mitigating the risk of security breaches and minimizing ... · center for strategic and...
TRANSCRIPT
![Page 1: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/1.jpg)
#completevisibility
Mitigating the risk of security breaches and minimizing compliance costsin the Enterprise
Speakers
Jeff MelnickManager, Sales [email protected] x 971
Danny MurphyPre-Sales [email protected] x 2202
![Page 2: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/2.jpg)
#completevisibility
Housekeeping
All microphones will be mutedfor the duration of the webinar
To submit text questions use the Question Pane
All questions, comments or opinions are greatly appreciated
The Question Pane
![Page 3: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/3.jpg)
#completevisibility
Agenda
Security Breaches in the Enterprise
Compliance Standards and Regulations
Top Pain Points for the Enterprise
Case Study
Demonstration
Budget calculation and ROI
About Netwrix Corporation
Questions and Answers
Prize Drawing
![Page 4: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/4.jpg)
#completevisibility
Security Incidents in the Enterprise
44% more incidents in 2014
A rich trove of information is under the risk – including: trade strategy documents, intellectual property, large volumes of consumer data and more.
![Page 5: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/5.jpg)
#completevisibility
Financial losses
PWC Global State of Information Security Survey 2015:The annual estimated reported average financial loss for 2014 - $2.7 million – a
jump of 34% over 2013
Verizon Data Breach Investigations Report 2015:$400 million the estimated financial loss from 700 million compromised
records
Center for Strategic and International Studies:Estimated that the annual cost of cybercrime to the global economy ranges from
$375 billion to as much as $575 billion
World Bank, World Development Indicators Database:loss of trade secrets may range from $749 billion to as high as $2.2 trillion annually.
![Page 6: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/6.jpg)
#completevisibility
Typical sources of security breaches
Insider Threats Internal employees Current and former service providers Consultants Contractors
Insider Threats are more costly and damaging
The Top Offenders of Insider Crimes
Source: http://www.pwccn.com/webmedia/doc/635527689739110925_rcs_info_security_2015.pdf
18% current service providers/
consultants/contractors
15% former service providers/
consultants/contractors
35% current employees
30% former employees
13% suppliers/business partners
11% customers
![Page 7: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/7.jpg)
#completevisibility
Typical sources of security breaches
24
24
18
16
16
14
10
9
7
6
0 5 10 15 20 25 30
Hackers
Competitors
Unknown
Activists
Information brokers
Organized crime
Terrorists
Foreign organizations
Foreign nation-states
Domestic intelligence service
OUTSIDE SOURCES OF SECURITY BREACHES, 2013-2014, %
Source: http://www.pwccn.com/webmedia/doc/635527689739110925_rcs_info_security_2015.pdf
![Page 8: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/8.jpg)
#completevisibility
Compliance Standards and Regulations
Best Practices, Standards and Regulations
ISO 27001, COBIT, NIST
PCI, HIPAA, SOX, FISMA, FFIEC/GLBA
Commonalities
Availability, Integrity, Security, Accountability
Policies, Implementation, Validation, Reporting
![Page 9: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/9.jpg)
#completevisibility
Non-Compliance Consequences
ComplianceStandard
Financial and Non-Financial Consequences
PCIHome Depot - $43 millionTarget - $1 billion
HIPAANY and Presbyterian Hospital and Columbia University - $4.8 million
Cignet Health Center - $4.3 million
SOX
American International Group (AIG) - $800 millionWorldCom, Inc. – $750 million
![Page 10: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/10.jpg)
#completevisibility
Budget
Enterprise: 5% increase in security spending for 2014
Overall, 3,8% of IT budget spent on information security
Source: http://www.pwccn.com/webmedia/doc/635527689739110925_rcs_info_security_2015.pdf
INFORMATION SECURITYBUDGET IN THE ENTERPRISE
$ BILLION
2013 2014
10,310,8
![Page 11: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/11.jpg)
#completevisibility
Spending Priorities
Privileged user access
Account provisioning/deprovisioning
Role based access controls
Tools to discover unauthorized access
Data loss prevention tools
Tools to discover unauthorized access
Unauthorized use or access monitoring tools
Source: http://www.pwccn.com/webmedia/doc/635527689739110925_rcs_info_security_2015.pdf
![Page 12: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/12.jpg)
#completevisibility
Top Pain Points for the Enterprise
Collect, consolidate, process of the audit data and manage changes overall
Provide monitoring of data and configurations integrity
Able to provision systems’ accounts and related privileges
Manage privileged accounts
Control access permissions
Audit changes to and configurations of the informational systems
Manage credential information
Able to perform data governance
SECURITY
![Page 13: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/13.jpg)
#completevisibility
Top Pain Points for the Enterprise
Need a reliable tool to enact continuous compliance once implemented, while also improving and simplifying internal audit processes
Able to audit all the information, without a random sampling
Provide the direct access to the audit team rather than relying on the information provided
Automate the process of reports creation
Provide centralized and long-term data storage for comparison and recovery
COMPLIANCE
![Page 14: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/14.jpg)
#completevisibility
Top Pain Points for the Enterprise
Ensure business continuity
Simplify the process of reports creation
Delegate access to audit data
Reduce time to investigate, find and fix changes
Response to arising problems faster
OPERATIONS
![Page 15: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/15.jpg)
Netwrix Auditor
What We Do?
enables #completevisibility into both security configuration
and data access within your IT infrastructure
by providing actionable audit data
about who changed what, when and whereand who has access to what across
your IT infrastructure.
![Page 16: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/16.jpg)
What We Do?
![Page 17: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/17.jpg)
#completevisibility
Case Study
Enterprise Inns
Industry: Retail
Application:Active Directory, Microsoft Exchange, File Server, SQL Server
For us being secured means knowing what is going on. We can always refer to Netwrix Auditor to ensure that our networks are in a safe state.
- Tej Singh, Senior Systems Analyst, Enterprise Inns
![Page 18: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/18.jpg)
#completevisibility
Case Study
Challenge: Lack of Visibility over Virtualized Data
Native logs would not provide us with necessary level of detail about what is happening across our network. So we were recommended to improve the visibility into the IT infrastructure with a change auditing solution.
- Tej Singh, Senior Systems Analyst, Enterprise Inns
![Page 19: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/19.jpg)
#completevisibility
Solution: Non-Intrusive Auditing for Network Security
The main concern for Enterprise Inns has been a lack of visibility over amendments users made to files and folders, permissions, distribution and security groups.
Netwrix Auditor improves the security and helps us get complete visibility over the network easily. By running reports on specific changes we can detect and respond to odd modifications on the go.
- Tej Singh, Senior Systems Analyst, Enterprise Inns
Case Study
![Page 20: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/20.jpg)
#completevisibility
Demonstration: Complete Visibility Into Changes With…
Netwrix Auditor
![Page 21: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/21.jpg)
#completevisibility
Budget Calculation
I. Personnel costs: current change reporting issues and report preparation
Manual Process
NetwrixAuditor
Average monthly AD changes investigated manually 30 30
Average time ( hours) to investigate, find and fix each relevant change
7 0.25
Average time each month time (in hours) to investigate, find and fix relevant changes
210 7.5
Average time each month ( hours) to manually prepare reports for the auditors
12 0.5
Average time each month (hours) to manually restore AD Objects
8 0.05
Monthly average time (hours) to find and fix changes, restore objects and prepare reports
230 8.05
![Page 22: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/22.jpg)
#completevisibility
Manual Process
NetwrixAuditor
Average annual salary + benefits cost for AD support personnel $65,000 $65,000
Average number of work days per year (49 weeks x 5 days/week) 245 245
Average hours worked per day 8 8
Average number of hours worked per year 1,960 1,960
Average hourly wage of a support person $33 $33
Average Monthly Cost to fix relevant current changes $7,628 $267
Average annual personnel cost to find/fix changes, restore objects and prepare reports $91,531 $3,204
Budget Calculation
![Page 23: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/23.jpg)
#completevisibility
One Year ROI
II. First Year Net Savings Using Netwrix Auditor for AD
First Year License Cost $20,000
First year Support and Maintenance costs $4,000
Total Netwrix Product First Year Costs $24,000
Personnel costs for dealing with AD issues using Netwrix Auditor for AD $3,204
Total Cost Netwrix Auditor for AD and Personnel Time to use it $27,204
Cost personnel time manually dealing with AD issues $91,531
First Year Net Savings Using Netwrix Auditor for AD $64,327
One Year ROI Using Netwrix Auditor for AD 236 %
![Page 24: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/24.jpg)
#completevisibility
Three Year ROI
III. Three Year Savings Calculation Using Netwrix Auditor for AD
First Year Costs - License plus Support and Maintenance $24,000
Second Year Support and Maintenance Costs $4,000
Third Year Support and Maintenance Costs $4,000
Three Year Costs Netwrix Auditor for AD Licenses and Support and Maintenance $32,000
Three Year Personnel Costs To Use Active Directory $9,611
Total Three Year Costs For Netwrix Auditor for AD $41,611
Three Year Costs Employing Manual Processes $274,591.84
Three Year Net Savings Using Netwrix Auditor for AD $232,981.12
Three Year ROI Using Netwrix Auditor for AD 560 %
![Page 25: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/25.jpg)
#completevisibility
Key Resources Saved:
MONEY
TIME
EFFORTS
![Page 26: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/26.jpg)
#completevisibility
Briefly About Netwrix
All awards: www.netwrix.com/awards
![Page 27: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/27.jpg)
#completevisibility
Netwrix Corporation
Founded in 2006
HQ in Irvine, California
Philosophy – deliver complete visibility of IT infrastructure
Global customer base – 6000
6M user licenses
Global support North America, EMEA and Asia
Among the fastest growing software companies in the US (Inc 5000, Deloitte)
Corporate Headquarters:300 Spectrum Center Drive #820 Irvine, CA 92618888-638-9749www.netwrix.com
Additional Offices:Columbus, OHParamus, NJAtlanta, GAKent, UK
![Page 28: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/28.jpg)
#completevisibility
Financial
Healthcare & Pharmaceutical
Federal, State, Local, Government
Industrial/Technology/Other
Our Customers
![Page 29: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/29.jpg)
#completevisibility
Next Steps
Free Trial: setup in your own test environment
netwrix.com/freetrial
Test Drive: virtual POC, try in a Netwrix-hosted test lab
netwrix.com/testdrive
Live One-to-One Demo: product tour with Netwrix expert
netwrix.com/livedemo
Contact Sales to obtain more information
netwrix.com/contactsales
Webinars: join our upcoming webinars or watch the recorded sessions
netwrix.com/webinars
netwrix.com/webinars#featured
![Page 30: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/30.jpg)
#completevisibility
Thank You for Your Attention!
Jeff Melnick
Manager of Sales Engineering
888-638-9749 x 971
Danny Murphy
Pre-Sales Engineer
88-638-9749 x 2202
Questions?
![Page 31: Mitigating the risk of security breaches and minimizing ... · Center for Strategic and International Studies: Estimated that the annual cost of cybercrime to the global economy ranges](https://reader034.vdocuments.site/reader034/viewer/2022042411/5f2aacba3d64606fd07499bf/html5/thumbnails/31.jpg)
#completevisibility
Prize Drawing
Haven’t won this time? Sign up for upcoming sessions: https://www.netwrix.com/webinars.html
Get Your GoPro
Hero4 Silver!