Cyber Defense in 2016
27
CYBER DEFENSE IN 2016 Pietari Sarjakivi
-
Upload
nixu-corporation -
Category
Presentations & Public Speaking
-
view
319 -
download
0
Transcript of Cyber Defense in 2016
CYBER DEFENSE IN 2016Pietari Sarjakivi
Koko rahalla palomuureja Tietoturva RY 18V
Tekninen näkökulma: Lokienhallinta vai SIEM? SIEM-seminaari 16.9.2014
Mittaristot kyberturvan tilannejohtamiseen Kyberturvallisuusmessut 4.9.2014
Miten tietomurron voi havaita lokeista? Talentum Events Infosec SUMMIT 19.11.2013
SIEM-tilannekuva yritykselle: Yhden casen anatomia ME 600min Tietoturva 16.4.2013
Mittarit tietoturvan johtamiseen - Tilannekuva hallintaan Tietoturvatapahtuma 8.2.2012
Tietoturvan tilannekuva Energia-alan seminaari 14.12.2011
SIEM-projekti kettera ̈sti vaatimukset huomioiden Tietoturvatasot-seminaari 21.9.2010
SHIFT IN DEFENSE STRATEGY
Source: 2015 Cost of Data Breach Study: Global Analysis. Ponemon Institute, 2015. German figures have been used in this example.
192€Cost per record compromised from a breach.
12%Reduction in the cost of breach when the company has CISO, an incident response team and continuity management.
24 103The average number of breached records.
206 daysMedian time to identify data breach incidents.
16%Probability of a data breach involving a minimum of 10,000 compromised records (next 24 months).
69 daysMedian time to contain data breach incidents.
25%The share of data breaches where the root cause was human error.
23%Increase in the total cost of a data breach since 2013.
5.4.2016 © Nixu 2016 - Public
5.4.2016 © Nixu 2016 - Public
Perimeter Protection
Data Protection
5.4.2016 © Nixu 2016 - Public
5.4.2016 © Nixu 2016 - Public
5.4.2016 © Nixu 2016 - Public
http://haarajoenelainklinikka.fi/wp-content/uploads/2012/01/2012-01-pilvi-1.jpg
5.4.2016 © Nixu 2016 - Public
http://www.wired.com/images_blogs/photos/uncategorized/2008/04/15/complexity.jpg
Prevent every bad thing = IMPOSSIBLE
Prevent almost every bad things= REALLY EXPENSIVE
5.4.2016 © Nixu 2016 - Public
http://www.worldtribune.com/wp-content/uploads/2013/11/kaffash20130929155205733.jpg
Natanz, Iran
Natanz, Iran
5.4.2016 © Nixu 2016 - Public
SILENT PREVENTION
ê
VISIBILITY
5.4.2016 © Nixu 2016 - Public
http://venturelab.goldeneggcheck.com/img/gec_logo.png
FROM PREVENTION TO DETECT – ADAPT – REACT
5.4.2016 © Nixu 2016 - Public
! !
! !
!
!
! ! !
!
!
!
! ! !
! ! !
! !
!
5.4.2016 © Nixu 2016 - Public
! ! ! ! 5.4.2016 © Nixu 2016 - Public
Lot of data=
Investigation takes time=
Limited time per alert
5.4.2016 © Nixu 2016 - Public
SANS
Continuous improvement ê
Reducing the noise ê
Focusing on relevant alerts
5.4.2016 © Nixu 2016 - Public
DEFENDER MUST THINK LIKE ATTACKER
28,5 % OF TARGETS HAD EASY TO DETECT
CRITICAL VULNERABILITIES
5.4.2016 © Nixu 2016 - Public
5.4.2016 © Nixu 2016 - Public
Vulnerability Management Digital Forensics
Insurance
Advanced Cyber Defense
Security Operations CenterThreat Intel
ToolsTechniques Procedures
5.4.2016 © Nixu 2016 - Public
è Threat Intelligence
5.4.2016 © Nixu 2016 - Public
http://www.sniffcode.com/images/home/only_human.png
SECURITY MARKET
FROST & SULLIVAN
• Global Managed Security Services Markets Revenues of 7,83 billion USD in 2014 and estimates this to reach 12,78 billion USD in 2018. The market in EMEA will remain the largest.
• Security asset management and monitoring (SAMM) services will represent the prime market segment. The adoption of cloud-based SAMM will gather pace as the need for real-time security intelligence and protection, big data analytics and advanced targeted threat protection heightens.
www.nixu.com
/nixuoy
@nixuCDC
/company/nixu-oy
