Do You Manage Software? Understanding Your Role in Cybersecurity Defense

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential1

Do you manage software? Understand your role in cybersecurity defense

Marcelo Pereira, Product Marketing ManagerTim Davis, Senior Product Marketing Manager

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential2

The Cyber Threat Facing All Of UsCosts And Consequences Security Incidents and Data Breaches

Extensive downtimeExposure of intellectual property

Damage to brand and reputation

Theft/exposure of confidential data

Reduced productivity levels

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential3

Impact of incidents

Source: “Cisco 2017 Annual Cybersecurity Report” http://www.cisco.com/c/en/us/products/security/security-reports.html

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential4

To Watch This Webinar On Demand Register Here

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential5

Security Incidents versus Data BreachesAnd the cost of resolving incidents

Over

100,000security incidents in

2015

From which

3,141Were confirmed data

breaches

Sources:“2016 Data Breach Investigation Report” Verizon http://www.verizonenterprise.com/verizon-insights-lab/dbir/2016/* “2015 Cost of Cyber Crime Study: Global.” Ponemon Institute. October 2015. http://www.ponemon.org/blog/2015-cost-of-cyber-crime-united-states

$21,000 a day*

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential6

Companies Breached In 2016 - Highlights

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential7

“The Key Goal:

Reducing Adversaries Operational Space”

- Cisco

Source: “Cisco 2017 Annual Cybersecurity Report” http://www.cisco.com/c/en/us/products/security/security-reports.html

Addressing today’s challenges for security

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential8

PRINCIPLES OF SECURITY

WATCH THIS WEBINAR ON DEMAND REGISTER HERE

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential9

Resilience

DetectRespondRecoverPreventBreaches WILL

happen

Prevention:Reduce the attack

surface for hackers

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential11

“A Rapidly Expanding Attack Surface Requires an Interconnected and Integrated

Approach to Security”

- Cisco

Source: “Cisco 2017 Annual Cybersecurity Report” http://www.cisco.com/c/en/us/products/security/security-reports.html

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential12

SECURITY ROLES

The challenge of hitting a moving target

WATCH THIS WEBINAR ON DEMAND REGISTER HERE

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential13

Role: Information Security

Evangelize security awareness Conduct vendor risk assessmentOversee regulatory compliance Assess security position of infrastructure

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential14

Source: “Cisco 2017 Annual Cybersecurity Report” http://www.cisco.com/c/en/us/products/security/security-reports.html

Is Security a Priority?

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential15

Role: IT Security

Mitigates the risk of security incidents and breachesIdentifies and responds quickly to incidents

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential16

Dealing with possible security incidents

Source: “Cisco 2017 Annual Cybersecurity Report” http://www.cisco.com/c/en/us/products/security/security-reports.html

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential17

OPERATIONS ROLES

The challenge of managing software

WATCH THIS WEBINAR ON DEMAND REGISTER HERE

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential18

Role: Desktop Management

Preform application risk assessmentRestrict use of unauthorized applications Remove unused applicationsControl Self-Service deployment

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential19

Global Pharmaceutical Company

89% Reduction in the number of apps from over 3,700 applications to just 400

• Reduced attack surface• Improved governance• Streamlined employee choice• Saved $1,968,000 in labor costs in the first year

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential20

Role: Software Asset Management

Discover software and maintain normalized inventoryUnderstand application usage trendsReduce the application footprint

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential21

Chicago Public Schools

Making informed decisions to reduce new software purchases and negotiate more favorable vendor contracts

• Identified 29,000 different applications installed• Discovered end of life (EOL) software• Collaborated with the security team to remediate issues

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential22

Role: Patch Management

Asses and Prioritize patchingDeploy patches and verify Align with Security policies

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential23

Security Patch ManagementChallenges And Misconceptions

• Patch Management = managing deployment of patches• No synergy between security assessment and patch activities• Patching Microsoft applications is good enough• Focus only on the most common non-Microsoft applications• Relying on vendor information and alerts

CONSEQUENCES: • Non prioritized patching process• Waste of resources• Applications staying unpatched for

months or many times, years• Business disruption and breaches

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential24

Time To Patch!Patch Availability On The Day of Disclosure

Source: “Flexera Software Vulnerability Review 2017.” http://www.flexerasoftware.com/enterprise/resources/research/vulnerability-review/

81%

92.5%

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential25

How our customer improved their processes

68%69%

1 staff/day

58%25%

Daily and Weekly

Daily and Weekly

2+ staff/day

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential26

Conclusion

Operationalize people, processes and technology in an integrated fashion to effectively reduce the attack surface for cybercriminals and hackers.

Maintain and share accurate inventory dataStreamline and rationalize your portfolioConduct risk assessmentPrioritize security patching

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential27

Additional Resources

Visit us online: www.flexerasoftware.com/enterprise/resources

White Papers:

Bridging Vulnerability Management Gaps

On Demand Webinar:

SAM and Security Teams Must Join Forces to Enhance Security

Success Story:

Chicago Public Schools

Reports:

Vulnerability Review 2017

© 2017 Flexera Software LLC. All rights reserved. | Company Confidential28

WE’RE REIMAGINING THE WAY SOFTWARE IS

w w w . f l e x e r a s o f t w a r e . c o m

SOLD SECUREDMANAGEDBOUGHT

North America: 800-809-5659Europe, Middle East & Africa: +44 (0) 870 873 6300Asia-Pacific: +61 3 9895 2000

WATCH THIS WEBINAR ON DEMAND REGISTER HERE