Add to collection(s) Add to saved
  1. Business

incident response - NTT Com Security

advertisement 
Empowering Organisations to Thrive in the
Face of Cyber Attacks
An introduction to Resilient Systems
Paul Ayers – General Manager, EMEA
Chris Neely - Director of Sales Engineering, EMEA
AGENDA
►
Market Landscape
►
About us
►
New incident response model
►
How it works
►
Live demonstration
Resilient Systems, Inc. – Proprietary and Confidential
| 2
Dramatic increase of security incidents and breaches
The Rise of Cyber Incidents
Global State of Information Security 2015
Resilient Systems, Inc. – Proprietary and Confidential
| 3
Massive move in security spending is underway
Prevent & Protect
Research conducted April ‘15 by Pierre Audion Consultants
77%
61%
Average spend
today
Average spend in 2 years
75%
60%
Median spend
today
Median spend in
2 years
39%
Average spend in 2 years
25%
40%
Median spend
today
Median spend in
2 years
Detect & Respond
23%
Average spend
today
Resilient Systems, Inc. – Proprietary and Confidential
| 4
Incident Response Evolution
Incident Response evolution
► Proven
and Robust Processes / Best Practice
► Historically
► Now
rudimentary tooling
a defined market
“Security incident response platforms (SIRPs)
contain specialized capabilities intended specifically
to
support theSharepoint
response to security
incidents”
Spreadsheets
Ticketing
Email
Technology Overview for Security Incident Response Platforms
Resilient Systems, Inc. – Proprietary and Confidential
| 5
OUR MISSION
Resilient Systems empowers
organizations to thrive in the
face of cyberattacks and
business crises.
Resilient Systems, Inc. – Proprietary and Confidential
| 6
Resilient Systems
Pioneers in incident response
►
Founded in 2010, created the first Incident
Response Platform (IRP)
►
Winning awards for innovation — and so are our
customers
►
World leader in incident response management
bringing together people, process and technology
►
Bruce Schneier, CTO — the leading security
industry guru
►
Headquartered in Cambridge, MA and London, UK
Most Innovative Product
In Germany
Resilient Systems, Inc. – Proprietary and Confidential
| 7
PRODUCTS
Why response
DETECTION
RESPONSE
SERVICES
PREVENTION
Resilient Systems, Inc. – Proprietary and Confidential
| 8
Select global customers
FINANCIAL
MANUFACTURING
HEALTHCARE
TECHNOLOGY
INSURANCE
CRITICAL INFRASTRUCTURE
PROFESSIONAL SERVICES
TELECOM
RETAIL
FEDERAL
HOSPITALITY
Resilient Systems, Inc. – Proprietary and Confidential
| 9
PLATFORM OVERVIEW
Resilient Systems, Inc. – Proprietary and Confidential
| 10
A new approach to incident response
Brings together people,
process and technology
to transform, orchestrate
and empower your
incident response
Resilient Systems, Inc. – Proprietary and Confidential
| 11
A new approach to incident response
It enables rapid collaboration
within the IR Team and across
the organization
MARKETING
LEGAL
CSIRT
SOC
BUSINESS
FORENSICS
CISO
IR
Resilient Systems, Inc. – Proprietary and Confidential
| 12
A new approach to incident response
►
Action plans (NIST)
►
Organizational SOPs
►
Event orchestration
►
Task management
►
Global data privacy
obligations
►
Tabletop exercises
Resilient Systems, Inc. – Proprietary and Confidential
| 13
A new approach to incident response
Brings together all your
existing security
investments in one place
Resilient Systems, Inc. – Proprietary and Confidential
| 14
Our unique value
INTELLIGENCE
FEEDS
Creates a single hub for
all IR
►
Empowers teams to
work more intelligently
►
Agile platform
►
Custom Action Module
►
Compatible with all other
systems
SIEM
EXTERNAL
COMMUNICATION
TICKETING
INCIDENT
RESPONSE
PLATFORM
EMAIL
CUSTOM
PORTAL
CONFIGURATION
MGT
SANDBOX
FORENSICS
►
ASSET
DATABASE
Resilient Systems, Inc. – Proprietary and Confidential
| 15
Resilient incident response platform
AUTOMATED ESCALATION
SIEM
EMAIL
EASY
COLLABORATION
ENTRY
WIZARD
TROUBLE
TICKETING
WEB
FORM
RESILIENT IRP MODULES
SECURITY
PRIVACY
INFRASTRUCTURE
INTEGRATION
ACTION
►
Directory
►
Endpoint forensics
►
Threat Intelligence
►
Endpoint controls
►
Network controls
DASHBOARDS & REPORTING
TEAM
UTILIZATION
CSO
DASHBOARD
INCIDENT
TIMELINE
STATUS
INCIDENTS
BY TYPE
OVER TIME
CUSTOM
DASHBOARDS
& REPORTS
Resilient Systems, Inc. – Proprietary and Confidential
| 16
Sample case study – Fusion Project
Blue Coat
Tanium
Bit 9
QRadar
►
iSIGHT
►
FS-ISAC
►
Etc.
Bromium
Splunk
Escalate / Sync
TIFP
Aggregated
Normalized
Artifact
Lookup
Enrich
Resilient
Platform
Threat
Services
Remedy
Escalate /
Sync
Action
Module
AD
Enrich
CMDB
Analyst
Resilient Systems, Inc. – Proprietary and Confidential
| 17
DEMONSTRATION
Resilient Systems, Inc. – Proprietary and Confidential
| 18
Q&A
Resilient Systems, Inc. – Proprietary and Confidential
| 19
Related documents
Disclosure and Confidentiality Agreement for Staff and Board
Disclosure and Confidentiality Agreement for Staff and Board
Proprietary Information And Confidentiality Policy
Proprietary Information And Confidentiality Policy
The Glass Castle Essay Assignment
The Glass Castle Essay Assignment
Vision Statement
Vision Statement
Provider Data - HealtheConnections
Provider Data - HealtheConnections
Department of Electrical & Computer Engineering 323 Martin Luther
Department of Electrical & Computer Engineering 323 Martin Luther
Non-Disclosure (Confidentiality) Agreement Policy
Non-Disclosure (Confidentiality) Agreement Policy
Download
advertisement