Identifying How Firms Manage Cybersecurity Investment SMU-IBM
Do You Manage Software? Understanding Your Role in Cybersecurity Defense
-
Upload
flexera-software -
Category
Technology
-
view
69 -
download
0
Transcript of Do You Manage Software? Understanding Your Role in Cybersecurity Defense
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential1
Do you manage software? Understand your role in cybersecurity defense
Marcelo Pereira, Product Marketing ManagerTim Davis, Senior Product Marketing Manager
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential2
The Cyber Threat Facing All Of UsCosts And Consequences Security Incidents and Data Breaches
Extensive downtimeExposure of intellectual property
Damage to brand and reputation
Theft/exposure of confidential data
Reduced productivity levels
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential3
Impact of incidents
Source: “Cisco 2017 Annual Cybersecurity Report” http://www.cisco.com/c/en/us/products/security/security-reports.html
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential4
To Watch This Webinar On Demand Register Here
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential5
Security Incidents versus Data BreachesAnd the cost of resolving incidents
Over
100,000security incidents in
2015
From which
3,141Were confirmed data
breaches
Sources:“2016 Data Breach Investigation Report” Verizon http://www.verizonenterprise.com/verizon-insights-lab/dbir/2016/* “2015 Cost of Cyber Crime Study: Global.” Ponemon Institute. October 2015. http://www.ponemon.org/blog/2015-cost-of-cyber-crime-united-states
$21,000 a day*
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential6
Companies Breached In 2016 - Highlights
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential7
“The Key Goal:
Reducing Adversaries Operational Space”
- Cisco
Source: “Cisco 2017 Annual Cybersecurity Report” http://www.cisco.com/c/en/us/products/security/security-reports.html
Addressing today’s challenges for security
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential8
PRINCIPLES OF SECURITY
WATCH THIS WEBINAR ON DEMAND REGISTER HERE
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential9
Resilience
DetectRespondRecoverPreventBreaches WILL
happen
Prevention:Reduce the attack
surface for hackers
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential11
“A Rapidly Expanding Attack Surface Requires an Interconnected and Integrated
Approach to Security”
- Cisco
Source: “Cisco 2017 Annual Cybersecurity Report” http://www.cisco.com/c/en/us/products/security/security-reports.html
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential12
SECURITY ROLES
The challenge of hitting a moving target
WATCH THIS WEBINAR ON DEMAND REGISTER HERE
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential13
Role: Information Security
Evangelize security awareness Conduct vendor risk assessmentOversee regulatory compliance Assess security position of infrastructure
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential14
Source: “Cisco 2017 Annual Cybersecurity Report” http://www.cisco.com/c/en/us/products/security/security-reports.html
Is Security a Priority?
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential15
Role: IT Security
Mitigates the risk of security incidents and breachesIdentifies and responds quickly to incidents
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential16
Dealing with possible security incidents
Source: “Cisco 2017 Annual Cybersecurity Report” http://www.cisco.com/c/en/us/products/security/security-reports.html
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential17
OPERATIONS ROLES
The challenge of managing software
WATCH THIS WEBINAR ON DEMAND REGISTER HERE
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential18
Role: Desktop Management
Preform application risk assessmentRestrict use of unauthorized applications Remove unused applicationsControl Self-Service deployment
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential19
Global Pharmaceutical Company
89% Reduction in the number of apps from over 3,700 applications to just 400
• Reduced attack surface• Improved governance• Streamlined employee choice• Saved $1,968,000 in labor costs in the first year
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential20
Role: Software Asset Management
Discover software and maintain normalized inventoryUnderstand application usage trendsReduce the application footprint
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential21
Chicago Public Schools
Making informed decisions to reduce new software purchases and negotiate more favorable vendor contracts
• Identified 29,000 different applications installed• Discovered end of life (EOL) software• Collaborated with the security team to remediate issues
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential22
Role: Patch Management
Asses and Prioritize patchingDeploy patches and verify Align with Security policies
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential23
Security Patch ManagementChallenges And Misconceptions
• Patch Management = managing deployment of patches• No synergy between security assessment and patch activities• Patching Microsoft applications is good enough• Focus only on the most common non-Microsoft applications• Relying on vendor information and alerts
CONSEQUENCES: • Non prioritized patching process• Waste of resources• Applications staying unpatched for
months or many times, years• Business disruption and breaches
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential24
Time To Patch!Patch Availability On The Day of Disclosure
Source: “Flexera Software Vulnerability Review 2017.” http://www.flexerasoftware.com/enterprise/resources/research/vulnerability-review/
81%
92.5%
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential25
How our customer improved their processes
68%69%
1 staff/day
58%25%
Daily and Weekly
Daily and Weekly
2+ staff/day
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential26
Conclusion
Operationalize people, processes and technology in an integrated fashion to effectively reduce the attack surface for cybercriminals and hackers.
Maintain and share accurate inventory dataStreamline and rationalize your portfolioConduct risk assessmentPrioritize security patching
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential27
Additional Resources
Visit us online: www.flexerasoftware.com/enterprise/resources
White Papers:
Bridging Vulnerability Management Gaps
On Demand Webinar:
SAM and Security Teams Must Join Forces to Enhance Security
Success Story:
Chicago Public Schools
Reports:
Vulnerability Review 2017
© 2017 Flexera Software LLC. All rights reserved. | Company Confidential28
WE’RE REIMAGINING THE WAY SOFTWARE IS
w w w . f l e x e r a s o f t w a r e . c o m
SOLD SECUREDMANAGEDBOUGHT
North America: 800-809-5659Europe, Middle East & Africa: +44 (0) 870 873 6300Asia-Pacific: +61 3 9895 2000
WATCH THIS WEBINAR ON DEMAND REGISTER HERE