Presentation is loading. Please wait.

Presentation is loading. Please wait.

FORCEPOINT Protecting the Human Point

Similar presentations


Presentation on theme: "FORCEPOINT Protecting the Human Point"— Presentation transcript:

1 FORCEPOINT Protecting the Human Point
Fabiano Finamore – Country Manager , Iberia Market

2 Imagine por un segundo: un combate de boxeo
ESQUINA – BOXEO combate de boxeo

3 Evolution of cyber security  utente
Interact user / data Intelligence understanding people behaviour Security most vulnerable : human point Phishing Education URL Sandboxing Roaming users Confirm (DLP / WEB)

4 Principales preocupaciones
¿Cuáles son, en su opinión, las amenazas más perjudiciales para su empresa? © IDC Visit us at IDC.com and follow us on

5 En qué se centran las empresas
¿Qué importancia tienen los siguientes aspectos en su organización? © IDC Visit us at IDC.com and follow us on

6

7 MODERN BUSINESS requires SAFELY CONNECTING USERS TO DATA
Cloud Apps Mobile Corp Servers DATA USERS Office NETWORKS Websites Other Locations Partners & Supply Chain Endpoint Media Customers IN THE CLOUD, ON THE ROAD, IN THE OFFICE

8 USER BEHAVIOR PERSONAS THAT POSE RISK TO AN ORGANIZATION
INTENTIONAL USER ACCIDENTAL INSIDER COMPROMISED INSIDER Ethical rationalization Abuses privileges & access Knowingly transfers protected data externally Works around broken business processes Mistakes made during data transfer Misinterpreted training Victims of: cyber attacks social engineering bribery or blackmail INTENTIONAL INSIDER Galen Marsh – Morgan Stanley Broker - stole 10,000’s of customer records (Most wealthy) didn’t use, but just in case (FBI) ACCIDENTAL INSIDER Hospital connected to a University in a large US city – Actual customer ER doctor by day and adjunct Medical School Professor by night. COMPROMISED USER Sony Breach – originally pointed finger at SYS Admin, but turned out to be a phish / compromised user. Source Ponemon 2016

9 USER BEHAVIOR PERSONAS THAT POSE RISK TO AN ORGANIZATION
INTENTIONAL USER ACCIDENTAL INSIDER COMPROMISED INSIDER 22% 68% 10% INTENTIONAL INSIDER Ethical rationalization Abuses privileges & access Knowingly transfers protected data externally ACCIDENTAL INSIDER Works around broken business processes Mistakes made during data transfer Misinterpreted training COMPROMISED USER Victims of: cyber attacks social engineering bribery or blackmail Source Ponemon 2016

10 INTRODUCING ‘Dwell-Time’
OUTSIDE ATTACKS STOLEN STOLEN Get Back To Normal Protect as much as possible Average time to identify UNINTENTIONAL insider breaches1 158 BREACH DETECT DEFEND DECIDE Average time to identify MALICIOUS outsider attacks1 256 INITIAL COMPROMISE LATERAL MOVEMENT DEFEAT INSIDER THREATS Reduce “Dwell Time” (when threats are in your network) to minimize theft and damage BREACH FIXED The insider threat problem requires a new approach, focused on decreasing this dwell time rather than trying to craft a policy to match every possible scenario. [CLICK] An insider is someone who is already “in” the system and already has level of access and associated privileges. The same is true for an outside attacker who has stolen credentials and is acting like an insider. [CLICK] This approach requires a deep understanding of what behavior is normal for the organization and what sequences of activity are abnormal. As technology is able to help humans quickly find and verify these malicious events, the dwell time between the inception and defeat of a threat is minimized. TIMELINE INCIDENT

11 Insider Threat Mitigation
Presentation Title October 20, 2017 DLP Evolution Compliance Insider Threat Mitigation IP Protection Data Theft Prevention 2003 2010 2017 Pre-defined Compliance Policies Data Fingerprints Endpoint fingerprints OCR and Cumulative (DRIP) DLP Cloud & Mobile DLP Data Theft Risk Indicators Incident Risk Ranking Behavioral Analytics Speaker Name

12 GDPR - HOW FORCEPOINT CAN HELP
Article 30 - Security of processing - “….shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risks…” Article 31 - Notification of a personal data breach to the supervisory authority Article 32 - Communication of a personal data breach to the data subject 24h or 72h time limit Article 33 - Data protection impact assessment

13 Key Problems Insider Threat TECH Solves
Build the Picture First of all, the risk scoring solves the problem of too many false positives. Organizations typically have many tools that fire off way too many alerts. By using user behavioral analytics to prioritize these alerts, SureView Insider Threat is able to save time and money by focusing investigators on what matters most. Second, SVIT adds enterprise-wide visibility. While other tools leave investigators to manually sift through long log files, SVIT readily brings the most relevant information to the foreground. Third, SVIT addresses the problem of a lack of resources. IT talent hard to find. The simplified user interface allows even junior analysts to find and take action on critical issues. Finally, Insider Threat adds context to facilitate good decision making. The video collection provides evidence that can be reviewed to determine exactly what the context was that lead to a risky event, and allows appropriate responses without hindering business processes.

14 Comprehensive Insider Threat
DLP finds suspicious data behavior Data Loss Monitoring & Protection (DLP) DLP applies data protection controls DLP alerts INSIDER THREAT Solution COMPLETE DATA PROTECTION INSIDER THREAT Solution verifies insider INSIDER THREAT investigates data from multiple sources SureView® Insider Threat

15 Gartner MQ Leader for 8 consecutive years Over 5M endpoints protected
15 years history in protecting the world’s most sensitive organizations Market share leader in US Fed Gov Animation: DLP & 3 hexagons appear at middle of slide Click DLP & hexagons move to top left Insider Threat & 3 hexagons automatically appear at middle of slide Insider Threat & hexagons move to top right (DLP remains- do not fade out) 2 hexagons from each DLP and IT move into the middle, 2 additional hexagons animate and move into the middle from off the slide (bottom) to form a shape in the middle and the text “PROXIMO” appears next to it

16 Inadvertent Behaviors Broken Business Process
ACCIDENTAL USER/INSIDER MALICIOUS USER/INSIDER COMPROMISED USER/INSIDER Inadvertent Behaviors Poorly communicated policies and user awareness Broken Business Process Data where it shouldn’t be, not where it should be Rogue Employee Leaving the company, poor performance review Criminal Actor Employees Corporate espionage, national espionage, organized crime Malware Infections Phishing targets, breaches, BYOD contamination Stolen Credentials Credential exfiltration, social engineering, device control hygiene

17 Copies code to removable media
GOOD EMPLOYEE Leaving on monthly business trip Regularly takes work home Complies with company policies John A. Senior Developer Top 10 Hedge Fund Copies code to removable media Received bad performance review Stockpiling sensitive files on personal USB drive Copying customer details and requirements MALICIOUS INSIDER

18 Our approach enable should a broad view…
DATA EVERYWHERE USERS ANYWHERE MANY BEHAVIORS INTENT focusing on the one constant with the knowledge of intent

19 FORCEPOINT Insider Threat Command Center
Organization 30 Day Risks Top Daily Risks Top Riskiest People These user risk scores are the underlying element that drives the user experience in the SureView Insider Threat product. This is seen in the centralized dashboard view called the Command Center. The Command Center provides an organization’s risk at a glance: across the top is the organizations risk trend over the past 30 days. On the right is a quick overview of the top daily risks. The main part of the page quickly enables a deep dive into the organization’s most risky individuals, and even provides a brief explanation of what activities contributed to their risk.

20 Y recuerda…. Quien es ?

21 GRACIAS!

22 CIBERSEGURIDAD Y SEGUROS
Patrocinador global: Organizado por: II CONGRESO SOBRE CIBERSEGURIDAD Y SEGUROS Madrid, 19 Abril de 2017.


Download ppt "FORCEPOINT Protecting the Human Point"

Similar presentations


Ads by Google