Keep CARM with TONY

The Exclusive Networks GroupTony Rowan

Introducing…

CyberAttackRemediation &Mitigation

YOUR CYBER DEFENCES WILL BE

BREACHED

ITS INEVITABLE!

WHAT WILL YOU DO?

Why do we need

• USA – >47,000 known IT security incidents in 2012

(Ref Verizon 2013)

– Average cost of a data leak• $5.5M per organisation (Ref Ponemon Rpt)

• UK IT security incidents in 2012 – >54 per large organisation pa (Ref PWC 2013)

– Average cost of a data leak• $3.5M (Approx. £2.2M) per organisation

(Ref Ponemon Rpt)

The problem is growing !

• Number of devices (endpoints) per user– PCs, Tablets, Smartphone

• BYOD– Consumerisation and choice increases IT

workload• Mobility

– Android based threats to hit 1M in 2013– 30% increase in Mobile Malware in last

6mnths (Fortinet)

• Cloud– Attractive point of entry for a cyber attack

• Applications– App Stores outside of IT control

Source:Execs Guide to 2012 Data Breaches - OSF

....and Threats are getting more challenging• Advanced Persistent Threats

(APTs)– Often organisationally driven

• Zero Day exploits– Defending against the

unknown• Polymorphic threats

– Ever changing

Its inevitable that some of these Threats will become

successful ATTACKS!

Threats are Commoditising . . . . • Nation v Nation – Cyber Warfare • National Govt – Espionage • Central Govts - Hacktivism• Large, Global Brands . .IP/Robbery • Mid to Large sized Organisations..

Robbery?• You . . . . Burglary

2009: China Needs Over 16 Years to Catch Up

“Consider that by 2020, the United States is projected to have nearly 2,500 manned combat aircraft of all kinds. Of those, nearly 1,100 will be the most advanced fifth generation F-35s and F-22s. China, by contrast, is projected to have no fifth generation aircraft by 2020. And by 2025, the gap only widens. The U.S. will have approximately 1,700 of the most advanced fifth generation fighters versus a handful of comparable aircraft for the Chinese. Nonetheless, some portray this scenario as a dire threat to America's national security.”

Lockheed USAF F22

Chengdu J-20

2012: Spot the Difference

Post Breach Facts!

The true cost of breach

• Loss of revenue– From outage, no trading

• Damage to reputation– Negative customer

reaction

• Loss of data– Cost of replacement,

repair and compliance

• Interruption to business– Diverting resources will

delay core activity

• Damage to customer confidence– Loyalty & ongoing business

delayed or lost

• Damage to investor confidence– Valuation can affect credit

limits & increase costs

• Loss of intellectual property– Leadership position lost &

margin impact

• Legal costs– See all the above!!!

Acceleration of Intellectual Property Loss: Significant Breaches of the Last 12 Months

Feb Mar Apr May Jun July Aug Sept OctJanFeb Mar Apr May Jun July Aug Sept Oct Nov Dec

snapchat

Customer Pain Points• Lack of visibility

– Anomalies, behaviours, performance degradation– Indicators of change

• Sheer volume of Incidents– Lateral spread

• Incident response processes– Speed of response

• Time to remediate– Manpower, skills

• Why did it happen?– Forensics

• Costs• . . . A New Approach is Needed !

So what is needed?

• A cyber attack ‘early warning system’

• Single Pane of Glass • Rapid defence re-configuration• Better visibility • Actionable intelligence• Learn from our lessons

CyberAttackRemediation &Mitigation

meets the NEED• CARM delivers– Real-time monitoring– BIG DATA analysis for abnormality detection– Fast incident evaluation & qualification– Fast incident response determination– Control– Reconfigurable defences

What is

• Unique Integrated Solution with Post Breach capabilities– Defend– Identify– Containment– Rapid Response– Full Forensics

• Combining Best of Breed ‘vendor’ - technologies

• Demonstrable TODAY @ Exclusive Networks

Benefits

• Improved Visibility & Intelligence• Minimising Organisation Damage– Loss of Intellectual Property– Brand– Reputation– Loss of revenue

• Optimizing IT Resource• Reduce IT Costs • Faster Find-to-Fix and Reduced Time to

Remediation

VAR Benefits

• Post Breach – big Issue• Addresses a real need – NOW • Good reason for a conversation with customers• Demo facility can be booked • Demonstrate your value to customers

– “We understand your business issues”– ”How/Where does it (product) fit into your network”

• Incremental revenue opportunities • Could be annuity based if sold as a service

What Exclusive is Doing• Working on real solutions to real problems• Enabling our partners to engage with

customers about problems and solutions – not just products

• Doing our bit to make e-Commerce safer• Working with vendors to get better more

integrated solutions

What people are saying about

1 Reseller says…• ‘We talk to our customers about IT security but its

always been a bit of challenge to help them select the right combination of products – CARM provides us with a comprehensive framework to help the customer make the right choices’

• Benefits:– CARM increases our credibility– Stalled conversations can be re-opened– Upsell opportunities in existing accounts– Greater account penetration

Another says…• ‘The CARM solution enables us to engage

with a much broader audience in the customer’

• Benefits:–Greater account penetration–Upsell opportunities in

existing accounts–Open new doors

1 Vendor said…• ‘CARM is great – it positions our product

and makes it more compelling & relevant’• Benefits:– The Exclusive Networks (EN)

channel is more attractive than other routes

– EN Partners gain accelerated sales engagement with vendors

Another Vendor told us…• ‘We pitched CARM instead of just our

product and created an earlier opportunity!’

• Benefits:–Cross product lead generation– Shorter sales cycle–Broader customer engagement

CARM Attraction!• Addresses the IT security end game

– MITIGATION !• Saves the customer having to figure it all out

– Saves the VAR a whole lot of explaining• Helps the vendor position their proposition

– Makes Exclusive Networks the SuperVAD of choice• Puts US/VAR back in control of positioning.• Demonstrates value & credibility with VARs and Vendors • By demonstrating it de-risks the purchase• Speeds up sales process• Solution sell adds more value• Pro Services & Managed Servcies

Everyone WINS with CARM!

Summary • Post breach era is here• Not IF but WHEN • Organisations need to address it – Seen as costly – Too complex – More work in overloaded dept.

• CARM simplifies & automates this • Rapid outcomes at reasonable cost • Real-life working platform NOW for demos• It works!!! . . . . .

Our immediate action…

• Technical sessions here at the BIG Kick-off to determine alternative CARM vendor integrations for different regions

• Exploration of the CARM resources• Ideas and roadmap for further development

So ........