Cyber Security Can Also Be a Profit Center

Transcription

1 Cyber Security Can Also Be a Profit Center Sponsored By Participating company

2 Today s Presenters Moderator Ray Le Maistre Editor-in-Chief Light Reading Speaker Jonathan Homa Sr. Director of Portfolio Marketing, ECI Speaker Yaron Bielous VP Cyber Security, ECI Speaker John Loveland Global Head of Cyber Security Strategy, Verizon Enterprise Solutions

3 Today s agenda Introduction Cyber Security As a Profit Center perspectives from our guest speakers Q&A

4 Why is this topic important? Cybersecurity is high on every company s agenda: the cadence and breadth of threats highlights its importance. Enterprises need to be connected and increasingly digital to compete and remain relevant but Key challenges: Having the appropriate IT/digital skills; an understanding of cybersecurity and its impact. Service providers are seeking new revenue streams cybersecurity is no longer just a cost center but is now an enabler of digital business transformation.

5 What can done about it? Enterprises of all types need to address the cybersecurity challenge SMBs have the toughest task as they grapple with budgets, skills and manpower. There is a solution cloud/virtualization has opened up a market for managed enterprise services that do not burden enterprises with costly, burdensome boxes. NFV, advances in analytics, next gen security tools and customerfriendly interfaces make managed security services a viable solution to address the opportunity.

6 Poll Question As a business, which statement best reflects the suitability and cost of your current cybersecurity protection? We receive good protection at a reasonable cost. We receive good protection, but costs are always higher than budgeted. There are holes in our protection, but are unable to spend more to cover them. There are holes in our protection, and we are continually spending more to try and cover them.

7 Elastic Network Solutions Provides elastic network solutions to service providers, critical infrastructure, and data centers About ECI Smart LIGHT TM More than 250 Active Customers Global presence with more then 250 active customer in over 70 countries. Over 50 Years of Experience Established in 1961 Agile packet-optical transport E2E network management SDN/NFV applications Comprehensive security ECI Proprietary 7

8 THE PROBLEM Hackers keep finding ways to penetrate existing security measures Businesses spend too much time and money trying to keep up with security solutions security expertise Displacing investments in business growth ECI Proprietary 8

9 TODAY S SECURITY ARCHITECTURE SIEM Security Operation Center (SoC) Events/Logs Firewall IPS URL Filter Anti-X Encryption DDoS Plurality of point security tools reporting static policy and signature deviations ECI Proprietary 9

10 INFORMATION DELUGE 21K Hours Analyzing false negatives & positives, on average ~17,000 Avg. Alerts per Week Drives over-spending on expensive security managers and analysts Prevents real-time mitigation of cyber attacks Only 4% Can be Investigated $1.5M Companies waste per year roughly due to inaccurate intelligence Source: Ponemon Institute study of 630 enterprises ECI Proprietary 10

11 CURRENT SITUATION THREAT DETECTION Events generated by security tools (e.g. FW/IPS exceptions, URL policy rejections) Rudimentary correlation algorithms Overwhelming Inaccurate Not actionable THREAT VALIDATION Security analysts search for evidence to validate threat Imprecise Error prone Slow ATTACK MITIGATION Analysts best-effort adjustments to attack mitigation systems Security gaps remain Closed too late Slow ECI Proprietary 11

12 A FEW ANALYST PERSPECTIVES By 2020, 60% of enterprise information security budget will be allocated for rapid detection and response approaches, up from less than 20% in By 2020, over 80% of enterprises worldwide will invest in incident response retainers. ECI Proprietary 12

13 BUSINESS PERSPECTIVE Must be secured Can t keep up with the costs Can t maintain the expertise LOOKING FOR AFFORDABLE PEACE OF MIND! ECI Proprietary 13

14 We know what you re facing. Threats to your organization are rapidly changing. It s no longer if you will be attacked, but when. Control and compliance are constant challenges. Implementing the right controls isn t easy. Business success is at stake. To compete, you must protect reputation and customer trust. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement

15 In fact, we know better than most. Each year, we publish the Data Breach Investigations Report, featuring insights and trends from global law enforcement agencies, security organizations and service providers. years of forensic investigations and 11 security incident data 61 countries represented 8 th year of publication 70 contributing organizations 190,000 + incidents and 6,300+ confirmed data breaches analyzed by our RISK Team Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement

16 Over 90 percent of incidents collected over the last 11 years fell into nine basic patterns. 1 Crimeware Insider and Privilege Misuse Cyber-Espionage Miscellaneous Errors Denial of Service Attacks Payment Card Skimmers Physical Theft and Loss Point-of-Sale Intrusions Web App Attacks 1. Verizon 2016 Data Breach Investigations Report 16

17 The good guys can t keep up with the bad guys. Percent of breaches where time to compromise (orange) and time to discovery (blue) were days or less. Source: 2015 Verizon Data Breach Investigations Report Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement

18 Intelligence at work 15 % Incidents detected by threat signatures 35 % Incidents detected by threat behaviors 23.7 B events from customer log file data 50 % Incidents detected by threat reputations - Jan 2015, Verizon Managed Security Services results Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement

19 Managed security Analyze, correlate and classify data from any data source. Process information with advanced tools. Monitor security devices 24x7. Provide remote maintenance including patches, hot fixes and more. Receive actionable threat intelligence. Manage (NOC & SOC) Investigate (SOC) MSS-Analytics platform Actionable outputs Device monitor Threat analytics Log management Cyber threat management Risk reduction Compliance management Professional Services Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 19

20 Threat intelligence capabilities ASOC Analytics Global backbone Verizon Intelligence Intel Team Active defense Big data analytics/packet capture Professional Services Verizon Security Vendors Threat intel and applied intel IR Team External sources Verizon Managed Security Services Alerts Customer Customer data SOCs 24x7x365 Follow-the-sun Retainer Services Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement

21 Network security Protect your network edge with Unified Security Services. Attack traffic Internet DDoS Shield and Response Find compromises through Network Threat Management. Maintain service availability with DDoS Shield. Managed Security Services platform Custome r edge Unified Security Services (Cloud) Network Threat Management analytics Network function virtualization Router Customer network Unified Security Services (Premises) Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 21

22 What does this mean four our customers? Improved threat visibility. Mitigated risk. Simplified compliance. Reduced complexity. Optimized spending. Spot signs of potential threats and help prevent them. Detect threats quickly to prevent or shorten attacks. Reduce the hassle of meeting security compliance requirements. Simplify security management and infrastructure. Stop unnecessary spending and mitigate soft costs. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement

23 THERE MUST BE A BETTER WAY Innovative threat detection and attack mitigation Agile and orchestrated security architecture Managed cyber security service ECI Proprietary 23

24 INNOVATIVE (1 OF 3) CHANGING THE BALANCE BETWEEN HACKERS AND DEFENDERS Current Solution ECI Solution THREAT DETECTION Events generated by security tools (e.g. FW/IPS exceptions, URL policy rejections) Rudimentary correlation algorithms Events generated by security tools DPI sensors, fingerprinting, traffic anomaly detection and analysis Advanced correlation algorithms ACURATE THREAT DETECTION ECI Proprietary 24

25 INNOVATIVE (2 OF 3) CHANGING THE BALANCE BETWEEN HACKERS AND DEFENDERS Current Solution ECI Solution THREAT DETECTION Events generated by security tools (e.g. FW/IPS exceptions, URL policy rejections) Rudimentary correlation algorithms Events generated by security tools DPI sensors, fingerprinting, traffic anomaly detection and analysis Advanced correlation algorithms ACURATE THREAT DETECTION THREAT VALIDATION Security analysts search for evidence to validate threat Global Intelligence Automated analysis against external threat databases and OSINT AUTOMATIC THREAT VALIDATION ECI Proprietary 25

26 INNOVATIVE (3 OF 3) CHANGING THE BALANCE BETWEEN HACKERS AND DEFENDERS Current Solution ECI Solution THREAT DETECTION Events generated by security tools (e.g. FW/IPS exceptions, URL policy rejections) Rudimentary correlation algorithms Events generated by security tools DPI sensors, fingerprinting, traffic anomaly detection and analysis Advanced correlation algorithms ACURATE THREAT DETECTION THREAT VALIDATION Security analysts search for evidence to validate threat Global Intelligence Automated analysis against external threat databases and OSINT AUTOMATIC THREAT VALIDATION ATTACK MITIGATION Analysts best-effort adjustments to attack mitigation systems Automated actions: Select correct mitigation tool Update mitigation policies Redirect traffic if needed REAL-TIME ATTACK MITIGATION ECI Proprietary 26

27 ECI S CYBER SECURITY SOLUTION SoC LightSEC COMPASS TM LightSEC SHIELD TM ECI Proprietary 27

28 LightSEC SHIELD Sensors Algorithms Traffic Control Mitigation DPI NetFlow Anomaly Detection Network Behavior Analysis Service Function Chaining FW IPSec Anti-X* URL Filter A comprehensive cyber security suite of best-in-breed attack prevention tools *Anti-malware Anti-bot Anti-phishing ECI Proprietary 28

29 LightSEC COMPASS Innovative algorithms, correlating event information from multiple sources attack prevention tools analysis of network traffic global threat intelligence databases Real-time reporting of verified threats ECI Proprietary 29

30 SOLUTION DEPLOYMENT 1 ucpe Access/Agg. 2 Data Center Service Provider Cloud Traffic Redirection SDN NFV Traffic Control Deployment Location ECI Proprietary 30

31 LET YOU FOCUS ON YOUR BUSINESS SERVICE OFFERING Tier 1 Tier 2 Tier 3 Security as a Service SoC as a Service ERT as a Service Delivered by: Service Provider Service Provider Service Provider Managed by: Business Business Service Provider ECI Proprietary 31

32 NIMBLE & ORCHESTRATED NFV-BASED SECURITY ARCHITECTURE Customer Portal Global Threat Intelligence Internet ECI Proprietary 32

33 LightSEC BUSINESS BENEFITS Highly Effective Hassle Free Worry Free Affordable BB Interface SP Network Internet ECI Proprietary 33

34 LightSEC SERVICE PROVIDER BENEFITS Superior Protection Low TCO Operational Fit Win-Win Business Case BB Interface SP Network Internet ECI Proprietary 34

35 ECI Proprietary THANK YOU!

36 Poll Question Can managed security services using virtual network functions (VNFs) meet the cybersecurity needs of SMBs? Yes, this is the optimum solution as long as it's affordable Possibly, but it will require significant market education It's unlikely SMBs are too conservative No, this is just smoke and mirrors

37 Q&A session Questions from today s audience This webinar will be archived and available at