Presentation is loading. Please wait.

Presentation is loading. Please wait.

Falcongaze SecureTower: field experience www.falcongaze.com.

Published byMelvin O’Connor’ Modified over 8 years ago

Similar presentations

Presentation on theme: "Falcongaze SecureTower: field experience www.falcongaze.com."— Presentation transcript:

1 Falcongaze SecureTower: field experience www.falcongaze.com

2 TALKING NUMBERS By Verizon Data Breach Report, The Global State of Information Security (PWC) and Falcongaze analytics center of them were caused by privilege abuse 55% of data breaches resulted from insider attacks 32% RISE OF INSIDER THREATS BY LAST 4 YEARS www.falcongaze.com

3 TALKING NUMBERS $ 36,9bn By Breach Level Index (Gemalto) lost by companies around the world because of data leaks in the first half of 2015 www.falcongaze.com

4 STATISTICS By Verizon Report www.falcongaze.com

5 Lack of control over information flows entails: Financial losses Loss of intellectual property Human resource outflow Loss of customer confidence Reputational harm www.falcongaze.com LACK OF ATTENTION TO INSIDER THREATS

6 ENDPOINT CONTROL AND STATISTICAL SECURITY RULE An employee was about to leave a manufacturing company after several years of work. He decided to take sensitive corporate data he had access to with him to benefit from it at his new job. The man copied whole folders with classified company-owned data to a USB storage device. Information security officer, who operated SecureTower, received immediate notification of an incident, triggered by a statistical security rule, which analyzed the volume of data transfers within the predefined time period. Prompt response cut the insider activity down and prevented the highly valued information from flowing into competitor hands. www.falcongaze.com

7 STATISTICAL SECURITY RULE TRIGGER www.falcongaze.com

8 DIGITAL PRINTS One of the largest retail networks was addressed by an international supplier with a claim. The issue was that the supplier had received a protest from another retailer about the significantly higher prices as compared to the above-mentioned company. As a response to the claim, the Supplier was forced to raise the prices for the retail network to equate with the competitor, which resulted in significant loss of revenue for the former trading company. The retail network had been running SecureTower trial for 2 weeks by that moment already. The analysis of digital prints of transferred databases uncovered a disloyal employee in procurement division, who had been transferring confidential spreadsheets with prices to the competitor company. www.falcongaze.com

9 DIGITAL PRINTS www.falcongaze.com

10 ROBUST REPORTING AND STATISTICS A highly-paid employee in a web-developing company was noticed to spend 70% of his working time on youtube.com and other entertaining websites. This was disclosed when his manager was looking through personal reports on his team members, generated by SecureTower. He paid attention to the fact that there had not been a single work-related site within the TOP-10 the most visited by the employee web resources. www.falcongaze.com

11 INFORMATION OF VISITED WEBSITES www.falcongaze.com

12 ACTIVITY STATISTICS AND USER RELATIONS GRAPH ANALYZER Information security team of one of the largest oil and gas companies detected a significant rise of the IM communications between two employees. Both of them had access to business-critical information but were not likely to chat much in the past. After both were taken under comprehensive control, SecureTower user relations graph analyzer disclosed the fact of regular communication of these employees with an external contact. Further investigation of their communication revealed their plan to perform a fraud operation aimed at theft and use of sensitive corporate information. www.falcongaze.com

13 ACTIVITY STATISTICS AND USER RELATIONS GRAPH ANALYZER www.falcongaze.com

14 CONTROL OF DATA SENT TO CLOUD STORAGES A logistics company started suffering financial losses because of cancelled contracts. Several links in logistics chain suddenly refused to fulfill their obligations, deadlines were broken, fines were applied. The following disorder led to massive outflow of customers. The Board set up the task before Operations Security Team to deploy a functional information security product to obtain visibility on the processes inside the company and regain control on the situation. After integration of SecureTower into the corporate network the OpsSec team detected a malefactor who had been transferring all details of contracts with partners and customers to her real employer by uploading the data to a cloud storage. www.falcongaze.com

15 CONTROL OF DATA SENT TO CLOUD STORAGES www.falcongaze.com

16 One of national-level banks detected the fact of regular leaks, however control of all communications and analysis of the transferred data brought no results. After some brainstorming the Security Team came up to an idea that someone was probably using Tor application to anonymize his or her access to webmail and other internet resources to transfer data beyond the company perimeter. After setting up an event security rule to detect the launch of Tor.exe process, the team easily distinguished the computer which ran the application. Engaging desktop video monitoring brought rich evidence of intentional leakage of corporate data by the suspect user. LAUNCH OF PROHIBITED APPLICATIONS CONTROL. DESKTOP VIDEO MONITORING www.falcongaze.com

17 CONTROL OF LAUNCHED PROCESSES AND VIDEO MONITORING www.falcongaze.com

18 Control of information flows and data leakage prevention Monitoring of corporate loyalty Workflows control and optimization Operational Risk Management Combating industrial espionage Protection of business reputation COMPREHENSIVE CONTROL OF COMMUNICATION CHANNELS AND PROTECTION AGAINST INSIDER THREATS www.falcongaze.com

19 Protect your business with Falcongaze SecureTower www.falcongaze.com

Download ppt "Falcongaze SecureTower: field experience www.falcongaze.com."

Similar presentations

COMPREHENSIVE APPROACH TO INFORMATION SECURITY IN ADVANCED COMPANIES.

COMPREHENSIVE APPROACH TO INFORMATION SECURITY IN ADVANCED COMPANIES.
Let’s Talk About Cyber Security

Let’s Talk About Cyber Security
Copyright © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Chapter 7 Blowing the Whistle McGraw-Hill.

Copyright © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Chapter 7 Blowing the Whistle McGraw-Hill.
«Knowledge is power». DO YOU KNOW WHAT’S GOING ON IN YOUR COMPANY? LanAgent «Knowledge is power»

«Knowledge is power». DO YOU KNOW WHAT’S GOING ON IN YOUR COMPANY? LanAgent «Knowledge is power»
THE INSIDER THREAT AND DATA LOSS PREVENTION CSCE 727.

THE INSIDER THREAT AND DATA LOSS PREVENTION CSCE 727.
1 3M Privacy Filters Justification Toolkit: How to Use The following presentation is meant to provide you with the most impactful data points to help you.

1 3M Privacy Filters Justification Toolkit: How to Use The following presentation is meant to provide you with the most impactful data points to help you.
©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.

©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.
Sophos / Utimaco Data Loss Prevention Peter Szendröi, SOPHOS Nordics Jan 20, 2010.

Sophos / Utimaco Data Loss Prevention Peter Szendröi, SOPHOS Nordics Jan 20, 2010.
FIT3105 Security and Identity Management Lecture 1.

FIT3105 Security and Identity Management Lecture 1.
IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.

IT Security Readings A summary of Management's Role in Information Security in a Cyber Economy and The Myth of Secure Computing.
© 2011 Autodesk Securing AutoCAD IP in the era of WikiLeaks Presenter: Rahul Kopikar Co-Founder, Seclore Technology.

© 2011 Autodesk Securing AutoCAD IP in the era of WikiLeaks Presenter: Rahul Kopikar Co-Founder, Seclore Technology.
IMonitor Software About IMonitorSoft Since the year of 2002, coming with EAM Security Series born, IMonitor Security Company stepped into the field of.

IMonitor Software About IMonitorSoft Since the year of 2002, coming with EAM Security Series born, IMonitor Security Company stepped into the field of.
IT-Partners Limited © 2011 IT Partners Limited Y OUR IT SOLUTION P ARTNERS Managing Director Confidential Data Loss Prevention Sunny Ho 1.

IT-Partners Limited © 2011 IT Partners Limited Y OUR IT SOLUTION P ARTNERS Managing Director Confidential Data Loss Prevention Sunny Ho 1.
Chapter 1 Introduction to Computer User Support

Chapter 1 Introduction to Computer User Support
1 Title ECI: Anatomy of a Cyber Investigation Who Are the Actors.

1 Title ECI: Anatomy of a Cyber Investigation Who Are the Actors.
Www.softwareassist.net Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.

Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.
Copyright 2009 Trend Micro Inc. Classification 9/9/2015 1 2010 Corporate End User Study Employee Online Behavior.

Copyright 2009 Trend Micro Inc. Classification 9/9/ Corporate End User Study Employee Online Behavior.
C97-728752-01 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 1 C97-728752-01 © 2013 Cisco and/or its affiliates. All rights.

C © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 1 C © 2013 Cisco and/or its affiliates. All rights.
MAJOR BUSINESS INITIATIVES Gaining Competitive Advantage with IT

MAJOR BUSINESS INITIATIVES Gaining Competitive Advantage with IT
Protection from internal threats: Evolution of DLP or Who sets trends.

Protection from internal threats: Evolution of DLP or Who sets trends.

Similar presentations

Ads by Google