Gabriel Coimbra Research & Consulting Director IDC Portugal. Lisboa, 29 de Janeiro

Transcription

1 IT Security Market Overview Gabriel Coimbra Research & Consulting Director IDC Portugal Lisboa, 29 de Janeiro

2 Agenda Market context IT Security context Security 1.0 vs Security 2.0 CSO Agenda IT Security market Conclusion 2

3 Market Context

4 The Expanding IT Realm IT $1.2 Trillion Telecom Services $1.3 Trillion VoIP Managed services IP TV 4

5 The Expanding IT Realm Business Services $1+ Trillion IT $1.2 Trillion Telecom Services $1.3 Trillion HR, payroll, supply chain, logistic services 5

6 The Expanding IT Realm Business Services $1+ Trillion Advertising Gaming Applications Music IT $1.2 Trillion Telecom Services $1.3 Trillion Content ~$1 Trillion 6

7 The Expanding IT Realm Business Services Expenses: >$1T CIO IT Mgt Budget: ~$2T Telecom Services Budget: $1.3T Content Spending: ~$1T 7

8 8

9 The Information Explosion Exabytes of Information Created WW 90% Unstructured 10X File Diversity 70% User Created 85% Corporate Liability 30% Outside Data Center

10 The CIO Domain Explosion Communicating Devices* WW (Millions) Automobiles Cameras Converged phones Games GPS Industrial Machines PDAs Toys and Appliances Etc. PCs and Servers * Excludes RFID and sensors 10

11 Security Context

12 IT Security context IT Security Security Hardware Security Software Security Services Hardware Authentication Biometrics Tokens Smart Cards Threat Management Security Appliances FW/VPN Unified (UTM) IDS and IPS SCM Consulting Implementation Operations Education and Training Other 12

13 IT Security context Security Services Consulting Implementation Operations Education and Training Security Strategy and Planning Assessment Compliance Audit Architecture Analysis and Review IR and Forensics Design Managed Security Instructor-Led Services Training i HW and SW Procurement Integration of Security Architecture Performance Testing Transition/ Migration Hosted Security Services Technology- Based Training Text-Based Training Knowledge Transfer 13

14 IT Security context Security Software Identity and Access Management (IAM) Security Compliance and Vulnerability Management (SVM) Secure Content and Threat Management (SCTM) Other Security Software Advanced Authentication Web SSO Host SSO Legacy Authorization User Provisioning Directory Services Sec. Info and Event Network Endpoint Messaging Web Security Management Security Security Security Vulnerability Enterprise Endpoint (IPC) Mail Server Assessment URL Filtering Firewall Antivirus Intrusion Client Antivirus Antispam Policy and Network Prevention Compliance Intrusion Firewall/VPN Personnal Messaging Prevention Firewall Information Patching and Gateway Protection and Remediation Network Antivirus Client Control (IPC) Antivirus Antispyware Security Sys and Gateway Secure Host Intrusion Configuration Network Antispyware Prevention Management Access Control (NAC) USB Security Forensics Endpoint Encryption Encryption Toolkits File Encryption Database Encryption Wireless Security Others... Network Access Control (NAC) 14

15 Today: Current Situation ti 15

16 Current Threat Environment How would you rate the items below on the threat each poses to your company s enterprise network security? (Scale: 5 = significant threat; 1 = no threat) Trojans, viruses, worms, and other malicious code Spyware 45% 50% 50% 57% SPAM Employee error (unintentional) 35% 39% 39% 47% Application vulnerabilities 31% 37% Data stolen by employee or business partner 22% 37% Hackers 37% 36% Source: IDC s Enterprise Security Survey 2006 Top 2 boxes (rating of 4 or 5) 16

17 Current Internal v. External Threats Q: Do you believe that the most serious threats to your company's enterprise IT infrastructure originate from internal or external sources? 60% 50% 40% 30% 20% 10% 0% Small Medium Large Very large External sources Internal sources About even Source: IDC s Enterprise Security Survey

18 Tomorrow s Situation 18

19 Future Security Challenges How would you rate the items below on the threat each poses to your company s enterprise network security? (Scale: 5 = significant threat; 1 = no threat) Employees following security policy 44% 52% Increasing sophistication of attacks Business executives following security policy 33% 44% 51% 49% Security budget too small Increasing complexity of security solutions Increasing volume and complexity of network traffic 40% 38% 39% 36% 39% 33% Mobile clients 27% 37% Source: IDC s Enterprise Security Survey 2006 Top 2 boxes (rating of 4 or 5) 19

20 Security 1.0

21 Threat is Pervasive Threat IT Security Policy Asset 21

22 Security 2.0

23 Modern Enterprises are Elastic -Ubiquity for employees -Always connected borderless networks IT 23

24 Laptops and Mobile Devices Gain Installed Base Source: IDC,

25 What's on the Agenda for CSOs? (And What Will Drive the Market for the Next Three Years)

26 CSO Agenda, Process Compliance and risk assessment/management Information protection and control Security process (incident reaction) 2- People User escort Endpoint protection IAM 3 - Technology Best of breed Mixing vendors Refocus on real security 26

27 Process Global security strategy: compliance and risk assessment/management Information protection and control (controlling information circulation, fighting against data leakage): IPC solution for data at rest, data in use, data in motion - Key issue: data qualification? Internal rules? Security incident response: business continuity (storage, mirroring, acceptable downtime) Identity management process (provisioning, deprovisioning): resource, service 27

28 People Weak point is device: endpoint protection End user brings security breaches (misuse, criminal issues ): insider threat management, event correlation engines, forensic collection Identity and access management: if endpoint is the weak point, user access must be controlled. 28

29 Technology Malware protection: antimalware software Next-generation threat (Web-based attacks, identity abuse ): software and services vendors How to identify and react fast to incidents (or before the incidents). Need of a SOC (Security Operation Center)? Form factor reshaping: software, hardware, or service 29

30 CSO Agenda, IT security policy: strong compliance driver - Identity and access management global policy - Endpoint protection - Information protection and control IT security operations (spendings, TCO, and ROI) - Best technology for best price (unified threat appliances?) - Resource refocus on value-added mission (SaaS?) 30

31 IT Security Market

32 Security Revenues Growth 35% IT Security Market in Portugal UTM Appliances Explosion Annual Growth Rate 30% 25% 20% 15% 10% Shift to SaaS Hardware Software Services 5% Source: IDC,

33 Security Revenues IT Security Market in Portugal 80 Milhões de Euros Hardware Software Services Source: IDC,

34 Conclusion

35 Conclusion Traditional IT security over-protects the wrong assets, overreacts to the unexpected and over-spends on almost everything. IDC believes the risk management that applies security resources appropriately while maximizing business agility is the correct approach to the IT Security. Instead looking to IT security as a reflection, it should integrate compliance, risk assessment and business continuity dynamics into every process and application. In IDC vision, It s the only way to contain security spending while managing the risks of doing business in a connected world and mobility environment. 35

36 Questões? Gabriel Coimbra Research & Consulting Director IDC Portugal Av.António A Serpa, 36 9º andar Lisboa Portugal Tel: Mob: Fax: gcoimbra@idc.com