Hi [[ session.user.profile.firstName ]]

2020 Mandiant Security Effectiveness Report Findings

2020 Mandiant Security Effectiveness Report Findings: A deep dive into cyber reality

Join our webinar to understand why a majority of tested attacks successfully infiltrate enterprise environments without detection – and why security validation is so critical.

The Mandiant Security Effectiveness Report 2020 takes a deep dive look into cybersecurity performance across network, email, endpoint, and cloud-based security controls – and confirms the prevailing concern: security controls are not performing as expected. Alarmingly, thousands of tests performed by experts from the Mandiant Security Validation (previously known as Verodin) team show that for 53% of the environments tested, attacks were successful in bypassing controls without knowledge. This points to the need for continuous validation of security effectiveness based on four fundamental components.

Register for our upcoming webinar to learn about the fundamentals of security validation and gain the knowledge to answer questions such as:

- Do I have confidence in the effectiveness of my security controls?
- Can I quickly assess the relevance of threat intelligence or exposure to the latest attack?
- Am I stopping data leakage and protecting data integrity?
- How can I simplify and standardize my security stack?
- Do I have evidence to support communicating key metrics to executives?

Register Now to Reserve Your Seat!
Recorded May 19 2020 60 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Matt Hartley SVP Mandiant Strategy for FireEye Mandiant & Devon Goforth Sr Dir Security Instrumentation for FireEye Mandiant
Presentation preview: 2020 Mandiant Security Effectiveness Report Findings

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • A Global Reset: Cyber Security Predictions 2021 | Expert Roundtable Recorded: Nov 9 2020 45 mins
    FireEye Mandiant Expert Panel
    A Global Reset: Predictions for the Future of Cyber Security | Roundtable Discussion

    The year 2020 has been an unprecedented time of change and has shaped up in a way that nobody could have expected. This year’s activities continue to alter the future course of cyber security, making it even more important to ensure that we better prepare ourselves for what’s to come.

    On Monday, November 9th at 12 p.m./3 p.m. ET, join our expert panel as they share cyber trends and challenges in 2021. During the webinar, our experts will touch on various topics discussed in our upcoming report, A Global Reset: Predictions for the Future Cyber Security, including:
    • How remote work will evolve and affect organizations operationally
    • Insights into how threat actors will leverage the pandemic in their attacks
    • The growing need for intelligence-led security validation
    • The future state of cloud security
    • Nation-state activity and changing TTPs
    • How ransomware has pivoted from business risk to a national security risk

    Expert Panel:
    • Dave Baumgartner, CIO, FireEye (Moderator)
    • Maj. Gen. Earl Matthews, VP of Strategy, Mandiant Security Validation
    • Martin Holste, Cloud CTO, FireEye
    • John Hultquist, Sr. Director, Mandiant Threat Intelligence

    Please also check out our FireEye Cyber Summit 2020 for more interesting sessions: https://www.fireeye.com/company/events/cyber-summit-2020.html

    Register Now!
  • Cyber Summit 2020 | Spotlight on Financial Services Recorded: Nov 9 2020 91 mins
    Mandiant Solution Experts
    Session Agenda:

    - 10:30 a.m. PT - Intro to Financial Services Spotlight

    - 10:31 a.m. - 11:02 a.m. PT - Navigating Today's Cyber Challenges- David Wong, VP, Mandiant Consulting joined by expert panelist, Holly Ridgeway - EVP, Chief Security Officer, Citizens Bank and Tim Hillyard - AVP, Cyber Security Threat and Response, Voya Financial

    - 11:02 a.m. - 11:27 a.m. PT -Key Threats to Financial Services Today - John Miller, Director, Mandiant Threat Intelligence

    - 11:27 a.m. - 11:46 a.m. PT - Improve Your Cybersecurity to Protect Against FIN11 - Ursula Cowen, Threat Research Analyst, Mandiant Security Validation and Andy Moore, Sr. Technical Analyst, Mandiant Threat Intelligence

    - 11:46 a.m. - 12:01 p.m. PT - Spotlight on Financial Services: Live Q&A

    For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html
  • Cyber Summit 2020 | Cloud and Enterprise Security Recorded: Nov 9 2020 72 mins
    Martin Holste, Cloud CTO; Lisun Kung, Sr. Director; Phil Montgomery, SVP, FireEye; Steve Ledzian, CTO, APAC, FireEye
    Session Agenda:

    -9:15 a.m. - 9:40 a.m. - Take Control of Your Cloud Environments - Martin Holste, Cloud CTO, FireEye and Lisun Kung, Sr. Director, Cloudvisory, FireEye

    -9:40 a.m. - 10:01 a.m. - FireEye Products: A Complete Solution Working Together - Phil Montgomery, Sr. VP, Product Marketing, FireEye

    -10:01 a.m. - 10:24 a.m. - Detection and Response: Pioneered by FireEye - Steve Ledzian, CTO, APAC, FireEye

    To check out the full event program, please visit https://www.fireeye.com/company/events/cyber-summit-2020.html
  • Cyber Summit 2020 | From the Front Lines Recorded: Nov 9 2020 70 mins
    Sandra Joyce, EVP, Mandiant Threat Intel; Charles Carmakal SVP and CTO, Mandiant; Chris Key, EVP, Mandiant Solutions
    Session agenda:

    - 8:00 a.m. PT. - Welcome and intro

    - 8:02 a.m. -8:22 a.m. PT - New Ransomware Trends: A Threat Evolves - Sandra Joyce, EVP and Head of Mandiant Threat Intelligence

    - 8:22 a.m. - 8:49 a.m. PT - Preparing for Disruptive Intrusions: Mitigating the Risk of Data Theft, Ransomware, Public Shaming and Extortion - Charles Carmakal, Sr. VP and Mandiant Strategic Services CTO

    - 8:49 a.m. - 9:07 a.m. PT - Mandiant Advantage: Achieving Focused Business Outcomes through Threat Intelligence and Validation - Chris Key, EVP of Products, Mandiant Solutions

    For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html
  • Augment and Automate Threat Intelligence Into Your Environment Recorded: Nov 9 2020 18 mins
    Joshua Bass, Senior Manager Product Management, Mandiant Security Validation
    The need to improve how companies prove security effectiveness in today’s business climate is clear: attacks are on the rise, targets are expanding, adversaries are more motivated, and their tactics are increasingly insidious.

    Now, more than ever, organizations need access to emerging threat data as it happens. Security leaders need to be able to provide proof to their organization that these threats cannot and will not breach their defenses by being able to prioritize the threats that matter to them now and take action.

    This session will show how relevant and emerging threat data combined with controls validation technology provides insight into what is most important to test against and what to prioritize based on the knowledge of who and what might be targeting an organization or industry. Through this approach to security validation, security leaders can provide evidence to C-level leadership and give them confidence that controls are working as they should against threats and adversaries delivering expected value and maintaining the organization’s accepted level of risk.

    For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html
  • Validate Security Performance to Rationalize Investments Recorded: Nov 9 2020 19 mins
    Major General Earl Matthews, VP of Strategy for Mandiant Security Validation
    In the first half of the last decade, the rule of thumb for cyber security spending was roughly 3-4% of a total IT budget. By the end of that decade, average security spending had risen by 300%. Today, the typical organization uses 30-70 security tools, and spending in this area has gone through the roof. With so many controls deployed, there is often duplication. But without reliable evidence of security controls performance, it’s impossible to know where overlap exists or where technology is not delivering intended value so leaders can reliably remove unneeded controls without increasing risk.

    With increasing pressure on boards of directors and CEOs to provide evidence that business assets are protected from the fallout of a potential breach, the need to justify security investments is now a key performance metric.

    General Earl Matthews will discuss how to align a cyber security program with desired business outcomes, including cost-cutting demands, and teach attendees how to rationalize cyber security investments and prove their value to the C-suite. Attendees will learn a proven methodology to financially rationalize cyber security investments through security validation.

    For the full Cyber Summit 2020 event program, please visit: https://www.fireeye.com/company/events/cyber-summit-2020.html
  • How Continuous Validation Helps Protect the Supply Chain Recorded: Sep 22 2020 59 mins
    Matt Shelton, Director, Technology Risk and Threat Intelligence, FireEye
    The Expanding Attack Surface: How Continuous Validation Helps Protect the Supply Chain

    Organizations are increasingly using third party providers to manage critical components of their infrastructure. The introduction of cloud services, managed service providers, and Software-as-a-Service (SaaS) has increased the size of an organization’s attack surface. A breach of proprietary and confidential information is just as impactful coming from the supply chain as it is from an organization’s infrastructure. Join Matt Shelton, Director, Technology Risk and Threat Intelligence, as he explains how intelligence-led validation can help tighten controls and reduce risk. In this webinar:

    -Hear about the realities of today’s threat landscape, sophisticated attackers and the implications on managing your security stack and processes
    -Learn how threat intelligence helps you take decisive action
    -Find out how continuous validation helps you understand the true measure of your security
    -Get insights into an actual use case where a company’s supply chain was breached to see how intelligence-led validation could have helped prevent it

    Register Now
  • Validating Helix Recorded: Jul 14 2020 52 mins
    Steve Lodin, Sr Director of Cybersecurity Operations for Sallie Mae & Brian Contos, VP, Technology Innovation for Mandiant
    Sallie Mae Sr. Director of Cybersecurity Operations Steve Lodin returns to the podcast to share his experiences introducing and maintaining cloud-based SIEM to existing infrastructure. He and Brian discuss the technicalities of transferring a mid-size financial organization to the cloud.
  • Validate Security Performance to Rationalize Investments Recorded: Jun 11 2020 52 mins
    General Earl Matthews, VP of Strategy for Mandiant Security Validation
    Security assumptions do not equal security effectiveness. With increasing pressure on boards of directors and CEOs to provide evidence that business assets are protected from the fallout of a potential breach, the need to justify security investments is now a key performance metric. Only through security validation and continual measurement of security effectiveness across technology, people and processes can you rationalize cyber security investments and prove value to the C-suite.

    In this session, led by General Earl Matthews, VP of Strategy for Mandiant Security Validation, you can learn:

    - Best practices for investment prioritization when it comes to hiring, training and security solution procurement
    - How security validation testing can identify areas of overlap in capabilities, inefficiencies in product expectations, and gaps in overall security posture, and help you optimize performance and value
    - Steps to take to strengthen your security posture and minimize cyber risk in order to protect your brand reputation and economic value
  • Measure, improve & optimize your cybersecurity with Mandiant Security Validation Recorded: Jun 9 2020 54 mins
    Lluis Coma, EMEA Consulting Sales Engineer, FireEye
    Mandiant Security Validation allows you to accurately assess a company's security posture. We help our clients take a proactive approach to identifying and mitigating risks due to incorrect configurations, inefficiencies in products, and / or established security processes.

    Register for the webinar and find out how Mandiant Security Validation enables you to:

    • Evaluate your security posture in order to prioritize investments;
    • Optimize the configuration of your technologies to maximize the return on investment;
    • Compare your security with market standards such as MITRE ATT&CK Framework and others;
    • Test the correct operation of your DLP-type tools;
    • Measure the security of your security processes in the CLOUD;
    • Validate the correct operation of your Endpoint tools;
    • Confirm network segmentation in IT / OT / SCADA environments.

    The results can be extremely interesting for managers of SOCs, CISOs and for the Board of Directors.
  • Security Validation - what is it and how can it improve security effectiveness? Recorded: Jun 9 2020 61 mins
    Mike Batten - VP Sales Engineering EMEA, FireEye
    In order to stay ahead of an evolving threat landscape, security teams must continuously improve their processes and technology. But even with their investments, security professionals still need answers to pressing questions:

    -Who are the attackers that target my industry and what techniques do they use?
    -Which alerts matter most and how do I respond?
    -Are my tools, controls, processes working as expected?
    -Where should I focus improvement efforts?

    Join Mike Batten, VP Sales Engineering EMEA, for our upcoming webinar to:

    -Learn how cyber threat intelligence can inform which attackers target your industry and understand the techniques they employ
    -Find out how continuous validation can pinpoint where you have gaps so you can target improvements where they are needed
    -Understand how validation technology powered by relevant intelligence can generate proof of effectiveness and reduce risk
    -View the results of a recent security effectiveness report, spanning the production environments of multiple industries and enterprises

    Register Now!
  • An Intelligence Driven Approach to Security Validation Recorded: Jun 9 2020 56 mins
    Shashwath Hegde, Solutions Architect, APAC
    A recent SANS study showed that while organizations used threat intelligence to hypothesize where attackers may be found, they lack the investigative skills to conduct searches. This continues to be a growing problem in the cyber security industry as organizations struggle to justify the high-cost of their defences.
    We make significant investments to justify our methods of stopping evil. However, we rarely spend time in measuring our methods or investments. Instead, we rely on assumptions to guide our decisions and justify our judgements. In this session, we will explore real world data and dive deep into the performance of cybersecurity controls across enterprise networks; from email, endpoint, network to cloud-based controls and examine some alarming results. As organizations continue to struggle to justify the high-cost of their defences, Security Validation provides a solution to validate, consolidate, recoup and maximize the value from existing investments.
  • FireEye Chat | Front and Center: How to Empower. Evolve. Defend. Recorded: Jun 5 2020 28 mins
    Vasu Jakkal CMO; Major General Earl Matthews VP, Strategy, Mandiant Security Validation; Martin Holste Cloud CTO
    Cyber attackers never rest, but neither does FireEye. In our upcoming Virtual Summit on June 9-11, industry professionals will showcase best practices, research and strategies to empower organizations to evolve their cyber security solutions and better defend against attackers.

    In this latest episode of the quarterly talk show FireEye Chat, we dive deeper into two topics from the virtual summit: security effectiveness and cloud security. Watch now to hear from our experts who are front and center from their homes as they tackle these common questions:

    • How secure are you? And can we be sure we’re protected against the evolving threat landscape?
    • Are your cyber security products effective and working the way they should?
    • Do you know how to be secure in the cloud?
    • What should you consider when moving to the cloud?
  • 2020 Mandiant Security Effectiveness Report Findings Recorded: May 19 2020 60 mins
    Matt Hartley SVP Mandiant Strategy for FireEye Mandiant & Devon Goforth Sr Dir Security Instrumentation for FireEye Mandiant
    2020 Mandiant Security Effectiveness Report Findings: A deep dive into cyber reality

    Join our webinar to understand why a majority of tested attacks successfully infiltrate enterprise environments without detection – and why security validation is so critical.

    The Mandiant Security Effectiveness Report 2020 takes a deep dive look into cybersecurity performance across network, email, endpoint, and cloud-based security controls – and confirms the prevailing concern: security controls are not performing as expected. Alarmingly, thousands of tests performed by experts from the Mandiant Security Validation (previously known as Verodin) team show that for 53% of the environments tested, attacks were successful in bypassing controls without knowledge. This points to the need for continuous validation of security effectiveness based on four fundamental components.

    Register for our upcoming webinar to learn about the fundamentals of security validation and gain the knowledge to answer questions such as:

    - Do I have confidence in the effectiveness of my security controls?
    - Can I quickly assess the relevance of threat intelligence or exposure to the latest attack?
    - Am I stopping data leakage and protecting data integrity?
    - How can I simplify and standardize my security stack?
    - Do I have evidence to support communicating key metrics to executives?

    Register Now to Reserve Your Seat!
  • Validating Security Effectiveness with an Evidence-based Approach Recorded: May 14 2020 52 mins
    Brian Contos, VP Technology Innovation| FireEye Mandiant & Jeff Vinson, CISO & VP |Harris Health System
    Cybersecurity spending must be tied to business relevance - protecting business continuity, protecting critical assets, rationalizing investments, and demonstrating compliance with regulatory mandates. This is accomplished through an effective security validation program that utilizes automation and an intelligence-driven approach to mitigate risk, optimize controls, and communicate value.

    Join Brian Contos, VP Technology Innovation| FireEye Mandiant and Jeff Vinson, CISO & VP |Harris Health System as they discuss how Mandiant Security Validation (formerly Verodin) helps organizations automate real-time monitoring by leverage an intelligence-driven methodology to maximize the value and mitigate risk.

    In the session they will discuss:
    >> Delivering value for security teams and executives
    >> Leveraging automation, real-time monitoring and input from threat intelligence and incident response for an effective security program
    >> Managing the impacts of COVID-19 on your security team

    Register Now to Reserve Your Seat!
  • Security Effectiveness Strategies Recorded: May 13 2020 59 mins
    Major General Earl Matthews, VP of Strategy, Mandiant Security Validation& Jeff Compton, Global Head, Mandiant Threat Intel
    Security Effectiveness Strategies: How to Validate and Improve Your Security Posture

    To stay ahead of an evolving threat landscape, security teams must continuously improve their processes and technology. But even with their investments, security professionals still need answers to pressing questions:
    -Who are the attackers that target my industry and what techniques do they use?
    -Which alerts matter most and how do I respond?
    -Are my tools, controls, processes working as expected?
    -Where should I focus improvement efforts?

    Join Major General Earl Matthews USAF (Ret), VP of Strategy, Mandiant Solutions and Jeff Compton, Senior Manager, Global Head of Intelligence Consulting, FireEye Mandiant Threat Intelligence for our upcoming webinar to:

    -Learn how cyber threat intelligence can inform which attackers target your industry and understand the techniques they employ
    -Find out how continuous validation can pinpoint where you have gaps so you can target improvements where they are needed
    -Understand how validation technology powered by relevant intelligence can generate proof of effectiveness and reduce risk

    Register Now
  • 5 Steps to Security Validation Recorded: Apr 27 2020 61 mins
    Major General Earl Matthews (USAF)
    Organizations have been managing security based on assumptions, hopes and best guesses for decades. We assume our technology will detect, block and send alerts, we hope our incident response techniques will be efficient and effective when under assault, and we believe that our security teams are well trained and practiced when everything goes wrong. These assumptions result in financial and operational inefficiencies, defensive regression and an inability to determine if we are investing in the right areas to communicate the state of our security effectiveness to stakeholders.

    Join this webinar to hear from Retired Major General Earl Matthews (USAF), as he discusses:

    • How to move beyond assumptions with automated and continuous security controls validation
    • Identify and measure vulnerability gaps
    • Manage and suggest remediation steps by arming security practitioners with meaningful evidence
    • Validate an organization's ability to defend itself by using real adversary behaviors

    Save your seat today!
  • Instrumenting Cloud Security to Validate Critical Controls Recorded: Apr 1 2020 60 mins
    Kimberly Underwood, Senior Editor | SIGNAL Media; Major General Earl Matthews, USAF (Ret), CSO | Verodin, now part of FireEye
    More and more organizations and government agencies are increasing the implementation of on-premises and public cloud infrastructure. Now that networks and workloads are more dynamic, moving across on-prem, edge, and multi-cloud environments, they are also more vulnerable. Most security issues – cloud and otherwise – happen because security professionals often do not have the means to confirm controls and strategies such as segmentation, are operating as intended.

    Security Instrumentation offers a way for security practitioners to continuously measure, manage and optimize cybersecurity effectiveness. One key to improving security in the cloud is continuous environmental drift validation – being able to validate that changes in cloud network layers and security controls do not have an unforeseen or negative impact on security.

    Join this webinar to learn how a proactive, repeatable and measurable approach with Security Instrumentation, can enable your organization to identify risks in your security controls before a breach occurs and orchestrate the processes needed to optimize defenses.
  • Building and Managing an Effective Security Operations Program Recorded: Mar 25 2020 60 mins
    Sara Peters, Senior Editor | Dark Reading & Colby DeRodeff, CTO | Verodin
    Whether you have a full-blown security operations center (SOC) or just a single security person, there are some functions that every organization must execute in order to keep their most sensitive data safe. In this instructive keynote address, top SOC experts discuss some of the key capabilities required for security operations, as well as essential tools, people, and practices for building out the security operations function in your organization.
  • The Case for Continuous Security Validation and Why it Matters to You Recorded: Feb 25 2020 29 mins
    Earl Matthews, Chief Strategy Officer, Verodin & Nathan Wenzler, Chief Security Strategist, Tenable
    Organizations make significant investments to ensure protection of critical assets, yet without data-driven evidence demonstrating security performance, companies operate on assumptions. This could put them at high risk of an attack.

    Until now, there was no way to prove and confidently report on which security controls were working and which were not. Yet the market has shifted to one in which Boards of Directors, CEOs, and leaders are demanding verifiable proof that their organizations are protected against the evolving threat landscape.

    Security validation enables organizations to achieve optimal cybersecurity performance by validating the effectiveness of people, processes and technology through ongoing assessment, optimization and rationalization. As a result, companies minimize cyber risk across the entire business while protecting their reputation and economic value.

    Join this exclusive video interview with Earl Matthews, Chief Strategy Officer at Verodin to learn more about:
    - What security validation is and how it is different from breach and attack simulation
    - Why is security validation so important now, in 2020
    - The security risk with cloud migration
    - How does cyber risk translate to real dollars
Insight on validating the effectiveness of cybersecurity controls
Mandiant Security Validation (formerly Verodin), has made it possible for organizations to validate the effectiveness of cyber security controls, thereby protecting their reputation and economic value. By measuring and testing security environments against both known and newly discovered threats, organizations can identify risks in security controls before a breach occurs and permits companies to rapidly adapt their defenses to the evolving threat landscape.
Cybersecurity experts from around the globe share experiences about their journey to increase security effectiveness.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: 2020 Mandiant Security Effectiveness Report Findings
  • Live at: May 19 2020 6:00 pm
  • Presented by: Matt Hartley SVP Mandiant Strategy for FireEye Mandiant & Devon Goforth Sr Dir Security Instrumentation for FireEye Mandiant
  • From:
Your email has been sent.
or close