Introduction to a Security Intelligence Maturity Model

Slides:



Advertisements
Similar presentations
Security Life Cycle for Advanced Threats
Advertisements

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.
David Flournoy Bit9 Mid-Atlantic Regional Manager
Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,
Dell Connected Security Solutions Simplify & unify.
Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.
PAGE Intelligence Meets Vulnerability Management NYC ISSA January 24, 2013.
Nexthink V5 Demo Security – Malicious Anomaly. Situation › Avoid damage resulting from the incident itself and the cost of the unplanned response › Protection.
Impact Research 1 Enabling Decision Making Through Business Intelligence: Preview of Report.
Friday 22nd April 2016 DS Chris Greatorex SEROCU
2© Copyright 2013 EMC Corporation. All rights reserved. Cyber Intelligence Fighting Cyber Crime Insert Event Date LEADERS EDGE.
1 | Company Confidential The Modern Cyber Threat Pandemic Nate Traiser Mtn Region Ent Sales Engineer
Why SIEM – Why Security Intelligence??
CLOSE THE SECURITY GAP WITH IT SOLUTIONS FROM COMPUTACENTER AND CISCO AUGUST 2014.
1 | Company Confidential The Modern Cyber Threat Pandemic Cameron Erens LogRhythm.
Despite of spending high on digital information security, organizations still remain exposed to external threats. However, data center providers are helping.
Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 Juniper Security Threat Response Manager (STRM)
Physical Security Market to Global Analysis and Forecasts by Application, Services No of Pages: 150 Publishing Date: Jan 2017 Single User PDF: US$
Physical Security Market to Global Analysis and Forecasts by Application, Services No of Pages: 150 Publishing Date: Feb 2017 Single User PDF: US$
Visualization and 3D Rendering Software Market to Global Analysis and Forecast by Application, by Deployment Type and by End User No of Pages: 150.
Speech Analytics Market to Global Analysis and Forecast by Type, Deployment Type and by Vertical No of Pages: 150 Publishing Date: Apr 2017 Single.
Speech Analytics Market to Global Analysis and Forecast by Type, Deployment Type and by Vertical No of Pages: 150 Publishing Date: May 2017 Single.
Ken Paiboon User Behavior Intelligence Fundamentals: Behaviors, Characteristics, and Facts Ken Paiboon
Proactive Incident Response
5 Obstacles to Faster Cyber Threat Detection and Response
Based on four case studies and a follow-up survey, we have identified the key success factors for realizing value from DDS (digital data stream) investments.
Healthcare Cybersecurity: State of Industry
Comprehensive Security and Compliance at an Affordable Price.
Journey to Microsoft Secure Cloud
Cyber Security: State of the Nation
© 2016 Global Market Insights, Inc. USA. All Rights Reserved Behavior Analytics Market to surpass $3.5bn by 2024: Global Market Insights,
Active Cyber Security, OnDemand
LogRhythm-Threat Lifecycle Management
Speaker’s Name, SAP Month 00, 2017
Transforming IT Management
Threat Lifecycle Management
Varonis Overview.
Strong Security for Your Weak Link:
How to Operationalize Big Data Security Analytics
Evolved requirements A Business-Driven Security Strategy for Threat Detection & Response Laura MacDonald Field CTO
cyberopsalliance.com |
11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Shifting from “Incident” to “Continuous” Response
Securing the Threats of Tomorrow, Today.
Brandon Traffanstedt Systems Engineer - Southeast
ITP Maturity Model Survey 2018
Panda Adaptive Defense Platform and Services
Supply Chain Transformation Highlights
Coordinated Security Response
Mastercard® Threat scan
The State of Cybersecurity in State Government NAST March 26, 2019
MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further
Managing IT Risk in a digital Transformation AGE
Define Your IT Strategy
Information Protection
MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further
KEY INITIATIVE Financial Data and Analytics
MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further
MAZARS’ CONSULTING PRACTICE Helping your Business Venture Further
KEY INITIATIVE Financial Data and Analytics
KEY INITIATIVE Finance Function Management
Mastercard® Threat scan
Information Protection
The Intelligent Enterprise and SAP Business One
CyberSecurity Strategy For Defendable ROI
AIR-T11 What We’ve Learned Building a Cyber Security Operation Center: du Case Study Tamer El Refaey Senior Director, Security Monitoring and Operations.
Streamline your move to the cloud
Presentation transcript:

Introduction to a Security Intelligence Maturity Model

Damaging Data Breaches 80 Million Accounts Stolen 56 Million Credit Cards Stolen 83 Million Accounts Exposed 145 Million Accounts Compromised 40 Million Credit Cards Stolen Talking Points - Examples: Anthem: Criminals accessed names, birthdays, email addresses, SS#s, addresses, and employment data (including income). This is highly valuable data that can be sold on the black market to enable identity theft. Home Depot: Credit/Debit cards and email addresses that can be sold on the black market for credit card abuse JP Morgan: Theft of email addresses, home addresses, and phone numbers which can be sold on the black market to enable fraud Ebay: Theft of names, email addresses, home addresses, phone numbers and date of birth Target: Credit card data to be sold on the black market

Prevention-centric is Obsolete “Advanced targeted attacks make prevention-centric strategies obsolete. Securing enterprises in 2020 will require a shift to information and people-centric security strategies, combined with pervasive internal monitoring and sharing of security intelligence.” “By 2020, 60% of enterprise information security budgets will be allocated for rapid detection and response approaches up from less than 10% in 2013.” - Neil MacDonald, Talking Points The industry is shifting from a focus on prevention to a more rounded approach including ability to detect and respond Assumption is that hackers will get in – must be able to recognize early compromises and take action

Today’s Threat Environment ! Threats conclusively recognized at run-time, prevented at the endpoint and perimeter. Only Analytics can detect these threats However, many threats: ! Detecting a class of threats only a Big Data approach can realize Effectively prioritizing threats, separating the signal from the noise Providing the intelligence required to deliver optimally orchestrated and enabled incident response 2 Require a broader view to recognize 1 Get lost in the noise ! 3 Will only emerge over time !

A Security Intelligence Driven Approach is Required The cost of mitigating a threat, and risk to the business, rise exponentially across the lifecycle of a threat from inception to mission attainment.   “By 2020, 60% of enterprise information security budgets will be allocated for rapid detection and response approaches, up from less than 10% in 2013.” Reconnaissance Initial Compromise Command & Control Lateral Movement Target Attainment Exfiltration / Corruption / Disruption User Endpoint Network Organizations that desire to reduce their risk of experiencing a high impact cyber breach or incident must kill the threat early in it’s lifecycle, across the holistic attack surface.   Key Talking Points: “Holistic attack surface” Mission realization Kill the threat easily Previous breaches would’ve been avoided if detected early. ----- Notes: Goes further on our solution to show that damaging breaches can be avoided because the threat lifecycle takes time. The lifecycle of a threat begins with reconnaissance. Find their way in by manipulating users, dropping USB keys in parking lot, compromising physical environment, etc. At some point, they will begin to engage with the environment and eventually compromise the system. If that compromise isn’t detected, they will take increasing control over the environment and move laterally toward their target, taking over accounts and systems until they attain their target, where the biggest damage is done: exfiltration, corruption, disruption, etc. This is how threats work. If we can stop the attacker after the initial compromise, we can prevent the damaging breach.

Security Intelligence Defined Security Intelligence is the ability to capture, correlate, visualize, and analyze forensic data in order to develop actionable insight to detect and mitigate threats that pose real harm to the organization, and to build a more proactive defense for the future. Greater levels of Security Intelligence will enable adopters to shorten their Mean-Time-to-Detect (MTTD) and Mean-Time-to-Respond (MTTR), extend the value of current security tools, and discover previously unseen threats through advanced machine analytics

Security Intelligence Measured Key Talking Points: “Mean-time-to-detect” and “Mean-time-to-response” Reduce risk of damaging cyber incident or data breach ----- Notes: What’s the solution? Faster detection and faster response. We’ve developed a model to assess your current maturity and ability to detect and respond to threats. Help customers measure their overall security posture. Many studies show that MTTD and MTTR are measured in weeks and months, and companies that want to improve need the types of solutions we provide.

Market Drivers for a Maturity Model There is an increasing rate and growing sophistication of cyber threats This is leading to an increased awareness of the severity of cyber threats A fundamental shift is beginning to take place in terms of the overall approach enterprises now have toward delivering cyber security to the organization Security Monitoring and Security Intelligence are still not well defined A clear definition and maturity model provides organizations with a road map of how to orchestrate this shift to achieve organizational security goals

Organizational Risk Characteristics

Security Intelligence Investments & Capabilities

Level 0 Details

Level 1 Details

Level 2 Details

Level 3 Details

Level 4 Details

Maturity Level Progression LogRhythm’s Security Intelligence Maturity Model provides the framework for organizations to assess and evolve their Security Intelligence capabilities Key Talking Points: Cybersecurity is a journey, not a destination Maturity model provides roadmap LogRhythm is your partner for long-term success. ----- Notes: What is your security intelligence posture? This slide introduces our SIEM model. Drive consultative conversation. Tell about the model. It is designed to provide a roadmap to help customers improve their security over time. Our comprehensive platform approach and services can you help you mature your capabilities over time. We are their partners on this journey.

Key Takeaways Today’s threat landscape transcends yesterday’s defense-in-depth framework It’s When, not If a breach will occur Improved detection and response capabilities are essential Understand “normal” across multiple dimensions and monitor for “abnormal” Employ advanced security analytics to optimize breach detection & response and reduce risk

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.