security summit verona ruolo degli utenti nella... · il ruolo degli utenti nella security: ......
TRANSCRIPT
![Page 1: Security Summit Verona ruolo degli utenti nella... · Il ruolo degli utenti nella security: ... Luca Nilo Livrieri –Sales Engineer Manager Italy & Iberia. ... Supply Chain Customers](https://reader031.vdocuments.net/reader031/viewer/2022022115/5c73464509d3f28e198b4c51/html5/thumbnails/1.jpg)
Security Summit Verona
Il ruolo degli utenti nella
security: superficiali, vittime
e insider
5 Ottobre 2016
Luca Mairani
![Page 2: Security Summit Verona ruolo degli utenti nella... · Il ruolo degli utenti nella security: ... Luca Nilo Livrieri –Sales Engineer Manager Italy & Iberia. ... Supply Chain Customers](https://reader031.vdocuments.net/reader031/viewer/2022022115/5c73464509d3f28e198b4c51/html5/thumbnails/2.jpg)
© CLUSIT 2010 - Titolo - Autore© CLUSIT 2016 –– Luca Mairani
Il paradosso del gatto di Schrödinger
![Page 3: Security Summit Verona ruolo degli utenti nella... · Il ruolo degli utenti nella security: ... Luca Nilo Livrieri –Sales Engineer Manager Italy & Iberia. ... Supply Chain Customers](https://reader031.vdocuments.net/reader031/viewer/2022022115/5c73464509d3f28e198b4c51/html5/thumbnails/3.jpg)
© CLUSIT 2010 - Titolo - Autore
L’utente si evolve
© CLUSIT 2016 –– Luca Mairani
![Page 4: Security Summit Verona ruolo degli utenti nella... · Il ruolo degli utenti nella security: ... Luca Nilo Livrieri –Sales Engineer Manager Italy & Iberia. ... Supply Chain Customers](https://reader031.vdocuments.net/reader031/viewer/2022022115/5c73464509d3f28e198b4c51/html5/thumbnails/4.jpg)
© CLUSIT 2010 - Titolo - Autore© CLUSIT 2016 – Luca Mairani
OPERATORI CHE NON RISPETTANO
LE PROCEDURE DI SICUREZZA
LOW PROFILE
INSIDERS
HIGH PROFILE
INSIDERS
Organizzazione
Hacker
Hacktivist
Social
Engineer
Dati non StrutturatiDati Strutturati
ToolKit
Sql Injection
Malware
Bruteforce
Social Network
Telefono
Spazzatura
Phishing
Ricatto
CRIMINALITA’ ORGANIZZATA
Storage Online
Mail Personali
USB Stick
Smartphone
Tablet
Risentimento
verso l’azienda
Danni immagine
Tecnomediazione
Furto su
ordinazione
Ricatto
INCONSAPEVOLI
Infetti
Processi di
business errati
![Page 5: Security Summit Verona ruolo degli utenti nella... · Il ruolo degli utenti nella security: ... Luca Nilo Livrieri –Sales Engineer Manager Italy & Iberia. ... Supply Chain Customers](https://reader031.vdocuments.net/reader031/viewer/2022022115/5c73464509d3f28e198b4c51/html5/thumbnails/5.jpg)
Grazie
Autore: Luca Mairani
![Page 6: Security Summit Verona ruolo degli utenti nella... · Il ruolo degli utenti nella security: ... Luca Nilo Livrieri –Sales Engineer Manager Italy & Iberia. ... Supply Chain Customers](https://reader031.vdocuments.net/reader031/viewer/2022022115/5c73464509d3f28e198b4c51/html5/thumbnails/6.jpg)
Copyright © 2016 Forcepoint. All rights reserved.
Il ruolo degli utenti nella
security: superficiali, vittime e
insider
Verona – 5 Ottobre 2016
Luca Nilo Livrieri – Sales Engineer Manager Italy & Iberia
![Page 7: Security Summit Verona ruolo degli utenti nella... · Il ruolo degli utenti nella security: ... Luca Nilo Livrieri –Sales Engineer Manager Italy & Iberia. ... Supply Chain Customers](https://reader031.vdocuments.net/reader031/viewer/2022022115/5c73464509d3f28e198b4c51/html5/thumbnails/7.jpg)
Copyright © 2016 Forcepoint. All rights reserved. | 7
Commercial Leaderwith
Content Security & DLP
Cloud / On-Premise / Hybrid
Pioneer on Cyber Frontlineswith
Financial Resources
Deep Understanding of Threat Detection
Networking Innovatorwith
Advanced Evasion Prevention
Security at Scale
NEW COMPANY, UNIQUELY FORMED TO
OFFER A NEW APPROACH TO SECURITY
![Page 8: Security Summit Verona ruolo degli utenti nella... · Il ruolo degli utenti nella security: ... Luca Nilo Livrieri –Sales Engineer Manager Italy & Iberia. ... Supply Chain Customers](https://reader031.vdocuments.net/reader031/viewer/2022022115/5c73464509d3f28e198b4c51/html5/thumbnails/8.jpg)
Copyright © 2016 Forcepoint. All rights reserved. | 8
DATA
NETWORKS
Mobile
Office
OtherLocations
Partners &Supply Chain
Customers
Cloud Apps
Corp Servers
Websites
EndpointMedia
IN THE CLOUD, ON THE ROAD, IN THE OFFICE
MODERN BUSINESS IS ALL ABOUT SAFELY CONNECTING USERS TO DATA
USERS
![Page 9: Security Summit Verona ruolo degli utenti nella... · Il ruolo degli utenti nella security: ... Luca Nilo Livrieri –Sales Engineer Manager Italy & Iberia. ... Supply Chain Customers](https://reader031.vdocuments.net/reader031/viewer/2022022115/5c73464509d3f28e198b4c51/html5/thumbnails/9.jpg)
WHAT IS THE INSIDER THREAT?
![Page 10: Security Summit Verona ruolo degli utenti nella... · Il ruolo degli utenti nella security: ... Luca Nilo Livrieri –Sales Engineer Manager Italy & Iberia. ... Supply Chain Customers](https://reader031.vdocuments.net/reader031/viewer/2022022115/5c73464509d3f28e198b4c51/html5/thumbnails/10.jpg)
Copyright © 2016 Forcepoint. All rights reserved.
Vittime (infetti)
Malicious OutsiderPosing as an Insider
Insider
Disgruntled EmployeeIntentionally doing wrong
Superifciali
Accidental InsiderUnknowingly exposing
the organization to risk
Each of these scenarios demonstrates how people introduce risk to an organization
![Page 11: Security Summit Verona ruolo degli utenti nella... · Il ruolo degli utenti nella security: ... Luca Nilo Livrieri –Sales Engineer Manager Italy & Iberia. ... Supply Chain Customers](https://reader031.vdocuments.net/reader031/viewer/2022022115/5c73464509d3f28e198b4c51/html5/thumbnails/11.jpg)
Copyright © 2016 Forcepoint. All rights reserved. Copyright © 2016 Forcepoint. All rights reserved. | 11
Insider Threat Customer Needs
1. As a security and risk executive I need to
know which individuals in my organization
are behaving in ways that pose the
greatest potential risk and why so that I
can understand the risk and manage it
appropriately.
2. As a security and risk executive who has
identified a specific user in my organization
as a source of potential risk, I need to
quickly and thoroughly understand that
user’s potentially risky behavior and the
context around it so that I can take quick
action to mitigate the potential risk with an
appropriate remediation.
![Page 12: Security Summit Verona ruolo degli utenti nella... · Il ruolo degli utenti nella security: ... Luca Nilo Livrieri –Sales Engineer Manager Italy & Iberia. ... Supply Chain Customers](https://reader031.vdocuments.net/reader031/viewer/2022022115/5c73464509d3f28e198b4c51/html5/thumbnails/12.jpg)
Copyright © 2016 Forcepoint. All rights reserved. | 12
VISIBILITY IS AT THE CRUX OF THE ISSUE
The digital revolution has obfuscated visibility
Organizations cannot manage threats they cannot see
Industrial Age Digital Age
Restoring Visibility
TECHNOLOGY
VISIBILITY
Need technology that collects & analyzes, pinpoints
riskiest users restoring visibility into risky behaviors
![Page 13: Security Summit Verona ruolo degli utenti nella... · Il ruolo degli utenti nella security: ... Luca Nilo Livrieri –Sales Engineer Manager Italy & Iberia. ... Supply Chain Customers](https://reader031.vdocuments.net/reader031/viewer/2022022115/5c73464509d3f28e198b4c51/html5/thumbnails/13.jpg)
Copyright © 2016 Forcepoint. All rights reserved. | 13
SO DO I NEED A DLP SOLUTION ?
![Page 14: Security Summit Verona ruolo degli utenti nella... · Il ruolo degli utenti nella security: ... Luca Nilo Livrieri –Sales Engineer Manager Italy & Iberia. ... Supply Chain Customers](https://reader031.vdocuments.net/reader031/viewer/2022022115/5c73464509d3f28e198b4c51/html5/thumbnails/14.jpg)
Copyright © 2016 Forcepoint. All rights reserved. | 14
Worldwide Sales Conference 2016, Proprietary & Confidential | 14
INSIDER THREAT & DATA PROTECTION PRODUCTS NEED EACH OTHER
• DLP identifies risky data behaviors AND then users need to be investigated
• Behavioral Insider Threat identifies risky users AND then data protection controls
need to be put in place
TRITON AP-DATA (DLP)
![Page 15: Security Summit Verona ruolo degli utenti nella... · Il ruolo degli utenti nella security: ... Luca Nilo Livrieri –Sales Engineer Manager Italy & Iberia. ... Supply Chain Customers](https://reader031.vdocuments.net/reader031/viewer/2022022115/5c73464509d3f28e198b4c51/html5/thumbnails/15.jpg)
Copyright © 2016 Forcepoint. All rights reserved. | 15
THE SOLUTION: FORCEPOINT INSIDER THREAT
RISK?
YES
NO
BEHAVIORS
Forcepoint Insider Threat applies user behavior analytics to mitigate the insider threat
![Page 16: Security Summit Verona ruolo degli utenti nella... · Il ruolo degli utenti nella security: ... Luca Nilo Livrieri –Sales Engineer Manager Italy & Iberia. ... Supply Chain Customers](https://reader031.vdocuments.net/reader031/viewer/2022022115/5c73464509d3f28e198b4c51/html5/thumbnails/16.jpg)
Copyright © 2016 Forcepoint. All rights reserved.
Worldwide Sales Conference 2016, Proprietary & Confidential | 16
Ah-Mr. Snowden
CYBER THREATS INDICATORS
Abnormal after hours access by a
contractor in Hawaii
Huge transfers of data to USB Abnormal account usage across 20-
25 peer accounts all linked to
Snowden’s IP address
Abnormal Administrator account
activity
Unusual lateral movement on the
network
![Page 17: Security Summit Verona ruolo degli utenti nella... · Il ruolo degli utenti nella security: ... Luca Nilo Livrieri –Sales Engineer Manager Italy & Iberia. ... Supply Chain Customers](https://reader031.vdocuments.net/reader031/viewer/2022022115/5c73464509d3f28e198b4c51/html5/thumbnails/17.jpg)
Copyright © 2016 Forcepoint. All rights reserved. | 17
User Risk Scoring• Create a composite risk score for
individual users based on their behavior over a specified period of time
• Consumer of the score is a non-technical analyst who needs to make a decisionabout risk
• Risk score and associated behavior can be explained through simple narratives
• Composite scores consider both:
• Machine-based analysis of behavioral patterns (behavioral audit)
• Alerts based on deterministic policies(indicators of risk)
• Extensible architecture will support future advancements and additional analytical models
![Page 18: Security Summit Verona ruolo degli utenti nella... · Il ruolo degli utenti nella security: ... Luca Nilo Livrieri –Sales Engineer Manager Italy & Iberia. ... Supply Chain Customers](https://reader031.vdocuments.net/reader031/viewer/2022022115/5c73464509d3f28e198b4c51/html5/thumbnails/18.jpg)
Copyright © 2016 Forcepoint. All rights reserved. | 18
CONFIGURATION SVIT - PREDEFINED
![Page 19: Security Summit Verona ruolo degli utenti nella... · Il ruolo degli utenti nella security: ... Luca Nilo Livrieri –Sales Engineer Manager Italy & Iberia. ... Supply Chain Customers](https://reader031.vdocuments.net/reader031/viewer/2022022115/5c73464509d3f28e198b4c51/html5/thumbnails/19.jpg)
Copyright © 2016 Forcepoint. All rights reserved. | 19
FORCEPOINT INSIDER THREAT COMMAND CENTER
Organization 30 Day Risks
Top Daily Risks
Top Riskiest People
![Page 20: Security Summit Verona ruolo degli utenti nella... · Il ruolo degli utenti nella security: ... Luca Nilo Livrieri –Sales Engineer Manager Italy & Iberia. ... Supply Chain Customers](https://reader031.vdocuments.net/reader031/viewer/2022022115/5c73464509d3f28e198b4c51/html5/thumbnails/20.jpg)
Copyright © 2016 Forcepoint. All rights reserved. | 20
COMMAND CENTER
30 Day History
Risk Score Activities
Filters
Activities
![Page 21: Security Summit Verona ruolo degli utenti nella... · Il ruolo degli utenti nella security: ... Luca Nilo Livrieri –Sales Engineer Manager Italy & Iberia. ... Supply Chain Customers](https://reader031.vdocuments.net/reader031/viewer/2022022115/5c73464509d3f28e198b4c51/html5/thumbnails/21.jpg)
Copyright © 2016 Forcepoint. All rights reserved. | 21
INCIDENT MANAGEMENT
![Page 22: Security Summit Verona ruolo degli utenti nella... · Il ruolo degli utenti nella security: ... Luca Nilo Livrieri –Sales Engineer Manager Italy & Iberia. ... Supply Chain Customers](https://reader031.vdocuments.net/reader031/viewer/2022022115/5c73464509d3f28e198b4c51/html5/thumbnails/22.jpg)
Copyright © 2016 Forcepoint. All rights reserved. | 22
SUREVIEW INSIDER THREAT ARCHITECTURE
Application
General
Clipboard Email File Keyboard Logon Printer Process System Info Video Web Web URL Webmail
(Gmail, Yahoo,
Outlook)
![Page 23: Security Summit Verona ruolo degli utenti nella... · Il ruolo degli utenti nella security: ... Luca Nilo Livrieri –Sales Engineer Manager Italy & Iberia. ... Supply Chain Customers](https://reader031.vdocuments.net/reader031/viewer/2022022115/5c73464509d3f28e198b4c51/html5/thumbnails/23.jpg)
Copyright © 2016 Forcepoint. All rights reserved. | 23
THREATSEEKER INTELLIGENCE CLOUD
CONTENT
SECURITY
SECURITY
FOR CLOUD
NETWORK
SECURITY
TRITON 4D PLATFORM
ACE SECURITY SERVICES
UNIFIED MANAGEMENT
APIs
INSIDER THREAT
DATA PROTECTION
Combined Product Platform Vision
USERS
DATA
NETWORKS