Empowering Organisations to Thrive in the Face of Cyber Attacks An introduction to Resilient Systems...
-
Upload
herbert-day -
Category
Documents
-
view
213 -
download
0
Transcript of Empowering Organisations to Thrive in the Face of Cyber Attacks An introduction to Resilient Systems...
Empowering Organisations to Thrive in the Face of Cyber Attacks An introduction to Resilient Systems
Paul Ayers – General Manager, EMEAChris Neely - Director of Sales Engineering, EMEA
Resilient Systems, Inc. – Proprietary and Confidential | 2
AGENDA
► Market Landscape
► About us
► New incident response model
► How it works
► Live demonstration
Resilient Systems, Inc. – Proprietary and Confidential | 3
Global State of Information Security 2015
The Rise of Cyber Incidents
Dramatic increase of security incidents and breaches
Resilient Systems, Inc. – Proprietary and Confidential | 4
Average spend in 2 yearsP
reve
nt
& P
rote
ct
Dete
ct & R
espond
77% 61%
75% 60%
Average spend today
Median spend today
Median spend in 2 years
23% 39%
25% 40%
Average spend in 2 yearsAverage spend today
Median spend today
Median spend in 2 years
Massive move in security spending is underway
Research conducted April ‘15 by Pierre Audion Consultants
Resilient Systems, Inc. – Proprietary and Confidential | 5
► Proven and Robust Processes / Best Practice
► Historically rudimentary tooling
► Now a defined market
Incident Response evolution
Spreadsheets Sharepoint Email Ticketing
“Security incident response platforms (SIRPs) contain
specialized capabilities intended specifically to support the
response to security incidents”
Technology Overview for Security Incident Response Platforms
Incident Response Evolution
Resilient Systems, Inc. – Proprietary and Confidential | 6
OUR MISSION
Resilient Systems empowers organizations to thrive in the face of cyberattacks and business crises.
Resilient Systems, Inc. – Proprietary and Confidential | 7
Pioneers in incident response
► Founded in 2010, created the first Incident Response Platform (IRP)
► Winning awards for innovation — and so are our customers
► World leader in incident response management bringing together people, process and technology
► Bruce Schneier, CTO — the leading security industry guru
► Headquartered in Cambridge, MA and London, UK
Resilient Systems
Most Innovative Product
In Germany
Resilient Systems, Inc. – Proprietary and Confidential | 8
Why responseS
ER
VIC
ES
PR
OD
UC
TS
PREVENTION DETECTION RESPONSE
Resilient Systems, Inc. – Proprietary and Confidential | 9
Select global customers
PROFESSIONAL SERVICES TELECOMCRITICAL INFRASTRUCTURE
HEALTHCARE
MANUFACTURING
TECHNOLOGY
FINANCIAL
RETAIL
INSURANCE
FEDERAL HOSPITALITY
Resilient Systems, Inc. – Proprietary and Confidential | 10
PLATFORM OVERVIEW
Resilient Systems, Inc. – Proprietary and Confidential | 11
A new approach to incident response
Brings together people, process and technology to transform, orchestrate and empower your incident response
Resilient Systems, Inc. – Proprietary and Confidential | 12
A new approach to incident response
It enables rapid collaboration within the IR Team and across the organization
MARKETING LEGAL BUSINESS CISO
CSIRT SOC FORENSICS IR
Resilient Systems, Inc. – Proprietary and Confidential | 13
A new approach to incident response
► Action plans (NIST)
► Organizational SOPs
► Event orchestration
► Task management
► Global data privacy obligations
► Tabletop exercises
Resilient Systems, Inc. – Proprietary and Confidential | 14
A new approach to incident response
Brings together all your existing security investments in one place
Resilient Systems, Inc. – Proprietary and Confidential | 15
► Creates a single hub for all IR
► Empowers teams to work more intelligently
► Agile platform
► Custom Action Module
► Compatible with all other systems
Our unique value
INTELLIGENCE FEEDS
SIEM
EXTERNAL COMMUNICATION
CONFIGURATIONMGT
SANDBOX
ASSET DATABASEFORENSICS
CUSTOM PORTAL
TICKETING
INCIDENT RESPONSE PLATFORM
Resilient Systems, Inc. – Proprietary and Confidential | 16
► Directory
► Endpoint forensics
► Threat Intelligence
► Endpoint controls
► Network controls
INFRASTRUCTUREINTEGRATION
EASY COLLABORATION
AUTOMATED ESCALATION
WEB FORM
TROUBLE TICKETING
ENTRY WIZARD
SIEM EMAIL
DASHBOARDS & REPORTING
TEAM UTILIZATION
CSO DASHBOARD
INCIDENT TIMELINE STATUS
INCIDENTS BY TYPE
OVER TIME
CUSTOMDASHBOARDS
& REPORTS
Resilient incident response platform
RESILIENT IRP MODULES
PRIVACYSECURITY ACTION
Resilient Systems, Inc. – Proprietary and Confidential | 17
Sample case study – Fusion Project
ResilientPlatform
Threat Services
TIFPAggregated Normalized
► iSIGHT
► FS-ISAC
► Etc.
Analyst
Action Module
Remedy
AD
CMDB
Escalate / Sync
QRadar Splunk
Blue Coat Tanium Bit 9 Bromium
ArtifactLookup
Escalate / Sync
Enrich
Enrich
Resilient Systems, Inc. – Proprietary and Confidential | 18
DEMONSTRATION
Resilient Systems, Inc. – Proprietary and Confidential | 19
Q & A