Next Generation, Profitable, Security Begins With a
CARM Approach
Exclusive Networks Ltd, Alresford House, Mill Lane, Alton, GU34 2QJ
Tel: 0845 521 7217www.exclusive-networks.co.uk
Page 2
Ever more alarming ‘facts’ about the heightened risks of the digital environment, a security landscape built on prevention, and the reality of breaches becoming more widespread and likely. The CARM approach from Exclusive Networks allows channel partners to swiftly identify gaps in customer security, provides complementary solutions that deliver effective, integrated, and sustainable security against known, advanced and evolving threats, realising significant business gains in the process.
Exclusive Networks Ltd, Alresford House, Mill Lane, Alton, GU34 2QJ
Tel: 0845 521 7217www.exclusive-networks.co.uk
Page 3
IntroductionBecause the pace of change in the digital world is ever increasing, it is widely recognised and commented on, that the rate, variety and severity of cyberattacks is increasing either in step, or more worryingly, ahead of the ability of organisations to maintain a secure digital presence. Accepting a security breach rather than simply trying to prevent it is the new norm. This presents a huge challenge to organisations with systems built around prevention and perimeter defence, a challenge amplified by new compliance requirements.
Questions we ask ourselves: What to invest in and divest of?
Where are attacks likely to come from?
What’s our security legacy?
Where is our soft-spot?
What compliance regulations to meet?
What, critically, is coming down the barrel next?
There is a lot of general information and guidance, much government generated, about what organisations should do and a blizzard of scaremongering and ‘essential’ advice often frightening organisations into action, that whilst might address a particular element of the security landscape, rarely provides a complete picture. What is less clear is how to develop a strategy for dealing with today’s threats, what to do when breached and safeguarding against tomorrow’s emerging threats.
Factor in the difficulty of knowing whose solutions to deploy out of the thousands on the market and what works best with what and the picture becomes very complex and only serves to ratchet up the fear factor. For channel partners, the demands from customers increase in line with their need and perception of risk and the onus to research, test, deploy and support solutions right for each and every one of their customers across the security spectrum, without taking unnecessary risks, becomes white hot. Where to turn to for researched, objective, proven & channel friendly solutions that address the complete security need, provide partners with complementary revenue streams and significantly reduce their operational costs?
The answer:
CARM – Cyber Attack Remediation and Mitigation provides channel partners with the framework and tools to confidently identify gaps in their customers’ security regime, how to most effectively close them and tighten their security policies to ensure compliance. CARM applies to customers of all sizes, in all markets irrespective of their current security profile and incorporates best-of-breed vendor solutions.
Exclusive Networks Ltd, Alresford House, Mill Lane, Alton, GU34 2QJ
Tel: 0845 521 7217www.exclusive-networks.co.uk
Page 4
A CARM Approach is a Controlled ApproachCARM is built around the central tenet that in today’s world, cybersecurity, to be effective, needs to deal with more than prevention and perimeter security, it has to factor in the expectation that a breach will occur. At the heart of the CARM concept and framework is the ability to deliver an integrated security capability built around the three core axes of:
This then provides the route to create an effective, integrated and complete security system across all platforms within all organisations. It is also scalable and recognising that one size doesn’t fit all, provides solutions relevant to the circumstances and requirements of each customer, dovetailing with existing customer security systems. CARM allows customers to tailor their security requirement and select vendors and technologies from each of the axes to fill any gaps in their current security capabilities and importantly, in accordance to the level of their security need – Essential, Core or Advanced.
Exclusive Networks Ltd, Alresford House, Mill Lane, Alton, GU34 2QJ
Tel: 0845 521 7217www.exclusive-networks.co.uk
Page 5
Find the Gaps It’s critical to point out that CARM is not a product or a marketing programme.
The CARM framework allows channel partners to evaluate customers’ current security capabilities, identify potential gaps and show how a strategic end-to-end cybersecurity framework turns cybersecurity from a reactive posture into a pro-active, controlled operation across customers’ businesses and in doing so, realising significant benefits for them:
For channel partners the advantages of embracing CARM are many. The vendor solutions within the three core axes are at the forefront of their field and have had the relevant level of due diligence, research and testing done by Exclusive Networks to ensure they are effective, work together and are fully committed to the channel. With the heavy lifting of key technology and vendor evaluation done, partners can access emerging technologies relatively risk free and have business issues like the compromise between security and putting the brakes on business operation and agility already considered and covered. This in turn frees up their time to be more customer focused and concentrate on delivering the benefits their customers need to maintain and grow their online and digital presence and ultimately, their competitive edge.
Delivers threat landscape security
- current and emerging
Ensures compliance to current and
future regulation
Reduces reactivity and time to detect, react
and mitigate
Improves uptime, and hence productivity and profit in the
short term and customer loyalty and growth prospects in the
long-term
Raises their security capabilities
Increases control and understanding
Exclusive Networks Ltd, Alresford House, Mill Lane, Alton, GU34 2QJ
Tel: 0845 521 7217www.exclusive-networks.co.uk
Page 6
Essential Elements of Complete SecurityWith past security systems being either completely or predominantly focused on prevention there is a truism, borne out in research, that if an attack succeeds and a breach occurs then most organisations will be woefully unprepared for what to do in the event of this.
It has been the case for the last few years that there is a considerable and potential business limiting gap, between the time to compromise or breach and the time to detect and respond. Typically a compromise will happen in minutes, whereas a detection and response time is at best in days, most often in in weeks and at worst in months. One report showed the typical detection gap to be 146 days, or over four months.
As stressed, CARM is predicated on the fact that given an attacker needs to get lucky only once then organisations with an effective security system need to be lucky all the time. CARM integrates the three axes of Prevention, Detection and Reaction into a security life-cycle and assuming that on occasion the attacker will be successful at beating prevention mechanisms, is ready armed to significantly reduce any detection and reaction gaps.
Exclusive Networks Ltd, Alresford House, Mill Lane, Alton, GU34 2QJ
Tel: 0845 521 7217www.exclusive-networks.co.uk
Page 7
Mind all the GapsEach axis contains proven vendor solutions that are focused on the key attack types and their nature. All work together and as already mentioned, can be deployed in conjunction with a customer’s existing legacy security regime, all together, or only the element required – it is all driven by customer situation and need. The functional security areas addressed by each axis are:
Endpoint Respons
Network Response
SIEM
PREVENTION the ability to defend:
NG Firewall Platform
PIM
Endpoint Protection
Vulnerability Assessment and Patch Management
Encryption
Email Protection
Key Generation and Management
Web Application Firewall
Privilege Access Management
Cloud Access Security Brokerage
File Access and MDM
Distributed Denial of Service
Mobile Security
Strong Authentication
NG Firewall Platform
Network Packet Caputre
Endpoint Response
Strong Authentication
Virtual Execution (sandbox)
PIM
Email Protection
Encryption
Web Application Firewall
User Entity Behaviour Analytics
Cloud Access Security Brokerage
Privilege Access Management
Distributed Denial of Service
File Access and MDM
SIEM
Mobile Security
DETECTION the ability to identify and respond:
REACTION the ability to remediate and forensically investigate:
Exclusive Networks Ltd, Alresford House, Mill Lane, Alton, GU34 2QJ
Tel: 0845 521 7217www.exclusive-networks.co.uk
Page 8
Preventing a data breach is impossible, due to the evolving threat landscape.
High-pro� le data breaches hit the headlines daily, intensifying concerns about the consequences of cyber attacks.
If your organisation’s security strategy only focusses on preventative measures, take a look at our “Security Adoption Curve” to see how Exclusive Networks can help you secure the gap.
For more information visit www.exclusive-networks.co.uk
NG FireWall Platform
EndPoint Protection
Email Protection
Encryption
EndPoint Response
Cloud Access Security Brokerage
File Access and MDM
Network Packet Capture
Network Response
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
EESSSENTIALL
CCOORREE
ADVAVAV NCED
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Web Application Firewall
EndPoint Response
SIEM
Virtual Execution (sandbox)
Distributed Denial of Services
Privilege Access Management
Strong Authentication
PIM
Vulnerability Assessment and Patch Management
Key Generation and Management
User Entity Behaviour Analytics
Mobile Security
Network Plumbing
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Minding All the Gaps, All the TimeThe CARM framework delivers the pathway for channel partners to close any gaps their customers may have and deliver replacement or complementary security solutions relevant to each one.
However, circumstances change, either in customers’ businesses and markets, regulatory frameworks, solution technologies and most importantly, the nature of attacks and their vectors. CARM solutions and vendors are continuously monitored in terms of suitability and effectiveness and updated to ensure that customers have the most effective technologies to hand. Should the security needs of customers change, then CARM can help identify new gaps and determine a security pathway to ensure there is a solution ready to implement seamlessly, to meet these needs and for each of the three axes. The Security Adoption Curve delivers appropriate security according to need and highlights what is required to go to the next security level.
Exclusive Networks Ltd, Alresford House, Mill Lane, Alton, GU34 2QJ
Tel: 0845 521 7217www.exclusive-networks.co.uk
Page 9
Preventing a data breach is impossible, due to the evolving threat landscape.
High-pro� le data breaches hit the headlines daily, intensifying concerns about the consequences of cyber attacks.
If your organisation’s security strategy only focusses on preventative measures, take a look at our “Security Adoption Curve” to see how Exclusive Networks can help you secure the gap.
For more information visit www.exclusive-networks.co.uk
NG FireWall Platform
EndPoint Protection
Email Protection
Encryption
EndPoint Response
Cloud Access Security Brokerage
File Access and MDM
Network Packet Capture
Network Response
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
EESSSENTIALL
CCOORREE
ADVAVAV NCED
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Web Application Firewall
EndPoint Response
SIEM
Virtual Execution (sandbox)
Distributed Denial of Services
Privilege Access Management
Strong Authentication
PIM
Vulnerability Assessment and Patch Management
Key Generation and Management
User Entity Behaviour Analytics
Mobile Security
Network Plumbing
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Firewall General PC security Intursion detect security
Security icons
Encryption Servailance/Monitoring
Security Delivery WIFI Mobile SIEM Web security
DDOS Discovery Analytics Email security Vulnerability search
Identity Password/Access Security tools Professional services
Patch
Integration Key logging Restrictions Service accounts Compliance
Import/Export Email Session recording General security Enforce/Inform
Forensics
Session recording
Money End point Response SIEM
Exclusive Networks Ltd, Alresford House, Mill Lane, Alton, GU34 2QJ
Tel: 0845 521 7217www.exclusive-networks.co.uk
Page 10
Summary
By adopting a CARM approach, channel partners are able to swiftly and confidently help customers identify, close and tighten up any security gaps, in their defences and reduce time to detect, react, mediate, analyse and learn. Customers move from a defensive posture to a more forward facing one and are able to:
Rapidly detect, analyse, mitigate and resolve cyber breaches
Achieve their unique digital business objectives and meet regulatory compliance
Protect core data and infrastructure without slowing down the functioning of the business
Gain real-time visibility and reaction to traditional and emerging threats
Channel partners who have already adopted the CARM framework have benefited from an increase in customer facing time and a reduction in time and resource needed to audit, analyse, research and recommend solutions to customer security issues. Current partners have had the following experience and seen their customers realise significant business benefits.
Exclusive Networks Ltd, Alresford House, Mill Lane, Alton, GU34 2QJ
Tel: 0845 521 7217www.exclusive-networks.co.uk
Page 11
CARM Vendors
Exclusive Networks’ vendors undergo a stringent and ongoing evaluation of their technology and ability to work with the channel, to ensure channel partners are able to recommend and rely on the solutions and support delivered. The vendors that map to each of the key CARM components are:
The Smart Route To Visibility™
Page 12
Exclusive Networks Ltd, Alresford House, Mill Lane, Alton, GU34 2QJ
Tel: 0845 521 7217www.exclusive-networks.co.uk
The Reality Driving the Need for
It has been mentioned already that there is a blizzard of facts, stats and prophecies that combine to create a climate of fear and uncertainty. It is the catalyst behind the CARM approach, and to reinforce why now is the time to take a CARM approach and move on from prevention base security. Here are some key trends and facts that are researched and credible that partners can share with their customers.
EV
5 1.
EVENTS OCCURERY SECOND
MALWARE
206DAYS
THE AVERAGE TIME TO IDENTIFY AN ATTACK2.
50 BILLIONÔTHINGSÕ CONNECTED TO THEINTERNET BY 2020 8.
59% OF ORGANISATIONSEXPECT THE NUMBER OF
SECURITY INCIDENTSTO INCREASE NEXT YEAR 3.
THOSE ON THEDIGITAL FRONTIER HAVE
2-3X FASTERPROFIT MARGIN GROWTH
DIGITALPUBLIC SECTOR CIOs EXPECT A RISE OF
IN 2016 BY35%7.PROCESSES
WERE COMPROMISED MORE THAN A YEAR AFTER THE VULNERABILITY
AND EXPOSURE WAS PUBLISHED1.
OF EXPLOITED 99.9%
VULNERABILITIES
THE AVERAGE LOSS FOR A
OF 1,000 RECORDSIS BETWEEN $52,000 AND $87,000 1.
BREACH
FROM NOW UNITL 2020,THE DIGITAL UNIVERSEWILL DOUBLE EVERY
TWO YEARS5.
IN 82%OF INCIDENTSEND USER DEVICES WERE AN ISSUE
51% OF CIOsARE CONCERNED THATTHE DIGITAL TORRENTIS COMING FASTERTHAN THEY CAN COPE 4.
DATA IN THEDIGITAL UNIVERSETHAT REQUIRES PROTECTIONIS GROWING FASTER THANTHE DIGITAL UNIVERSE ITSELF 5.
OF ORGANISATIONS HAD A
SECURITYBREACHIN THE LAST YEAR RELATING TO3.
SOCIAL NETWORK SITES
13%
1. Source: 2015 Data Breach Investigations Report, Verizon2. Source: 2015 Cost of Data Breach Study: Global Analysis, Ponemon Institute, May 2015
3. Source: 2015 Information Security Breaches Survey Technical Report, HM Government4. Source: Gartner, January 14 2014, Press Release