Upload
skybox-security
View
174
Download
1
Embed Size (px)
Citation preview
Risk Analytics – One Intelligent View
www.skyboxsecurity.com
+49 40 31979956
Thomas Wendrich, Director CEUR, Skybox Security
Simon Roe, EMEA Channel Presales Director
November 2014
© 2014 Skybox Security Inc. 3
Agenda
Cyber Risk - The Management Challenge– Facts and Figures
Live Demo
Summary
© 2014 Skybox Security Inc. 4
Lloyds Risk Index 2013
“The World Catches Up With Cyber Risk”
“It appears that businesses across the world have
encountered a partial reality check about the
degree of cyber risk.
Their sense of preparedness to deal with the level
of risk, however, still appears remarkably
complacent.”
© 2014 Skybox Security Inc. 5
Verizon Data Breach Investigations Reports
Incidents tripled over last
year’s already much
increased number
97% of breaches were
avoidable through simple or
intermediate controls (2012)
© 2014 Skybox Security Inc. 6
Security Management is Challenging Today
Too much output from security tools
Lack of visibility across silos
Maintaining continuous compliance
Making agile and secure changes
Understanding risk implications
Problems our customers face
Evolving threat landscape
© 2014 Skybox Security Inc. 7
Seeing the Battlefield
“The battlefield is a scene of constant chaos. The winner will be the one who
controls that chaos , both his own and the enemies” NAPOLEON BONAPARTE
© 2014 Skybox Security Inc. 9
Attackers Understand Your Attack Surface
…You Don’t
Expansion Drivers
Vulnerabilities
Endpoints
Exploits
Network access
Contraction Drivers
Network segmentation
Fixing vulnerabilities
Technical controls
Hours to attack, months to defend
© 2014 Skybox Security Inc. 10
Recent Snowden Leak Backs This Up
KEY
OBJECTIVE!
Source – TED Talk October 2013 – Mikko Hyponnen, Chief Risk Officer F-Secure
© 2014 Skybox Security Inc. 12
Network Visibility:Topology
Routing
Policies
Firewalls
Endpoints Visibility:Software
Patches
Vulnerabilities
Classification
Use Risk Analytics to Understand Your
Attack Surface—Continuously
Attack VectorsRisk Metrics
Remediation Plans
Network Visualization
Contextual Analysis
© 2014 Skybox Security Inc. 16
Combine Data & Give It Battlefield Context
√ 80+ Vendors integrated with Skybox
© 2014 Skybox Security Inc. 17
Skybox – A Critical Component of Next
Generation Cyber SOC Design
IT-GRC - Integrated Security Dashboard & Reporting
Risk Analytics
Security intelligence to
minimize risk exposure
Security Information &
Event Management
Event monitoring to detect
& respond to incidents
Cyber Security Analysts
© 2014 Skybox Security Inc. 18
Skybox Company SnapshotLeading provider of risk analytics solutions for security management & cyber defense
Founded 2002
Revenue Growth 50%+
Customers 400+
Countries 40
Headquarters San Jose
R&D Center Israel
Identify security gaps in minutes, not weeks
© 2014 Skybox Security Inc. 19
400+ Enterprise Customers in 40+ Countries
Financial
ServicesTechnology Healthcare
Government
& DefenseConsumer
Service
Providers
Energy &
Utilities
© 2014 Skybox Security Inc. 20
Monitor Compliance
Model Network
Network Security Management with Skybox
Understand network context
Analyze Firewalls
Manage Changes
Rule and configuration checks
Access path analysis
Rule optimization
Change tracking
Automated audits
PCI DSS
FISMA
NERC
NIST
Custom Policies
Automate security assessments
Verify controls continuously
Optimize change process
Change Request
Tech Details
Assess Risks
Make Change
Reconcile Verify
Network topology view
Normalize data from 70+ systems
Access simulation
www.skyboxsecurity.com
+49 40 31979956
Thomas Wendrich, Director CEUR, Skybox Security
Simon Roe, EMEA Channel Presales Director
November 2014
SIGS _ Dec 2014
Security Interest Group Switzerland