Balance Risk With Better Threat Detection

BALANCE RISK WITH BETTER THREAT DETECTION

1

Paul RiskChief Technology Officerwww.secdata.com

Have some free foodEveryone using their phoneHiding in the room next doorDon’t trust these men!Monitoring all wireless activity and SSIDsViewing your emailsSeeing where you’ve visitedReading your Facebook accountGiving them a stern talking to “don’t do it again!”

We’re on TV!

2

3

WE KNOW THAT THREATS ARE REAL

4

‘WHEN’ COULD BE HAPPENING TO YOU

*Data from Verizon’s 2013 Data Breach Investigations Report

of breaches take months or even years to be discovered, up from 56%

in 201266%

69%of breaches are spotted by an external party, like customers

29%of attacks used emails, phone calls and social networks to gain

information

76%of network intrusions exploited weak or stolen credentials

Threat acceleration

There are more threats and

attack vectors than you can

effectively protect against

MA

LWA

RE

DD

oS A

TTA

CK

S

DN

S P

OIS

ON

ING

SQ

L IN

JEC

TIO

N

SO

CIA

L E

NG

INEE

RIN

G

BLE

ND

ED

ATTA

CK

S

TCP/IP

HIJA

CK

ING

APT

(SPE

AR

) PH

ISH

ING

5

WE KNOW THREATS ARE INFINITE

WE

B C

ON

TE

NT?

WE

B A

PPS

?

WIR

ELE

SS

AC

CE

SS

?

WE KNOW TECHNOLOGY IS COMPLEX

6

Over 40 tools

Already there are more tools

than you can deploy – what

is the solution?

NEXT-GEN FIREWALLS

WEB CONTENT FILTERING

TWO FACTOR AUTHENTICATION

IDS/IPS SOLUTION

SPDY & HTTP 2 INSPECTION

WIRELESS SECURITY

DATA LOSS PREVENTION

NAC/802.1X SOLUTION

SECURE INTERNET GATEWAY

DDoS MITIGATION SOLUTION

WE HAVE TO THINK DIFFERENTLY

8

INTELLIGENT SECURITY

Security is

a moving

target

Threats

keep on

coming

We know

we have to

accept

some risk

Not more

mousetraps -

just using

them better

Visibility is the

key to security

intelligence

How do we

compensate

for this?

9

INTELLIGENT SECURITY

Security is

a moving

target

Threats

keep on

coming

We know

we have to

accept

some risk

Not more

mousetraps -

just using

them better

Visibility is the

key to security

intelligence

How do we

compensate

for this?

DID YOU SEE IT?

11

WHY BETTER DETECTION IS CRITICAL

Budget limitations

Security investment cannot

cover all eventualities

Change in risk profile

You will be working with

known risk and

vulnerabilities

Be proactive

Don’t wait for threats to

appear – proactively mitigate

Get the drop on attackers

Early threat detection will

reduce known risks

DETECTION FOCUSED SECURITY MODEL

12

REMEDIATE

MANAGE

ACCEPT

• Categorise risk – know what you must lock up, identify what you can manage and decide what risks you can

accept

• Protect your most valuable assets with next-gen technologies

• Ensure you deploy threat detection for known risks and vulnerabilities

• Undertake proactive threat detection to mitigate unknown risks

• Feedback into risk profile

UN

KO

WN

RIS

K

KN

OW

N R

ISK

13

WHAT’S REQUIRED FOR PROPER DETECTION

Macro-level intelligence

Cyber intelligence correlated

from multiple internal and

external sources

Proactive security

Detect and divert threats

before they happen

Elastic expertise

Depth and breadth in

security and cloud skills and

capacity

Complete

metrics

Regular, comprehensive

security metrics and analysis

Agility

Quick strategic response to

evolving threats

24x7 real-time

monitoring

Continuous, 24x7, expert

monitoring and

interpretation of security

data

HOW SECUREDATA DOES DETECTION

14

AffinitySECURE (Pro-active Security Monitoring)

• Early Warning System for changes in device behaviour and health

• Advance Threat Warnings

• Trend Based Analysis of system parameters

• Real-Time Granular Monitoring

• Automatic Incident logging based upon severity and threshold level

• Device Port Monitoring (ensures unknown or unauthorised services aren’t started on a device)

Cloud SIEM Service

• Outsourced 24x7x365 Service providing centralised real-time

event analysis for log and event information

• Single pane of glass for all network and security incidents

• Advanced threat and security incident detection on a

24x7x365 basis

USE YOUR MOUSETRAPS BETTER

15

• Application Security

• DDoS

• IDS/IDP

• Remote Access

• Routing

• Security Gateway

• Security Virtualisation

• Switching

• Compliance

• Content Security

• DDoS • DLP

• Endpoint Security

• IDS / IDP

• Remote Access

• Security Gateway

• Security Virtualisation

• Acceleration

• Application Security

• Load Balancing

• Remote Access

• Security Gateway

• Acceleration

• Application Security

• Load Balancing

• Network Visibility/

• Performance Monitoring

• Content Security

• DLP

• Authentication

• IDS / IDP

• Remote Access

• Wireless Security

• DDos

• Network Visibility/

Performance Monitoring

• Acceleration

• Content Security

• DLP

• Network Visibility/

Performance Monitoring

• Remote Access

• Routing

• Security Gateway

• Switching

• Application Security

• Load Balancing

• Network Visibility/

Performance Monitoring

• Application Security

• DDoS

• SIEM

• Authentication• Authentication

• IDS/IDP

• Security Gateway

• Security Virtualisation

• Compliance

16

USE SPECIALIST DETECTION SERVICES

AffinitySECURE Cloud SIEM

Managed Services

• Managed Firewalls

• Managed Next Gen Firewalls

• Managed Web Content Security

• Managed Remote Access

• Managed Two-Factor Authentication

• Managed Wireless

• Managed IDS/IDP

• Managed SIEM

• Managed Load Balancing

• Managed Switches/Routers

Cloud Services

• Cloud Internet Gateway

• Cloud SIEM

• Cloud Global Load Balancing

• Phishing-as-a-Service

Ensure your systems are configured correctly and managed correctly, while freeing-up internal

resources

Understand

where your assets are and what

needs protection

17

WHAT STEPS TO TAKE

Apply real time monitoring for

known threats

Proactively detect emerging

threats

Deploy the right tools to

protect critical assets

18

THANK YOU

Paul Risk

CTO

paul.risk@secdata.com

+44 1622 723400