Copyright © 2015 Raytheon Company. All rights reserved.

A New Era of Cybersecurity

Neil Mohammed, Sales Engineer

R|W Market Advantages

Strong Financial Backing Accelerated Innovation Increased Breadth and Depth

– Full spectrum of security solutions that span the full life cycle of advanced external attacks

– Sophisticated insider theft controls

Greater Integration– Tighter security unified across networks, the cloud, endpoints and mobile

devices– Higher value through less hardware, fewer consoles, and lower training

requirements

Learning from History

Recent Failures–General Dynamics

–Boeing

Commercial and Federal are Different

Separation must be at the Highest Level

Product Synergy Must Make Sense

Types of Merges/Acquisitions

Horizontal

Conglomerate

Vertical

ThreatScope™ Sandbox Technology

• Applies ACE analytics– Infection process– post-infection activity

• Track infected system activity– System level events/behavior/changes– Processes, registries, files, etc.

• Communication monitoring– Connection type, method, etc.

ThreatScope Reporting

SureView® Threat Protection

7

■ Detection framework encompasses static, behavioral, heuristic, signature-based, file context, metadata and machine learning methods

■ Proprietary hypervisor technology thwarts attacker attempts to evade virtual machines

■ Enhanced visibility with advanced endpoint capabilities

■ Detection and Prevention modes of operation

■ Extensible detection framework to quickly integrate proprietary and third-party solutions

Capabilities and Differentiators

Threat Sandbox detects zero-day attacks across web, email, and endpoints

SureView® Threat ProtectionMalware (Email) Infection Detection

8

1. Email platform receives email with attachment

2. Email platform queries SureView Threat Protection platform in real-time to determine whether or not email attachment contains malware

3. SureView Threat Protection platform runs file through multiple malware detection algorithms, including sandboxing and machine learning

4. If presence of malware is determined, SureView Threat Protection platform can block the email in real-time

5. Analyst receives malware alert in Web UI

Use Case: Malware Detected from Email Attachment

Sandbox Roadmap

Beyond Feature/Function

1

Visibility is at the Crux of the Issue

1

The digital revolution has obfuscated visibility

Organizations cannot manage threats they cannot see

Capabilities and Differentiators

SureView® Insider Threat

13

■ Comprehensive user activity monitoring across all channels at endpoint

■ DVR-like playback forensics capabilities

■ Easy-to-author and flexible policy creation capabilities with pre-packaged policy packs

■ Easy aggregation of external data and integration of third-party and custom analytics

■ Proven scalability and performance based on deployment at some of the largest environments

■ Built-in privacy protectionComplete visibility into and context around end user activity and behavior

1

SureView® Insider Threat Management Controls

Access based on role, business needs, and authorization

■ Segregation of Collected Data

■ Robust Operator Auditing

■ Role-based Access

■ Chain of Custody Features

■ Non-technical Oversight

■ Integration with 3rd party enterprise tools such as ePO and various SIEM’s

■ -ArcSight, Splunk, etc.

AUDITED ACTIVITY AUDIT RECORD

‐ SAP code names‐ fingerprinted text  

• File write to removable media• File contains sensitive data

• Date/Time, Username, Workstation• Offending Device• Action: Capture File• Action: <email> Security Staff• Action: <forward> ArcSight

SureView® Policy-Driven Auditing

Specify what to audit / what should be in the audit record Specify what not to collect

Ex: “Do not collect email to/from chaplain@unit.army.mil”

Leverage simple “If/Then” statements Enable Multiple Stakeholders

US DoD Image

1

1

Return on Investment

Source: The Total Economic Impact of Raytheon’s SureView. Forrester, 2014

Forrester Research recently completed a study entitled, “The Total Economic Impact of Raytheon’s SureView.”

117

Intuitive User Experience

17Provides end-to-end visibility, context, and protection across enterprise

Web EmailDLPUser Behavior Forensics

APT Protection

Secure Network Segmentation

Server Security

Copyright © 2015 Raytheon Company. All rights reserved.

The Focus

© 2015 Websense, Inc. Proprietary and Confidential.

BUSINESS

CUSTOMERS

MONEY$

IDEAS

GOODS &SERVICES DATADATADATA

© 2015 Websense, Inc.

20174.25 million

20132.25 million

CYBERSECURITY SKILLS GAP CONTINUES TO GROWMarket indicators show the need for as many as 4.25 million security professionals by 2017, representing the potential for a 47% shortage in qualified personnel.

2013 (ISC)2 Global Information Workforce Study = 250,000 security professionals

© 2015 Websense, Inc. Proprietary and Confidential.

APTs

Botnets

Zero-day

Exploits

Spear-phishing

SandboxingReal-time Analytics

Application Controls

Threat Intelligence

Forensics

DLP

DATA THEFT PREVENTION

© 2015 Websense, Inc. Proprietary and Confidential.

OUTBOUND ACTIVITYDATA

© 2015 Websense, Inc. Proprietary and Confidential.

For rapidly changing technologyand threat landscapes.1

DEPLOY ADAPTIVE SECURITY

For in the cloud data and applicationsas well as off-premise workers.2

PROTECT EVERYWHERE

For more skilled security professionalsand more risk aware employees.3

RAISE THE SECURITY IQ

Analytics takes Center Stage

Understand and Prioritize• Discover more about an entity that you know about (reactive/prevent)• Investigate to understand patterns, find anomalies (proactive/detect)

ENTER A NEW ERA OF CYBERSECURITY

WHILE INNOVATING & GROWING IN THIS AGE OF DISRUPTIVE CHANGE.

WE ENABLE ORGANIZATIONS TO PREVENT DATA THEFT

Questions?

A Layered Approach for the New Normal

Real World Example….COMPANYA

COMPANY C

COMPANY B

No DirectAttack Vector