Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and...

transcript

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.

Fighting a different battle than

conventional cybersecurity companies

3rd April / IP Expo Manchester

Malware, Security Analytics, and

Cybersecurity in 2019

Your data. Our mission.

VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.2

Category creator

6,350 customers globally (Sep 2018)

NASDAQ: VRNS

Built by world-class cybersecurity

experts (not through acquisitions)

About Varonis

Security Analytics Compliance &

ClassificationData Protection

Data Security Platform

The Modern State

of Insecurity

“Forensic investigators hired to assess the breach retraced the route of

the truck to determine whether they could locate the drives along this

route, but were unable to find any trace of them.”

Hacked: 2012Leaked: 2016

”Using SIEM for Targeted Attack Detection

Oliver Rochford & Kelly M. Kavanagh

Organizations are failing at early breach detection, with fewer than

20% of breaches detected internally.

had at least 1,000

sensitive files opened to

every employee

have over 100,000

sensitive folders opened

to every employee

of folders contain

stale data

Statistics from

over 130

organizations

of folders are opened to

global group access

of user accounts are

enabled but inactive

of companies have over

1,000 stale, sensitive files74%

The state of unstructured data

The 2018 Global Data Risk Report captures findings of Data Risk Assessments performed on 130 organisations—a representative sample from many industry segments and sizes.

TheData Security

Money Pit

innovation

enablement

matrix

Billions spent on data security products, and yet…

62% have no idea where their most sensitive data resides.

do not audit all use of customer data and analyze it for abuse.

60% do not restrict data access using a least privilege model.

Who’s watching the data?

When was the last time your million dollar SIEM told you about

an attack in progress?

3 Common Pitfalls

1. There are a lot of logs.

“Throw it all into the SIEM. We’ll make sense of it later!”

2. Even after the logs are

adequately parsed, they

lack context.

”Gartner, Summer of SIEM 2017 Coming…, Anton Chuvakin

During research, the majority of SIEM providers told Gartner that the mass of

their installed base (approximately 85%) is not using advanced threat detection or

analytics features today.

3. Can’t answer: “Is our data

safe?”

What if we start with the data?

Who is accessing, modifying, moving,

deleting files and emails?

Which data is exposed to too many people?

Who has access to files, folders, mailboxes?

Which files contain critical information?

Which data isn’t being used?

Who owns data and how do I get them

involved?

Am I alerted when data is lost, stolen, or

misused?

How “dark” is the data?

Windows Sharepoint

Exchange Unix/Linux

Office 365

Directory Services

Azure AD

Context about users, systems, and data – together

Permissions

Users & Groups

ContentClassification Access Activity

PerimeterTelemetry

METADATA COLLECTION

Proxy VPN DNS

Windows Sharepoint

Exchange Unix/Linux

Office 365

Directory Services

Azure AD

PermissionsUsers & Groups

ContentClassification

Access Activity

PerimeterTelemetry

Data Security Platform

COLLECTION AND

ANALYTICS

AUTOMATION

PERIMETER DEVICES

Windows Exchange

SharePoint

Office 365

NASUnix/Linux

Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and...

Documents