Survival of the Fittest: How to Build a Cyber Resilient Organization
-
Upload
tripwire -
Category
Technology
-
view
2.768 -
download
0
Transcript of Survival of the Fittest: How to Build a Cyber Resilient Organization
![Page 1: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/1.jpg)
Survival of the FittestHow to Build a Cyber Resilient Organization
Guest Speaker, Jeff PollardForrester, Principal Analyst
David MeltzerTripwire, Chief Technology Officer
![Page 2: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/2.jpg)
© 2016 Forrester Research, Inc. Reproduction Prohibited 2
Agenda
›Cutting Bloat In Security Operations›Challenged By Moving To The Cloud›Eliminating Our Operational Blind Spots›Developing New Strategic Plans For Resilience
![Page 3: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/3.jpg)
© 2016 Forrester Research, Inc. Reproduction Prohibited 3
Cutting Bloat In Security Operations
![Page 4: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/4.jpg)
© 2016 Forrester Research, Inc. Reproduction Prohibited 4
Interesting, but uncontrollable
![Page 5: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/5.jpg)
© 2016 Forrester Research, Inc. Reproduction Prohibited 5
Internal focus matters more than external focus
Source: Forrester Research “Hunting Insider Threats” report
![Page 6: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/6.jpg)
© 2016 Forrester Research, Inc. Reproduction Prohibited 6
Challenged By Moving To The Cloud
![Page 7: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/7.jpg)
© 2016 Forrester Research, Inc. Reproduction Prohibited 7
X-aaS vs. On-Premise Introduces Variables
Source: Forrester Research “Cloud Service Provider Categories Are Shifting: Here's Your Guide” report
![Page 8: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/8.jpg)
© 2016 Forrester Research, Inc. Reproduction Prohibited 8
Eliminating Our Operational Blind Spots
![Page 9: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/9.jpg)
© 2016 Forrester Research, Inc. Reproduction Prohibited 9
Figure out if its real
Alert
TrueNetwork
Endpoint
False Close
![Page 10: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/10.jpg)
© 2016 Forrester Research, Inc. Reproduction Prohibited 10
Ask questions based on source
Alert
TrueNetwork
Endpoint
False Close
![Page 11: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/11.jpg)
© 2016 Forrester Research, Inc. Reproduction Prohibited 11
Record artifacts
Alert
True
NetworkIP
URL
Endpoint
Hash
DeliveryFalse Close
![Page 12: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/12.jpg)
© 2016 Forrester Research, Inc. Reproduction Prohibited 12
Enrich contextually
Alert
True
Network
IP
External Intel
Internal Intel
URLReputation
Other Visits
Endpoint
HashVT, etc
Other Cases?
Delivery
Other Visitors?
Other Targets?
False Close
![Page 13: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/13.jpg)
© 2016 Forrester Research, Inc. Reproduction Prohibited 13
Content management and Workflow problem
Alert
True
Network
IP
External Intel
Internal Intel
URLReputation
Other Visits
Endpoint
HashVT, etc
Other Cases?
Delivery
Other Visitors?
Other Targets?
False Close
Tool 1
Tool 2
Tool 3
Tool 4
Tool 5
Tool 6
![Page 14: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/14.jpg)
© 2016 Forrester Research, Inc. Reproduction Prohibited 14
16GB of RAM is plenty for all these Tabs
Each item discovered leads to:A different technologyA different skillset
Team’s forced to drive technology:Not drive an investigationNot analyze and cross-reference
![Page 15: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/15.jpg)
© 2016 Forrester Research, Inc. Reproduction Prohibited 15
Developing New Strategic Plans For Resilience
![Page 16: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/16.jpg)
© 2016 Forrester Research, Inc. Reproduction Prohibited 16
Good things happening
“Real” REST API’s for security tech (with actual documentation)
Security NEEDS Detect, Protect, and Respond – not pick one of three
Increased demand leading to more opportunities, more training, more skills
![Page 18: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/18.jpg)
How do you manage today’s technology landscape?
• Myriad devices and applications, on premise and in the cloud• Growing number of assets to protect across the organization• Systems are constantly changing
Firewalls
Network Devices
Workstations
Cloud
ApplicationsDatabases
VirtualSystems
FileSystems
![Page 19: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/19.jpg)
• Foundational controls for security, compliance and IT operations
• Stable, growing public company in a chaotic industry
• Trusted by over half the Fortune 500 since 1997
Tripwire the leader in Policy & Compliance Security
1000s of successfulcustomerdeployments
20M Criticalassetscovered globally
![Page 20: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/20.jpg)
20
Tripwire – Leader in Policy & Compliance Security
SecuritySecurity• Detect unauthorized changes• Assess configurations against security baselines• Identify risks in environment
Compliance• Demonstrate compliance with regulatory standards• Automate manual compliance efforts• Produce data for audits and for forensics
ComplianceIT Operations
IT Operations• Validate changes for a strong change control process• Identify unauthorized changes that circumvent process• Discover and inventory what is on network
![Page 21: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/21.jpg)
21
Extensive library of security configuration best-practices to establish and monitor configurations
Detection and alerts on all changes to established baseline – what, who and business context
Discover assets, vulnerabilities, and malicious changes on systems and help manage the workflow and process of remediation
Automate manual processes associated with dealing with change - Isolate and escalate changes and events of interest
How we help Security
Assess configurations against security policies
Detect unauthorized changes
Identify risks on assets
Deal with securitydata overload
![Page 22: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/22.jpg)
22
Security Configuration Management
Integrity Monitoring
System Configuration Monitoring
Log Monitoring
File Integrity Monitoring
Broadest Library of Best Practices
Policy Management
Configuration Management
Vulnerability Management
Asset Inventory & Profiling
Vulnerability Assessment
Risk Scoring & Prioritization
Network Security
IT ServiceManagement
Threat Intelligence
SIEM & Analytics
Tripwire capabilities
![Page 23: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/23.jpg)
Monitoring for Peer and Community Sourced IoCs
!
THREATDETECTED!
4
IndicatorsFeed
2
Search forensics data for previous existence of indicator. Start monitoring for indicator in all new changes.
3
EnterpriseTAXII Server
PeerTAXII Server
Open Source IntelligenceTAXII Server
ISAC CommunityTAXII Server
Drive workflow to investigateand remediate system
5
Indicators Feed1Local File Sources
(Flat, CSV, etc)
![Page 24: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/24.jpg)
24
Tripwire Technology Alliance Partners ANALYTICS & SIEM IT SERVICE MANAGEMENT NERC ALLIANCE NETWORK
NETWORK SECURITY
PLATFORM PARTNERS
IDENTITY MANAGEMENT
THREAT INTELLIGENCE
![Page 25: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/25.jpg)
25
Why Tripwire?
Foundational
Solutions for Security, Compliance and IT Operations
People PartnersProducts
![Page 26: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/26.jpg)
tripwire.com | @TripwireInc
Q & A
Jeff [email protected]@jeff_pollard2
David [email protected]@davidjmeltzer
![Page 27: Survival of the Fittest: How to Build a Cyber Resilient Organization](https://reader035.fdocuments.in/reader035/viewer/2022070509/58a28bb71a28ab891a8b83d1/html5/thumbnails/27.jpg)
tripwire.com | @TripwireInc
Thank you for attending!