Post on 20-Jul-2015
For more information please contact us
T: +44 (0)1622 723400 E: info@secdata.com www.secdata.com
MARTY LEGG
DIRECTOR OF CLOUD SERVICES
SECUREDATA
MARTY.LEGG@SECDATA.COM
A NEW APPROACH TO COMBATING CYBER CRIME
PRIVATE & CONFIDENTIAL25/11/14
3
A NEW APPROACH
TO COMBATING
CYBER CRIME
25/11/14
A NEW APPROACH TO COMBATING CYBER CRIME 3
PRIVATE & CONFIDENTIAL
A NEW APPROACH TO COMBATING CYBER CRIME
PRIVATE & CONFIDENTIAL25/11/14
4
FIREWALLS
ENDPOINT
SECURITY
THE CURRENT SECURITY LANDSCAPE
GATEWAY
SECURITY
IPS/IDSSERVER
SECURITY
A NEW APPROACH TO COMBATING CYBER CRIME
PRIVATE & CONFIDENTIAL25/11/14
5A NEW APPROACH TO COMBATING CYBER CRIME
PRIVATE & CONFIDENTIAL25/11/14
5
THE SECURITY CONUNDRUM
ORGANISATIONS ON THE FRONT LINE NEED
A NEW APPROACH…
WE ARE NOT GOING TO WIN THE BATTLE
SECURITY SPEND
CONTINUES
TO RISE
BUT SO DOES
THE NUMBER OF
BREACHES
621
REPORTED
IN THE LAST
12 MONTHS
UP 23%
OVER THREE
YEARS
$$30.1 BILLION
SPEND BY
2017
UP FROM
$9.6 BILLION
IN 2006
A NEW APPROACH TO COMBATING CYBER CRIME
PRIVATE & CONFIDENTIAL25/11/14
6A NEW APPROACH TO COMBATING CYBER CRIME
PRIVATE & CONFIDENTIAL25/11/14
6
A NEW APPROACH
A NEW APPROACH TO COMBATING CYBER CRIME
PRIVATE & CONFIDENTIAL25/11/14
7A NEW APPROACH TO COMBATING CYBER CRIME
PRIVATE & CONFIDENTIAL25/11/14
7
A GREATER INTELLIGENCE
A NEW APPROACH TO COMBATING CYBER CRIME
PRIVATE & CONFIDENTIAL25/11/14
8
ASSESS DETECT PROTECT RESPOND
REAL-TIME
RISK
ASSESSMEN
T
CONTEXTUA
L RISK
PROFILE
CORRELATED
THREAT &
SECURITY
INTELLIGENCE
EARLY THREAT
DETECTION
AUTOMATED
NETWORK
PROTECTION
THREAT
PREVENTION
EXPERTISE &
PROCESS
RAPID &
EXPERIENCE
D RESPONSE
REMEDIATION
A COMPLETE SECURITY PROCESS
A NEW APPROACH TO COMBATING CYBER CRIME
PRIVATE & CONFIDENTIAL25/11/14
9A NEW APPROACH TO COMBATING CYBER CRIME
PRIVATE & CONFIDENTIAL25/11/14
9
WHICH PRESENTS NEW CHALLENGES…
MORE
HARDWARE
MORE
RESOURCE
S
MORE
COMPLEXIT
Y
MORE
COSTS
DIVERSE
SKILLS
A NEW APPROACH TO COMBATING CYBER CRIME
PRIVATE & CONFIDENTIAL25/11/14
10
APPLIED INTELLIGENCE
TECHNOLOG
Y
PROCESS PEOPLE+ +
A NEW APPROACH TO COMBATING CYBER CRIME
PRIVATE & CONFIDENTIAL25/11/14
11A NEW APPROACH TO COMBATING CYBER CRIME
PRIVATE & CONFIDENTIAL25/11/14
11
INSIDE THE SECUREDATA GI CLOUD
ANALYTICS
EXPERT
PEOPLE
MILLIONSOF SECURITY LOGS AND DATA ANALYSED
HUNDREDSOF SECURITY EVENTS IDENTIFIED
TENSOF ALERTS INVESTIGATED
INDIVIDUALTHREATS WITH ACTIONABLE
INTELLIGENCE
VULNERABILITY SCANNING
THREAT FEEDS
CONTEXTUAL THREAT
INTELLIGENCE24 X 7 X 365 SOC
MANAGEMENT & RESPONSE
SENSEPOST
ADVANCED INTELLIGENCE WHITE
GLOVE RESPONSE
CUSTOMER
INFORMATION
SOFTWARE ALGORITHM
HARDWARE TECHNOLOGY
ANALYSTS
DEFENCE AND THREAT ANALYSTS
MALTEGO
BIG DATA ANALYTICS
SKYBOX RISK MANAGEMENT TOOL
SIEM PLATFORM CLASS LEADING
AFFINITY SECURE
A NEW APPROACH TO COMBATING CYBER CRIME
PRIVATE & CONFIDENTIAL25/11/14
12
CAPTURE
Requirement
document complete
Deployment
of agents
Mapping of critical
assets
Building a
prioritisation plan
LEARN
Initial deployment of
default rule set and
reporting functionality
Baseline of data
capture
NORMALISATION
OF CUSTOMER
DATA
Normalisation
of data
Normalisation
of service
Addition to
baseline report
functionality
INTERNAL
SYSTEMS
CORRELATION
Internal correlation
across multiple
technologies
Reporting/ Alerting
against
behavioural
change
EXTERNAL
THREAT DATA
CORRELATION
Correlate internal
behavioural
patterns and
information with
know external
threat intelligence
THREAT
ANALYTICS
The use of
analysts and
Maltego to
perform threat
analytics
remediation
recommendation
CONTINUAL
EVOLUTION
Continual
and never
ending service
development
THE SECUREDATA GI JOURNEY TO INTELLIGENCE
SERVICE DEVELOPMENT MANAGER
SECUREDATA GI INTELLIGENCE PHASES
1 2 3 4 5 ONGOING
BASE
1BASEBASE 1 2 3 4 5 ONGOING
A NEW APPROACH TO COMBATING CYBER CRIME
PRIVATE & CONFIDENTIAL25/11/14
13A NEW APPROACH TO COMBATING CYBER CRIME
PRIVATE & CONFIDENTIAL25/11/14
13
HOW TO CONSUME SECUREDATA GI
MODULAR
EASY AND QUICK
TO DEPLOY
SIMPLE TO SCALE
AGILE TO ADAPT
TO CHANGES
VULNERABILITY
SCANNING
NETW ORK
MODELING &
RISK
CONTROL
SIEM
BENEFITS SOLUTION
S
SERVICES
SECUREDATA GI
ADVANCED SECURITY
SECUREDATA GI
HOSTED
SECUREDATA GI
ESSENTIAL
A NEW APPROACH TO COMBATING CYBER CRIME
PRIVATE & CONFIDENTIAL25/11/14
14
A
COMPLETE
SECURITY
PROCESS
EXPERTISE
IN THE
CLOUD
THE
GLOBAL
CONTEXT
DELIVERED
AS-A-
SERVICE
CURRENT
MODEL
IS
BROKEN
APPLIED
INTELLIGENCE
AND
REMEDIATION
SUMMARY
$
A NEW APPROACH TO COMBATING CYBER CRIME
PRIVATE & CONFIDENTIAL25/11/14
15A NEW APPROACH TO COMBATING CYBER CRIME
PRIVATE & CONFIDENTIAL25/11/14
15
THANKYOU