Risk Modeling & Simulation - A behind the scenes look at how to prevent cyber attacks

© 2010 Skybox Security, Inc.

Risk Modeling & Simulation -A behind the scenes look at how to prevent

cyber attacks

Justin CokerVP EMEA

Skybox Security [email protected]

+44 (0) 7831 691498

mailto:[email protected]

© 2010 Skybox Security, Inc. 204/10/2023

Skybox Security Inc.

Automated Security Risk and Compliance Management – US HQ

Founded in 2002, First clients 2004

Privately owned, financially stable

Predictive risk analysis based on network modelling and simulation technology

Largest deployment 300,000 nodesGlobal 2000 – Financial, Critical NationalInfrastructure, Retail & Government


High Performers Choose Skybox

Skybox Security operates on a global basis with Fortune 2000 clients and government agencies in over 20 countries.

Banking, Financial Services & Insurance Energy & Utilities

Government & Education

Pharmaceuticals& Chemicals

Retail Information Technology

Services

Telecom

http://www.standardchartered.com/


Losing Ground against Cyber Threats

404/10/2023

Complex Networks

Rising Threats

Less Time

Too Many Vulnerabilities

More devices, high rate of change

35M threats in McAfee 2009 database

Shorter time window to prevent attacks

Hard to find the 1-2% that expose critical risks


A Serious Reality Check

The number of attacks is now so large and their sophistication so great, that many organisations are having trouble determining which new threats and vulnerabilities pose the greatest risk and how resources should be allocated to ensure that the most probable and damaging attacks are dealt with first.

- SANS Top Cyber Security Risks report, Sept 2009

504/10/2023

Source: http://www.sans.org/top-cyber-security-risks

http://www.sans.org/top-cyber-security-risks


Modeling and Simulation in Practice

Identify risk of new threats before an attack Measure and track risk level for all

critical assets Prioritize vulnerabilities based on the

potential risk Optimize remediation work Uncover attack scenarios for proactive

mitigation

604/10/2023


Modeling the IT Battlefield

704/10/2023

Critical assets

Attackers and access routes

Gaps in defences

Countermeasures!

The Battlefield

© 2010 Skybox Security, Inc.04/10/2023 8

Enhanced Visibility

• Humans quickly process complex visual information

*Source http://www.newscientist.com/article/dn9633-calculating-the-speed-of-sight , Univ of Pennsylvania, 2006

Fact: Approximate bandwidth of human retinas calculated at approximately 8,960 kilobits per second!*

• Leverage a ‘Google Earth’ view to drill down on problem areas

• Speed internal communication through objective reference

http://www.newscientist.com/article/dn9633-calculating-the-speed-of-sight


Collect & Normalize Data

Creating a Model

904/10/2023

Virtual Model for Analyzing Past, Current,

and Future Exposures

Scanner IPSFirewall Load Bal RouterAlerts Patch

Automated CollectionEnd-to-End Visibility

© 2010 Skybox Security, Inc. 10

Create Situational Awareness

Move to a risk-based approach to security management

Identify the real threats & vulnerabilities affecting your organisation & answer key questions

Focus limited resources on protecting your valuable assets

Get ahead of the curve proactive security management

04/10/2023


Simulate Attacks...

Probable attack vector to Finance

servers asset groupConnectivity path

1104/10/2023


Compare Remediation Options – Option 1...

Option 1: Prevent exploit with IPS

signature in DMZ

1204/10/2023


Option 2...

Option 2: Modify access from DMZ to

Finance servers

1304/10/2023


Option 3

Option 3: Patch the affected asset

1404/10/2023


●● ●●

●●

●

●

●

●

●

● ● ●●

●

●

●

●

●

● ● ●●

●

●

●●

●

Remediation is needed only for 1-2% of systems

•Correlate risk exposures, threats, vulnerabilities, and security controls

•Quantify holistic risk level

•Reduce remediation by >90%

•Optimize security plans

•Validate controls

•Save resources, time and budget

•Ensure policies reflect risk

No remediation required due to “compensating controls”

Find Weaknesses, Test Defences

04/10/2023 15


Key Ingredients for Successful Risk Modelling

1604/10/2023

Network Modeling

Attack Simulation

Risk Metrics

What-if Analysis

Remediation Planning

Integrate into BAU


The Skybox Difference

Predictive analysis and network modelling pinpointskey risks

Fast results to make risk modeling and simulation an integral part of daily IT operations

Complete portfolio of IT risk and compliance management solutions

Proven in the most challenging networks in the world


Q&A

Thank You!

[email protected]+44 (0) 7831 691498

mailto:[email protected]

Risk Modeling & Simulation - A behind the scenes look at how to prevent cyber attacks

Technology

Transcript of Risk Modeling & Simulation - A behind the scenes look at how to prevent cyber attacks