2 assessing the threatscape addressing compliance requirements respond, dont just report youre...

20

Upload: dallas-gingell

Post on 10-Dec-2015

213 views

Category:

Documents


0 download

TRANSCRIPT

Page 1: 2 Assessing the Threatscape Addressing compliance requirements Respond, dont just report Youre already a statistic, how do you rebound? Q&A
Page 2: 2 Assessing the Threatscape Addressing compliance requirements Respond, dont just report Youre already a statistic, how do you rebound? Q&A

2

• Assessing the Threatscape• Addressing compliance

requirements• Respond, don’t just report• You’re already a statistic, how do

you rebound?• Q&A

YOU’RE ALREADY A STATISTIC…

Page 3: 2 Assessing the Threatscape Addressing compliance requirements Respond, dont just report Youre already a statistic, how do you rebound? Q&A

3

Page 4: 2 Assessing the Threatscape Addressing compliance requirements Respond, dont just report Youre already a statistic, how do you rebound? Q&A

4

• 91% of companies have experienced at least one IT security event from an external source.

• 90% of all cyber crime costs are those caused by web attacks, malicious code and malicious insiders.

Security Breach Statistics*

*Statistics collected from Gartner, Forrester, Ponemon, Kaspersky, Eschelon

ASSESSING THE THREATSCAPE

Page 5: 2 Assessing the Threatscape Addressing compliance requirements Respond, dont just report Youre already a statistic, how do you rebound? Q&A

5

• Due to complexity, over 70% of organizations still not adequately securing critical systems.

• The median annualized cost of breaches is $3.8 million per year, (range: $1M to $52M/yr)

Security Breach Statistics

ASSESSING THE THREATSCAPE

Page 6: 2 Assessing the Threatscape Addressing compliance requirements Respond, dont just report Youre already a statistic, how do you rebound? Q&A

6

• 96% of attacks were not highly difficult

• 94% of all data compromised involved servers

• 85% of breaches took weeks or more to discover

• 92% of incidents were discovered by a third party

• 97% of breaches were avoidable• 96% of victims subject to PCI DSS

had not achieved compliance

A study conducted by the Verizon RISK Team

ASSESSING THE THREATSCAPE

Page 7: 2 Assessing the Threatscape Addressing compliance requirements Respond, dont just report Youre already a statistic, how do you rebound? Q&A

7

• Data breaches• Data loss/leakage• Account/service traffic hijacking• Insecure interfaces and APIs• Denial of service• Malicious insiders• Insufficient due diligence• Technology vulnerabilities• Social Engineering• Viruses, phishing, malware, spyware • Employees exposing information • Carelessness/lax security policies

According to Cloud Security Alliance

TOP THREATS

Page 8: 2 Assessing the Threatscape Addressing compliance requirements Respond, dont just report Youre already a statistic, how do you rebound? Q&A

8

Source: www.securelist.comKaspersky Bulletin

CYBER WAR HAS BEEN DECLARED

Page 9: 2 Assessing the Threatscape Addressing compliance requirements Respond, dont just report Youre already a statistic, how do you rebound? Q&A

9

And then this happens….

… that becomes this

… which ultimately ends up with this

…followed by this

They all start off like this

THE CHALLENGE IS REAL

Page 10: 2 Assessing the Threatscape Addressing compliance requirements Respond, dont just report Youre already a statistic, how do you rebound? Q&A

10

“I get audited. I get audited a lot.”

- Michael Tampone Chief Technology Officer Sterling Risk

THE WEIGHT OF COMPLIANCE

Page 11: 2 Assessing the Threatscape Addressing compliance requirements Respond, dont just report Youre already a statistic, how do you rebound? Q&A

11

• FFIEC• PCI / DSS• CIP • Sarbanes Oxley• GLBA• FISMA• NERC• HIPAA• FERPA• SB-1386 (California)

ALPHABET SOUP OF OVERSIGHT

Page 12: 2 Assessing the Threatscape Addressing compliance requirements Respond, dont just report Youre already a statistic, how do you rebound? Q&A

12

• It’s expensive• It’s time consuming• It’s resource heavy• Perceived imbalance in the

risk/reward quotient- We’ve got it covered- We haven’t been attacked/complacency- We’re too small for hackers to care/notice

• Expertise difficult to retain

…but it doesn’t have to be

THE PROBLEM IS…

MSPAlliance says: Unemployment for IT security is <1%. And once found, they’re expensive to keep. In fact their

salaries doubled in past 3 years.

Page 13: 2 Assessing the Threatscape Addressing compliance requirements Respond, dont just report Youre already a statistic, how do you rebound? Q&A

13

• Preventive/Preemptive policies• Centralized control• Automation• Transaction Anomaly Prevention• Minimize end user impact• Consistency• Maintain and enforce standards• Minimizing management and

operational cost

Best practices

OVERCOMING OBSTACLES

Page 14: 2 Assessing the Threatscape Addressing compliance requirements Respond, dont just report Youre already a statistic, how do you rebound? Q&A

14

• Continuous monitoring discovers red flags (via Log/SIEM) but too often reviewed days/weeks later

• Doesn’t FIX the problem• Signatures will not detect

anything unusual in a zero-day exploit

• Doesn’t maintain continuous integrity of files/apps/registry

MONITORING IS NOT ENOUGH

Page 15: 2 Assessing the Threatscape Addressing compliance requirements Respond, dont just report Youre already a statistic, how do you rebound? Q&A

15

TURN BACK THE CLOCK

• Real-time configuration mgmt• Recovery back to ideal state• Automated alerts and repair• Avoid unauthorized changes that

threaten compliance• Demonstrate control of

computing environment• Change management• Reduce support incidents

Page 16: 2 Assessing the Threatscape Addressing compliance requirements Respond, dont just report Youre already a statistic, how do you rebound? Q&A

16

• (3.11)Implement automated configuration monitoring system to analyze hardware and software changes, network configuration changes, and other modifications affecting the security of the system.

COMPLYING WITH SECURITY FRAMEWORKS

*Source SANS 20 Critical Controls

SANS offers 12 critical controls for implementation, automation, and measurement. Security Configuration Management applies to 8 of those guidelines, most notably

Page 17: 2 Assessing the Threatscape Addressing compliance requirements Respond, dont just report Youre already a statistic, how do you rebound? Q&A

17

• Reduce, remove security threats• Reduce operational downtime• Reduce support incidents by 80%• Automate security compliance policy• Increase application availability• Reduce case resolution times and

repeat cases• Reduce on-site or remote service

requests• Integrates with existing infrastructure• Automated compliance reporting• Improve customer satisfaction

GO HOME ON TIME…REALLY!

Page 18: 2 Assessing the Threatscape Addressing compliance requirements Respond, dont just report Youre already a statistic, how do you rebound? Q&A

18

Demonstration

LET ME PROVE IT

Page 19: 2 Assessing the Threatscape Addressing compliance requirements Respond, dont just report Youre already a statistic, how do you rebound? Q&A

19

COMPANY OVERVIEW

Innovative Software Company◦ Over 12 years in the marketplace◦ 1,000’s of customer deployments globally◦ Proven and patented technology

IT organizations will fail to successfully manage their PC environment if they have not addressed the

biggest issue: complexity … Persystent Suite … does provide configuration drift management

functionality.

Customers

Page 20: 2 Assessing the Threatscape Addressing compliance requirements Respond, dont just report Youre already a statistic, how do you rebound? Q&A

20

THANK YOU.

Bob Whirley Utopic [email protected]

www.utopicsoftware.com