
ticket
resolution
Using NLP,
understand
and
recommend
most relevant
solution
Autonomously
resolve issues and
automate tasks
Analyze Configure Recommend Resolve
Continuous Optimization & Expansion of
Automation Scope
31
hcltechsw.com
Thank you!
Copyright © 2023 HCL Software Limited | Confidential
The HCL BigFix platform is used to automate the discovery and remediation of
potential vulnerabilities, ensuring all endpoints, such as servers, mobile
devices, and laptops, are continuously secured and compliant.
Automation and AI capabilities are leveraged to enable Mondelēz International
to provide an intuitive, on-demand personalized user experience and
accelerated issue resolution to its 110,000 plus employees across 79
countries.
BigFix’s CyberFOCUS Dashboard helps Mondelēz to gain enhanced visibility
to their security posture.
33
Copyright © 2023 HCL Software Limited | Confidential
Success Stories BigFix worldwide: https://www.hcltechsw.com/resources/stories/list?product=BigFix&referrer=www.bigfix.com
Viessmann
Automate their entire complex patching using Server Automation.
Achieve high productivity by using HCL BigFix’ Tenable Integration.
Verbund Services AG
Patch their environment with reduced IT resources.
Most 3rd party application patches and OS patches are managed up to date using HCL
BigFix
Swiss Telecom Provider
Reduce annual software costs while fostering use of current, most secure, software versions.
HCL BigFix’ Patch Compliance and Security Compliance reports are used to maintain their
environment secure.
35
HCL BigFix at a Glance
_____________________________________________________
100,000,000+ 47
endpoints managed worldwide. countries
_____________________________________________________
100+
supported operating systems
_____________________________________________________
100,000+
software titles inventoried
_____________________________________________________
500,000+
ready-to-deploy content
_____________________________________________________
20,000+
out-of-the-box compliance checks

More Related Content

Similar to Trends in Cybersecurity - DNUG Stammtisch Wien

Similar to Trends in Cybersecurity - DNUG Stammtisch Wien (20)

Chris Swan's presentation from the London Tech Entrepreneurs' Meetup
Chris Swan's presentation from the London Tech Entrepreneurs' MeetupChris Swan's presentation from the London Tech Entrepreneurs' Meetup
Chris Swan's presentation from the London Tech Entrepreneurs' Meetup
 
Cybersecurity Presentation at WVONGA spring meeting 2018
Cybersecurity Presentation at WVONGA spring meeting 2018Cybersecurity Presentation at WVONGA spring meeting 2018
Cybersecurity Presentation at WVONGA spring meeting 2018
 
Presales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptxPresales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptx
 
Presales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptxPresales-Present_GravityZone Products_June2023.pptx
Presales-Present_GravityZone Products_June2023.pptx
 
HCL BigFix - The Endpoint Management Platform - DNUG Stammtisch Hamburg.pdf
HCL BigFix - The Endpoint Management Platform - DNUG Stammtisch Hamburg.pdfHCL BigFix - The Endpoint Management Platform - DNUG Stammtisch Hamburg.pdf
HCL BigFix - The Endpoint Management Platform - DNUG Stammtisch Hamburg.pdf
 
188
188188
188
 
Citrix security booklet
Citrix security bookletCitrix security booklet
Citrix security booklet
 
Understanding Cloud Security - An In-Depth Exploration For Business Growth | ...
Understanding Cloud Security - An In-Depth Exploration For Business Growth | ...Understanding Cloud Security - An In-Depth Exploration For Business Growth | ...
Understanding Cloud Security - An In-Depth Exploration For Business Growth | ...
 
UNDERSTANDING CLOUD SECURITY- AN IN-DEPTH EXPLORATION FOR BUSINESS GROWTH.pdf
UNDERSTANDING CLOUD SECURITY- AN IN-DEPTH EXPLORATION FOR BUSINESS GROWTH.pdfUNDERSTANDING CLOUD SECURITY- AN IN-DEPTH EXPLORATION FOR BUSINESS GROWTH.pdf
UNDERSTANDING CLOUD SECURITY- AN IN-DEPTH EXPLORATION FOR BUSINESS GROWTH.pdf
 
What are top 7 cyber security trends for 2020
What are top 7 cyber security trends for 2020What are top 7 cyber security trends for 2020
What are top 7 cyber security trends for 2020
 
Cost effective cyber security
Cost effective cyber securityCost effective cyber security
Cost effective cyber security
 
Smart Analytics for The Big Unknown
Smart Analytics for The Big UnknownSmart Analytics for The Big Unknown
Smart Analytics for The Big Unknown
 
Safeguarding the Internet of Things
Safeguarding the Internet of ThingsSafeguarding the Internet of Things
Safeguarding the Internet of Things
 
Be wp cybersmart_buildings (1)
Be wp cybersmart_buildings (1)Be wp cybersmart_buildings (1)
Be wp cybersmart_buildings (1)
 
Be wp cybersmart_buildings
Be wp cybersmart_buildingsBe wp cybersmart_buildings
Be wp cybersmart_buildings
 
Cybersmart_buildings_securing your investment in connectivity and automation
Cybersmart_buildings_securing your investment in connectivity and automationCybersmart_buildings_securing your investment in connectivity and automation
Cybersmart_buildings_securing your investment in connectivity and automation
 
Cyber Immunity Unleashed: Explore the Future with iTech Magazine!
Cyber Immunity Unleashed: Explore the Future with iTech Magazine!Cyber Immunity Unleashed: Explore the Future with iTech Magazine!
Cyber Immunity Unleashed: Explore the Future with iTech Magazine!
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Latest Cybersecurity Trends
Latest Cybersecurity TrendsLatest Cybersecurity Trends
Latest Cybersecurity Trends
 
Module 1 - Evolution to Secure DevOps.pptx
Module 1 - Evolution to Secure DevOps.pptxModule 1 - Evolution to Secure DevOps.pptx
Module 1 - Evolution to Secure DevOps.pptx
 

More from DNUG e.V.

More from DNUG e.V. (20)

DNUG Online Domino - OnTime | Fachgruppe Domino | 07.05.2024
DNUG Online Domino - OnTime | Fachgruppe Domino | 07.05.2024DNUG Online Domino - OnTime | Fachgruppe Domino | 07.05.2024
DNUG Online Domino - OnTime | Fachgruppe Domino | 07.05.2024
 
DNUG Online Domino - OnTime | OnTime Gruppenkalender für Domino | 07.05.2024
DNUG Online Domino - OnTime | OnTime Gruppenkalender für Domino | 07.05.2024DNUG Online Domino - OnTime | OnTime Gruppenkalender für Domino | 07.05.2024
DNUG Online Domino - OnTime | OnTime Gruppenkalender für Domino | 07.05.2024
 
Slides (2) zu Teil 3 der Veranstaltungsreihe Anwendungsentwicklung mit Volt M...
Slides (2) zu Teil 3 der Veranstaltungsreihe Anwendungsentwicklung mit Volt M...Slides (2) zu Teil 3 der Veranstaltungsreihe Anwendungsentwicklung mit Volt M...
Slides (2) zu Teil 3 der Veranstaltungsreihe Anwendungsentwicklung mit Volt M...
 
Slides (1) zu Teil 3 der Veranstaltungsreihe Anwendungsentwicklung mit Volt M...
Slides (1) zu Teil 3 der Veranstaltungsreihe Anwendungsentwicklung mit Volt M...Slides (1) zu Teil 3 der Veranstaltungsreihe Anwendungsentwicklung mit Volt M...
Slides (1) zu Teil 3 der Veranstaltungsreihe Anwendungsentwicklung mit Volt M...
 
Slides zum Impulsreferat: HCL UDP - DNUG Stammtisch Salzburg
Slides zum Impulsreferat: HCL UDP - DNUG Stammtisch SalzburgSlides zum Impulsreferat: HCL UDP - DNUG Stammtisch Salzburg
Slides zum Impulsreferat: HCL UDP - DNUG Stammtisch Salzburg
 
Slides (2) zu Teil 2 der Veranstaltungsreihe Anwendungsentwicklung mit Volt M...
Slides (2) zu Teil 2 der Veranstaltungsreihe Anwendungsentwicklung mit Volt M...Slides (2) zu Teil 2 der Veranstaltungsreihe Anwendungsentwicklung mit Volt M...
Slides (2) zu Teil 2 der Veranstaltungsreihe Anwendungsentwicklung mit Volt M...
 
Slides (1) zu Teil 2 der Veranstaltungsreihe Anwendungsentwicklung mit Volt M...
Slides (1) zu Teil 2 der Veranstaltungsreihe Anwendungsentwicklung mit Volt M...Slides (1) zu Teil 2 der Veranstaltungsreihe Anwendungsentwicklung mit Volt M...
Slides (1) zu Teil 2 der Veranstaltungsreihe Anwendungsentwicklung mit Volt M...
 
Slides zum Impulsreferat: HCL BigFix - DNUG Stammtisch Karlsruhe
Slides zum Impulsreferat: HCL BigFix  - DNUG Stammtisch KarlsruheSlides zum Impulsreferat: HCL BigFix  - DNUG Stammtisch Karlsruhe
Slides zum Impulsreferat: HCL BigFix - DNUG Stammtisch Karlsruhe
 
Slides zum Impulsreferat: NIS2 & HCL BigFix - DNUG Stammtisch Karlsruhe
Slides zum Impulsreferat: NIS2 & HCL BigFix - DNUG Stammtisch KarlsruheSlides zum Impulsreferat: NIS2 & HCL BigFix - DNUG Stammtisch Karlsruhe
Slides zum Impulsreferat: NIS2 & HCL BigFix - DNUG Stammtisch Karlsruhe
 
Slides zum Impulsreferat: NIS2 - Was steckt konkret dahinter? - DNUG Stammtis...
Slides zum Impulsreferat: NIS2 - Was steckt konkret dahinter? - DNUG Stammtis...Slides zum Impulsreferat: NIS2 - Was steckt konkret dahinter? - DNUG Stammtis...
Slides zum Impulsreferat: NIS2 - Was steckt konkret dahinter? - DNUG Stammtis...
 
Entwicklung mit Volt MX und Co. | Teil 1
Entwicklung mit Volt MX und Co. | Teil 1Entwicklung mit Volt MX und Co. | Teil 1
Entwicklung mit Volt MX und Co. | Teil 1
 
HCL Nomad - DNUG Stammtisch Salzburg.pdf
HCL Nomad - DNUG Stammtisch Salzburg.pdfHCL Nomad - DNUG Stammtisch Salzburg.pdf
HCL Nomad - DNUG Stammtisch Salzburg.pdf
 
HCL Domino 14 - Leap 1.1.2 - DNUG Stammtisch Wien
HCL Domino 14 - Leap 1.1.2 - DNUG Stammtisch Wien HCL Domino 14 - Leap 1.1.2 - DNUG Stammtisch Wien
HCL Domino 14 - Leap 1.1.2 - DNUG Stammtisch Wien
 
DACHNUG50 MX_Workshop.pdf
DACHNUG50 MX_Workshop.pdfDACHNUG50 MX_Workshop.pdf
DACHNUG50 MX_Workshop.pdf
 
DACHNUG50 Domino REST API - Konzepte und Hintergruende.pdf
DACHNUG50 Domino REST API - Konzepte und Hintergruende.pdfDACHNUG50 Domino REST API - Konzepte und Hintergruende.pdf
DACHNUG50 Domino REST API - Konzepte und Hintergruende.pdf
 
DACHNUG50 CNX0 Workshop.pdf
DACHNUG50 CNX0 Workshop.pdfDACHNUG50 CNX0 Workshop.pdf
DACHNUG50 CNX0 Workshop.pdf
 
DACHNUG50 What's new in CCB - V3.3.pdf
DACHNUG50 What's new in CCB - V3.3.pdfDACHNUG50 What's new in CCB - V3.3.pdf
DACHNUG50 What's new in CCB - V3.3.pdf
 
DACHNUG50 presentation 15 June 2023.pdf
DACHNUG50 presentation 15 June 2023.pdfDACHNUG50 presentation 15 June 2023.pdf
DACHNUG50 presentation 15 June 2023.pdf
 
DACHNUG50 Pointsharp overview_web_A4.pdf
DACHNUG50 Pointsharp overview_web_A4.pdfDACHNUG50 Pointsharp overview_web_A4.pdf
DACHNUG50 Pointsharp overview_web_A4.pdf
 
DACHNUG50 OnTime for Domino.pdf
DACHNUG50 OnTime for Domino.pdfDACHNUG50 OnTime for Domino.pdf
DACHNUG50 OnTime for Domino.pdf
 

Recently uploaded

Recently uploaded (20)

Salesforce Introduced Zero Copy Partner Network to Simplify the Process of In...
Salesforce Introduced Zero Copy Partner Network to Simplify the Process of In...Salesforce Introduced Zero Copy Partner Network to Simplify the Process of In...
Salesforce Introduced Zero Copy Partner Network to Simplify the Process of In...
 
BusinessGPT - Security and Governance for Generative AI
BusinessGPT  - Security and Governance for Generative AIBusinessGPT  - Security and Governance for Generative AI
BusinessGPT - Security and Governance for Generative AI
 
A Deep Dive into Secure Product Development Frameworks.pdf
A Deep Dive into Secure Product Development Frameworks.pdfA Deep Dive into Secure Product Development Frameworks.pdf
A Deep Dive into Secure Product Development Frameworks.pdf
 
COMPUTER AND ITS COMPONENTS PPT.by naitik sharma Class 9th A mittal internati...
COMPUTER AND ITS COMPONENTS PPT.by naitik sharma Class 9th A mittal internati...COMPUTER AND ITS COMPONENTS PPT.by naitik sharma Class 9th A mittal internati...
COMPUTER AND ITS COMPONENTS PPT.by naitik sharma Class 9th A mittal internati...
 
Abortion Clinic Pretoria ](+27832195400*)[ Abortion Clinic Near Me ● Abortion...
Abortion Clinic Pretoria ](+27832195400*)[ Abortion Clinic Near Me ● Abortion...Abortion Clinic Pretoria ](+27832195400*)[ Abortion Clinic Near Me ● Abortion...
Abortion Clinic Pretoria ](+27832195400*)[ Abortion Clinic Near Me ● Abortion...
 
^Clinic ^%[+27788225528*Abortion Pills For Sale In witbank
^Clinic ^%[+27788225528*Abortion Pills For Sale In witbank^Clinic ^%[+27788225528*Abortion Pills For Sale In witbank
^Clinic ^%[+27788225528*Abortion Pills For Sale In witbank
 
Modern binary build systems - PyCon 2024
Modern binary build systems - PyCon 2024Modern binary build systems - PyCon 2024
Modern binary build systems - PyCon 2024
 
Secure Software Ecosystem Teqnation 2024
Secure Software Ecosystem Teqnation 2024Secure Software Ecosystem Teqnation 2024
Secure Software Ecosystem Teqnation 2024
 
Evolving Data Governance for the Real-time Streaming and AI Era
Evolving Data Governance for the Real-time Streaming and AI EraEvolving Data Governance for the Real-time Streaming and AI Era
Evolving Data Governance for the Real-time Streaming and AI Era
 
Lessons Learned from Building a Serverless Notifications System.pdf
Lessons Learned from Building a Serverless Notifications System.pdfLessons Learned from Building a Serverless Notifications System.pdf
Lessons Learned from Building a Serverless Notifications System.pdf
 
how-to-download-files-safely-from-the-internet.pdf
how-to-download-files-safely-from-the-internet.pdfhow-to-download-files-safely-from-the-internet.pdf
how-to-download-files-safely-from-the-internet.pdf
 
StrimziCon 2024 - Transition to Apache Kafka on Kubernetes with Strimzi.pdf
StrimziCon 2024 - Transition to Apache Kafka on Kubernetes with Strimzi.pdfStrimziCon 2024 - Transition to Apache Kafka on Kubernetes with Strimzi.pdf
StrimziCon 2024 - Transition to Apache Kafka on Kubernetes with Strimzi.pdf
 
^Clinic ^%[+27788225528*Abortion Pills For Sale In harare
^Clinic ^%[+27788225528*Abortion Pills For Sale In harare^Clinic ^%[+27788225528*Abortion Pills For Sale In harare
^Clinic ^%[+27788225528*Abortion Pills For Sale In harare
 
Abortion Clinic In Polokwane ](+27832195400*)[ 🏥 Safe Abortion Pills in Polok...
Abortion Clinic In Polokwane ](+27832195400*)[ 🏥 Safe Abortion Pills in Polok...Abortion Clinic In Polokwane ](+27832195400*)[ 🏥 Safe Abortion Pills in Polok...
Abortion Clinic In Polokwane ](+27832195400*)[ 🏥 Safe Abortion Pills in Polok...
 
OpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCAOpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCA
 
Anypoint Code Builder - Munich MuleSoft Meetup - 16th May 2024
Anypoint Code Builder - Munich MuleSoft Meetup - 16th May 2024Anypoint Code Builder - Munich MuleSoft Meetup - 16th May 2024
Anypoint Code Builder - Munich MuleSoft Meetup - 16th May 2024
 
Weeding your micro service landscape.pdf
Weeding your micro service landscape.pdfWeeding your micro service landscape.pdf
Weeding your micro service landscape.pdf
 
^Clinic ^%[+27788225528*Abortion Pills For Sale In birch acres
^Clinic ^%[+27788225528*Abortion Pills For Sale In birch acres^Clinic ^%[+27788225528*Abortion Pills For Sale In birch acres
^Clinic ^%[+27788225528*Abortion Pills For Sale In birch acres
 
Community is Just as Important as Code by Andrea Goulet
Community is Just as Important as Code by Andrea GouletCommunity is Just as Important as Code by Andrea Goulet
Community is Just as Important as Code by Andrea Goulet
 
Spring into AI presented by Dan Vega 5/14
Spring into AI presented by Dan Vega 5/14Spring into AI presented by Dan Vega 5/14
Spring into AI presented by Dan Vega 5/14
 

Trends in Cybersecurity - DNUG Stammtisch Wien

  • 1. Copyright © 2023 HCL Software Limited | Confidential Trends in Cybersecurity Impact of AI on Cyber Security EU Directive NIS2 How HCL Bigfix Can Help AI Support in BigFix: New! “Runbook AI” Discussion Bettina Brandl Sept. 25th, 2023
  • 2. Copyright © 2023 HCL Software Limited | Confidential Bettina Brandl Head of Enterprise Security DACH https://www.linkedin.com/in/bettina-brandl/
  • 3. Copyright © 2023 HCL Software Limited | Confidential Impact of AI on Cyber Security
  • 4. Copyright © 2023 HCL Software Limited | Confidential Source: https://www.infosecurity-magazine.com/news/global-cyber-attacks-rise-7-q1-2023/ published 2023/04/28 +7% Year-over-year increase in weekly cyberattacks worldwide in Q1/2023 → 1.248 attacks per week per organization! +15% Increase in sectors Education and Research & Development → 2,507 attacks per week per organization! 1 out of 31 organizations worldwide experienced a ransomware attack every week in the first quarter of 2023 Image: Gerd Altmann via pixabay
  • 5. Source: https://www.statista.com/statistics/204457/businesses-ransomware-attack-rate/ published 2023/08/30 Annual share of organizations affected by ransomware attacks worldwide from 2018 to 2023 5 As of 2023, over 72% of businesses worldwide were affected by ransomware attacks. This figure represents an increase from the previous five years and was by far the highest figure reported. Overall, since 2018, more than half of the total survey respondents each year stated that their organizations had been victimized by ransomware.
  • 6. 1 Increase in number and frequency of cyber attacks 2 More sophisticated technology and complexity of cyber attacks 3 Higher and more connectivity, faster disclosure of security vulnerabilities Impact of AI on Cyber Security – Threat Potential Image: Gerd Altmann via pixabay
  • 7. 1 Automation of security processes, seamless integration between Detection and Remediation 2 Pattern and anomaly detection, Improvement in detection and more efficient countermeasures 3 Full transparency about infrastructure exposure to threats Impact of AI on Cyber Security – How to Respond Image: Gerd Altmann via pixabay
  • 8. Copyright © 2023 HCL Software Limited | Confidential Response from the authorities: The new EU directive NIS2
  • 9. What is NIS 2 NIS stands for Network and Information Systems Security. The NIS2 Directive is the EU-wide legislation on cybersecurity. It contains legal measures to increase the overall level of cybersecurity in the EU. Image: Gerd Altmann via pixabay Covering a larger part of the economy and society (more sectors) Systematic focus on larger, medium- sized and critical players Alignment of safety requirements and supervision and enforcement Streamlining reporting requirements More operational cooperation, incl. EU cyber crisis management
  • 10. NIS 2 – Why is it Relevant Image: Gerd Altmann via pixabay Obligation to transpose until Oct. 17th, 2024 up to €10M Penalty or 2% of the annual global revenue Management bodies (managing directors and board of directors) are liable for violations if essential risk considerations have been neglected or ignored.
  • 11. NIS 2 – Relevant Sectors Energy Transportation Healthcare Drinking water Waste water Postal and Courier Services Waste Management Chemistry Food Processing / Manufacturing Industry Digital service providers Research (facultative) Digital Infrastructure Management of ICT Services B2B Public Administration Space Banking and Financial market infrastructures (DORA) Image: Gerd Altmann via pixabay
  • 12. Copyright © 2023 HCL Software Limited | Confidential How HCL BigFix can help
  • 13. 13 Endpoint Security is a Universal Challenge In 2023, there are about 3.5 million unfulfilled cybersecurity jobs Skills shortage Regulatory fines can cost millions for large global brands Compliance mandates Nearly 1/3 of all detected vulnerabilities remain unremediated after a year Long remediation times A typical organization uses 14 endpoint management tools Too many tools And agents No consolidated single manage- ment view of all endpoints increases security risk Lack of visibility Endpoint Security is essential, but challenging “things” to secure personal data records stolen lost to cybercrime
  • 14. 14 The Economic Impact of BigFix Addressing endpoint management challenges drives tangible value No consolidated single Management view of all endpoints increases security risk Lack of visibility In 2023, there are about 3.5 million unfulfilled cybersecurity jobs Skills shortage Regulatory fines can cost millions for large global brands Compliance mandates Nearly 1/3 of all detected vulnerabilities remain unremediated after a year Long remediation times A typical organization uses 14 endpoint management tools Too many tools And agents Endpoint Management Challenges One skillset leveraged across all OS platforms and device types Simplified staffing, fewer specialists Eliminates configuration drift, remediation effort, and noncompliance fines Continuous compliance enforcement Prioritize and speed vulnerability remediation across the fleet of endpoints Fast remediation of vulnerabilities A unified view simplifies management and control and reduces risk Consolidated view of all endpoints A single endpoint management solution reduces tool sprawl and IT complexity Single agent and platform BigFix delivers Economic Impact Reduced staffing costs Fewer fines for noncompliance Reduce security risk Reduced IT spend Improve visibility and control
  • 15. 15 HCL BigFix: THE Endpoint Management Platform Support for 100 operating systems and variants Integrations with ServiceNow, Tenable, Qualys, Nutanix, IBM, VMWare, AWS, Google Cloud, Azure and others User Workspace Management Deep automation for clients and mobile to easily solve the latest user endpoint demands in the market Secure Infrastructure Automation Intelligent automation of servers and cloud assets Security & risk management compliance Software Asset Management Software cost management License optimization Software auditing CyberFOCUS Security Management Help alignment of security and operations Help C-suite balance security and business Prove cyber risk reduction
  • 16. 16 BigFix: The Endpoint Management Platform Analyze An open data analytics platform providing insights, historical and trend reports Discover inventory • Discovery and enrollment • Hardware and software inventory for over 100k titles Continuous compliance and patch • CIS, PCI-DSS, DISA-STIG • Eliminate configuration drift Vulnerability remediation Correlates vulnerabilities from Tenable and Qualys to bridge the Sec/Ops gap and reduce attack surface Intelligent automation Fully automated operations for any endpoint • Distribution • Hardening • Patch • Compliance Manage • Desktop, server, cloud and mobile • End user self-service • Remote desktop control • Power Management Integrate Integrations with 12+ market leading products including ServiceNow, Tenable, Qualys, QRadar and more
  • 17. 17 Technology Explosion Creates Complexity Every solution has an agent Every agent has a console Every console requires a server or cloud instance Every tool requires staff, training, maintenance, and support Where does it end? At what cost?
  • 18. 18 “Point in time” Versus Continuous Compliance BigFix Agent… Continuously enforces polices Reports change immediately 99%+ compliance commonly achieved!
  • 19. 19 BigFix CyberFOCUS Technology The industry’s first vulnerability remediation solution that combines threat intelligence-based CVE prioritization, prescriptive analytics and the broadest device coverage to help organizations stay protected ahead of emerging threats.
  • 20. 20 CISA KEVs Exposure Analyzer 1. Identifies priority exposures to CVEs in CISA’s Known Exploited Vulnerabilities Catalog based on whether BigFix patched the CVEs 2. Compares your environment to the CISA-directed due dates for the CVEs, and your performance against those due dates 3. Provides information on number of devices exposed and device vulnerability density. Prescribes the biggest attack surface gaps that need to be patched 4. Correlates the BigFix Patch Content needed and the unpatched devices regarding the CVEs in question to protect the org
  • 21. 21 Advanced Persistent Threat CVE Analyzer 1. Confirms priority priority exposures to CVEs known to be used by MITRE ATT&CK Groups based on whether BigFix patched the CVEs 2. Includes the CVE Remediation Simulator to do instant, real-time ‘what if’ analysis of changes in your vulnerability attack surface to prescribe remediations having the most protective power with the least disruption 3. Provides information on number of devices exposed and device vulnerability density. Prescribes the biggest attack surface gaps that need to be patched 4. Correlates the BigFix patch content needed and the unpatched devices regarding the CVEs in question to provide immediate protection
  • 22. 22 Protection Level Agreements Measure performance of remediation against business-driven targets Critical security patches for online banking servers for Cobalt Group CVEs ✓ Aligns IT Operations with Business Objectives, balancing business objectives/goals with cyber risk tolerance ✓ Leverages baselines that combine asset criticality, CVE criticality, desired patch levels, and compliance standards against agreed-to organizational service levels ✓ PLA report shows remediation performance against specific asset groups
  • 23. 23 BigFix Insights for Vulnerability Remediation
  • 24. 24 BigFix Offerings Comparison Key Capabilities BigFix Patch BigFix Lifecycle BigFix Compliance BigFix Remediate BigFix Inventory BigFix One on Cloud Comprehensive patching P P P P P Pre-built and tested OS patch content P P P P P Extended catalog of 3rd party apps for Windows P P P P Vulnerability remediation with CyberFOCUS Analytics P P P P Data analytics/integration platform P P P Software and OS distribution and updates P P Server automation / task sequencing P P Desktop control and energy management P P Configuration checklists for CIS, PCI-DSS, and DIST STIG containing more than 20,000 checks P P Continuous compliance policy enforcement P P Security configuration management P P Multi-vendor anti-malware management P P Hardware inventory P P Software inventory with catalog of 100,000+ titles P P
  • 25. 25 A Recognized Leader Gartner Peer Insights for UEM Quadrant Knowledge Systems
  • 27. IT Administrator 27 Market Pains Digital business transformation is driving the proliferation of new applications, services, tools and technologies that increase the complexity of digital assets. and put a massive pressure on IT. • Vast number of recurring incidents, service requests, tasks • Repetitive tasks to automate • Improper knowledge management • Inconsistent and variable quality of operations Service Desk • Rising Operational Costs • Acute shortage of skilled SMEs and resources • Long delays in isolating and resolving IT faults • Frequent SLA Breaches & escalations + = Long Unplanned Downtimes Overloaded IT Team Revenue Loss
  • 28. 28 Analyst Observations Where is time spent during downtime incidents? The survey found that after the loss or service or downtime, the root cause analysis, identification of the resolution and execution of the identified solution represent for more than the 60% of the interviewed people the most painful and time-consuming part of the entire end-to-end incident resolution lifecycle What are the greatest challenges in managing IT infrastructure? More than one response allowed
  • 29. “Intelligent Automation of IT tasks and incident remediation is paramount for new-age enterprises to become truly agile, resilient and efficient” How does the industry-wide breakup of incidents and tasks look like? “Most common, repetitive and standardized tasks” “Less frequent occurrences, fairly standardized” “Occur once in a while and are very non-standardized” • Application Service Restarts • Password Resets • CPU, Memory, Disk Utilization • Server Reboots, and more • User Creation & Management • Disk addition to VMs • Provisioning of VMs • Preventive Health Checks, and many more Repeaters ~30% Runners ~45% Rarities ~25% 29
  • 30. 30 Dramatically reduce human errors due to manual execution of activities on a device Compress the MTTR – Mean Time to Repair – IT task (incidents, service requests or change requests) Fewer Errors Less Time Introducing BigFix Runbook AI Minimize IT Cost by empowering admins to accomplish any operation without specific knowledge of the OS or Application Lower IT Cost
  • 31. BigFix Runbook AI: Enabling Continuous Automation Fetch Fetch Structured and Unstructured Data – Tickets; Alerts; Events; Logs; Knowledge Articles Analyze and identify what to automate Configure Runbook for automated ticket resolution Using NLP, understand and recommend most relevant solution Autonomously resolve issues and automate tasks Analyze Configure Recommend Resolve Continuous Optimization & Expansion of Automation Scope 31
  • 33. Copyright © 2023 HCL Software Limited | Confidential The HCL BigFix platform is used to automate the discovery and remediation of potential vulnerabilities, ensuring all endpoints, such as servers, mobile devices, and laptops, are continuously secured and compliant. Automation and AI capabilities are leveraged to enable Mondelēz International to provide an intuitive, on-demand personalized user experience and accelerated issue resolution to its 110,000 plus employees across 79 countries. BigFix’s CyberFOCUS Dashboard helps Mondelēz to gain enhanced visibility to their security posture. 33
  • 34. Copyright © 2023 HCL Software Limited | Confidential Success Stories BigFix worldwide: https://www.hcltechsw.com/resources/stories/list?product=BigFix&referrer=www.bigfix.com Viessmann Automate their entire complex patching using Server Automation. Achieve high productivity by using HCL BigFix’ Tenable Integration. Verbund Services AG Patch their environment with reduced IT resources. Most 3rd party application patches and OS patches are managed up to date using HCL BigFix Swiss Telecom Provider Reduce annual software costs while fostering use of current, most secure, software versions. HCL BigFix’ Patch Compliance and Security Compliance reports are used to maintain their environment secure.
  • 35. 35 HCL BigFix at a Glance _____________________________________________________ 100,000,000+ 47 endpoints managed worldwide. countries _____________________________________________________ 100+ supported operating systems _____________________________________________________ 100,000+ software titles inventoried _____________________________________________________ 500,000+ ready-to-deploy content _____________________________________________________ 20,000+ out-of-the-box compliance checks