evolve to demand. demand to evolve by igor volovich

15
EVOLVE TO DEMAND. DEMAND TO EVOLVE. IGOR VOLOVICH, CEO, ROMAD CYBER | FORMER CISO, SCHNEIDER ELECTRIC AMERICAS

Upload: ec-council

Post on 15-Apr-2017

593 views

Category:

Technology


0 download

TRANSCRIPT

Page 1: EVOLVE to demand. demand to evolve by Igor Volovich

EVOLVE TO DEMAND. DEMAND TO EVOLVE.IGOR VOLOVICH, CEO, ROMAD CYBER | FORMER CISO, SCHNEIDER ELECTRIC AMERICAS

Page 2: EVOLVE to demand. demand to evolve by Igor Volovich

PROGRAM NOTE

X 25CISO, VP Global InfoSec

Page 3: EVOLVE to demand. demand to evolve by Igor Volovich

IS IT GETTING BETTER?

DBIR 2016

“IT staff continue to struggle with detection and response. Indeed, internal breach discovery detected fewer incidents than did fraud detection, third parties, and law enforcement.”

- Tripwire

Page 4: EVOLVE to demand. demand to evolve by Igor Volovich

OR DO YOU FEEL THE SAME?New malware strains per year

Page 5: EVOLVE to demand. demand to evolve by Igor Volovich

WILL IT MAKE IT EASIER ON YOU NOW?

Page 6: EVOLVE to demand. demand to evolve by Igor Volovich

YOU GOT SOMEONE TO BLAME

“How I learned to stop worrying and accept the breach.”

- Modern CISO

“Compromise is inevitable. Consider yourself breached.”

- Industry experts

“Prevention is no longer an option. Focus on detection and response.”

- Cyber vendors

Page 7: EVOLVE to demand. demand to evolve by Igor Volovich

ARE WE MAKING PROGRESS?

DETECT PREVENT RESPOND

1980 1990 2000 2010

Page 8: EVOLVE to demand. demand to evolve by Igor Volovich

IF WE HAD REAL ANSWERS…

New malware strains per yearTotal known malware strains% of total new malware by days observed

(6 months)

45% of new strains active <24hrs

• Attackers exploit inherent flaws in reactive defense models• Commoditization of attack tradecraft drives threat volume• Cybercrime remains lucrative, accessible, relatively risk-free

Page 9: EVOLVE to demand. demand to evolve by Igor Volovich

EVOLVING TO DISRUPT“We must work to raise the

cost for the adversary and disrupt cybercrime economic models.”

James Trainor, Jr.Assistant Director,Cyber Division, FBI

DETECT PREVENT RESPOND DISRUPT

$

CYBERCRIMEVALUE CHAIN

Page 10: EVOLVE to demand. demand to evolve by Igor Volovich

MAKING MONEY WITH MALWARE

Exploit kit developed

Malware family developed

Malware kit published

1

2

3●●●

NO DEFENSE AGAINSTNEW MALWARE VARIANTS

Vulnerability discovered

Exposurewindow opens Active malware

distribution begins

Derivativevariants produced

= $

SIGNATURES DISTRIBUTED

EXPLOITATION CYCLE RESTARTS

1

2

3

$ - Time-to-detection gap

Months Seconds/Minutes Hours/Days

General detectioncoverage

First detectioncoverage

Page 11: EVOLVE to demand. demand to evolve by Igor Volovich

TURNING THE TABLES

Exploit developed

Malware family developed

Malware kit published

1

2

3●●●

Vulnerability discovered

Derivativevariants produced

Skill & Cost Accessibility

Cybercrime Economics

Traditional defender focus

Treat the problem,not the symptom.Hit them whereit hurts.

Page 12: EVOLVE to demand. demand to evolve by Igor Volovich

STACKS OF BANDAIDS AREN’T ENOUGH

• Incremental legacy solutions cannot cope• Attacker motivation remains strong, risk negligible• Reactive models have outlived themselves• It’s too dangerous to go alone, bring friends•Must disrupt cybercrime economics – but how?• Law-enforcement attribution-based models don’t scale

Page 13: EVOLVE to demand. demand to evolve by Igor Volovich

NEXT-GEN ?

?

Behavioral

Sustainable

Reliable

ScalableAutonomous

Disruptive

Proactive

Page 14: EVOLVE to demand. demand to evolve by Igor Volovich

EVOLVE TO DEMAND, DEMAND TO EVOLVE

PRODUCTS SOLUTIONS

FEATURES CAPABILITIES

EFFICIENCIES OUTCOMES

DEFENDING DISRUPTING

REACTIVE PREDICTIVE

Page 15: EVOLVE to demand. demand to evolve by Igor Volovich

BE THE CHANGE YOU SEEK

“Ask not what our cyber industry can do for you – ask what you can do for our cyber industry.”

-Not JFK

THANK YOU