1. Gidi CohenCEO, FounderSkybox Security, Inc.Presenter - Gidi Cohen Content Copyright 2012 Skybox Security, Inc. 1

2. Why cant we curb thethreat?Presenter - Gidi Cohen Content Copyright 2012 Skybox Security, Inc. 2 3. The Network Complexity ChallengeEnterprise network 55,000 nodes 300 firewalls 25,000 rules 65 networkchanges/day 10,000 daily reportedvulnerabilitiesPresenter - Gidi Cohen Content Copyright 2012 Skybox Security, Inc. 3 4. Heterogeneous Networks are the Norm Presenter - Gidi Cohen Content Copyright 2012 Skybox Security, Inc. 4 5. Vulnerabilities and Threats Abound buffer attack blocked rules Misconfigured firewall USBs Misconfigured firewall policy violationsocial networks social networksmissing IPS signature blocked rules asset vulnerabilitiesdefault password threat origins Misconfigured firewall access violation blocked rules threat origins blocked rulesaccess policy violations access policy violations buffer attack violationdefault passwordaccess default password Misconfigured firewall USBs USBs policy violationsocial networksblocked rules policy violationaccess violationmissing IPS signature social networksthreat originssocial networkspolicy violationaccess violation USBsmissing IPS signatureMisconfigured firewallthreat origins social networksbuffer attack buffer attack social networkssocial networksblocked rules missing IPS signature blocked rules access violationaccess violationPresenter - Gidi Cohen Content Copyright 2012 Skybox Security, Inc.5 6. Every Organization Feels the Pain 88% of organizations: experienced significant damage ordisruption due to attacks or data breaches in past six monthsDamage to brand Minor Web DoSNone, 10.0%Data breach of(e.g.attack, 1.7%customer orhactivism), 6.7% confidential Damage torecords, 20.0%information systems ordata, 18.3% Misuse orService unauthorized down, 60.0% access to information, 35.0% Presenter - Gidi Cohen Content Copyright 2012 Skybox Security, Inc. 7. Vulnerability Management ProgramKey for Risk Reduction Most respondents see their VM program as akey to reduce risk level and respond to threats To reduce our security risk levelTo proactively prevent threats beforethey happenTo respond to new threatsTo provide an accurate assessment of our security status To meet compliance requirementsTo prioritize and minimize patchingcosts 0.0 0.5 1.0 1.5 2.0 2.5 3.0 3.5 4.0 4.5 Presenter - Gidi Cohen Content Copyright 2012 Skybox Security, Inc. 8. Vulnerability Scans Too Little, too Late Frequency and Coverage 350Where you need to be 300 Daily updatesFrequency x/year 25090%+ hosts 200 150Critical systems, DMZ Partner/External networks Avg. scan: every 30 days 100 Avg. scan: every 60-90 days 50-75% of hosts 50