Tripwire University: Cyberwar Boot Camp – Introduction and Overview
-
Upload
tripwire -
Category
Technology
-
view
331 -
download
2
Transcript of Tripwire University: Cyberwar Boot Camp – Introduction and Overview
Overview
Gajraj SinghVice President Product MarketingTripwire
cyberwar (noun)Pronunciation: (/ˈsībərˌwôr/)
After land, sea, air and space, warfare has entered the fifth domain: cyberspace.
The use of computer technology to disrupt the activities of a state or organization, especially the deliberate attacking of information systems for strategic or military purposes
But there are few, if any, rules in this domain!
In fact, Cyberwar is NOT a defined term of art in law or legal convention.
NATO Tries to Define Cyberwar
2014 summit declaration states, a certain threshold must be met to consider invoking Article 5, the collective defense clause.
But how do we define “thresholds” in cyberspace?
1. Confidentiality – breaches have been treated as crimes
2. Availability – e.g. DDoS campaign against Estonia. Espionage, sabotage, and crime but not an act of war
3. Integrity – e.g. Infecting industrial control systems. Could be catastrophic
A small number of cyber attacks involve data manipulation, and even fewer pose militaristic threats.
Five Pillars: Pentagon, United States military strategy for cyberwarfare
• Recognizing cyberspace as the next domain of warfare
• The need for active defenses
• Protection of critical infrastructure
• Enhancing collective defense
• The need to marshal our technological prowess
9
GROWTH
COMPETITIVENESS
OPS EFFICIENCY
CUSTOMER EXPERIENCE
VISIBILITY
ADAPTIVENESS
RESPONSIVENESS
CONTROL
DIGITAL BUSINESS ENABLE AND PROTECT
BUSINESS AGILITY
CYBER RESILIENCE
10
450M
Over 390K malicious programs discovered
every day
78%
% of Boards concerned withcyber security
<50%
believe teams have abilityto detect & respond to complex incidents
SOURCE: Joint study from ISACA and RSA
SOURCE: Joint study from ISACA and RSA
SOURCE: AV-Test.org
$445B Estimated Financial Loss Per YearSOURCE: Strategic and Int’l Studies
11
DEFEND AND PROTECT EVERY ENDPOINT
SOURCE: Gartner
THE “CIAS” MODEL OF CYBERSECURITYFrom information security to cybersecurity—the qualitiesof security evolve
Digital and physical blur… but not the need for safety
Confidentiality
Safety
Availability Integrity
Safety
Digital
Physical
Reducing Risk Exposure
Detect & Respond to Threats
Drive Operational Efficiency
Inte
grat
ion
& A
utom
atio
n
HOW IS TRIPWIREADDRESSING
CYBERSECURITYCHALLENGES?
Tripwire delivers advanced security, compliance and IT operations solutions
9,500+Customers in96 Countries
$$$Profitable
475+Employees
$167MFY2015
Revenue
Proactive Threat DefenseReduce attack surface
Detect advanced threats
Business agility
Optimize resources
Reduce business risk
Continuous Compliance
Responsive IT Operations
INTEGRATION
AUTOMATION
Tripwire: Security, Compliance and IT Operations
Integrated risk assessment, endpoint monitoring and threat detection
Detect, confirm, prioritize and contain with best-in-class endpoint intelligence
Harden endpoints, reduce attack surface and integrate to prevent attacks and contain losses
Investigate, analyze and respond with intelligence, automation and integration
Predictive analysis by baselining, assess vulnerabilities, configuration changes and threat intelligence
Tripwire: Proactive Threat Defense
Real-time change detection and audit tracking helps maintain continuous compliance
700+ policy and platform support
Auto discovery and inventory of all assets, hardware and software in scope.
Rapid discovery of gaps.
Audit and ensure patch process through integrated configuration, vulnerability and log management
Update with built-in remediation guidance
Policy and compliance content updates, vulnerabilities and security frameworks.
Industry leading compliance and policy platformTripwire: Continuous Compliance
Real-time system and file integrity monitoringUninterrupted change visibility for actionable intelligenceReports, dashboards and alerts
Discover and baseline IT infrastructureHave full inventory of ITManage Shadow ITDetect ‘at-risk’ assets and changes
Evaluate ‘drift’ from baseline – who, what, when, whyAssist security and compliance with evidence & workflows
Automate IT and security workflows and processesQuickly adapt & update based on risk & business priorities
Business Agility through integration and automation of IT workflowsTripwire: Responsive IT Operations
Tripwire – Trusted and recognized industry leaderHalf of Fortune 500 and over 9,000 customers worldwide
Trusted: By over half of Fortune 500 and over 9,500+ customers worldwide
Advanced: Integrity monitoring, configuration and risk assessment portfolio
Open: Built for integration and automation across the security and IT ecosystem
Resilient: Proven, reliable platform for security, compliance and IT operations
cyberwarOverview
enemy Economy of Bad
battlefieldShifting Landscape
yourselfConfidence
battleTips & Resources
tripwire.com | @TripwireInc
Download from www.tripwire.com
1 2 3