Empowering Organisations to Thrive in the Face of Cyber Attacks An introduction to Resilient Systems Paul Ayers – General Manager, EMEA Chris Neely - Director

Empowering Organisations to Thrive in the Face of Cyber Attacks An introduction to Resilient Systems

Paul Ayers – General Manager, EMEAChris Neely - Director of Sales Engineering, EMEA

Resilient Systems, Inc. – Proprietary and Confidential | 2

AGENDA

► Market Landscape

► About us

► New incident response model

► How it works

► Live demonstration


Global State of Information Security 2015

The Rise of Cyber Incidents

Dramatic increase of security incidents and breaches


Average spend in 2 yearsP

reve

nt

& P

rote

ct

Dete

ct & R

espond

77% 61%

75% 60%

Average spend today

Median spend today

Median spend in 2 years

23% 39%

25% 40%

Average spend in 2 yearsAverage spend today

Median spend today

Median spend in 2 years

Massive move in security spending is underway

Research conducted April ‘15 by Pierre Audion Consultants


► Proven and Robust Processes / Best Practice

► Historically rudimentary tooling

► Now a defined market

Incident Response evolution

Spreadsheets Sharepoint Email Ticketing

“Security incident response platforms (SIRPs) contain

specialized capabilities intended specifically to support the

response to security incidents”

Technology Overview for Security Incident Response Platforms

Incident Response Evolution


OUR MISSION

Resilient Systems empowers organizations to thrive in the face of cyberattacks and business crises.


Pioneers in incident response

► Founded in 2010, created the first Incident Response Platform (IRP)

► Winning awards for innovation — and so are our customers

► World leader in incident response management bringing together people, process and technology

► Bruce Schneier, CTO — the leading security industry guru

► Headquartered in Cambridge, MA and London, UK

Resilient Systems

Most Innovative Product

In Germany


Why responseS

ER

VIC

ES

PR

OD

UC

TS

PREVENTION DETECTION RESPONSE


Select global customers

PROFESSIONAL SERVICES TELECOMCRITICAL INFRASTRUCTURE

HEALTHCARE

MANUFACTURING

TECHNOLOGY

FINANCIAL

RETAIL

INSURANCE

FEDERAL HOSPITALITY


PLATFORM OVERVIEW


A new approach to incident response

Brings together people, process and technology to transform, orchestrate and empower your incident response



It enables rapid collaboration within the IR Team and across the organization

MARKETING LEGAL BUSINESS CISO

CSIRT SOC FORENSICS IR



► Action plans (NIST)

► Organizational SOPs

► Event orchestration

► Task management

► Global data privacy obligations

► Tabletop exercises



Brings together all your existing security investments in one place


► Creates a single hub for all IR

► Empowers teams to work more intelligently

► Agile platform

► Custom Action Module

► Compatible with all other systems

Our unique value

INTELLIGENCE FEEDS

SIEM

EXTERNAL COMMUNICATION

CONFIGURATIONMGT

SANDBOX

ASSET DATABASEFORENSICS

CUSTOM PORTAL

EMAIL

TICKETING

INCIDENT RESPONSE PLATFORM


► Directory

► Endpoint forensics

► Threat Intelligence

► Endpoint controls

► Network controls

INFRASTRUCTUREINTEGRATION

EASY COLLABORATION

AUTOMATED ESCALATION

WEB FORM

TROUBLE TICKETING

ENTRY WIZARD

SIEM EMAIL

DASHBOARDS & REPORTING

TEAM UTILIZATION

CSO DASHBOARD

INCIDENT TIMELINE STATUS

INCIDENTS BY TYPE

OVER TIME

CUSTOMDASHBOARDS

& REPORTS

Resilient incident response platform

RESILIENT IRP MODULES

PRIVACYSECURITY ACTION


Sample case study – Fusion Project

ResilientPlatform

Threat Services

TIFPAggregated Normalized

► iSIGHT

► FS-ISAC

► Etc.

Analyst

Action Module

Remedy

AD

CMDB

Escalate / Sync

QRadar Splunk

Blue Coat Tanium Bit 9 Bromium

ArtifactLookup

Escalate / Sync

Enrich

Enrich


DEMONSTRATION


Q & A

Documents

Empowering Organisations to Thrive in the Face of Cyber Attacks An introduction to Resilient Systems Paul Ayers – General Manager, EMEA Chris Neely - Director