treat cyber like a disease
TRANSCRIPT
![Page 1: Treat Cyber Like a Disease](https://reader031.vdocuments.net/reader031/viewer/2022030303/587ad7931a28ab542b8b47bb/html5/thumbnails/1.jpg)
How to Treat Cyber Like a Disease:Through Familiar Data Collection and
Analysis Approaches
![Page 2: Treat Cyber Like a Disease](https://reader031.vdocuments.net/reader031/viewer/2022030303/587ad7931a28ab542b8b47bb/html5/thumbnails/2.jpg)
Today’s Speaker
2
Jason PolancichFounder & Chief ArchitectSurfWatch Labs
![Page 3: Treat Cyber Like a Disease](https://reader031.vdocuments.net/reader031/viewer/2022030303/587ad7931a28ab542b8b47bb/html5/thumbnails/3.jpg)
POLLING QUESTION
How do you know what your specific cyber risks are? (Select the most appropriate answer)
A. Threat data feedB. SIEMC. Managed service provider/consultantsD. Internally research cyber threatsE. We don’t know
3
![Page 4: Treat Cyber Like a Disease](https://reader031.vdocuments.net/reader031/viewer/2022030303/587ad7931a28ab542b8b47bb/html5/thumbnails/4.jpg)
Notice Anything Wrong Here?
4
![Page 5: Treat Cyber Like a Disease](https://reader031.vdocuments.net/reader031/viewer/2022030303/587ad7931a28ab542b8b47bb/html5/thumbnails/5.jpg)
Too Many Threats, Too Many Wide Open Doors
5
![Page 6: Treat Cyber Like a Disease](https://reader031.vdocuments.net/reader031/viewer/2022030303/587ad7931a28ab542b8b47bb/html5/thumbnails/6.jpg)
Do You Know It’s Coming?
Healthcare Targets Have Been “Low Hanging Fruit” for Cybercriminals•Large health insurers•Local dentists•Specialized healthcare IT consulting firms•Hospital chains•Plastic surgery clinics•Small regional hospitals•Dialysis center chains•Small insurance claims processing shops
6
![Page 7: Treat Cyber Like a Disease](https://reader031.vdocuments.net/reader031/viewer/2022030303/587ad7931a28ab542b8b47bb/html5/thumbnails/7.jpg)
Dark Web: Unforeseen Threats
7
![Page 8: Treat Cyber Like a Disease](https://reader031.vdocuments.net/reader031/viewer/2022030303/587ad7931a28ab542b8b47bb/html5/thumbnails/8.jpg)
What’s the Definition of Insanity?
8
![Page 9: Treat Cyber Like a Disease](https://reader031.vdocuments.net/reader031/viewer/2022030303/587ad7931a28ab542b8b47bb/html5/thumbnails/9.jpg)
This Cyber Emergency Requires a Different Approach
9
The reactionary/crisis-mode cybersecurity approach is not working! What we need is…
Consistent, managed and scientific cybersecurity strategy based on long-term commitment to data collection and analysis.
![Page 10: Treat Cyber Like a Disease](https://reader031.vdocuments.net/reader031/viewer/2022030303/587ad7931a28ab542b8b47bb/html5/thumbnails/10.jpg)
Where to Start? Follow in the Footsteps of PSOs
A Patient Safety Organization (PSO) is a group, institution or association that improves medical care by reducing medical errors. Common functions of patient safety organizations are data collection and analysis, reporting, education, funding and advocacy.
Replace “medical care” with “cyber” and you almost have it right?
10
![Page 11: Treat Cyber Like a Disease](https://reader031.vdocuments.net/reader031/viewer/2022030303/587ad7931a28ab542b8b47bb/html5/thumbnails/11.jpg)
Comparing PSOs to Cyber Risk Intelligence
PSO Cyber Risk IntelligenceCollects data on prevalence and individual details of errors.
Collects data on cyber activity from OSINT, dark web and internal users.
Analyzes sources of error by root cause analysis. Standardizes cyber event data into ATEP model and analyzes for trends.
Proposes and disseminates methods for error prevention.
Speeds response (and pre-response) to incidents.
Designs and conducts projects to study safety initiatives including monitoring of results.
Manages risks across your internal organization and supply chain.
Raises awareness and informs the public, health pros, providers, purchasers and employers.
Raises cross-organizational situational awareness of cyber risks.
Conducts fundraising and provides funding for research and safety projects.
Prioritizes the most effective use of tactical cybersecurity solutions.
Advocates for regulatory and legislative changes. Educates and informs your management and peers.
11
![Page 12: Treat Cyber Like a Disease](https://reader031.vdocuments.net/reader031/viewer/2022030303/587ad7931a28ab542b8b47bb/html5/thumbnails/12.jpg)
It All Starts with Data…
12
![Page 13: Treat Cyber Like a Disease](https://reader031.vdocuments.net/reader031/viewer/2022030303/587ad7931a28ab542b8b47bb/html5/thumbnails/13.jpg)
… The Intel is There
13
![Page 14: Treat Cyber Like a Disease](https://reader031.vdocuments.net/reader031/viewer/2022030303/587ad7931a28ab542b8b47bb/html5/thumbnails/14.jpg)
How Do You Get Here?
• Sound risk management is founded in evaluated intelligence, just like a PSO
• Simplify the complex cyber world into what matters– Who attacked who/what?– How was the attack carried out?– What was the impact?
14
![Page 15: Treat Cyber Like a Disease](https://reader031.vdocuments.net/reader031/viewer/2022030303/587ad7931a28ab542b8b47bb/html5/thumbnails/15.jpg)
It Requires Diligent Collection of Cyber Data
15
![Page 16: Treat Cyber Like a Disease](https://reader031.vdocuments.net/reader031/viewer/2022030303/587ad7931a28ab542b8b47bb/html5/thumbnails/16.jpg)
Cyber Risk Data Must Be Linked to Your Organization
16
![Page 17: Treat Cyber Like a Disease](https://reader031.vdocuments.net/reader031/viewer/2022030303/587ad7931a28ab542b8b47bb/html5/thumbnails/17.jpg)
POLLING QUESTION
Do you have a formal threat intelligence and analysis organization/program? (Select the most appropriate answer)
A.Our IT/cybersecurity team handles thisB.Our manager service provider handles thisC.NoD.I don’t knowE.Not yet, but planning on it
17
![Page 18: Treat Cyber Like a Disease](https://reader031.vdocuments.net/reader031/viewer/2022030303/587ad7931a28ab542b8b47bb/html5/thumbnails/18.jpg)
IntroducingSurfWatch Labs
![Page 19: Treat Cyber Like a Disease](https://reader031.vdocuments.net/reader031/viewer/2022030303/587ad7931a28ab542b8b47bb/html5/thumbnails/19.jpg)
Bridge the Gap Between Low-Level Tactics & Strategic Insights
19
![Page 20: Treat Cyber Like a Disease](https://reader031.vdocuments.net/reader031/viewer/2022030303/587ad7931a28ab542b8b47bb/html5/thumbnails/20.jpg)
SurfWatch Healthcare Case Study
20
Large Non-Profit Healthcare System Business Drivers•Wanted to be able to produce their own executive-level cyber reports •“Because it’s real-time, SurfWatch provides way more insight on the cyber world in healthcare than our consulting firm was providing us.”
SurfWatch Advantages:•Gives full control of cyber reports produced for management•Adds real-time cyber insights within the healthcare market•Fraction of the cost of what company was paying consultant for static info
![Page 21: Treat Cyber Like a Disease](https://reader031.vdocuments.net/reader031/viewer/2022030303/587ad7931a28ab542b8b47bb/html5/thumbnails/21.jpg)
Solution Demonstration
21
![Page 22: Treat Cyber Like a Disease](https://reader031.vdocuments.net/reader031/viewer/2022030303/587ad7931a28ab542b8b47bb/html5/thumbnails/22.jpg)
Next Steps and Q&A
22
Read the 2015 Mid-Year Cyber Risk Report: info.surfwatchlabs.com/2015-mid-year-cyber-risk-report
Download Sample Dark Web Intel Report:info.surfwatchlabs.com/dark-web-report
Schedule a Demonstration:
•SurfWatch C-Suite:info.surfwatchlabs.com/request-demo
•Dark Web Intelligence Service:info.surfwatchlabs.com/dark-web-service-consultation
![Page 23: Treat Cyber Like a Disease](https://reader031.vdocuments.net/reader031/viewer/2022030303/587ad7931a28ab542b8b47bb/html5/thumbnails/23.jpg)
Thank You!
Follow us at:
www.surfwatchlabs.com