- HP Discover

Advanced Threat Protection
Chris Leach/June 2015
#HPDISCOVER
@cjleach56
© Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Please give me your feedback
Session DT1238
Speaker Chris Leach
Use the mobile app to complete a session survey
1.
Search for the app in your app store: HP Discover
2.
Access “My agenda”
3.
Click on this session
4.
Go to “Rate & review”
If the session is not on your schedule, just find it via the session catalog, click on this session and then go
to “Rate & review.”
Thank you for providing your feedback to help us enhance content for future events.
© Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
In the last 12 months
High profile breaches continue
making the headlines
Even with
$30B
spent in the industry
>95%
of organizations are still
compromised
Cybercrime remains
a growth industry
with losses of
$445B
1,2,3Mandiant
4
(FireEye) M Trends, A View from the Front Lines, 2015 Report
© Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Current Trends and Challenges
What we see:
•
Almost 60% of industry security breaches come from current or former employees.
•
Mobility and the use of BYOD seen as a significant threat vector for organizations.
•
Identity management are key enablers of business due to the large use of data interchange and long chains of
trust.
•
Physical security continuing to be the bedrock of sound information security.
© Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Cybersecurity Landscape in 2020
Cybersecurity threats and actors are growing
faster than our ability to combat them using
traditional means.
2020*
Security Big Data, Automation and Targeted Intelligence will
become the cornerstones of a new cyber security reality.
100
Billion
Connected Devices
5.3
Billion
Online population
2010
12.5
7.6
Connected Devices
World population
Billion
6.8
Billion
World population
1 HP
$17
Million
Average cost of breach
$3.8
1
Average cost of breach
New Hackers
Million
Sources:
Billion
Internal Research - 2 Accenture 2013 CIO Mobility Survey - 3 Juniper Research – Jan. 2014
Million
Types of attacks
The Bad Guys
Hackers
Advanced Persistent
Threats (APTs)
BREACHED
Advanced
malware
Script Kiddies
Organized Crime
Nation-States
Zero-day
attacks
7
Spearphishing
© Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Employees
The adversary attack ecosystem
Infiltration
Research
Discovery
Adversary
Employee
Capture
Exfiltration
8
© Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Cyber Situational Awareness and Defense (CSAD)
The need to understand complexity:
• Reference framework for cyber risk management and
protection.
Operational,
management and
business
reporting
Policies and
process
Security
operations
workflow
• Provides true visibility of the risk of cyber threats to an
organization’s business
• Delivers integrated security protection and security
operations management
Intelligence
Threat and
vulnerability
management
© Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Complete Cyber
Security
Security
Technology
People
Security event
monitoring and
management
HP Threat Central
Crowd-source actionable threat intelligence
Companies must collaborate to mitigate threats
• Companies today spend time combatting the same threat
• The adversary is collaborating in an effective eco-system
Current information sharing models are ineffective
• Manual and slow
• Limited participation
• Intel is not actionable
Threat Central
Threat Central enables
•
•
•
Government alone can’t fix the problem
• Can’t hire the right resources fast enough
• Limited visibility: Need intel/data from industry
© Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
•
Bi-directional
collaboration
Context for actionable
data in automated manner
Established community
with existing ArcSight
customer base
Integrated directly with
mitigation engine (IPS)
Big Data Security Analytics
HP HAVEn
HAVEn
Hadoop/
Autonomy
HDFS
IDOL
Scale
Social media
Video
Vertica
Source
Audio
Email
Speed
Texts
© Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Mobile
Enterprise
Security
Powering
HP Software
+ your apps
Secure
Transactional
data
Documents
nApps
IT/OT
Search engine
Images
Rapid response when threats become reality
Global incident response service from HP and Mandiant
Features
• Rapid deployment of industry leading incident response
teams to your site
• Multilingual support when and where you need it
• Full enterprise visibility through proprietary tools and
techniques purpose built for large scale incident response
• Expertise, methodologies and IP from HP and Mandiant
Problems it solves
• Reduces the damage caused by advanced, targeted attacks
• Engages experienced teams with deep domain expertise
• Minimizes downtime and establishes ongoing response plans
Client benefits
• Stops prolonged exposure to minimize financial and
reputation damages
• Addresses legal and regulatory evidence requirements
• Relieves overburdened staff in reactive environments
12
© Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
HP and FireEye announcement
• First of its kind go-to-market partnership to make compromise assessment, incident response, and
threat detection offerings available to HP’s most strategic clients globally.
• HP Enterprise Services and FireEye will jointly go to market with these offerings:
- Global Incident Response from HP and Mandiant
- Advanced Compromise Assessment from HP and Mandiant
- Managed Advanced Threat Protection Services from HP and FireEye
• Clients will benefit from HP Enterprise Services’ unparalleled global reach and portfolio of worldclass security service offerings, including a comprehensive suite of security remediation services
underpinned by FireEye’s advanced threat detection, intelligence, methodologies, and incident
response expertise.
13
© Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
HP and FireEye partner for better protection and faster response
HP and FireEye bring unique incident response, compromise assessments and advanced threat management services
to reduce your exposure to active threats and establish effective remediation plans for quicker recovery to reduce the
damage as a result of security incidents. Now you can benefit from HP Enterprise Services’ unparalleled global reach and
portfolio of world-class security service offerings including a comprehensive suite of security remediation services
underpinned by FireEye’s advanced threat detection, intelligence, methodologies and incident response expertise.
Global incident
response from HP
and Mandiant
Investigate, assess, and resolve
cyber-security events ranging from
single-system compromises to
enterprise-wide intrusions by
advanced attack groups that span
hundreds of thousands of systems.
14
Advanced compromise
assessment from HP
and Mandiant
Answers the most important question
for every enterprise—whether or not
you have been breached. This offering
provides the most advanced
compromise assessment in the
industry and the first step in
transforming your IT security
program.
© Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Managed advanced threat
protection services from
HP and FireEye
Provides 24/7 security monitoring
for cyber-attacks that bypassed
traditional technology defenses. Our
experienced threat analysts extend
your cyber-security team, with insight
and intelligence from the front lines,
proactively hunting for indicators of
compromise in your environment and
containing breaches in minutes.
Optimized threat detection 24/7
Managed advanced threat protection services from HP and FireEye
Features
• Leverages industry-leading technology from FireEye, HP MSS
• 24/7/365 systems operational management and maintenance
• Rapid detection of threats, alert investigation, malware
analysis, and mitigation recommendations from regional SOCs
• Proactive hunt of attackers and personalized threat intelligence
Problems it solves
• Alleviates internal resource constraints
• Optimizes threat detection, mitigation, response capabilities
• Preempts attacks and minimizes exposure
Client benefits
• Expanded operational support and expert threat analyst team
• Visibility and contextual awareness of active threats
• Reduced business risk of security compromise through
faster containment
15
© Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
People, experience, and scale make the difference
• Hundreds of attach group dossiers with FireEye
• 4M+ network and endpoint sensors from FireEye technology
• 100K global IR investigations completed annually by Mandiant
16
© Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Next steps: Visit kiosk and schedule an assessment
Kiosk overview
• Visit the HP Security Services kiosk for a detailed conversation
Assessments
• Engage HP to conduct a whiteboard advisory session with a HP ESS Solution Architect to delve
deeper into your advanced threat protection needs and requirements
• Plan an ATP Readiness Review engagement to help you determine your state of readiness of
APT protection
• Schedule an Advanced Threat Detection engagement, determine actual state of threats and
already compromised assets within your environment
17
© Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Thank you
Chris Leach – Christopher.j.leach@hp.com
18
© Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.