Why LightCyber Why Now

Why Detection

Because prevention isn’t working, and never will. How do we know?  Because:

calendar

It takes over 200 days
to detect attacks*

third-party

Vast Majority of attacks are
detected by third parties

incentive

Incentive of attacker >> 
incentive of defender

Why LightCyber for Detection?

Because LightCyber is the only solution to do behavioral attack detection on network + endpoint

conceal-traffic

Can’t conceal
their traffic

Network
(especially internal)

Portion of attack lifecycle where attacker is most exposed

usage

Can’t avoid usage if intend to
commit serious data breach

accuracy

Accuracy

Endpoint
(agentless)

Great ability to automate investigation process and rule out false positives

efficiency

Efficiency

Alternates

SIEM, Sandbox and Endpoint don’t have the right visibility and are over-focused on malware and known-bad domains.

Why Now?

Because statistics show there is a 25-40% chance you will be breached this year. Every year. This isn’t something you can ignore and hope it will go away, and the damage is severe:

Average breach cost

$5.9 Million (US)
(Ponemon 2014 Study)

This really happens, to everyone, often:

57%

of companies had breach (they knew of) in last 2 years
(2015 ESG Survey)

47%

of companies had a breach that included lateral movement and data movement (i.e., it was serious!)
(2015 ESG Survey)

81%

of Hospitals and Health Insurance Companies had a breach in the last 2 years
(KPMG)

60%

of companies will discover a breach (Untold others will not discover it, til later….)
(Forrester)

52%

of media companies were breached in the last 2 years
(Newscycle Solutions)

73%

of organizations have suffered either an intentional or unintentional insider threat event
(B2B International)

US & UK Banks survey lists Cybercrime as top risk to profits

(above unfavorable economic conditions, increased regulation, or other areas that normally impact returns) (CSFI)

Why Not Just Hunt Malware?

Because it isn’t effective, and even if you get the attackers’ malware, you have NOT stopped the attacker. In fact, you’ve barely even slowed them down.

4percentOnly approximately 4 percent of all malware alerts are investigated (Ponemon Study)

17,000
On average, organizations receive almost 17,000 malware
alerts in a typical week.
(Ponemon Study)

two-thirds

 

of the time spent by security staff responding to malware alerts is wasted because of faulty intelligence. (Ponemon Study)

$1.27 million annually
It costs organizations an average of $1.27 million annually in time wasted
responding to erroneous or inaccurate malware alerts. (Ponemon Study)

And, cleaning up malware doesn’t even stop attackers!

LightCyber Security Bulletin
Eliminating malware barely inconvenienced targeted attacker!

download-bulletin

Mandiant 2014, 2015 Threat Report
** Verizon DBIR 2014