Upload File

prepare to be breached: how to adapt your security controls to the “new normal”

  • Home
  • Technology
  • Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”
21
telling the right story Confidential © Bloor Research 2015

Upload: alienvault

Post on 16-Jul-2015

268 views

Category:

Technology


2 download

Report

TRANSCRIPT

Page 1: Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”

telling the right storyConfidential © Bloor Research 2015

Page 2: Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”

Introductions

Fran HowarthSenior Analyst with Bloor

Patrick BedwellVP, Product Marketing with AlienVault

Page 3: Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”

telling the right storyConfidential © Bloor Research 2015 telling the right storyConfidential © Bloor Research 2015

Breach victims

“It’s not if, but when and how often”

Three-fold increase

over previous year

Source: PwC/Infosec Europe 2014, Symantec

Page 4: Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”

telling the right storyConfidential © Bloor Research 2015

Smaller firms in danger

Page 5: Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”

telling the right storyConfidential © Bloor Research 2015 telling the right storyConfidential © Bloor Research 2015

Smaller firms vital for the economy

Source: UK Department for Business, Innovation & Skills

Page 6: Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”

telling the right storyConfidential © Bloor Research 2015 telling the right storyConfidential © Bloor Research 2015

Challenges in threat detection for SMEs

Source: Ponemon Institute

Page 7: Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”

telling the right storyConfidential © Bloor Research 2015

A more proactive response

A unified security management platform:

Asset discovery

Vulnerability and threat management

Intrusion detection, threat identification and management

Behavioural monitoring

Security intelligence

Centralised management

Page 8: Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”

telling the right storyConfidential © Bloor Research 2015

Asset discovery

Page 9: Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”

telling the right storyConfidential © Bloor Research 2015

Vulnerability and risk assessment

Page 10: Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”

telling the right storyConfidential © Bloor Research 2015 telling the right storyConfidential © Bloor Research 2015

Threat identification: the role of threat intelligence

Source: InformationWeek

Page 11: Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”

telling the right storyConfidential © Bloor Research 2015

Behavioural monitoring

Page 12: Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”

telling the right storyConfidential © Bloor Research 2015 telling the right storyConfidential © Bloor Research 2015

Technology investments in event of breach

Source: Ponemon Institute

Page 13: Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”

telling the right storyConfidential © Bloor Research 2015 telling the right storyConfidential © Bloor Research 2015

Use of SIEM for security intelligence

Source: InformationWeek

Page 14: Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”

telling the right storyConfidential © Bloor Research 2015

Integrate tools into a single operating console

or dashboard

Maintain a continually updated software

inventory

Use continuous vulnerability monitoring

Complete a hardware inventory

Use network mapping

Incorporate log aggregation and correlation

Take threat intelligence feeds for threat

identification and prioritisationSource: SANS Institute

Recommendations

Page 15: Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”

telling the right storyConfidential © Bloor Research 2015 telling the right storyConfidential © Bloor Research 2015

Expected improvements for incident response

Source: SANS Institute

Page 16: Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”

telling the right storyConfidential © Bloor Research 2015

Advantages of security management platforms

Correlation of data from throughout network

Anomaly detection

Comprehensive visibility

Advanced threat protection

Risk prioritisation

Alerting and monitoring

Customise according to business needs

Demonstrate adherence to policies and controls

Protect sensitive data

Limit exposure to breach disclosure

Reduce risk to business partners and customers

Reduce costs

Page 17: Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”

AlienVault USM

ASSET DISCOVERY• Active Network Scanning

• Passive Network Scanning

• Asset Inventory

• Host-based Software Inventory

VULNERABILITY

ASSESSMENT• Continuous

Vulnerability Monitoring

• Authenticated /

Unauthenticated Active

Scanning

BEHAVIORAL

MONITORING• Log Collection

• Netflow Analysis

• Service Availability

Monitoring

SIEM• SIEM Event Correlation

• Incident Response

THREAT DETECTION• Network IDS

• Host IDS

• File Integrity Monitoring

Integrated, Essential Security Controls

Page 18: Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”

Integrated Threat Intelligence

Including Remediation & Response Guidelines

Coordinated Analysis, Actionable Guidance

Page 19: Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”

Integrated Threat Intelligence

Including Remediation & Response Guidelines

Coordinated Analysis, Actionable Guidance

Page 20: Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”

OTX + AlienVault Labs

Threat Intelligence Powered by Open Collaboration

Page 21: Prepare to Be Breached: How to Adapt your Security Controls to the “New Normal”

Now for some Q&A…

Test Drive AlienVault USM

Download a Free 30-Day Trial

http://www.alienvault.com/free-trial

Try our Interactive Demo Site

http://www.alienvault.com/live-demo-site

Questions?

[email protected]

Twitter: @alienvault


Adapt to Climate Change (Adapt2Change)

Exposed, Targeted and Breached - RCM&D

To adapt, or not to adapt - that is the question!

Security Breached - KopyKitab · Welcome to the “SECURITY BREACHED” Book by ... Nipun Jaswal, Parul Khanna, Rahul Tyagi, Rishabh Dangwal, Amarjit Singh, Ajay Anand, Anurag Acharya

Guidance to Adapt Forest Management for Climate … management guidance to adapt to climate change 3 Table of Contents Guidance to Adapt Forest Management for Climate Change in the

Shared secrets shhh ! Easily breached, stolen, or phished

Can eyes adapt to defocus?

Preventing Hybrid Cloud Environments from Being Breached

ADAPT Licensing Installation and User Guide · • Install the ADAPT software product (i.e. ADAPT-Builder, ADAPT-PTRC, etc.) on the computer you wish to run the program from by double

How they breached the GREAT FIREWALL OF CHINA

Utilizing Green Energy Prediction to Adapt to Energy ...seelab.ucsd.edu/virtualefficiency/resources/HotPower_11_poster.pdfUtilizing Green Energy Prediction to Adapt to Energy Supply

ADAPT TO CHANGE

10+ Ways to Adapt a Textbook

Explain how to adapt communication to meet

Are We Breached How to Effectively Assess and Manage Incidents

BREACHED: Data Centric Security for SAP

You Directory Has Been Breached!

Breached! App Attacks, Application Protection and Incident Response

Adapt Your Wording to Your Readers

Breached Bund

You will be breached

Marketers don't adapt to mobile

Adapting to Adapt - Jan Ball, WEA

Adapt Response to Iata

How to adapt the

co.nz breached websites data

FlexBooks: How To Adapt

How to adapt to the IOT

Adapt to Survive

Top 10 Signs Your Payment Network is Breached · Top 10 Signs Your Payment Network is Breached Glen Jones Senior Director, Visa Nov 16, 2016 ... • User login to resource with access

Adapt to Surive - Talent Management

You've Been Breached: How To Mitigate The Incident

- How banks adapt to PSD2

LEARNING TO ADAPT 2.0tytonpartners.com/tyton-wp/wp-content/uploads/2016/04/yton-Partners-Learning-to-Adapt...TYTON PARTNERS :: LEARNING TO ADAPT 20 4 SUMMARY Over the past three years,

To Adapt or Not to Adapt in Web Localization