adapting your board to an adaptive defense - fireeye · 2015. 7. 15. · french cyber attack -...
TRANSCRIPT
1Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL
Adapting Your Board to an Adaptive Defense
Julie Cullivan - CIO & SVP Business Operations
2Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL
“Cybersecurity is now a persistent business risk…
The impact has extended to the C-suite and boardroom.”
Source: PwC 2015 Global State of Information Security Survey
3Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL
The Tide Has Changed
Home Depot Data
Breach Could Be The
Largest Yet
- New York Times,
September 2014
JP Morgan And Other
Banks Struck By
Hackers
- New York Times,
August 2014
Russian Hackers
Amass Over A Billion
Internet Passwords
- New York Times,
August 2014
UK Prime Cyber Attack
Target of Europe and
Middle East - Financial Times,
October 2014
FBI Probes Possible
Computer Hacking At JP
Morgan- The Wall St. Journal,
August 2014
Russia Attacks U.S. Oil
And Gas Companies In
Massive Hack - CNN Money, July
2014
Report: Cybercrime
And Espionage Costs
$445 Billion Annually
- The Washington
Post, June 2014
The €30k Data
Takeaway:
Domino’s Pizza Faces
Ransom
Demand After Hack
Hackers Target
Belgian Press
Group, days after
French Cyber Attack
- Deutsche-Welle,
April 2015
Hackers Target
Information On
MH370 Probe: Report
- The Straits Times,
August 2014
Community Health
Says Data Stolen In
Cyber Attack From
China- BusinessWeek,
August 2014
Monsanto Confirms
Security Breach- The Wall St. Journal,
May 2014
For years, we have argued that there is no such thing as perfect security. The events
of 2014 should put any lingering doubts to rest.”- Mandiant 2015 M-Trends Report
- CNN Money, June
16 2014
4Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL
EU Cyber Risk On The Rise
Source: PwC 2015 Global State of Information Security Survey
Cybercrime is rising significantly in Europe.
5Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL
This Is A Board Level Issue
The cost of cyber incidents have increased and demonstrated
the substantial impact that cyber attacks can have on
shareholder value.
After the Target breach:
• Profits fell 46 percent in Q4 2013.
• Spent ~$61 million addressing the breach.
• Facing more than 100 lawsuits and some analysts forecast breach-
related losses could top $1 billion.
Shareholders have responded sighting fiduciary irresponsibility with
derivative suits:
• TJX Companies (2007)
• Heartland Payment Systems, Inc. (2009)
• Wyndham Worldwide Corporation (2014)
• Target Corporation (2014)Source: Cyber-Risk Oversight NACD Director’s Handbook Series 2014
6Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL
Your Board Will Care
SEC Commissioner Luis Aguilar
June 10, 2014: Cyber Risks and the Boardroom Conference Speech
Corporate boards need to ensure that management is fully
engaged in developing defense and response plans as
sophisticated as the attack methods, or otherwise put their
company’s core assets at considerable risk.
“Good boards also recognize the need to adapt to new
circumstances such as the increasing risks of cyber-attacks.”
Also June 2014: New Directors “Handbook”
7Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL
But You Will Need To Help Them Care
“It is incumbent upon the executive team to take
ownership of cyber risk and ensure that the Board
understands how the organization will defend
against and respond to cyber risks.”
Source: PwC 2015 Global State of Information Security Survey
8Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL
LACK OF HYGIENE
What Keeps Me Up At Night?
And Translate Your Concerns To Make The Case
THREAT UNDETECTED
205 Days
Initial
Breach
REMEDIATION
Median number of days threat groups were
present on a victim’s network before
detection.
Mandiant 2015
M-Trends Report
24 Days
2982 Days
Less than 2013
Longest Presence
PER
SIST
ENC
E
• Credential Protection
• Privilege Escalation
• Lateral Movement
• Remote Access
• Poor Process / Slow Response
• Flat Networks
• Basic Vulnerability Management
TOO MUCH NOISE
OTHER VECTORS
• Cloud
• Mobile
• People
• Supply Chain
400K
UNIQUEMALWARE SAMPLES
REVIEWED AND
PROCESSED DAILY
“Security
breaches are
inevitable.”- Mandiant 2015 M-
Trends Report
9Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL
Decide How Good You Need To Be
Soph
istication o
f th
e T
hre
at
Security Capability/Agility to Respond
Conventional Threats
Cybercrime
Cyber Espionage
(APT)
Nation State Attacks
D
C
B
A
Minimalist
Reactive
Concerned
Advanced
10Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL
Understand GAPS You Must Close To Get There
Minimalist Concerned Advanced
[Information]
[Speed]
[Automation]
[Strategy]
[Program Management]
[Risk Tolerance]
[Governance]
AD
AP
TIV
E A
PP
RO
AC
H
Reactive
EX
IST
ING
AP
PR
OA
CH
11Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL
INTELLIGENCE
50 BILLION+ OBJECTS ANALYZED PER DAY
FRONT LINE INTEL FROM HUNDREDS OF
INCIDENTS
MILLIONS OF NETWORK &
ENDPOINT SENSORS
HUNDREDS OF INTEL AND MALWARE
EXPERTS
HUNDREDS OF THREAT ACTOR PROFILES
DISCOVERED 16 OF THE LAST 22 ZERO-
DAYS
TECHNOLOGYIDENTIFIES KNOWN, UNKNOWN, AND NON
MALWARE BASED THREATS
INTEGRATED TO PROTECT ACROSS ALL MAJOR
ATTACK VECTORS
PATENTED VIRTUAL MACHINE TECHNOLOGY
EXPERTISE
“GO-TO” RESPONDERS FOR SECURITY
INCIDENTS
HUNDREDS OF CONSULTANTS AND
ANALYSTS
UNMATCHED EXPERIENCE WITH ADVANCED
ATTACKERS
FireEye Adaptive Defense: Close The Gaps
12Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL
TECHNOLOGY
INTELLIGENCE
EXPERTISE
FireEye Adaptive Defense Components
13Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL
Expertise Through People And Program Design
Situational Awareness Security Architecture &
EngineeringSecurity Risk Management
Threat &
Intelligence
• Intelligence
Gathering and
Dissemination
• Threat Scenario
Modeling
• Impact Assessments
• Exercise
Preparedness
• Counter-Intelligence
Enterprise
Monitoring
• SOC Monitoring
• Log Management
• Alert Management
• Incident
Management
• Investigations &
Forensics
• E-Discovery
• Internal Vulnerability
Management
• Remediation
Assistance
• Product Vulnerability
Management
Architecture &
Engineering
• Security Architecture
Design
• Security Architecture
Implementation
• Security Architecture
Standards
• Project Solution
Architecture
• FireEye Product &
Integration Showcase
• M&A Support
Policy &
Certification
• Security Policy
Development
• Customer and
Internal Auditing
• Product and Service
Certifications
• Security Awareness
• Customer Contract
Assurance
Management
• Compliance
Management
• Security Process
Development
Risk Management
• Risk Assessment
and Analysis
• Vendor Management
& Review
• Product Release
Assessments
• IT System Security
Assessments
• Remediation
Prioritization
• Security Planning &
Strategy
• Security Governance
• Business Continuity
Let’s keep it
from happening.
Let’s make sure
it isn’t
happening.
Let’s manage
what can
happen.
Will it happen? It happens.
14Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL
Don’t Just Listen To Me
“Accelerating investments is not enough … You have to mature your organization, your people, and your technologies, and that can be a more restraining factor than the availability of capital.”
(Gary Hayes, CIO of CenterPoint Energy - PWC Global State of Information Security) Survey 2015)
15Copyright © 2015, FireEye, Inc. All rights reserved. CONFIDENTIAL Copyright © 2015, FireEye, Inc. All rights reserved.
THANK YOU!!