Embed Size (px)
Citation preview
FORESCOUT CONFIDENTIAL
Flattening The Cyber Hygiene Curve(s)
March 16, 2017
2FORESCOUT CONFIDENTIAL
Today’s Challenge
• Incomplete Visibility – – Hidden or missing assets are beach heads for our adversaries– Most reports indicate top breeches are from older techniques (up to a
year)– Organizations on average have 30% of their IT assets un accounted for
• Control / Management:– Manual tasks often completed by sr. staff – Inverse OpEx / CapEx capacity / cost relationship– Silo’d technologies across disparate services
• Changing Landscape – – Internet of things (IOT) explosion is the new attack surface
Traditional defense in depth strategies generally do not adequately secure traditional devices and often have do not support IOT
Consequences and Impact of Inadequate Visibility & AutomationIndustry Stats:• 99% of exploits will continue to be from known vulnerabilities up to one year
through 2020 - Gartner
• Top 10 exploited vulnerabilities are more than a year old - HP Security Research. Cyber Security 2016
• 66% of networks with have an Internet of Things based breach by 2018 – IDC
• 80% of all endpoints connected endpoints to the network will not support agent based technologies by 2020 -Gartner
• On Average, our customers have identified an additional 30% of assets they were previously unaware of – ForeScout
• One in four organizations suffer cyber exposures up to six months due to skill gaps – Cybersecurity Nexus
Business / Mission impact:• Customer and Provider Suffer Credibility Issues• Breaches cost on average $4 Million – Ponemon Institute report June 2016
• Critical citizen services become unavailable (e.g. power, water, transportation, public safety, etc.)
Gartner Security and Risk Management Summit, “Preparing for Advanced Threats and Targeted Attacks”, Kelly Kavanaugh, June 2014; Webtorials and ForeScout Internet of Things Security Report, June 2016
http://www.forbes.com/sites/gilpress/2016/01/27/internet-of-things-iot-predictions-from-forrester-machina-research-wef-gartner-idc/6/#26e32a1972a0 ; http://www.gartner.com/smarterwithgartner/top-10-security-predictions-2016/
4FORESCOUT CONFIDENTIAL
NASCIO 2016 Survey: CISO’s Asset Protection Confidence Level
Source: 2016 Deloitte-NASCIO Cybersecurity Study
How well are traditional defense in depth solutions working for your organization?
5
Traditional Point in Time Defense in Depth Cyber Hygiene Cycle
Operational Timeline
Level of Confidence / R
isk
High Confidence –Low Risk
Low Confidence –High Risk
1. New MalwareReleased
2. Vendor Issues Update
3. Ops Tests & Schedules Change
4. Ops ExecutesChange (repeat cycle)
Automation can help flatten the Cyber Hygiene Cycle
Consistent Cyber Hygiene
8
Desired State & Positive Mission OutcomesDesired State:• Complete visibility across all connected endpoints in real-time• Staff optimized for proactive support (Analytics, Hunting, Forensics)• Flattened cyber hygiene confidence / risk curve• 99.x% service level compliance is not only achievable it can be YOUR
minimum standard!• Challenged and engaged I.T. – proactive vs. fire fighting
Positive Mission Outcomes:• Improve IT services delivery via:– Real-time awareness of the cyber security posture across agencies– Expand IT operations capacity to execute– Real-time and complete services hygiene management– Real-time knowledge of entire IT asset population; hardware & software– Reliable software license inventory management
9
Required Capabilities - Journey to the Desired State
Agentless, Continuous Discovery & Situational Awareness– Network based visibility of ALL connected endpoints without the use of Agents– Ability to rapidly deployment the solution enterprise-wide– Defense In Depth – Monitor the cyber hygiene of all endpoints and the required
security controls in real-time
Instant Enterprise Visibility & Automation– Complete baseline of network connected devices – All IP based devices– Agentless visibility and control of traditional and non-traditional technologies (Internet
of Things)– Complete inventory for stakeholder, management and operational consumption
Continuous and Situational Asset Awareness– Proactive and Accurate ability to inform and notify customers of enterprise
vulnerabilities, risks and compliance – Automated and comprehensive response to enterprise threats – Complete visibility into IT assets and their configuration items
10
Questions?
