Presentation is loading. Please wait.

Presentation is loading. Please wait.

FORCEPOINT Protecting the Human Point

Published byFranklin Cox Modified over 7 years ago

Similar presentations

Presentation on theme: "FORCEPOINT Protecting the Human Point"— Presentation transcript:

1 FORCEPOINT Protecting the Human Point
Fabiano Finamore – Country Manager , Iberia Market

2 Imagine por un segundo: un combate de boxeo
ESQUINA – BOXEO combate de boxeo

3 Evolution of cyber security  utente
Interact user / data Intelligence understanding people behaviour Security most vulnerable : human point Phishing Education URL Sandboxing Roaming users Confirm (DLP / WEB)

4 Principales preocupaciones
¿Cuáles son, en su opinión, las amenazas más perjudiciales para su empresa? © IDC Visit us at IDC.com and follow us on

5 En qué se centran las empresas
¿Qué importancia tienen los siguientes aspectos en su organización? © IDC Visit us at IDC.com and follow us on

6

7 MODERN BUSINESS requires SAFELY CONNECTING USERS TO DATA
Cloud Apps Mobile Corp Servers DATA USERS Office NETWORKS Websites Other Locations Partners & Supply Chain Endpoint Media Customers IN THE CLOUD, ON THE ROAD, IN THE OFFICE

8 USER BEHAVIOR PERSONAS THAT POSE RISK TO AN ORGANIZATION
INTENTIONAL USER ACCIDENTAL INSIDER COMPROMISED INSIDER Ethical rationalization Abuses privileges & access Knowingly transfers protected data externally Works around broken business processes Mistakes made during data transfer Misinterpreted training Victims of: cyber attacks social engineering bribery or blackmail INTENTIONAL INSIDER Galen Marsh – Morgan Stanley Broker - stole 10,000’s of customer records (Most wealthy) didn’t use, but just in case (FBI) ACCIDENTAL INSIDER Hospital connected to a University in a large US city – Actual customer ER doctor by day and adjunct Medical School Professor by night. COMPROMISED USER Sony Breach – originally pointed finger at SYS Admin, but turned out to be a phish / compromised user. Source Ponemon 2016

9 USER BEHAVIOR PERSONAS THAT POSE RISK TO AN ORGANIZATION
INTENTIONAL USER ACCIDENTAL INSIDER COMPROMISED INSIDER 22% 68% 10% INTENTIONAL INSIDER Ethical rationalization Abuses privileges & access Knowingly transfers protected data externally ACCIDENTAL INSIDER Works around broken business processes Mistakes made during data transfer Misinterpreted training COMPROMISED USER Victims of: cyber attacks social engineering bribery or blackmail Source Ponemon 2016

10 INTRODUCING ‘Dwell-Time’
OUTSIDE ATTACKS STOLEN STOLEN Get Back To Normal Protect as much as possible Average time to identify UNINTENTIONAL insider breaches1 158 BREACH DETECT DEFEND DECIDE Average time to identify MALICIOUS outsider attacks1 256 INITIAL COMPROMISE LATERAL MOVEMENT DEFEAT INSIDER THREATS Reduce “Dwell Time” (when threats are in your network) to minimize theft and damage BREACH FIXED The insider threat problem requires a new approach, focused on decreasing this dwell time rather than trying to craft a policy to match every possible scenario. [CLICK] An insider is someone who is already “in” the system and already has level of access and associated privileges. The same is true for an outside attacker who has stolen credentials and is acting like an insider. [CLICK] This approach requires a deep understanding of what behavior is normal for the organization and what sequences of activity are abnormal. As technology is able to help humans quickly find and verify these malicious events, the dwell time between the inception and defeat of a threat is minimized. TIMELINE INCIDENT

11 Insider Threat Mitigation
Presentation Title October 20, 2017 DLP Evolution Compliance Insider Threat Mitigation IP Protection Data Theft Prevention 2003 2010 2017 Pre-defined Compliance Policies Data Fingerprints Endpoint fingerprints OCR and Cumulative (DRIP) DLP Cloud & Mobile DLP Data Theft Risk Indicators Incident Risk Ranking Behavioral Analytics Speaker Name

12 GDPR - HOW FORCEPOINT CAN HELP
Article 30 - Security of processing - “….shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risks…” Article 31 - Notification of a personal data breach to the supervisory authority Article 32 - Communication of a personal data breach to the data subject 24h or 72h time limit Article 33 - Data protection impact assessment

13 Key Problems Insider Threat TECH Solves
Build the Picture First of all, the risk scoring solves the problem of too many false positives. Organizations typically have many tools that fire off way too many alerts. By using user behavioral analytics to prioritize these alerts, SureView Insider Threat is able to save time and money by focusing investigators on what matters most. Second, SVIT adds enterprise-wide visibility. While other tools leave investigators to manually sift through long log files, SVIT readily brings the most relevant information to the foreground. Third, SVIT addresses the problem of a lack of resources. IT talent hard to find. The simplified user interface allows even junior analysts to find and take action on critical issues. Finally, Insider Threat adds context to facilitate good decision making. The video collection provides evidence that can be reviewed to determine exactly what the context was that lead to a risky event, and allows appropriate responses without hindering business processes.

14 Comprehensive Insider Threat
DLP finds suspicious data behavior Data Loss Monitoring & Protection (DLP) DLP applies data protection controls DLP alerts INSIDER THREAT Solution COMPLETE DATA PROTECTION INSIDER THREAT Solution verifies insider INSIDER THREAT investigates data from multiple sources SureView® Insider Threat

15 Gartner MQ Leader for 8 consecutive years Over 5M endpoints protected
15 years history in protecting the world’s most sensitive organizations Market share leader in US Fed Gov Animation: DLP & 3 hexagons appear at middle of slide Click DLP & hexagons move to top left Insider Threat & 3 hexagons automatically appear at middle of slide Insider Threat & hexagons move to top right (DLP remains- do not fade out) 2 hexagons from each DLP and IT move into the middle, 2 additional hexagons animate and move into the middle from off the slide (bottom) to form a shape in the middle and the text “PROXIMO” appears next to it

16 Inadvertent Behaviors Broken Business Process
ACCIDENTAL USER/INSIDER MALICIOUS USER/INSIDER COMPROMISED USER/INSIDER Inadvertent Behaviors Poorly communicated policies and user awareness Broken Business Process Data where it shouldn’t be, not where it should be Rogue Employee Leaving the company, poor performance review Criminal Actor Employees Corporate espionage, national espionage, organized crime Malware Infections Phishing targets, breaches, BYOD contamination Stolen Credentials Credential exfiltration, social engineering, device control hygiene

17 Copies code to removable media
GOOD EMPLOYEE Leaving on monthly business trip Regularly takes work home Complies with company policies John A. Senior Developer Top 10 Hedge Fund Copies code to removable media Received bad performance review Stockpiling sensitive files on personal USB drive Copying customer details and requirements MALICIOUS INSIDER

18 Our approach enable should a broad view…
DATA EVERYWHERE USERS ANYWHERE MANY BEHAVIORS INTENT focusing on the one constant with the knowledge of intent

19 FORCEPOINT Insider Threat Command Center
Organization 30 Day Risks Top Daily Risks Top Riskiest People These user risk scores are the underlying element that drives the user experience in the SureView Insider Threat product. This is seen in the centralized dashboard view called the Command Center. The Command Center provides an organization’s risk at a glance: across the top is the organizations risk trend over the past 30 days. On the right is a quick overview of the top daily risks. The main part of the page quickly enables a deep dive into the organization’s most risky individuals, and even provides a brief explanation of what activities contributed to their risk.

20 Y recuerda…. Quien es ?

21 GRACIAS!

22 CIBERSEGURIDAD Y SEGUROS
Patrocinador global: Organizado por: II CONGRESO SOBRE CIBERSEGURIDAD Y SEGUROS Madrid, 19 Abril de 2017.

Download ppt "FORCEPOINT Protecting the Human Point"

Similar presentations

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
XProtect ® Professional Efficient solutions for mid-sized installations.

XProtect ® Professional Efficient solutions for mid-sized installations.
XProtect ® Express Integration made easy. With support for up to 48 cameras, XProtect Express is easy and affordable IP video surveillance software with.

XProtect ® Express Integration made easy. With support for up to 48 cameras, XProtect Express is easy and affordable IP video surveillance software with.
Www.tectia.com COPYRIGHT © 2010 TECTIA CORPORATION. ALL RIGHTS RESERVED. Proactive Measures to Prevent Data Theft Securing, Auditing and Controlling remote.

COPYRIGHT © 2010 TECTIA CORPORATION. ALL RIGHTS RESERVED. Proactive Measures to Prevent Data Theft Securing, Auditing and Controlling remote.
Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
©2011 Bradford Networks. All rights reserved. Secure Mobility Safely Onboarding Personal Devices to Corporate Networks.

©2011 Bradford Networks. All rights reserved. Secure Mobility Safely Onboarding Personal Devices to Corporate Networks.
©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.

©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.
Ken Paiboon 214.274.3436 ken@exabeam.com User Behavior Intelligence Fundamentals: Behaviors, Characteristics, and Facts Ken Paiboon 214.274.3436 ken@exabeam.com.

Ken Paiboon User Behavior Intelligence Fundamentals: Behaviors, Characteristics, and Facts Ken Paiboon
IT-Partners Limited © 2011 IT Partners Limited Y OUR IT SOLUTION P ARTNERS Managing Director Confidential Data Loss Prevention Sunny Ho 1.

IT-Partners Limited © 2011 IT Partners Limited Y OUR IT SOLUTION P ARTNERS Managing Director Confidential Data Loss Prevention Sunny Ho 1.
Did You Hear That Alarm? The impacts of hitting the information security snooze button.

Did You Hear That Alarm? The impacts of hitting the information security snooze button.
What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.

What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.
Dell Connected Security Solutions Simplify & unify.

Dell Connected Security Solutions Simplify & unify.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.

 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
© 2015 ForeScout Technologies, Page 2 Source: Identity Theft Resource Center Annual number of data breaches Breaches reported Average annual cost of security.

© 2015 ForeScout Technologies, Page 2 Source: Identity Theft Resource Center Annual number of data breaches Breaches reported Average annual cost of security.
1 The New Security Blueprint : Challenges & Opportunities Ajay Goel, Managing Director, Symantec India & SAARC Sept 1, 2011.

1 The New Security Blueprint : Challenges & Opportunities Ajay Goel, Managing Director, Symantec India & SAARC Sept 1, 2011.
The Changing World of Endpoint Protection

The Changing World of Endpoint Protection
Nexthink V5 Demo Security – Malicious Anomaly. Situation › Avoid damage resulting from the incident itself and the cost of the unplanned response › Protection.

Nexthink V5 Demo Security – Malicious Anomaly. Situation › Avoid damage resulting from the incident itself and the cost of the unplanned response › Protection.
Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?

Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?
Strong Security for Your Weak Link: Implementing People-Centric Security Jennifer Cheng, Director of Product Marketing.

Strong Security for Your Weak Link: Implementing People-Centric Security Jennifer Cheng, Director of Product Marketing.

Similar presentations

Ads by Google