Battling Savvy Cyber Thieves - SCMagazine
-
Upload
alienvault -
Category
Technology
-
view
143 -
download
1
description
Transcript of Battling Savvy Cyber Thieves - SCMagazine
Battling Savvy Cyber Thieves
Speaker: Roger Thornton, CTO, AlienVault
Prevention has proven to be elusive2013 “Cost of Cybercrime Study”, Ponemon Institute
A detailed study of 56 “Large US firms”
Results: 102 successful intrusions between them
Every Week!
“There are two types of companies that use computers. Victims of crime that know they are victims of crime and victims of crime that don’t
have a clue yet.”
James Routh, 2007 CISO Depository Trust Clearing Corporation
“How would you change your strategy if you knew for certain that you were going to
be compromised?”
Martin Roesch, 2013 Founder & CTO Sourcefire, Author SNORT
So many security technologies to choose from
Given the 10 most recommended technologies and the pricing range, an organization could expect to spend anywhere from $225,000 to $1.46m in its first year, including technology and staff.
Source: The Real Cost of Security, 451 Research, April 2013
Factor into this:Initial Licensing CostsImplementation / Optimization CostsOngoing Management CostsRenewal Costs Integration of all the security technologiesTraining of personnel/incoming personnel
Questions for SIEM VendorsHINT: PRINT THIS OUT FOR THE NEXT TIME THEY CALL YOU….
1. How long from installation to security insight?
2. integration work measured in years, months or hours?
3. Do you simply integrate data from security tools (SIEM), or embed tools and orchestrate into effective incident response workflows (USM)?
e.g. asset inventories, IDS, vulnerability scans, netflows, etc.
4. What is the real TCO - licensing, consulting, implementation and maintenance/tuning fees?
5. A list of alarms or step-by-step instructions on how to confirm, respond and mitigate threats?
6. Is there a community for threat sharing? If so, how large, broad and open?