HOW TO ENJOY EXPERT 24/7 THIRD PARTY MONITORING FOR LESS THAN $300 PER MONTH

Scott B. Suhy, CEOScott.Suhy@netwatcher.com

®

05/02/2023

Agenda

Copyright © 2017 NetWatcher All Rights Reserved.

• Trends your Financial Institution needs to understand• A new trend “Managed Detection & Response”• NetWatcher’s Managed Detection & Response service

Copyright © 2017 NetWatcher All Rights Reserved.

The Gramm–Leach–Bliley Act – (for details 6801–6809) requires financial institutions to explain their information-sharing practices to their customers and to safeguard sensitive data. The Act contains three elements (Privacy Rule, Safeguards Rule and Pretexting Protection) regarding the privacy of information, of which businesses, primarily "financial institutions," need to be aware – (More from the FTC on complying with the Safeguards Rule).

The Safeguards Rule requires an institution to develop, implement, and maintain a comprehensive information security program that is written, contains administrative, technical and physical safeguards, is “appropriate” to the institution’s size and complexity, as well as the nature and scope of its activities, and is appropriate to the sensitivity of the customer information at issue.

Managed Security ProvidersSecurity is the #1 Growth area for Managed Services Providers (MSPs)—CompTIA

5kopportunities

HPIBM

FireEyePalo Alto

Etc…

Secu

rity

Soph

istica

tion

Small Medium Large

Size of Business

Threat Intelligence

SIEM

End Point Technology

Intrusion Detection

Intrusion Protection

…big gap…

FirewallAnti-virus

Customer demands and compliance mandates 15k

opportunities

MSSPs

Copyright © 2017 NetWatcher All Rights Reserved.

Trend #1 – SME’s Pressured to Have More Protection

Managed Security ProvidersSecurity is the #1 Growth area for Managed Services Providers (MSPs)—CompTIA

5kopportunities

HPIBM

FireEyePalo Alto

Etc…

Secu

rity

Soph

istica

tion

Small Medium Large

Size of Business

Threat Intelligence

SIEM

End Point Technology

Intrusion Detection

Intrusion Protection

…big gap…

FirewallAnti-virus

Solutions expensive difficult to use security analysts don’t exist

15kopportunities

MSSPs

Copyright © 2017 NetWatcher All Rights Reserved.

Trend #1 – SME’s Pressured to Have More Protection

Managed Security ProvidersSecurity is the #1 Growth area for Managed Services Providers (MSPs)—CompTIA

5kOrganizations

HPIBM

FireEyePalo Alto

Etc…

Secu

rity

Soph

istica

tion

Small Medium Large

Size of Business

Threat Intelligence

SIEM

End Point Technology

Intrusion Detection

Intrusion Protection

…big gap…

FirewallAnti-virus

Solutions expensive difficult to use security analysts don’t exist

Customer demands and compliance mandates 15k

Organizations

MSSPs

5M+Organizations

Copyright © 2017 NetWatcher All Rights Reserved.

Trend #1 – SME’s Pressured to Have More Protection

Trend #2 – Giant Skills Gap in Cyber Security

Copyright © 2017 NetWatcher All Rights Reserved.

shortfall of 1.5 million security professionals by 2020 – Frost & Sullivan

Trend #3 - Known Vulnerabilities

Copyright © 2017 NetWatcher All Rights Reserved.

44% of breaches came from vulnerabilities that are two to four years old… -- HP’s Cyber Risk Report

http://www.cvedetails.com/vulnerability-list

Think about it… Organized crime and foreign government employees are….

Trend #4 – Ransomware – as - service.

Copyright © 2017 NetWatcher All Rights Reserved.

TrueCrypter (late April)CryptXXX (mid April) 7ev3n-HONE$T (mid April)AutoLocky (mid April)Jigsaw (early April)CryptoHost (early April)Rokku (late March)KimcilWare (late March) Coverton (late March)Petya (late March)Maktub Locker (mid March) Nemucod .CRYPTED (mid March) Samas/Kazi (mid March) The Surprise (mid March) Pompous (early March) KeRanger (early March)Cerber (early March)CTB-Locker for web sites (mid February) Padcrypt (mid February)Locky (mid February)Umbrecrypt (early February)DMA Locker (early February)NanoLocker (late January)7ev3n (late January)LeChiffre (mid January) Magic (mid January)CryptoJoker (early January)Ransom32 (early January)

Trend #4 – Ransomware – as - service.

Copyright © 2017 NetWatcher All Rights Reserved.

TrueCrypter (late April)CryptXXX (mid April) 7ev3n-HONE$T (mid April)AutoLocky (mid April)Jigsaw (early April)CryptoHost (early April)Rokku (late March)KimcilWare (late March) Coverton (late March)Petya (late March)Maktub Locker (mid March) Nemucod .CRYPTED (mid March) Samas/Kazi (mid March) The Surprise (mid March) Pompous (early March) KeRanger (early March)Cerber (early March)CTB-Locker for web sites (mid February) Padcrypt (mid February)Locky (mid February)Umbrecrypt (early February)DMA Locker (early February)NanoLocker (late January)7ev3n (late January)LeChiffre (mid January) Magic (mid January)CryptoJoker (early January)Ransom32 (early January)

Trend #5 - Unintentional Insider Threat

Copyright © 2017 NetWatcher All Rights Reserved.

Clicking on a Phishing Message

Browsing Explicit Web SitesDownloading Risky Software

(TOR, Hola, BitTorrent etc..)Using Vulnerable Software

(outdated Java and Flash)Sending Personally

Identifiable Information in Clear Text

Trend #5 - Unintentional Insider Threat

Copyright © 2017 NetWatcher All Rights Reserved.

Clicking on a Phishing Message

Browsing Explicit Web SitesDownloading Risky Software

(TOR, Hola, BitTorrent etc..)Using Vulnerable Software

(outdated Java and Flash)Sending Personally

Identifiable Information in Clear Text

Trend #6 - Supply Chain Risk

Copyright © 2017 NetWatcher All Rights Reserved.

Do you have customer data?Do you provide your customers data to third party vendors?Do you provide your data to third party vendors?

“It is abundantly clear that, in many respects,” Mr. Lawsky (New York State’s top financial regulator) said in the letter, “a firm’s level of cybersecurity is only as good as the security of its vendors.” -- NYTimes.com: After JPMorgan Cyberattack, a Push to Fortify Wall Street Banks

Think “Business Associate Agreement/HIPAA” – Your customers are going to be expecting you to have great Cyber Security Controls. You should expect the same of your suppliers…

Trend #7 - Open Source

Copyright © 2017 NetWatcher All Rights Reserved.

• Doh! Shellshock… Heartbleed… POODLE…

• Duh! They have the source code…

• What is managing the BOM in the solutions built on Open Source?

Trend #7 - Open Source

Copyright © 2017 NetWatcher All Rights Reserved.

• Doh! Shellshock… Heartbleed… POODLE…

• Duh! They have the source code…

• What is managing the BOM in the solutions built on Open Source?

FACT – Your Customer’s are Weak on Cyber Security

Copyright © 2017 NetWatcher All Rights Reserved.

Generally no security controls (users have admin access to machines, weak employee policy documents, no cyber training, no cyber liability insurance, sr. execs not schooled on the risks etc…) Most are not aware that they have

already been compromised! Don’t keep firmware up to date on

WIFI, Routers, Switches, Firewalls Many do not change Default Passwords

on equipment (see Shodan.io) Most don’t know who their employees

are talking to and what bad actor scans are making it through the firewall

FACT – Your Customer’s are Weak on Cyber Security

Copyright © 2017 NetWatcher All Rights Reserved.

Generally no security controls (users have admin access to machines, weak employee policy documents, no cyber training, no cyber liability insurance, sr. execs not schooled on the risks etc…) Most are not aware that they have

already been compromised! Don’t keep firmware up to date on

WIFI, Routers, Switches, Firewalls Many do not change Default Passwords

on equipment (see Shodan.io) Most don’t know who their employees

are talking to and what bad actor scans are making it through the firewall

Copyright © 2017 NetWatcher All Rights Reserved.

Example… Your 12 year old can do this…

Copyright © 2017 NetWatcher All Rights Reserved.

Example… Your 12 year old can do this…

Copyright © 2017 NetWatcher All Rights Reserved.

Example… Your 12 year old can do this…

Click Here…

Copyright © 2017 NetWatcher All Rights Reserved.

Example… Your 12 year old can do this…

Copyright © 2017 NetWatcher All Rights Reserved.

Example… Your 12 year old can do this…

Will it Get Worse? Or Better?

Copyright © 2017 NetWatcher All Rights Reserved.

2005 2015 2020

Cyber Attack Surface

Invo

lvem

ent o

f Org

anize

d Cr

ime

& N

ation

Sta

tes

MoreProtection

MoreInnovation

Desire for Privacy

More Surface to

Attack

More Organized

CrimeConvenience

What is Managed Detection & Response (MDR)

www.netwatcher.com

• Automated “Detection” to find issues 24x7 (Alarms) in concert with Threat Hunting across broad customer base• Cloud based correlation of events over different silo’s of information

over time• Alerting, MSP integration, Analyst availability, “Response” Automation• Focused inside Perimeter versus Edge • Focused on what makes it through the traditional line of defense versus

replacing traditional line of defense

Where NetWatcher’s MDR Service Fits24x7 Continuous Monitoring for Exploits & Vulnerabilities

www.netwatcher.com

End Point Protection IPS/UTM/Firewall

Keeps bad guy from Coming through the

Front door…

NetWatcher Continuous Monitoring

Keeps employees from

Letting bad guy through theFront door…

NetWatcher Service Delivery.

www.netwatcher.com

Sensor(s) (hardware or VM) that sits on the inside of customers network and listens for anomalies… (IDS, Netflow, SIEM, Scanner)

Endpoint software (HIDS, Logs, Sensor-in-Cloud VPN/IDS)

“Cloud based” Service that sends you necessary alerts when a serious security issue is discovered. (Advanced correlation)

Security Analysts in Secure Operations Center (SOC)

Why NetWatcher?.

www.netwatcher.com

What is your Cyber Promiscuity Score™?

Automation Hunting for exploits & malware hidden in infected computers, phones or tablets etc...

Cyber Promiscuity issues (sometimes referred to as unintentional insider threats) that can lead to security problems such as your employees visiting compromised websites, out of date software or Personally Identifiable Information (PII) being sent over the internet in clear text.

Change the users behavior!

SMB Requirements

www.netwatcher.com

Accuracy Multi-tenant cloud

Ease of installation Plug it in and it works

Easy to Use CPortal design, easy to understand alarms, CHS/CPS scores Alarms sent via Text & eMail Sensor in the Cloud endpoint module

MSP Friendly Single Pane of Glass MSP Portal ConnectWise integration

Affordable Easy to understand pricing

DEMO

www.netwatcher.com

Don’t BecomeOne ofThese…

www.netwatcher.com

http://privacyrights.org/data-breach

www.netwatcher.com

NetWatcher is committed to Financial Services

www.netwatcher.com

NetWatcher is committed to Financial Services• NCUA Cyber Resources site (found here)• FFIEC Cyber Assessment Tool (found here)• Conference of State Bank Supervisors Executive Leadership of Cybersecurity

Resource Guide (found here)• The FDIC Community Bank Cyber Exercise (found here) – Created to encourage

community financial institutions to discuss operational risk issues and the potential impact of information technology disruptions on common banking functions.

• FFIEC Handbook’s Section on Information Security (found here)• FDIC Framework for Cybersecurity (found here) - The article addresses some common

cyber-attack strategies, the critical components of information security programs (corporate governance, threat intelligence, security awareness training, and patch-management programs), and actions taken by federal bank regulators to respond to cybersecurity threats. The article stresses that everyone within a financial institution, from entry-level staff to the board of directors, is responsible for prioritizing cybersecurity. The article includes information about several resources available to help educate and inform employees and directors on cybersecurity.

• NIST Cyber Security Framework (found here)

Thank You!To Contact Us:

lauren.sexton@netwatcher.com 571.308.3661

www.netwatcher.comScott B. Suhy, CEOScott.Suhy@netwatcher.com