CyberAttackRemediation &Mitigation
YOUR CYBER DEFENCES WILL BE
BREACHED
ITS INEVITABLE!
WHAT WILL YOU DO?
Decrease the Find 2 Fix …..
May Jun July Aug Sept OctJan Feb Mar Apr MayJun July Aug Sept Oct Nov Dec
snapchat Central Bank of Russia
Acceleration of Intellectual Property Loss: Significant Breaches of the Last 12 Months
• Unique Integrated Solution with Post Breach capabilities– Defend– Identify– Containment– Rapid Response– Full Forensics
• Combining Best of Breed ‘vendor’ - technologies
• Demonstrable TODAY @ Exclusive Networks
What is
Benefits
• Improved Visibility & Intelligence• Minimising Organisation Damage– Loss of Intellectual Property– Brand– Reputation– Loss of revenue
• Optimizing IT Resource• Reduce IT Costs • Faster Find-to-Fix and Reduced Time to
Remediation
Why do we need
• USA – >47,000 known IT security incidents in 2013
(Ref Verizon 2013)
– Average cost of a data leak• $5.5M per organisation (Ref Ponemon Rpt)
• UK IT security incidents – >54 per large organisation pa (Ref PWC 2013)
– Average cost of a data leak• $3.5M (Approx. £2.2M) per large organisation• 65k€ - 110k€ - Small to medium size orgnaisations
(Ref Ponemon Rpt)
• Belgium – 334 ‘serious’ incidents/Month • (ref SERT)
• Number of devices (endpoints) per user– PCs, Tablets, Smartphone
• BYOD– Consumerisation and choice increases IT
workload• Mobility
– Android based threats to hit 1M in 2013– 30% increase in Mobile Malware in last
6mnths (Fortinet)
• Cloud– Attractive point of entry for a cyber attack
• Applications– App Stores outside of IT control
Source:Execs Guide to 2012 Data Breaches - OSF
The problem is growing !
• Advanced Persistent Threats (APTs)– Often organisationally driven
• Zero Day exploits– Defending against the
unknown• Polymorphic threats
– Ever changing
Its inevitable that some of these Threats will become
successful ATTACKS!
....and Threats are getting more challenging
“Consider that by 2020, the United States is projected to have nearly 2,500 manned combat aircraft of all kinds. Of those, nearly 1,100 will be the most advanced fifth generation F-35s and F-22s. China, by contrast, is projected to have no fifth generation aircraft by 2020. And by 2025, the gap only widens. The U.S. will have approximately 1,700 of the most advanced fifth generation fighters versus a handful of comparable aircraft for the Chinese. Nonetheless, some portray this scenario as a dire threat to America's national security.”
2009: China Needs Over 16 Years to Catch Up
Lockheed USAF F22
Chengdu J-20
2009: China Needs Over 16 Years to Catch Up
Threats are Commoditising . . . . • Nation v Nation – Cyber Warfare • National Govt – Espionage • Central Govts - Hacktivism• Large, Global Brands . .IP/Robbery • Mid to Large sized Organisations..
Robbery?• You . . . . Burglary
• Of victims had up-to-date AV
100%
• Of breaches were reported by third parties67%
• Of breaches involved compromised credentials100%
• The median number of days an attacker was on the network229
Source: Mandiant M-Trends 2014 report
Post Breach Facts
The true cost of breach
• Loss of revenue– From outage, no trading
• Damage to reputation– Negative customer
reaction
• Loss of data– Cost of replacement,
repair and compliance
• Interruption to business– Diverting resources will
delay core activity
• Damage to customer confidence– Loyalty & ongoing business
delayed or lost
• Damage to investor confidence– Valuation can affect credit
limits & increase costs
• Loss of intellectual property– Leadership position lost &
margin impact
• Legal costs– See all the above!!!
Customer Pain Points• Lack of visibility
– Anomalies, behaviours, performance degradation– Indicators of change
• Sheer volume of Incidents– Lateral spread
• Incident response processes– Speed of response
• Time to remediate– Manpower, skills
• Why did it happen?– Forensics
• Costs• . . . A New Approach is Needed !
So what is needed?
• A cyber attack ‘early warning system’
• Single Pane of Glass • Rapid defence re-configuration• Better visibility • Actionable intelligence• Learn from our lessons
CyberAttackRemediation &Mitigation
meets the NEED• CARM delivers– Real-time monitoring– BIG DATA analysis for abnormality detection– Fast incident evaluation & qualification– Fast incident response determination– Control– Reconfigurable defences
`
Demonstrable Platforms
C.A.R.M
What people are saying about
1 Reseller says…• ‘We talk to our customers about IT security but its
always been a bit of challenge to help them select the right combination of products – CARM provides us with a comprehensive framework to help the customer make the right choices’
• Benefits:– CARM increases our credibility– Stalled conversations can be re-opened– Upsell opportunities in existing accounts– Greater account penetration
Another says…• ‘The CARM solution enables us to engage with
a much broader audience in the customer’
• Benefits:– Greater account penetration– Upsell opportunities in
existing accounts– Open new doors
1 Vendor said…• ‘CARM is great – it positions our product and
makes it more compelling & relevant’
• Benefits:– The Exclusive Networks (EN)
channel is more attractive than other routes
– EN Partners gain accelerated sales engagement with vendors
Another Vendor told us…
• ‘We pitched CARM instead of just our product and created an earlier opportunity!’
• Benefits:– Cross product lead generation– Shorter sales cycle– Broader customer engagement
VAR Benefits
• Post Breach – big Issue• Addresses a real need – NOW • Good reason for a conversation with customers• Demo facility can be booked • Demonstrate your value to customers
– “We understand your business issues”– ”How/Where does it (product) fit into your network”
• Incremental revenue opportunities • Could be annuity based if sold as a service
Next Steps• Talk to your customers about CARM• Qualify and arrange a demonstration• Explore their reaction• Evaluate the service and product potential • Create those opportunities with your account
manager
Next Steps - Materials
http://www.carmsecurity.com
• These PowerPoint slides – make merry• CARM white paper• CARM Info-graphic• CARM videos and canned demonstrations• More to come…
Summary • Post breach era is here• Not IF but WHEN • Organisations need to address it
– Seen as costly – Too complex – More work in overloaded dept.
• CARM simplifies & automates this– Accelerates – FIND 2 FIX …… 229 days …EBay 90 days +
• Rapid outcomes at reasonable cost • Real-life working platform NOW for demos• It works!!! . . . . .
So ........