Post on 31-Jan-2018
SECURITY SERVICES AND CYBERCRIME TRENDS
Scott B. Suhy, CEOScott.Suhy@netwatcher.com
®
Trend #1 – SME’s Pressured to Have More Protection
Copyright © 2017 NetWatcher All Rights Reserved. 6/7/2017
HPIBM
FireEyePalo AltoEtc…
(Fortune 5000)
MSSPs
(4200 customers)
Managed Services Providers
Small Medium Large
Size of Business
Threat Intelligence
SIEM
End Point Technology
Intrusion Detection
Intrusion Protection
…big gap…
FirewallAnti‐virus
Security
Soph
istication
GAP in Market!Customer demandsand compliance mandates
Solutions expensivedifficult to usesecurity analysts don’t existManaged Detection & Response
(5M+ customers)
Security is the #1 Growth area for Managed Services Providers (MSPs)‐‐CompTIA
Targeted Enterprises in the US
Copyright © 2017 NetWatcher All Rights Reserved.
MSSPsHP/FireEye PA/IBM
Description <20 20‐49 50‐99 100‐299 300‐499 500‐9991,0004,999
5,000‐9,999 10,000+
Professional, scientific, and technical services 721,841 30,828 9,106 5,811 1,158 942 1,290 291 458
Retail trade 628,726 40,552 12,969 7,465 1,159 849 870 204 343
Health care and social assistance 539,491 45,348 15,593 13,841 2,701 1,887 1,676 235 193
Accommodation and food services 379,301 68,002 18,258 7,878 1,413 1,018 747 115 122
Finance and insurance 232,604 10,612 4,382 3,410 719 536 693 169 263
Information 61,292 6,048 2,257 1,645 408 326 451 105 217
Management of companies and enterprises 5,295 2,828 3,270 6,148 2,620 2,614 3,350 670 814
Utilities 4,377 529 339 267 47 48 80 27 42
Educational services 60,734 9,326 4,090 2,698 540 552 525 56 99
Construction 697,644 43,101 12,462 6,264 877 527 438 66 95
Administrative 290,893 20,766 8,311 6,867 1,709 1,426 1,503 302 413
Wholesale trade 280,185 27,368 9,736 6,861 1,451 1,179 1,378 279 347
Real estate and rental and leasing 269,090 8,087 2,699 2,034 486 419 505 110 212
Manufacturing 208,675 38,891 16,115 11,593 2,298 1,769 1,726 260 317
Transportation and warehousing 148,967 11,060 3,871 3,012 755 695 923 250 404
Arts, entertainment, and recreation 99,357 9,008 3,568 2,259 436 320 309 45 74
Agriculture, forestry, fishing and hunting 20,491 861 242 189 32 22 50 7 17
Mining, quarrying, and oil and gas extraction 17,765 1,849 680 532 114 103 164 31 50
Description <20 20‐49 50‐99 100‐299 300‐499 500‐9991,0004,999
5,000‐9,999 10,000+
Professional, scientific, and technical services 721,841 30,828 9,106 5,811 1,158 942 1,290 291 458
Retail trade 628,726 40,552 12,969 7,465 1,159 849 870 204 343
Health care and social assistance 539,491 45,348 15,593 13,841 2,701 1,887 1,676 235 193
Accommodation and food services 379,301 68,002 18,258 7,878 1,413 1,018 747 115 122
Finance and insurance 232,604 10,612 4,382 3,410 719 536 693 169 263
Information 61,292 6,048 2,257 1,645 408 326 451 105 217
Management of companies and enterprises 5,295 2,828 3,270 6,148 2,620 2,614 3,350 670 814
Utilities 4,377 529 339 267 47 48 80 27 42
Educational services 60,734 9,326 4,090 2,698 540 552 525 56 99
Construction 697,644 43,101 12,462 6,264 877 527 438 66 95
Administrative 290,893 20,766 8,311 6,867 1,709 1,426 1,503 302 413
Wholesale trade 280,185 27,368 9,736 6,861 1,451 1,179 1,378 279 347
Real estate and rental and leasing 269,090 8,087 2,699 2,034 486 419 505 110 212
Manufacturing 208,675 38,891 16,115 11,593 2,298 1,769 1,726 260 317
Transportation and warehousing 148,967 11,060 3,871 3,012 755 695 923 250 404
Arts, entertainment, and recreation 99,357 9,008 3,568 2,259 436 320 309 45 74
Agriculture, forestry, fishing and hunting 20,491 861 242 189 32 22 50 7 17
Mining, quarrying, and oil and gas extraction 17,765 1,849 680 532 114 103 164 31 50
Trend #2 – Giant Skills Gap in Cyber Security
Copyright © 2017 NetWatcher All Rights Reserved.
shortfall of 1.5 million security professionals by 2020 –Frost & Sullivan
Trend #3 – Managed Security Market Growing
Copyright © 2017 NetWatcher All Rights Reserved.
Global Managed Security Services market is projected to reach $30 billion by 2020 (was $8 billion in 2014) ‐‐Allied Market Research
Trend #4 ‐ Known Vulnerabilities
Copyright © 2017 NetWatcher All Rights Reserved.
44% of breaches came from vulnerabilities that are two to four years old… -- HP’s Cyber Risk Report
http://www.cvedetails.com/vulnerability‐list
Think about it… Organized crime and foreign government employees are….
Trend #5 – Ransomware – as ‐ service.
Copyright © 2017 NetWatcher All Rights Reserved.
TrueCrypter (late April)CryptXXX (mid April)7ev3n‐HONE$T (mid April)AutoLocky (mid April)Jigsaw (early April)CryptoHost (early April)Rokku (late March)KimcilWare (late March)Coverton (late March)Petya (late March)Maktub Locker (mid March)Nemucod .CRYPTED (mid March)Samas/Kazi (mid March)The Surprise (mid March)Pompous (early March)KeRanger (early March)Cerber (early March)CTB‐Locker for web sites (mid February)Padcrypt (mid February)Locky (mid February)Umbrecrypt (early February)DMA Locker (early February)NanoLocker (late January)7ev3n (late January)LeChiffre (mid January)Magic (mid January)CryptoJoker (early January)Ransom32 (early January)
Trend #5 – Ransomware – it’s just the beginning…
Copyright © 2017 NetWatcher All Rights Reserved.
According to the Cisco 2017 Annual Cybersecurity Report, ransomware is growing at a yearly rate of 350%.
Cybersecurity Ventures predicts that Ransomware damage costs will exceed $5 billion in 2017, up more than 15X from 2015.
Trend #6 ‐ Unintentional Insider Threat
Copyright © 2017 NetWatcher All Rights Reserved.
Clicking on a Phishing MessageBrowsing Explicit Web SitesDownloading Risky Software (TOR, Hola, BitTorrent etc..)Using Vulnerable Software (outdated Java and Flash)Sending Personally Identifiable Information in Clear Text
Trend #7 ‐ Supply Chain Risk
Copyright © 2017 NetWatcher All Rights Reserved.
Do you have customer data?Do you provide your customers data to third party vendors?Do you provide your data to third party vendors?
“It is abundantly clear that, in many respects,” Mr. Lawsky (New York State’s top financial regulator) said in the letter, “a firm’s level of cybersecurity is only as good as the security of its vendors.” -- NYTimes.com: After JPMorgan Cyberattack, a Push to Fortify Wall Street Banks
Think “Business Associate Agreement/HIPAA” – Your customers are going to be expecting you to have great Cyber Security Controls. You should expect the same of your suppliers…
Trend #8 ‐ Open Source
Copyright © 2017 NetWatcher All Rights Reserved.
• Doh! Shellshock… Heartbleed… POODLE…
• Duh! They have the source code…
• What is managing the BOM in the solutions built on Open Source?
Trend #9 (FACT) – SME’s are Weak on Cyber Security
Copyright © 2017 NetWatcher All Rights Reserved.
Generally no security controls (users have admin access to machines, weak employee policy documents, no cyber training, no cyber liability insurance, sr. execs not schooled on the risks etc…)
Most are not aware that they have already been compromised!
Don’t keep firmware up to date on WIFI, Routers, Switches, FirewallsMany do not change Default Passwords on equipment (see Shodan.io)Most don’t know who their employees are talking to and what bad actor scans are making it through the firewall
• 43% of cyber attacks target small business.• Only 14% of small businesses rate their ability to
mitigate cyber risks, vulnerabilities and attacks as highly effective.
• 60% of small companies go out of business within six months of a cyber attack.• 48% of data security breaches are caused by acts of malicious intent. Human error or system failure account for the
rest.• The numbers show that small businesses are not only at risk of attack, but have already been attacked:
– 55% of respondents say their companies have experienced a cyber attack in the past 12 months(May 2015 ‐May 2016), and
– 50% report they had data breaches involving customer and employee information in the past 12 months (May 2015 ‐May 2016).
• In the aftermath of these incidents, these companies spent an average of $879,582 because of damage or theft of IT assets.
• In addition, disruption to normal operations cost an average of $955,429
SMB Cyber Stats
www.netwatcher.com
https://smallbiztrends.com/2017/01/cyber‐security‐statistics‐small‐business.html
• While many small businesses are concerned about cyber attacks(58%), more than half (51%) are not allocating any budget at all to risk mitigation.
• Dangerous disconnect: one of the more popular responses as to small businesses they don’t allocate budget to risk mitigation was that they, “feel they don’t store any valuable data.” Yet a good number reported that they in fact DO store pieces of customer information that are of significant value to cyber criminals:
– 68% store email addresses;– 64% store phone numbers; and– 54% store billing addresses.
• Small businesses reported that only:– 38% regularly upgrade software solutions;– 31% monitor business credit reports; and– 22% encrypt databases.
• If a company has a password policy, 65% of respondents say they do not strictly enforce it. 16% of respondents admitted that they had only reviewed their cybersecurity posture after they were hit by an attack. 75% of small businesses have no cyber risk insurance.
www.netwatcher.com
https://smallbiztrends.com/2017/01/cyber‐security‐statistics‐small‐business.html
SMB Cyber Stats
Copyright © 2017 NetWatcher All Rights Reserved.
Example… Your 12 year old can do this…
Copyright © 2017 NetWatcher All Rights Reserved.
Example… Your 12 year old can do this…
Copyright © 2017 NetWatcher All Rights Reserved.
Example… Your 12 year old can do this…
Click Here…
Copyright © 2017 NetWatcher All Rights Reserved.
Example… Your 12 year old can do this…
Copyright © 2017 NetWatcher All Rights Reserved.
Example… Your 12 year old can do this…
Trend #9 – It Will Get Worse Before It Gets Better…
Copyright © 2017 NetWatcher All Rights Reserved.
2005 2015 2020
Cyber Attack Surface
Involvem
ent o
f Organize
d Crim
e & Nation States
MoreProtection
MoreInnovation
Desire for Privacy
More Surface to Attack
More Organized Crime
Convenience
Encrypted Malware
Copyright © 2017 NetWatcher All Rights Reserved.
50% of all internet traffic is encrypted (“HTTPS”)
SSL inspection versus privacy debate
Reality of a Small Prof. Svc. Business Owner…
www.netwatcher.com
https://www.sans.org/reading‐room/whitepapers/analyst/security‐spending‐trends‐36697
RevenueBillable Resources (Jr) 10 85 1,530,000$ Billable Resources 20 100 3,600,000$ Billable Resources (Sr) 10 115 2,070,000$
Total Revenue 7,200,000$ Salary (Jr) 95000 950,000$ Salary 125000 2,500,000$ Salary (Sr) 150000 1,500,000$ Benefits 20000 800,120$ Rent 120000 120,000$ Utilities 12000 12,000$ Liability Insurance 12000 12,000$ Accounting/Payroll/Legal 36000 36,000$ Management/Support 3 130000 390,000$ Sales & Marketing 24000 24,000$ IT Budget 6000 258000 258,000$ Security Budget 6% 15,480$
Total Expense 6,617,600$ Net 582,400$
What can a company do with 15k?
1.Executive is not aware of the risks – “We have a firewall and anti‐virus so I think we are covered…”2.Executive has bad information – “Hackers only attack the big companies, what would they want from us?”3.Executive is a risk taker – “I’ll take the risk, the probability for us getting attacked is low.”4.Executive is cheap – “No ROI means no priority.”5.Executive doesn’t believe investment in security is worth it – “The loss involved will be so small compared to our revenues. It’s easier to take a chance and write off any losses should they occur.”6.Executive is overwhelmed by the size of the necessary investment required to add additional security measures – “We can’t afford Fire Eye, IBM, HP, Palo Alto etc.. those tools are only affordable to the fortune 1000”7.Executive believes they are covered when they are not – “Our vendor are responsible for our security not us…”8.Executive doesn’t believe any investment in cyber‐security will have much of an impact – “Big companies have all the tools and they are still getting hacked.”
Reality of a Small Business
www.netwatcher.com
• People to manage pre and post compliance– Build Policies – ex. Logical access policy– Build Procedures – Incident Response Plans
• Hardware / Software Updates / Upgrades• Technology Maintenance Services to Keep Up • Cyber Training• Cyber Insurance Requirements• Legal support• New Required Security Capabilities
The Cost of Compliance…
www.netwatcher.com
Copyright © 2017 NetWatcher All Rights Reserved.
Trend #10 – Compliance Mandates Will Continue…
• GLBA, HIPAA…• State breach laws…• Dept of Financial Services 23 NYCRR 500• NIST 800‐171
Thank You!
www.netwatcher.comScott B. Suhy, CEOScott.Suhy@netwatcher.com