treat cyber like a disease
TRANSCRIPT
How to Treat Cyber Like a Disease:Through Familiar Data Collection and
Analysis Approaches
Today’s Speaker
2
Jason PolancichFounder & Chief ArchitectSurfWatch Labs
POLLING QUESTION
How do you know what your specific cyber risks are? (Select the most appropriate answer)
A. Threat data feedB. SIEMC. Managed service provider/consultantsD. Internally research cyber threatsE. We don’t know
3
Notice Anything Wrong Here?
4
Too Many Threats, Too Many Wide Open Doors
5
Do You Know It’s Coming?
Healthcare Targets Have Been “Low Hanging Fruit” for Cybercriminals•Large health insurers•Local dentists•Specialized healthcare IT consulting firms•Hospital chains•Plastic surgery clinics•Small regional hospitals•Dialysis center chains•Small insurance claims processing shops
6
Dark Web: Unforeseen Threats
7
What’s the Definition of Insanity?
8
This Cyber Emergency Requires a Different Approach
9
The reactionary/crisis-mode cybersecurity approach is not working! What we need is…
Consistent, managed and scientific cybersecurity strategy based on long-term commitment to data collection and analysis.
Where to Start? Follow in the Footsteps of PSOs
A Patient Safety Organization (PSO) is a group, institution or association that improves medical care by reducing medical errors. Common functions of patient safety organizations are data collection and analysis, reporting, education, funding and advocacy.
Replace “medical care” with “cyber” and you almost have it right?
10
Comparing PSOs to Cyber Risk Intelligence
PSO Cyber Risk IntelligenceCollects data on prevalence and individual details of errors.
Collects data on cyber activity from OSINT, dark web and internal users.
Analyzes sources of error by root cause analysis. Standardizes cyber event data into ATEP model and analyzes for trends.
Proposes and disseminates methods for error prevention.
Speeds response (and pre-response) to incidents.
Designs and conducts projects to study safety initiatives including monitoring of results.
Manages risks across your internal organization and supply chain.
Raises awareness and informs the public, health pros, providers, purchasers and employers.
Raises cross-organizational situational awareness of cyber risks.
Conducts fundraising and provides funding for research and safety projects.
Prioritizes the most effective use of tactical cybersecurity solutions.
Advocates for regulatory and legislative changes. Educates and informs your management and peers.
11
It All Starts with Data…
12
… The Intel is There
13
How Do You Get Here?
• Sound risk management is founded in evaluated intelligence, just like a PSO
• Simplify the complex cyber world into what matters– Who attacked who/what?– How was the attack carried out?– What was the impact?
14
It Requires Diligent Collection of Cyber Data
15
Cyber Risk Data Must Be Linked to Your Organization
16
POLLING QUESTION
Do you have a formal threat intelligence and analysis organization/program? (Select the most appropriate answer)
A.Our IT/cybersecurity team handles thisB.Our manager service provider handles thisC.NoD.I don’t knowE.Not yet, but planning on it
17
IntroducingSurfWatch Labs
Bridge the Gap Between Low-Level Tactics & Strategic Insights
19
SurfWatch Healthcare Case Study
20
Large Non-Profit Healthcare System Business Drivers•Wanted to be able to produce their own executive-level cyber reports •“Because it’s real-time, SurfWatch provides way more insight on the cyber world in healthcare than our consulting firm was providing us.”
SurfWatch Advantages:•Gives full control of cyber reports produced for management•Adds real-time cyber insights within the healthcare market•Fraction of the cost of what company was paying consultant for static info
Solution Demonstration
21
Next Steps and Q&A
22
Read the 2015 Mid-Year Cyber Risk Report: info.surfwatchlabs.com/2015-mid-year-cyber-risk-report
Download Sample Dark Web Intel Report:info.surfwatchlabs.com/dark-web-report
Schedule a Demonstration:
•SurfWatch C-Suite:info.surfwatchlabs.com/request-demo
•Dark Web Intelligence Service:info.surfwatchlabs.com/dark-web-service-consultation
Thank You!
Follow us at:
www.surfwatchlabs.com