Do You Manage Software? Understanding Your Role in Cybersecurity Defense
Download as PPTX, PDF1 like379 views
The document discusses the critical importance of cybersecurity in managing software, highlighting the escalating costs and consequences of security incidents and data breaches. It outlines various roles and responsibilities within organizations, including information security, IT security, desktop management, and software asset management, each aimed at reducing vulnerabilities and enhancing security operations. The conclusion emphasizes the need for an integrated approach to operationalize people, processes, and technology to effectively mitigate cyber threats.
Do You Manage Software? Understanding Your Role in Cybersecurity Defense
- 1. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential1 Do you manage software? Understand your role in cybersecurity defense Marcelo Pereira, Product Marketing Manager Tim Davis, Senior Product Marketing Manager
- 2. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential2 The Cyber Threat Facing All Of Us Costs And Consequences Security Incidents and Data Breaches Extensive downtimeExposure of intellectual property Damage to brand and reputation Theft/exposure of confidential data Reduced productivity levels
- 3. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential3 Impact of incidents Source: “Cisco 2017 Annual Cybersecurity Report” http://www.cisco.com/c/en/us/products/security/security-reports.html
- 4. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential4 To Watch This Webinar On Demand Register Here
- 5. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential5 Security Incidents versus Data Breaches And the cost of resolving incidents Over 100,000 security incidents in 2015 From which 3,141 Were confirmed data breaches Sources: “2016 Data Breach Investigation Report” Verizon http://www.verizonenterprise.com/verizon-insights-lab/dbir/2016/ * “2015 Cost of Cyber Crime Study: Global.” Ponemon Institute. October 2015. http://www.ponemon.org/blog/2015-cost-of-cyber-crime-united-states $21,000 a day*
- 6. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential6 Companies Breached In 2016 - Highlights
- 7. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential7 “The Key Goal: Reducing Adversaries Operational Space” - Cisco Source: “Cisco 2017 Annual Cybersecurity Report” http://www.cisco.com/c/en/us/products/security/security-reports.html Addressing today’s challenges for security
- 8. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential8 WATCH THIS WEBINAR ON DEMAND REGISTER HERE
- 9. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential9 Resilience Detect RespondRecover Prevent Breaches WILL happen
- 10. Prevention: Reduce the attack surface for hackers
- 11. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential11 “A Rapidly Expanding Attack Surface Requires an Interconnected and Integrated Approach to Security” - Cisco Source: “Cisco 2017 Annual Cybersecurity Report” http://www.cisco.com/c/en/us/products/security/security-reports.html
- 12. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential12 The challenge of hitting a moving target WATCH THIS WEBINAR ON DEMAND REGISTER HERE
- 13. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential13 Role: Information Security Evangelize security awareness Conduct vendor risk assessment Oversee regulatory compliance Assess security position of infrastructure
- 14. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential14 Source: “Cisco 2017 Annual Cybersecurity Report” http://www.cisco.com/c/en/us/products/security/security-reports.html Is Security a Priority?
- 15. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential15 Role: IT Security Mitigates the risk of security incidents and breaches Identifies and responds quickly to incidents
- 16. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential16 Dealing with possible security incidents Source: “Cisco 2017 Annual Cybersecurity Report” http://www.cisco.com/c/en/us/products/security/security-reports.html
- 17. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential17 The challenge of managing software WATCH THIS WEBINAR ON DEMAND REGISTER HERE
- 18. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential18 Role: Desktop Management Preform application risk assessment Restrict use of unauthorized applications Remove unused applications Control Self-Service deployment
- 19. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential19 Global Pharmaceutical Company 89% Reduction in the number of apps from over 3,700 applications to just 400 • Reduced attack surface • Improved governance • Streamlined employee choice • Saved $1,968,000 in labor costs in the first year
- 20. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential20 Role: Software Asset Management Discover software and maintain normalized inventory Understand application usage trends Reduce the application footprint
- 21. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential21 Chicago Public Schools Making informed decisions to reduce new software purchases and negotiate more favorable vendor contracts • Identified 29,000 different applications installed • Discovered end of life (EOL) software • Collaborated with the security team to remediate issues
- 22. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential22 Role: Patch Management Asses and Prioritize patching Deploy patches and verify Align with Security policies
- 23. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential23 Security Patch Management Challenges And Misconceptions • Patch Management = managing deployment of patches • No synergy between security assessment and patch activities • Patching Microsoft applications is good enough • Focus only on the most common non-Microsoft applications • Relying on vendor information and alerts CONSEQUENCES: • Non prioritized patching process • Waste of resources • Applications staying unpatched for months or many times, years • Business disruption and breaches
- 24. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential24 Time To Patch! Patch Availability On The Day of Disclosure Source: “Flexera Software Vulnerability Review 2017.” http://www.flexerasoftware.com/enterprise/resources/research/vulnerability-review/ 81% 92.5%
- 25. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential25 How our customer improved their processes 68% 69% 1 staff/day 58% 25% Daily and Weekly Daily and Weekly 2+ staff/day
- 26. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential26 Conclusion Operationalize people, processes and technology in an integrated fashion to effectively reduce the attack surface for cybercriminals and hackers. Maintain and share accurate inventory data Streamline and rationalize your portfolio Conduct risk assessment Prioritize security patching
- 27. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential27 Additional Resources Visit us online: www.flexerasoftware.com/enterprise/resources White Papers: Bridging Vulnerability Management Gaps On Demand Webinar: SAM and Security Teams Must Join Forces to Enhance Security Success Story: Chicago Public Schools Reports: Vulnerability Review 2017
- 28. © 2017 Flexera Software LLC. All rights reserved. | Company Confidential28 WE’RE REIMAGINING THE WAY SOFTWARE IS w w w . f l e x e r a s o f t w a r e . c o m SOLD SECUREDMANAGEDBOUGHT North America: 800-809-5659 Europe, Middle East & Africa: +44 (0) 870 873 6300 Asia-Pacific: +61 3 9895 2000 WATCH THIS WEBINAR ON DEMAND REGISTER HERE