risk analytics: one intelligent view

SIGS _ Dec 2014

Security Interest Group Switzerland

Risk Analytics – One Intelligent View

www.skyboxsecurity.com

[email protected]

+49 40 31979956

Thomas Wendrich, Director CEUR, Skybox Security

Simon Roe, EMEA Channel Presales Director

November 2014

http://www.skyboxsecurity.com

mailto:[email protected]

© 2014 Skybox Security Inc. 3

Agenda

Cyber Risk - The Management Challenge– Facts and Figures

Live Demo

Summary


Lloyds Risk Index 2013

“The World Catches Up With Cyber Risk”

“It appears that businesses across the world have

encountered a partial reality check about the

degree of cyber risk.

Their sense of preparedness to deal with the level

of risk, however, still appears remarkably

complacent.”


Verizon Data Breach Investigations Reports

Incidents tripled over last

year’s already much

increased number

97% of breaches were

avoidable through simple or

intermediate controls (2012)


Security Management is Challenging Today

Too much output from security tools

Lack of visibility across silos

Maintaining continuous compliance

Making agile and secure changes

Understanding risk implications

Problems our customers face

Evolving threat landscape


Seeing the Battlefield

“The battlefield is a scene of constant chaos. The winner will be the one who

controls that chaos , both his own and the enemies” NAPOLEON BONAPARTE


Risk Analytics For Cyber Security?


Attackers Understand Your Attack Surface

…You Don’t

Expansion Drivers

Vulnerabilities

Endpoints

Exploits

Network access

Contraction Drivers

Network segmentation

Fixing vulnerabilities

Technical controls

Hours to attack, months to defend


Recent Snowden Leak Backs This Up

KEY

OBJECTIVE!

Source – TED Talk October 2013 – Mikko Hyponnen, Chief Risk Officer F-Secure


Is there a solution?


Network Visibility:Topology

Routing

Policies

Firewalls

Endpoints Visibility:Software

Patches

Vulnerabilities

Classification

Use Risk Analytics to Understand Your

Attack Surface—Continuously

Attack VectorsRisk Metrics

Remediation Plans

Network Visualization

Contextual Analysis


Agenda

Live Demo – Simon Roe– Overview


Agenda

Summary– Thomas Wendrich

What Do You See?


Combine Data & Give It Battlefield Context

√ 80+ Vendors integrated with Skybox

http://www.fortinet.com/

http://www.fortinet.com/

http://www.mcafee.com/common/redirectgeneric.asp?rurl=/us/default.asp

http://www.mcafee.com/common/redirectgeneric.asp?rurl=/us/default.asp


Skybox – A Critical Component of Next

Generation Cyber SOC Design

IT-GRC - Integrated Security Dashboard & Reporting

Risk Analytics

Security intelligence to

minimize risk exposure

Security Information &

Event Management

Event monitoring to detect

& respond to incidents

Cyber Security Analysts


Skybox Company SnapshotLeading provider of risk analytics solutions for security management & cyber defense

Founded 2002

Revenue Growth 50%+

Customers 400+

Countries 40

Headquarters San Jose

R&D Center Israel

Identify security gaps in minutes, not weeks


400+ Enterprise Customers in 40+ Countries

Financial

ServicesTechnology Healthcare

Government

& DefenseConsumer

Service

Providers

Energy &

Utilities

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&docid=aAC499QQ8lL3tM&tbnid=lHSuSmN90Y6JzM:&ved=0CAUQjRw&url=http://www.bestlawyers.com/firms/deloitte-abogados/44343/ES/&ei=yLbEU9ScLYWqyATThYGYBw&bvm=bv.70810081,d.aWw&psig=AFQjCNGa3dw5Bnh5I4rbd0k2oTlUNsvcyg&ust=1405487168638710

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&docid=aAC499QQ8lL3tM&tbnid=lHSuSmN90Y6JzM:&ved=0CAUQjRw&url=http://www.bestlawyers.com/firms/deloitte-abogados/44343/ES/&ei=yLbEU9ScLYWqyATThYGYBw&bvm=bv.70810081,d.aWw&psig=AFQjCNGa3dw5Bnh5I4rbd0k2oTlUNsvcyg&ust=1405487168638710

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&docid=kOT0t4JgcT6WDM&tbnid=9R00KmUPSIPtuM:&ved=0CAUQjRw&url=http://subseaworldnews.com/2014/01/24/omv-petrom-invites-tenders-for-diving-and-rov-services/&ei=lrnEU-nnGo6MyASXioDQBg&bvm=bv.70810081,d.aWw&psig=AFQjCNGzi-Mc5V2emtrdcZ3ycvP0pJ3s0Q&ust=1405487886091677

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&docid=kOT0t4JgcT6WDM&tbnid=9R00KmUPSIPtuM:&ved=0CAUQjRw&url=http://subseaworldnews.com/2014/01/24/omv-petrom-invites-tenders-for-diving-and-rov-services/&ei=lrnEU-nnGo6MyASXioDQBg&bvm=bv.70810081,d.aWw&psig=AFQjCNGzi-Mc5V2emtrdcZ3ycvP0pJ3s0Q&ust=1405487886091677

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&docid=jabkPsOzexDQOM&tbnid=_bJG-Usw0GshEM:&ved=0CAUQjRw&url=http://www.buildingalifestyle.com/news-stories-press-releases/&ei=mLrEU--TKYKbyATblYK4CQ&bvm=bv.70810081,d.aWw&psig=AFQjCNGAGCzkqUDiM21p2_vLCRgrc4Ofnw&ust=1405488140712761

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&docid=jabkPsOzexDQOM&tbnid=_bJG-Usw0GshEM:&ved=0CAUQjRw&url=http://www.buildingalifestyle.com/news-stories-press-releases/&ei=mLrEU--TKYKbyATblYK4CQ&bvm=bv.70810081,d.aWw&psig=AFQjCNGAGCzkqUDiM21p2_vLCRgrc4Ofnw&ust=1405488140712761

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&docid=sXC-QkOmVsIbVM&tbnid=SGUg3_I77pR1FM:&ved=0CAUQjRw&url=http://news.hamlethub.com/bethel/publicsafety/40473-danbury-line-commuters-to-use-harlem-line&ei=Jr3EU-ruFoWXyATVu4LIBg&bvm=bv.70810081,d.aWw&psig=AFQjCNEawa0pN9ddbMSjrhunS07YNlTeKQ&ust=1405488801992361

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&docid=sXC-QkOmVsIbVM&tbnid=SGUg3_I77pR1FM:&ved=0CAUQjRw&url=http://news.hamlethub.com/bethel/publicsafety/40473-danbury-line-commuters-to-use-harlem-line&ei=Jr3EU-ruFoWXyATVu4LIBg&bvm=bv.70810081,d.aWw&psig=AFQjCNEawa0pN9ddbMSjrhunS07YNlTeKQ&ust=1405488801992361

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&docid=uIiw_FIBKRFyZM&tbnid=q63R5fHzxC9OlM:&ved=0CAUQjRw&url=http://cenytmercosur.blogspot.com/2008_02_01_archive.html&ei=WMTEU-DRNoalyATj8YHoBg&bvm=bv.70810081,d.aWw&psig=AFQjCNGBBasElvWlbX2rTgZZDU7fzfn1Gg&ust=1405490643213823

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&docid=uIiw_FIBKRFyZM&tbnid=q63R5fHzxC9OlM:&ved=0CAUQjRw&url=http://cenytmercosur.blogspot.com/2008_02_01_archive.html&ei=WMTEU-DRNoalyATj8YHoBg&bvm=bv.70810081,d.aWw&psig=AFQjCNGBBasElvWlbX2rTgZZDU7fzfn1Gg&ust=1405490643213823

http://www.edison.com/home.html

http://www.edison.com/home.html


Monitor Compliance

Model Network

Network Security Management with Skybox

Understand network context

Analyze Firewalls

Manage Changes

Rule and configuration checks

Access path analysis

Rule optimization

Change tracking

Automated audits

PCI DSS

FISMA

NERC

NIST

Custom Policies

Automate security assessments

Verify controls continuously

Optimize change process

Change Request

Tech Details

Assess Risks

Make Change

Reconcile Verify

Network topology view

Normalize data from 70+ systems

Access simulation

www.skyboxsecurity.com

[email protected]

+49 40 31979956

Thomas Wendrich, Director CEUR, Skybox Security

Simon Roe, EMEA Channel Presales Director

November 2014

SIGS _ Dec 2014

Security Interest Group Switzerland

http://www.skyboxsecurity.com

mailto:[email protected]

risk analytics: one intelligent view

Data & Analytics