![Page 1: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/1.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.
Fighting a different battle than
conventional cybersecurity companies
3rd April / IP Expo Manchester
Malware, Security Analytics, and
Cybersecurity in 2019
Your data. Our mission.
![Page 2: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/2.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.2
Category creator
6,350 customers globally (Sep 2018)
NASDAQ: VRNS
Built by world-class cybersecurity
experts (not through acquisitions)
About Varonis
![Page 3: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/3.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.3
Security Analytics Compliance &
ClassificationData Protection
Data Security Platform
![Page 4: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/4.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.
The Modern State
of Insecurity
![Page 5: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/5.jpg)
![Page 6: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/6.jpg)
“Forensic investigators hired to assess the breach retraced the route of
the truck to determine whether they could locate the drives along this
route, but were unable to find any trace of them.”
![Page 7: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/7.jpg)
![Page 8: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/8.jpg)
![Page 9: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/9.jpg)
Hacked: 2012Leaked: 2016
Hacked: 2012Leaked: 2016
Hacked: 2014Leaked: 2017
Hacked: 2013Leaked: 2017
![Page 10: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/10.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.10
“
”Using SIEM for Targeted Attack Detection
Oliver Rochford & Kelly M. Kavanagh
Organizations are failing at early breach detection, with fewer than
20% of breaches detected internally.
![Page 11: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/11.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.11
34%
21%
had at least 1,000
sensitive files opened to
every employee
have over 100,000
sensitive folders opened
to every employee
of folders contain
stale data
Statistics from
over 130
organizations
41%
58%
76%
of folders are opened to
global group access
of user accounts are
enabled but inactive
of companies have over
1,000 stale, sensitive files74%
The state of unstructured data
The 2018 Global Data Risk Report captures findings of Data Risk Assessments performed on 130 organisations—a representative sample from many industry segments and sizes.
![Page 12: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/12.jpg)
TheData Security
Money Pit
![Page 13: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/13.jpg)
cyber
innovation
enablement
matrix
cyber
![Page 14: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/14.jpg)
![Page 15: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/15.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.15
Billions spent on data security products, and yet…
62% have no idea where their most sensitive data resides.
do not audit all use of customer data and analyze it for abuse.
60% do not restrict data access using a least privilege model.
64%
![Page 16: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/16.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.
Who’s watching the data?
![Page 17: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/17.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.17
“
”
When was the last time your million dollar SIEM told you about
an attack in progress?
![Page 18: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/18.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.
3 Common Pitfalls
![Page 19: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/19.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.19
1. There are a lot of logs.
![Page 20: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/20.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.20
“Throw it all into the SIEM. We’ll make sense of it later!”
![Page 21: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/21.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.21
2. Even after the logs are
adequately parsed, they
lack context.
![Page 22: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/22.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.22
“
”Gartner, Summer of SIEM 2017 Coming…, Anton Chuvakin
During research, the majority of SIEM providers told Gartner that the mass of
their installed base (approximately 85%) is not using advanced threat detection or
analytics features today.
![Page 23: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/23.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.23
3. Can’t answer: “Is our data
safe?”
![Page 24: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/24.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.
What if we start with the data?
![Page 25: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/25.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.25
Who is accessing, modifying, moving,
deleting files and emails?
Which data is exposed to too many people?
Who has access to files, folders, mailboxes?
Which files contain critical information?
Which data isn’t being used?
Who owns data and how do I get them
involved?
Am I alerted when data is lost, stolen, or
misused?
How “dark” is the data?
Windows Sharepoint
NAS
Exchange Unix/Linux
Office 365
Directory Services
Azure AD
![Page 26: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/26.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.26
Context about users, systems, and data – together
Permissions
Users & Groups
ContentClassification Access Activity
PerimeterTelemetry
METADATA COLLECTION
Proxy VPN DNS
Windows Sharepoint
NAS
Exchange Unix/Linux
Office 365
Directory Services
Azure AD
![Page 27: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/27.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.27
PermissionsUsers & Groups
ContentClassification
Access Activity
PerimeterTelemetry
Data Security Platform
COLLECTION AND
ANALYTICS
AUTOMATION
PERIMETER DEVICES
Windows Exchange
SharePoint
Office 365
NASUnix/Linux
Directory
Services
Remediation
Access Management
Migration
Alert Response
Disposition
ENTERPRISE DATA STORES AND INFRASTRUCTURE
USE CASES
Threat Detection
Data Classification
Access Governance
Risk Reduction
Regulatory Compliance
Commit changes back to data stores and directory services
VPNProxy DNS
![Page 28: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/28.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.28
![Page 29: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/29.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.29
![Page 30: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/30.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.30
Real World Example
![Page 31: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/31.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.31
Anatomy of the Modern
Breach
![Page 32: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/32.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.32
Infiltration & Privilege
Escalation
![Page 33: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/33.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.33
Here’s an attacker trying to guess user names and passwords, going low and slow to evade detection.
Eventually, the attacker guesses the right password, and we see a successful login after an unusual sequence of failures
![Page 34: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/34.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.34
We see the attacker start to map the network with DNS, looking for data stores
![Page 35: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/35.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.35
We see the compromised account access devices not associated with that account, and an unusual amount of devices being accessed
![Page 36: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/36.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.36
The attacker performs a pass-the-ticket attack
![Page 37: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/37.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.
What’s the target?
![Page 38: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/38.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.38
34%
21%
had at least 1,000
sensitive files opened to
every employee
have over 100,000
sensitive folders opened
to every employee
of folders contain
stale data
Statistics from
over 130
organizations
41%
58%
76%
of folders are opened to
global group access
of user accounts are
enabled but inactive
of companies have over
1,000 stale, sensitive files74%
Remember me?
The 2018 Global Data Risk Report captures findings of Data Risk Assessments performed on 130 organisations—a representative sample from many industry segments and sizes.
![Page 39: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/39.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.39
He uses a service account to access sensitive data and other people’s mailboxes
![Page 40: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/40.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.40
Last, the attacker uploads the data or tunnels it out via DNS
![Page 41: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/41.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.42
Get a Free Data Risk Assessment
No obligation
Zero impact on your systems
Extremely actionable
Concrete steps to prioritize and fix
major security and compliance
risks
Getting started is as easy as
having a conversation
![Page 42: Malware, Security Analytics, and Cybersecurity in 2019...Malware, Security Analytics, and Cybersecurity in 2019 Your data. Our mission. 2 VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL](https://reader034.vdocument.in/reader034/viewer/2022050314/5f770be44ff08e22706c39a9/html5/thumbnails/42.jpg)
VARONIS SYSTEMS. PROPRIETARY & CONFIDENTIAL.
Thank You
Name
Position