Battling Savvy Cyber Thieves

Speaker: Roger Thornton, CTO, AlienVault

Prevention has proven to be elusive2013 “Cost of Cybercrime Study”, Ponemon Institute

A detailed study of 56 “Large US firms”

Results: 102 successful intrusions between them

Every Week!

“There are two types of companies that use computers. Victims of crime that know they are victims of crime and victims of crime that don’t

have a clue yet.”

James Routh, 2007 CISO Depository Trust Clearing Corporation

“How would you change your strategy if you knew for certain that you were going to

be compromised?”

Martin Roesch, 2013 Founder & CTO Sourcefire, Author SNORT

So many security technologies to choose from

Given the 10 most recommended technologies and the pricing range, an organization could expect to spend anywhere from $225,000 to $1.46m in its first year, including technology and staff.

Source: The Real Cost of Security, 451 Research, April 2013

Factor into this:Initial Licensing CostsImplementation / Optimization CostsOngoing Management CostsRenewal Costs Integration of all the security technologiesTraining of personnel/incoming personnel

Questions for SIEM VendorsHINT: PRINT THIS OUT FOR THE NEXT TIME THEY CALL YOU….

1. How long from installation to security insight?

2. integration work measured in years, months or hours?

3. Do you simply integrate data from security tools (SIEM), or embed tools and orchestrate into effective incident response workflows (USM)?

e.g. asset inventories, IDS, vulnerability scans, netflows, etc.

4. What is the real TCO - licensing, consulting, implementation and maintenance/tuning fees?

5. A list of alarms or step-by-step instructions on how to confirm, respond and mitigate threats?

6. Is there a community for threat sharing? If so, how large, broad and open?