Featuring Marty Legg, Cloud Services Director SecureData
Security technology continues to change with expanding perimeters, massive data, and siloed solutions causing an all-out asymmetric battle! In the middle of it all, large organizations must ensure the highest security while up against ever changing technology, complex regulations, and the need for more specialists and more skills training across the board.
Today’s security landscape causes a strategic security conundrum. Security spend continues to rise … $9.6B in 2006; $22B in 2012; and by 2017 it’s estimated to hit more than $30B. And yet … 621 breaches were reported in the last 12 months, up 23 percent over the past 3 years.
So why are we not winning the battle?
Powerful Google developer tools for immediate impact! (2023-24 C)
Infosec 2014: Intelligence as a Service: The Future of Frontline Security
1. 1
Marty Legg
Director of Cloud Services
The complete security services provider
THREAT INTELLIGENCE
A NEW APPROACH TO
COMBATING CYBERCRIME
SecureData
www.secdata.com | +44 (0) 1622 723400
2. 2
THE CURRENT SECURITY LANDSCAPE
EXPANDING PERIMETER
SILOED SOLUTIONS
DROWNING IN DATA
ASYMETRIC BATTLE
MORE TECHNOLOGY
COMPLEX REGULATIONS
MORE SPECIALISTS
MORE SKILLS TRAINING
3. THE SECURITY CONUNDRUM
3
SECURITY
SPEND
CONTINUES
TO RISE
$30.1 billion
spend by 2017
Up from $9.6
billion in 2006
BUT SO
DOES THE
NUMBER OF
BREACHES
621 reported in
the last 12
months
Up 23% over
three years
WE ARE NOT
WINNING
THE BATTLE
Organisations
on the front line
need a new
approach
5. 5
COMPLETE SECURITY PROCESS
REMEDIATION
CONTEXTUAL
RISK PROFILE
CORRELATED
THREAT AND
SECURITY
INTELLIGENCE
EARLY
THREAT
DETECTION
REAL-TIME
RISK
ASSESSMENT
AUTOMATED
NETWORK
PROTECTION
THREAT
PREVENTION
EXPERTISE
AND
PROCESS
RAPID AND
EXPERIENCED
RESPONSE
6. WHICH PRESENTS NEW CHALLENGES
6
MORE HARDWARE
MORE COMPLEXITY
MORE RESOURCES
DIVERSE SKILLS
MORE COSTS
7. CLOUD SERVICES CHANGE THE GAME
7
GLOBAL
CONTEXT
LEVERAGE
HARDWARE
IMPROVE SPEED TO
REMEDIATE
LOWER
COST
IMPROVE THREAT
DETECTION
LEVERAGE
PEOPLE
WE CAN ABSTRACT
INTELLIGENCE
CENTRAL BRAIN
AND DELIVER IT
AS A SERVICE
INFRASTRUCTURE CUSTOMER OPERATIONS
SECUREDATA SOC
9. EXPERT INTERPRETATION
Over 500 customers
24x 7 SOC
Cyber Threat Special Opps Unit
SensePost world class consultancy
9
CUSTOMER ENVIRONMENT
All logs from your existing network and security devices
CONTEXTUAL ENVIRONMENT
Relevant feeds of macro security data
SINGLE SOURCE OF CONTEXTUAL THREAT INTELLIGENCE
FASTER ADVANCED THREAT DETECTION
RAPID INCIDENT RESPONSE
CRUNCHES
& CORRELATES
DATA
THREAT
INTELLI-
GENCE
FEEDS
OPEN
SOURCE
DATA
OUR
SECURITY
EXPERTISE
CRITICAL
SYSTEM
DATA
KEY SERVICE COMPONENTS
ASSESSES
RISK
APPLIES
PROTECTION
DETECTS
THREATS
RESPONDS
& REMEDIATES
UNIQUE,
POWERFUL
CLOUD BRAIN
Best in class hardware
Proprietary software
Big Data analytics engine
Management tools
SECURITY BIG
DATA
Collection
Unification
Correlation
Link analysis
OUTPUTS
Custom, complete,
contextual security
intelligence
Real time
Actionable
10. HUNDREDS
OF SECURITY INCIDENTS
IDENTIFIED
10
SIEM PLATFORM
Class Leading
24 x 7 SOC
Management & response
REMEDIATION
SENSEPOST
Advanced Intelligence
White Glove Response
HARDWARE
TECHNOLOGY
SOFTWARE
ALGORITHM
ANALYTICS
Risk
Mgmt Tool
AFFINITY SECURE
MALTEGO
Big Data Analytics
SDN
Network Management Tools
EXPERT PEOPLE
MILLIONS
OF LOGS COLLECTED
AND ANALYSED
TENS
OF ALERTS INVESTIGATED
INDIVIDUAL
THREATS WITH ACTIONABLE INTELLIGENCE
REVIEW
THREAT FEEDS
Contextual Threat Intelligence
CUSTOMER
ENVIRONMENT
CUSTOMER
ENVIRONMENT
EXTERNAL
LANDSCAPE
CUSTOMER
VULNERABILITY
Scanning
INTELLIGENT BRAIN FUNCTION
11. WHAT INTELLIGENCE AS A SERVICE DELIVERS
11
REALTIME
RISKPROFILING
ASSURED
COMPLIANCE
EARLIERTHREAT
DETECTION
BIGDATA
VALUECREATION
RESOURCE
EFICIENCY
FASTER
REMEDIATION
REDUCED
DISRUPTION
STRATEGIC REQUIREMENTS: COMPLETE END-TO-END SECURITY APPROACH
REAL-TIME RISK
ASSESSMENT
CONTEXTUAL RISK
PROFILE
CORRELATED
THREAT
INTELLIGENCE
EARLY THREAT
DETECTION
AUTOMATED
NETWORK
PROTECTION
THREAT
PREVENTION
EXPERTISE AND
PROCESS
RAPID AND
EXPERIENCED
RESPONSE
CORE SECURITY FUNCTIONS: UNDERTAKES (REPLACES OR COMPLEMENTS) KEY FUNCTIONS
12. DELIVERY MODEL
12
Our beliefs
MONITOR
Affinity
Secure
Operational
monitoring,
trend
analysis, and
alerting
LOG
MANAGEMENT
Collection of
logs from
multiple
customer
systems for
Event and
Incident
Management
COMPLIANCE
& REPORTING
Produce PCI
or other
compliance
reports on a
regular basis
CORRELATION
Allows full
scope of
reporting and
alarms on
multiple
events
correlated
with time.
ADVANCED
INTELLIGENCE
Allows time-
bound
correlation of
events on
multiple
platforms
Threat
Analytics
Big Data
threat
analytics with
customised
transforms
Remediation
Forensic
threat
inspection
and
remediation
1 2 3 4 5
BASE CUSTOM
MATURITY / PHASE
SENSE POST WHITE GLOVE SERVICE
VULNERABILITY SCANNING
RISK CONTROL
SECURE DATA SOC MANAGED SERVICES
THREAT MANAGER
ADDITIONAL
SERVICES
13. 13
summary
CURRENT
MODEL IS
BROKEN
Defence in
depth with
siloed point
solutions
WE NEED A
COMPLETE
SECURITY
PROCESS
ADPR must
underpin all
solutions
LEVERAGE
SOLUTIONS
AND PEOPLE
IN THE
CLOUD
Scale,
Expertise and
lower cost
GLOBALISED
THREAT
INTELLIGENCE
Centralised
database of
threat
intelligence
and analytics
EARLIER
THREAT
DETECTION /
REMEDIATION
Contextualised
actionable
threat
intelligence
LOWER
COST
No hardware,
no software,
less resource
consumable
service
14. 14
THANK YOU
Marty Legg
Director of Cloud Services
SecureData
The complete security services provider
Marty.Legg@secdata.com
www.secdata.com | +44 (0) 1622 723400