White. Paper. The Big Data Security Analytics Era Is Here. January 2013

Size: px
Start display at page:

Download "White. Paper. The Big Data Security Analytics Era Is Here. January 2013"

Transcription

1 White Paper The Big Data Security Analytics Era Is Here By Jon Oltsik, Senior Principal Analyst January 2013 This ESG White Paper was commissioned by RSA Security and is distributed under license from ESG by The Enterprise Strategy Group, Inc. All Rights Reserved

2 2 Contents Executive Summary... 3 The Obstacles to Improving Organizational Security Maturity... 3 Legacy Security Monitoring and Analytics Tools Are Also Holding Back Progress... 6 Enter the Big Data Security Analytics Era... 8 Big Data Security Analytics Technology Transformation... 9 CISOs Must Become Big Data Security Advocates The Bigger Truth All trademark names are property of their respective companies. Information contained in this publication has been obtained by sources The Enterprise Strategy Group (ESG) considers to be reliable but is not warranted by ESG. This publication may contain opinions of ESG, which are subject to change from time to time. This publication is copyrighted by The Enterprise Strategy Group, Inc. Any reproduction or redistribution of this publication, in whole or in part, whether in hard-copy format, electronically, or otherwise to persons not authorized to receive it, without the express consent of the Enterprise Strategy Group, Inc., is in violation of U.S. copyright law and will be subject to an action for civil damages and, if applicable, criminal prosecution. Should you have any questions, please contact ESG Client Relations at

3 3 Executive Summary A few years ago, ESG created a security management maturity model that outlined a progression through four phases of a security management program s evolution. The goal was to leverage ESG research to uncover success strategies and best practices, then use this information to help CISOs build a security management plan and prioritize the right activities in order to improve security and lower risk, while continuing to build the organization s security maturity. CISOs are certainly intent on evolving the maturity of their security management, but many organizations are facing unanticipated problems that are impeding their progress. CISOs face an insidious threat landscape and an avalanche of new technology initiatives that make security management increasingly difficult. Furthermore, enterprise organizations are finding it difficult to recruit and train new security professionals leaving them under- staffed and over- burdened. Taken together, new security risks and old security challenges often overwhelm legacy security controls and analytics tools. Large organizations can no longer rely on preventive security systems, point security tools, manual processes, and hardened configurations to protect them from targeted attacks and advanced malware. Henceforth, security management must be based upon continuous monitoring and data analysis for up- to- the- minute situational awareness and rapid data- driven security decisions. This means that large organizations have entered the era of big data security analytics. This white paper concludes that: Security and market trends are creating new security management hurdles. Over the past few years, CISOs have come face- to- face with three difficult and converging trends. First, they face an increasingly hazardous threat landscape full of stealthy malware, social engineering, and targeted attacks from well- funded and expert adversaries. Second, they have been called upon to secure new technology initiatives such as cloud computing, mobile devices, and server virtualization. Finally, they face a security skills shortage, making it difficult to recruit and hire new security talent. These obstacles are placing new demands on existing security staff, processes, and technologies. The existing security infrastructure is no longer adequate. At many enterprise organizations, security protection and analysis depends upon an army of independent signature- based point tools, network perimeter gateways, manual processes, and specialized skills. While this loose affiliation of security technologies may have been sufficient in years past, they are no match for the scale and scope of today s threats and overall security management requirements. IT is entering the era of big data security analytics. Risk management and prevention are critical but no longer enough. Moving forward, CISOs need real- time security intelligence and situational awareness to give them visibility into their security status at all layers of the technology stack and across the enterprise. Armed with this type of intelligence, security executives can then prioritize actions, adjust security controls, accelerate incident detection, and improve workflows around incident response. Taken together, these advances can improve security while lowering security operations costs. The Obstacles to Improving Organizational Security Maturity After studying the state of enterprise information security in 2011, ESG published a security management maturity model to provide some strategic guidance for CISOs (see Figure 1). At that time, ESG believed that most organizations were still in phase 2, thus focused on compliance and defense- in- depth, but were intent on proceeding to phase 3, risk- based security, as soon as possible.

4 4 Figure 1. The ESG Information Security Management Maturity Model Source: Enterprise Strategy Group, When this model was first published in 2011, ESG assumed that risk- based security would be well established by most organizations by early 2013, but this transition has proven to be more difficult than first anticipated. The delay is not due to a lack of effort by security teams. In fact, in the past couple of years, many CEOs and other non- security executives have become more involved in information security oversight and are regularly approving projects and increasing information security budgets. Unfortunately, the transition from phase 2 to 3 for most organizations has become more difficult than projected because of: The volume and sophistication of new threats. While day- to- day cyber threats continue to increase at an exponential rate, CISOs are most concerned over the rise of targeted and advanced malware enabled attacks such as Advanced Persistent Threats (APTs). This apprehension is well deserved. According to ESG research, 59% of enterprises are certain or fairly certain that they have been the target of an APT, while 30% of enterprises believe they are vulnerable to future APTs. 1 Detecting, analyzing, and remediating advanced threats adds additional requirements to the risk- based phase while forcing CISOs to simultaneously assess and dramatically improve their incident detection and response capabilities. Rapid IT changes. Risk- based security depends upon intimate knowledge of every IT asset deployed on the network. This type of understanding is especially difficult when IT is constantly engaged in rolling out new initiatives such as server/endpoint virtualization, cloud computing, mobile device support, and supporting BYOD programs. To make matters worse, many new IT initiatives are based upon immature technologies that are prone to security vulnerabilities, and may not play well with existing security policies, controls, or monitoring tools. For example, mobile devices like smartphones and tablet computers present a number of security management challenges around policy enforcement, sensitive data discovery/management, and malware/threat management (see Figure 2). 2 The continuous adoption of new technology initiatives adds uncertainty and complexity to security management. 1 Source: ESG Research Report, U.S. Advanced Persistent Threat Analysis, November Source: ESG Research Report, Security Management and Operations: Changes on the Horizon, July 2012.

5 5 Figure 2. Mobile Device Security Challenges With regard to mobile device security, which of the following presents the most significant security challenges for your organizapon? (Percent of respondents, N=315, mulpple responses accepted) Enforcing security policies for mobile devices 48% Lost/stolen mobile devices containing sensieve data 46% Sensieve data confideneality and integrity proteceon when accessed from or stored on mobile devices 46% Malware/threat management on mobile devices 41% Supporeng new device types 41% Creaeng security policies for mobile devices 40% Discovering mobile devices as they gain access to the network 30% 0% 10% 20% 30% 40% 50% 60% Source: Enterprise Strategy Group, A growing security skills shortage. In 2012, over half of all organizations planned to add headcount to their information security group and nearly one- quarter of all organizations (23%) indicated that they had a significant shortage of security skills. CISOs will likely find it extremely difficult to simply hire their way out of this problem ESG research indicates that 83% of enterprise organizations find it extremely difficult or somewhat difficult to recruit and hire security professionals. 3 Combined with routine day- to- day activities, the security market trends described above have led to numerous challenges in areas such as incident detection/response (see Figure 3). 4 For example, the overall security skills shortage has an impact on the security organization s incident detection/response capabilities because many enterprises lack the right staffing levels and skills. Malware volume and sophistication is forcing security analysts to sort through mountains of equally weighted, false positive alerts. In addition to staffing and skills issues, security analysts generally rely on too many manual processes in order to identify, scope, and remediate problems. 3 Source: Ibid. 4 Source: ESG Research Report, The Emerging Intersection Between Big Data and Security Analytics, November 2012.

6 6 Figure 3. Challenges with Incident Detection Which of the following challenges does your organizapon face when it comes to incident detecpon? (Percent of respondents, N=257, mulpple responses accepted) Lack of adequate staffing in security operaeons/ incident response team(s) Too many false posieve responses 35% 39% Incident deteceon depends upon too many manual processes Incident deteceon depends upon too many independent tools that aren t integrated together Sophisecated security events have become too hard to detect for us My organizaeon lacks the right level of security analysis skills needed Lack of adequate data colleceon/monitoring in one or more criecal area Lack of proper level of tuning of our SIEM and other security tools 29% 29% 28% 28% 28% 23% 0% 10% 20% 30% 40% 50% Source: Enterprise Strategy Group, What s most alarming here is that the challenges outlined in Figure 3 have a cumulative impact. Security departments are short- staffed and lack the right skills amongst the analysts they do have. Meanwhile, security analysts spend an inordinate amount of time sorting through false positives and working through manual processes, which wastes what little time they have. In aggregate, this situation is operationally inefficient, costly, and leaves many enterprise firms with an unacceptable level of risk. The CEO and CFO won t be pleased to learn that they spend more but are left with more risk. Legacy Security Monitoring and Analytics Tools Are Also Holding Back Progress In addition to skills challenges, false positives, and manual processes, it is also worth noting that 29% of enterprise organizations surveyed by ESG indicate that incident detection depends upon too many independent tools that aren t integrated together. 5 This security challenge is certainly understandable. Over the past ten years, enterprise IT security has grown incrementally more difficult because of new and unanticipated threats and vulnerabilities. As these changes occurred in the past, organizations typically upgraded their security products, purchased new signature- based threat management tools, created new rules for perimeter gateways, and increased their security analytics activities. Over time, this has led to a security infrastructure anchored by numerous disconnected point tools for incident detection/response. Tactically driven enterprise IT security has always suffered from operational inefficiencies, but even with this it provided reasonably adequate protection against threats such as general purpose malware, spam, and amateur hackers. Unfortunately, existing security systems, which are often perimeter and signature based, are no match for today s insidious threat landscape. This is especially true with regard to security analysis tools because: 5 Source: Ibid.

7 7 Security analytics tools can t keep up with today s data collection and processing needs. According to ESG research, 47% of enterprise organizations collect, process, and analyze more than 6 terabytes of security data on a monthly basis. Additionally, the majority of enterprises collect, process, store, and analyze more security data than they did two years ago (see Figure 4). 6 And this data remains online for longer periods of time. These trends will continue security- driven enterprises will regularly collect, process, and analyze petabytes of online security data for analysis, investigations, and modeling. Legacy Security Information and Event Management (SIEM) platforms are often based upon off- the- shelf SQL databases or proprietary data stores that simply can t scale for this type of data volume. As this happens, security analytics needs are hamstrung by basic technology limitations. This creates a Faustian compromise where security technology deficiencies ironically slow down incident detection/response, limit investigations, and increase IT risk. Figure 4. Growth in Amount of Data Collected for Information Security Activities How has the amount of data your organizapon collects to support its informapon security acpvipes changed in the last 2 years? (Percent of respondents, N=257) We collect about the same amount of data to support our informaeon security aceviees today as we did 2 years ago, 14% We collect substaneally more data to support our informaeon security aceviees today than we did 2 years ago, 43% We collect somewhat more data to support our informaeon security aceviees today than we did 2 years ago, 43% Source: Enterprise Strategy Group, Organizations need an enterprise- wide security purview. Security analytics point tools tend to provide monitoring and investigative capabilities against explicit types of threats (i.e., network threats, malware threats, application- layer threats, etc.) or specific IT infrastructure locations (i.e., data center, campus network, remote offices, host etc.). This forces CISOs to piece together an aggregated view of enterprise security through numerous tools, reports, and individual security personnel. This methodology is cumbersome, labor- intensive, and can t really provide an accurate picture of risk or an incident detection/response across networks, servers, operating systems, applications, databases, storage, and endpoint devices scattered throughout the enterprise. Existing security analysis tools depend excessively on customization and human intelligence. Enterprise security analysis is complex and requires specialized skills and strong experience. As stated previously however, these skills are in short supply even the most security- conscious enterprises are finding it 6 Source: Ibid.

8 8 difficult to continuously train their security staff or hire new recruits. Regrettably, it seems that many security analytic systems were designed to be used only by advanced security analysts who have the time and skills to constantly fine- tune and customize these tools, and who know exactly what to look for. Over- burdened security professionals desperately need security tools that provide more intelligence rather than more work. Analytics aren t integrated for automated incident response. For the most part, today s security analytics tools remain independent from security remediation systems. This often means that without automation, what is found isn t fixed quickly or reliably. Therefore, when an analyst detects a problem, she still must manually coordinate remediation activities and workflow with other security or IT operations personnel. Once again, this adds operational overhead and extends the timeframe needed for incident response which could mean the difference between a minor security event and a major breach. And this problem only gets worse when breach responses need to include non- IT organizations such as legal, HR, and business owners. Enter the Big Data Security Analytics Era At the beginning of WWI, Allied troops executed tactics used during the American Civil War overwhelm your enemy by advancing a large army rapidly. Unfortunately, this proved to be a costly mistake. Why? With the invention of the machine gun, these tactics resulted in massive loss of life rather than battlefield success. Technology advances like the machine gun force combatants to adopt new warfare strategies and tactics. This same lesson applies to the cybersecurity battlefield. As cyber criminals and state- sponsored adversaries advance their capabilities with targeted attacks, social engineering, stealthy malware, and application- layer exploits, enterprises have no choice but to adopt new strategies and defenses. ESG believes that these new requirements will result in an enterprise security technology transition over the next few years. Yes, organizations will continue to employ preventive tactics such as deploying servers in hardened configurations behind firewalls, removing unnecessary services and generic administrator accounts, scanning for known malware using signatures, and patching software vulnerabilities, but used alone these defensive techniques are not enough. To supplement these security practices, organizations will embrace new security analytics tools for continuous monitoring, investigations, risk management, and incident detection/response. Given the volume of security data collection, processing, storage, and analysis involved, security analytics is rapidly becoming a classic big data problem. In fact, ESG research indicates that 44% of enterprises consider security data collection and analysis big data today, while another 44% believe that security data collection and analysis will become big data within the next 24 months (see Figure 5). 7 7 Source: Ibid.

9 9 Figure 5. Security Data Collection and Analysis Considered Big Data Do you believe that security data collecpon and analysis would be considered big data at your organizapon? (Percent of respondents, N=257) No, security data colleceon and analysis is not considered big data within my organizaeon, 11% No, but based on my organizaeon s security strategy we will likely consider security data colleceon and analysis big data within the next 24 months, 14% Don t know, 2% Yes, security data colleceon and analysis would be considered big data within my organizaeon today, 44% No, but based on my organizaeon s security strategy we will likely consider security data colleceon and analysis big data within the next 12 months, 30% Source: Enterprise Strategy Group, To be clear, big data security analytics isn t a simple merger of events, logs, and network traffic in big data technologies such as Cassandra and Hadoop (although these underlying technologies may play a role in the technology infrastructure of a solution). To ESG, big data security is really about collecting and processing numerous internal and external security data sources, and analyzing this data immediately to gain real- time situational awareness across the enterprise. Once security data is analyzed, the next step is using this new intelligence as a baseline for adjusting security strategies, tactics, and systems, much faster than ever before. Big Data Security Analytics Technology Transformation Ultimately, the objective of big data security analytics is to provide a comprehensive and up- to- the- second view of IT activities so that security analysts and executives can make timely, data- driven decisions. From a technology perspective, this will require new security systems providing: Massive scale. Security analytics and forensics engines will need to efficiently collect, process, query, and apply analytic rules to terabytes or petabytes of data including logs, network packets, threat intelligence, asset information, sensitive data tracking, known vulnerabilities, application activities, and user behavior. This is why core big data technologies such as Hadoop, an open source software project for distributed processing of extremely large data sets across commodity servers, is a good fit for burgeoning security analytics requirements. Additionally, big data security analytics will likely be deployed in a distributed architecture, thus the underlying technology must be able to centralize analysis of massive volumes of distributed data while maintaining data integrity and providing for high- performance needs.

10 10 Enhanced intelligence. The best big data security analytics tools will act as intelligent advisors, leveraging models of normal behavior, adapting to new threat/vulnerability intelligence, and pinpointing anomalies at any layer of the technology stack that requires immediate investigation. To accomplish this, big data security analytics will offer a combination of templates, heuristics, statistical and behavior models, correlation rules, threat intelligence feeds, etc. Tight integration. To keep up with the constantly changing threat landscape, big data security analytics must interoperate with IT assets and leverage automated security intelligence. Beyond this, however, big data security analytics should be tightly integrated with security policy controls for tactical adjustments and automation. When security analytics point to unusual network traffic emanating from mobile devices, security analysts should be provided with specific change instructions to quarantine traffic flows and minimize risk. Ideally, security analytics systems can be used to automate remediation activities, a form of active defense, for routine changes or in emergency situations. Armed with a comprehensive real- time view of security situational awareness, big data security analytic systems will become the nexus for both risk management and incident detection/response. This includes specialized security activities such as regulatory compliance, security investigations, control tracking/reporting, and security performance metrics. CISOs Must Become Big Data Security Advocates Big data security analytics is no longer a visionary idea leading enterprises recognize that their immediate security requirements demand this type of solution. To proceed with big data security analytics planning and implementation, ESG suggests that CISOs: Address limitations with existing security infrastructure. Compare security analytics output with existing capabilities, processes, and requirements. Does your organization have blind spots? Is the organization conducting continuous monitoring or basing its security assessments on periodic (occasional) scans? Is the organization understaffed or lacking security analytics skills? How long does it take to detect, investigate, and respond to security incidents? Rather than deal with security analytics weaknesses piecemeal, develop a big data security analytics project plan that addresses critical areas through a phased approach. Remember to build processes and technologies that can serve as a foundation for all phases of the project. This should help deliver incremental value throughout. Shift investments from prevention to detection/remediation. Yes, it is still important to lock down IT assets to minimize risk, but CISOs must realize that despite these best practices, networks will be attacked, penetrated, and compromised. Savvy CISOs will capture incident detection/response metrics (i.e., time to discover a security incident, time to investigate and remediate a security incident, number of tools used, number of staff hours needed, etc.) before and after a big data security analytics implementation to measure ROI on security operations and risk management goals. Identify staffing deficiencies and knowledge gaps. As ESG research indicates, most organizations have security organizational problems around skills and headcount. In most cases, CISOs will not be able to hire and train their way out of this problem, so they need alternative strategies. ESG recommends that CISOs clearly identify areas of weakness at the genesis of their big data security analytics planning process. This will help them define their needs for security technology intelligence, external data feeds, and professional/managed security services to fill the gaps. Finally, big data security analytics is antithetical to today s typical security infrastructure, which is based upon point tools and limited scale. Impending enterprise security technology changes will likely resemble the business application transition in the 1990s when departmental applications were replaced with enterprise- class ERP software architectures. To avoid the potential pitfalls associated with this type of evolution, enterprises should seek out technology vendors with deep security experience, a portfolio of leading security analytics products, a strong big data security

11 11 analytics strategy, strong enterprise experience, complementary threat intelligence services, relationships with proven MSSPs, and security- focused professional services to help CISOs with planning, deployment, and ongoing big data security analytics management. Particularly with its recent product introduction of RSA Security Analytics, RSA Security is one of only a few security vendors who meet this profile. As such, enterprise CISOs would be well served to assess how RSA Security Analytics and related solutions and services align with their big data security analytics vision, strategy, and tactical plans and requirements.

12 12 The Bigger Truth Enhancing security management maturity is not a straight- line process and thus CISOs should expect peaks and valleys as they proceed on this journey. Based upon a few current market trends and ESG research data, it appears as though many organizations are stuck in a security management valley at present. In truth, security management maturity has reached a tipping point. To move forward, CISOs should conduct an honest assessment of their security technology infrastructure. Can it provide the necessary monitoring, investigative, and data analysis to support real- time security decisions? Can it collect, process, and analyze the volume of data needed to track security activities at all layers of the technology stack? Does it require unreasonable care and feeding? Regrettably, CISOs may find that they are spending a lot of money for poor incident detection, investigation, response, and workflow results. Given the sophistication of malware threats and cyber criminals, there are no silver bullets or easy answers here. What s needed more than anything is better visibility through improved data analysis more data, better security intelligence, real- time collection and correlation, etc. With real- time situational awareness, CISOs and their security analysts can adjust their tactics, prioritize activities, and accelerate processes. Ultimately, this should help enterprises improve security and lower costs. This alone should make big data security analytics exceptionally attractive to enterprise CISOs.

13 20 Asylum Street Milford, MA Tel: Fax: global.com

White. Paper. Rethinking Endpoint Security. February 2015

White. Paper. Rethinking Endpoint Security. February 2015 White Paper Rethinking Endpoint Security By Jon OItsik, Senior Principal Analyst With Kyle Prigmore, Associate Analyst February 2015 This ESG White Paper was commissioned by RSA Security and is distributed

More information

Utilizing Security Ratings for Enterprise IT Risk Mitigation Date: June 2014 Author: Jon Oltsik, Senior Principal Analyst

Utilizing Security Ratings for Enterprise IT Risk Mitigation Date: June 2014 Author: Jon Oltsik, Senior Principal Analyst ESG Brief Utilizing Security Ratings for Enterprise IT Risk Mitigation Date: June 2014 Author: Jon Oltsik, Senior Principal Analyst Abstract: What do large enterprises need in order to address increasingly

More information

Enterprise Organizations Need Contextual- security Analytics Date: October 2014 Author: Jon Oltsik, Senior Principal Analyst

Enterprise Organizations Need Contextual- security Analytics Date: October 2014 Author: Jon Oltsik, Senior Principal Analyst ESG Brief Enterprise Organizations Need Contextual- security Analytics Date: October 2014 Author: Jon Oltsik, Senior Principal Analyst Abstract: Large organizations have spent millions of dollars on security

More information

IBM: An Early Leader across the Big Data Security Analytics Continuum Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst

IBM: An Early Leader across the Big Data Security Analytics Continuum Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst ESG Brief IBM: An Early Leader across the Big Data Security Analytics Continuum Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: Many enterprise organizations claim that they already

More information

Virtual Patch Management Offers Automation, Availability, and Cost Benefits Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst

Virtual Patch Management Offers Automation, Availability, and Cost Benefits Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst ESG Brief Virtual Patch Management Offers Automation, Availability, and Cost Benefits Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: Timely patch management is a security best practice,

More information

Information-driven Security and RSA Security Analytics and RSA ECAT

Information-driven Security and RSA Security Analytics and RSA ECAT White Paper Information-driven Security and RSA Security Analytics and RSA ECAT By Jon Oltsik, Senior Principal Analyst September 2014 This ESG White Paper was commissioned by RSA, The Security Division

More information

Research Perspectives

Research Perspectives Research Perspectives Paper Network Security Operations and Cloud Computing By Jon Oltsik, Senior Principal Analyst April 2015 This ESG Research Perspectives Paper was commissioned by Tufin and is distributed

More information

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst ESG Brief Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: APTs first came on the scene in 2010, creating a wave

More information

The Growing Need for Real-time and Actionable Security Intelligence Date: February 2014 Author: Jon Oltsik, Senior Principal Analyst

The Growing Need for Real-time and Actionable Security Intelligence Date: February 2014 Author: Jon Oltsik, Senior Principal Analyst ESG Brief The Growing Need for Real-time and Actionable Security Intelligence Date: February 2014 Author: Jon Oltsik, Senior Principal Analyst Abstract: ESG data indicates that many enterprise organizations

More information

ESG Brief. Overview. 2014 by The Enterprise Strategy Group, Inc. All Rights Reserved.

ESG Brief. Overview. 2014 by The Enterprise Strategy Group, Inc. All Rights Reserved. ESG Brief Webroot Delivers Enterprise-Class Threat Intelligence to Security Technology Providers and Large Organizations Date: September 2014 Author: Jon Oltsik, Senior Principal Analyst; Kyle Prigmore,

More information

RSA Enterprise Compromise Assessment Tool (ECAT) Date: January 2014 Authors: Jon Oltsik, Senior Principal Analyst and Tony Palmer, Senior Lab Analyst

RSA Enterprise Compromise Assessment Tool (ECAT) Date: January 2014 Authors: Jon Oltsik, Senior Principal Analyst and Tony Palmer, Senior Lab Analyst ESG Lab Review RSA Enterprise Compromise Assessment Tool (ECAT) Date: January 2014 Authors: Jon Oltsik, Senior Principal Analyst and Tony Palmer, Senior Lab Analyst Abstract: This ESG Lab review documents

More information

Reducing the Critical Time from Incident Detection to Containment

Reducing the Critical Time from Incident Detection to Containment White Paper Reducing the Critical Time from Incident Detection to Containment By Jon Oltsik, Senior Principal Analyst May 2014 This ESG White Paper was commissioned by Bradford Networks and is distributed

More information

Data- centric Security: A New Information Security Perimeter Date: March 2015 Author: Jon Oltsik, Senior Principal Analyst

Data- centric Security: A New Information Security Perimeter Date: March 2015 Author: Jon Oltsik, Senior Principal Analyst ESG Solution Showcase Data- centric Security: A New Information Security Perimeter Date: March 2015 Author: Jon Oltsik, Senior Principal Analyst Abstract: Information security practices are in the midst

More information

The ESG Cybersecurity Maturity Model

The ESG Cybersecurity Maturity Model ESG Brief The ESG Cybersecurity Maturity Model Date: October 2014 Author: Jon Oltsik, Senior Principal Analyst Abstract: As part of its research, ESG regularly uses a scoring system to divide survey populations

More information

Security Intelligence: A Key Component of Big Data Security Analytics Date: December 2012 Author: Jon Oltsik, Senior Principal Analyst

Security Intelligence: A Key Component of Big Data Security Analytics Date: December 2012 Author: Jon Oltsik, Senior Principal Analyst ESG Brief Security Intelligence: A Key Component of Big Data Security Analytics Date: December 2012 Author: Jon Oltsik, Senior Principal Analyst Abstract: The intersection of big data and security analytics

More information

ProtectWise: Shifting Network Security to the Cloud Date: March 2015 Author: Tony Palmer, Senior Lab Analyst and Aviv Kaufmann, Lab Analyst

ProtectWise: Shifting Network Security to the Cloud Date: March 2015 Author: Tony Palmer, Senior Lab Analyst and Aviv Kaufmann, Lab Analyst ESG Lab Spotlight ProtectWise: Shifting Network Security to the Cloud Date: March 2015 Author: Tony Palmer, Senior Lab Analyst and Aviv Kaufmann, Lab Analyst Abstract: This ESG Lab Spotlight examines the

More information

White. Paper. Enterprises Need Hybrid SSO Solutions to Bridge Internal IT and SaaS. January 2013

White. Paper. Enterprises Need Hybrid SSO Solutions to Bridge Internal IT and SaaS. January 2013 White Paper Enterprises Need Hybrid SSO Solutions to Bridge Internal IT and SaaS By Jon Oltsik, Senior Principal Analyst January 2013 This ESG White Paper was commissioned by McAfee. and is distributed

More information

An Analytics-based Approach to Cybersecurity

An Analytics-based Approach to Cybersecurity ESG Solution Showcase An Analytics-based Approach to Cybersecurity Date: May 2015 Author: Jon Oltsik, Senior Principal Analyst Abstract: Since the Google Aurora incident announced in 2010, large organizations

More information

VMware and the Need for Cyber Supply Chain Security Assurance

VMware and the Need for Cyber Supply Chain Security Assurance White Paper VMware and the Need for Cyber Supply Chain Security Assurance By Jon Oltsik, Senior Principal Analyst September 2015 This ESG White Paper was commissioned by VMware and is distributed under

More information

Is your organization developing its own custom applications specifically for mobile devices? (Percent of respondents, N=242)

Is your organization developing its own custom applications specifically for mobile devices? (Percent of respondents, N=242) Solution Brief Check Point Capsule for Mobile Computing Security, Operations Efficiency, and Business Enablement Date: October 2014 Author: Jon Oltsik, Senior Principal Analyst; Kyle Prigmore, Research

More information

Continuous Network Monitoring

Continuous Network Monitoring Continuous Network Monitoring Eliminate periodic assessment processes that expose security and compliance programs to failure Continuous Network Monitoring Continuous network monitoring and assessment

More information

GETTING REAL ABOUT SECURITY MANAGEMENT AND "BIG DATA"

GETTING REAL ABOUT SECURITY MANAGEMENT AND BIG DATA GETTING REAL ABOUT SECURITY MANAGEMENT AND "BIG DATA" A Roadmap for "Big Data" in Security Analytics ESSENTIALS This paper examines: Escalating complexity of the security management environment, from threats

More information

White. Paper. The Modern Network Monitoring Mandate. April 2014

White. Paper. The Modern Network Monitoring Mandate. April 2014 White Paper The Modern Network Monitoring Mandate By Bob Laliberte, Senior Analyst April 2014 This ESG White Paper was commissioned by Emulex and is distributed under license from ESG. White Paper: The

More information

Compensating Security Controls for Windows Server 2003 Security

Compensating Security Controls for Windows Server 2003 Security ESG Solution Showcase Compensating Security Controls for Windows Server 2003 Security Date: May 2015 Author: Jon Oltsik, Senior Principal Analyst Abstract: It is common knowledge by now that Microsoft

More information

White. Paper. Understanding and Addressing APTs. September 2012

White. Paper. Understanding and Addressing APTs. September 2012 White Paper Understanding and Addressing APTs By Jon Oltsik, Senior Principal Analyst September 2012 This ESG White Paper was commissioned by Trend Micro and is distributed under license from ESG. 2012,

More information

RETHINKING CYBER SECURITY

RETHINKING CYBER SECURITY RETHINKING CYBER SECURITY Introduction Advanced Persistent Threats (APTs) and advanced malware have been plaguing IT professionals for over a decade. During that time, the traditional cyber security vendor

More information

White. Paper. Cloud Computing Demands Enterprise- class Password Management and Security. April 2013

White. Paper. Cloud Computing Demands Enterprise- class Password Management and Security. April 2013 White Paper Cloud Computing Demands Enterprise- class Password Management and Security By Jon Oltsik, Senior Principal Analyst April 2013 This ESG White Paper was commissioned by McAfee (a Division of

More information

Cisco Systems and the Migration from Network Access Control (NAC) to Endpoint Visualization, Access, and Security (EVAS)

Cisco Systems and the Migration from Network Access Control (NAC) to Endpoint Visualization, Access, and Security (EVAS) White Paper Cisco Systems and the Migration from Network Access Control (NAC) to Endpoint Visualization, Access, and Security (EVAS) By Jon Oltsik, Senior Principal Analyst October 2014 This ESG White

More information

This ESG White Paper was commissioned by Blue Coat and is distributed under license from ESG.

This ESG White Paper was commissioned by Blue Coat and is distributed under license from ESG. White Paper Network Encryption and its Impact on Enterprise Security By Jon Oltsik, Senior Principal Analyst February 2015 This ESG White Paper was commissioned by Blue Coat and is distributed under license

More information

Integrated Network Security Architecture: Threat-focused Nextgeneration

Integrated Network Security Architecture: Threat-focused Nextgeneration White Paper Integrated Network Security Architecture: Threat-focused Nextgeneration Firewall By Jon Oltsik, Senior Principal Analyst September 2014 This ESG White Paper was commissioned by Cisco Systems

More information

RETHINKING CYBER SECURITY

RETHINKING CYBER SECURITY RETHINKING CYBER SECURITY CHANGING THE BUSINESS CONVERSATION INTRODUCTION Advanced Persistent Threats (APTs) and advanced malware have been plaguing IT professionals for over a decade. During that time,

More information

Cybersecurity Skills Shortage: A State of Emergency

Cybersecurity Skills Shortage: A State of Emergency Enterprise Strategy Group Getting to the bigger truth. ESG Brief Cybersecurity Skills Shortage: A State of Emergency Date: February 2016 Author: Jon Oltsik, Principal Analyst, Doug Cahill, Senior Analyst,

More information

THE EVOLUTION OF SIEM

THE EVOLUTION OF SIEM THE EVOLUTION OF SIEM WHY IT IS CRITICAL TO MOVE BEYOND LOGS Despite increasing investments in security, breaches are still occurring at an alarming rate. 43% Traditional SIEMs have not evolved to meet

More information

Next-generation Security Architecture for the Enterprise

Next-generation Security Architecture for the Enterprise White Paper Next-generation Security Architecture for the Enterprise By Jon Oltsik, Senior Principal Analyst October 2014 This ESG White Paper was commissioned by Palo Alto Networks and is distributed

More information

The Benefits of an Integrated Approach to Security in the Cloud

The Benefits of an Integrated Approach to Security in the Cloud The Benefits of an Integrated Approach to Security in the Cloud Judith Hurwitz President and CEO Marcia Kaufman COO and Principal Analyst Daniel Kirsch Senior Analyst Sponsored by IBM Introduction The

More information

SANS Top 20 Critical Controls for Effective Cyber Defense

SANS Top 20 Critical Controls for Effective Cyber Defense WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a

More information

Overcoming Five Critical Cybersecurity Gaps

Overcoming Five Critical Cybersecurity Gaps Overcoming Five Critical Cybersecurity Gaps How Active Threat Protection Addresses the Problems that Security Technology Doesn t Solve An esentire White Paper Copyright 2015 esentire, Inc. All rights reserved.

More information

Market Research. Study. Database Security and Compliance Risks. December, 2009. By Jon Oltsik

Market Research. Study. Database Security and Compliance Risks. December, 2009. By Jon Oltsik Market Research Study Database Security and Compliance Risks By Jon Oltsik December, 2009 An ESG Market Research Study Sponsored by Application Security, Inc. 2009, Enterprise Strategy Group, Inc. All

More information

This ESG White Paper was commissioned by Zettaset and is distributed under license from ESG.

This ESG White Paper was commissioned by Zettaset and is distributed under license from ESG. White Paper Closing the Big Data Management and Security Gap By Nik Rouda, Senior Analyst October 2014 This ESG White Paper was commissioned by Zettaset and is distributed under license from ESG. 2 Contents

More information

Getting on the Road to SDN. Attacking DMZ Security Issues with Advanced Networking Solutions

Getting on the Road to SDN. Attacking DMZ Security Issues with Advanced Networking Solutions White Paper Getting on the Road to SDN Attacking DMZ Security Issues with Advanced Networking Solutions By Bob Laliberte, Senior Analyst March 2014 This ESG White Paper was commissioned by NEC and is distributed

More information

Intelligence Driven Security

Intelligence Driven Security Intelligence Driven Security RSA Advanced Cyber Defense Workshop Shane Harsch Senior Solutions Principal, RSA 1 Agenda Approach & Activities Operations Intelligence Infrastructure Reporting & Top Findings

More information

Cisco Security Optimization Service

Cisco Security Optimization Service Cisco Security Optimization Service Proactively strengthen your network to better respond to evolving security threats and planned and unplanned events. Service Overview Optimize Your Network for Borderless

More information

Advanced Cyber Threats Demand a New Privileged Account Security Model Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst

Advanced Cyber Threats Demand a New Privileged Account Security Model Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst ESG Brief Advanced Cyber Threats Demand a New Privileged Account Security Model Date: June 2013 Author: Jon Oltsik, Senior Principal Analyst Abstract: In spite of marginal progress, privileged accounts

More information

Advanced Threat Protection with Dell SecureWorks Security Services

Advanced Threat Protection with Dell SecureWorks Security Services Advanced Threat Protection with Dell SecureWorks Security Services Table of Contents Summary... 2 What are Advanced Threats?... 3 How do advanced threat actors operate?... 3 Addressing the Threat... 5

More information

North American Electric Reliability Corporation (NERC) Cyber Security Standard

North American Electric Reliability Corporation (NERC) Cyber Security Standard North American Electric Reliability Corporation (NERC) Cyber Security Standard Symantec Managed Security Services Support for CIP Compliance Overviewview The North American Electric Reliability Corporation

More information

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE Solution Brief SUMMARY New security threats demand a new approach to security management. Security teams need a security analytics architecture that can handle

More information

The Network Application Security Architecture Requirement

The Network Application Security Architecture Requirement White Paper The Network Application Security Architecture Requirement By Jon Oltsik March, 2011 This ESG White Paper was commissioned by Juniper Networks and is distributed under license from ESG. 2011,

More information

RSA Security Analytics

RSA Security Analytics RSA Security Analytics This is what SIEM was Meant to Be 1 The Original Intent of SIEM Single compliance & security interface Compliance yes, but security? Analyze & prioritize alerts across various sources

More information

Evolution Of Cyber Threats & Defense Approaches

Evolution Of Cyber Threats & Defense Approaches Evolution Of Cyber Threats & Defense Approaches Antony Abraham IT Architect, Information Security, State Farm Kevin McIntyre Tech Lead, Information Security, State Farm Agenda About State Farm Evolution

More information

Preempting Business Risk with RSA SIEM and CORE Security Predictive Security Intelligence Solutions

Preempting Business Risk with RSA SIEM and CORE Security Predictive Security Intelligence Solutions Preempting Business Risk with RSA SIEM and CORE Security Predictive Security Intelligence Solutions CORE Security +1 617.399-6980 info@coresecurity.com www.coresecurity.com blog.coresecurity.com Preempting

More information

Vulnerability Risk Management 2.0. Best Practices for Managing Risk in the New Digital War

Vulnerability Risk Management 2.0. Best Practices for Managing Risk in the New Digital War Vulnerability Risk Management 2.0 Best Practices for Managing Risk in the New Digital War In 2015, 17 new security vulnerabilities are identified every day. One nearly every 90 minutes. This consistent

More information

Endpoint Threat Detection without the Pain

Endpoint Threat Detection without the Pain WHITEPAPER Endpoint Threat Detection without the Pain Contents Motivated Adversaries, Too Many Alerts, Not Enough Actionable Information: Incident Response is Getting Harder... 1 A New Solution, with a

More information

The SentinelOne Endpoint Protection Platform

The SentinelOne Endpoint Protection Platform Enterprise Strategy Group Getting to the bigger truth. SOLUTION SHOWCASE The SentinelOne Endpoint Protection Platform Date: September 2015 Author: Jon Oltsik, Senior Principal Analyst; and Doug Cahill,

More information

IBM QRadar Security Intelligence April 2013

IBM QRadar Security Intelligence April 2013 IBM QRadar Security Intelligence April 2013 1 2012 IBM Corporation Today s Challenges 2 Organizations Need an Intelligent View into Their Security Posture 3 What is Security Intelligence? Security Intelligence

More information

White. Paper. Big Data Advisory Service. September, 2011

White. Paper. Big Data Advisory Service. September, 2011 White Paper Big Data Advisory Service By Julie Lockner& Tom Kornegay September, 2011 This ESG White Paper was commissioned by EMC Corporation and is distributed under license from ESG. 2011, Enterprise

More information

White. Paper. Endpoint Security Demands Defense-indepth and Advanced Analytics. November 2013

White. Paper. Endpoint Security Demands Defense-indepth and Advanced Analytics. November 2013 White Paper Endpoint Security Demands Defense-indepth and Advanced Analytics By Jon Oltsik, Senior Principal Analyst November 2013 This ESG White Paper was commissioned by Bit9 and is distributed under

More information

Full-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform

Full-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform Full-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform Solution Brief Full-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform Finding

More information

FIVE PRACTICAL STEPS

FIVE PRACTICAL STEPS WHITEPAPER FIVE PRACTICAL STEPS To Protecting Your Organization Against Breach How Security Intelligence & Reducing Information Risk Play Strategic Roles in Driving Your Business CEOs, CIOs, CTOs, AND

More information

IBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer

IBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer IBM Security QRadar SIEM & Fortinet / FortiAnalyzer Introducing new functionality for IBM QRadar Security Intelligence Platform: integration with Fortinet s firewalls and logs forwarded by FortiAnalyzer.

More information

White. Paper. Good Enough Email Security Is No Longer Good Enough. January 2013

White. Paper. Good Enough Email Security Is No Longer Good Enough. January 2013 White Paper Good Enough Email Security Is No Longer Good Enough By Jon Oltsik, Senior Principal Analyst January 2013 This ESG White Paper was commissioned by Trend Micro and is distributed under license

More information

Total year-over-year spending change in networking, 2009-2012. (Percent of respondents) 37% 36% 35% 37% 29% 26% 16% 13% 0% 20% 40% 60% 80%

Total year-over-year spending change in networking, 2009-2012. (Percent of respondents) 37% 36% 35% 37% 29% 26% 16% 13% 0% 20% 40% 60% 80% Research Brief 2012 Networking Spending Trends Date: March 2012 Author: Jon Oltsik, Senior Principal Analyst; Bob Laliberte, Senior Analyst; and Bill Lundell, Senior Research Analyst Abstract: According

More information

Addressing the Full Attack Continuum: Before, During, and After an Attack. It s Time for a New Security Model

Addressing the Full Attack Continuum: Before, During, and After an Attack. It s Time for a New Security Model White Paper Addressing the Full Attack Continuum: Before, During, and After an Attack It s Time for a New Security Model Today s threat landscape is nothing like that of just 10 years ago. Simple attacks

More information

CORE INSIGHT ENTERPRISE: CSO USE CASES FOR ENTERPRISE SECURITY TESTING AND MEASUREMENT

CORE INSIGHT ENTERPRISE: CSO USE CASES FOR ENTERPRISE SECURITY TESTING AND MEASUREMENT CORE INSIGHT ENTERPRISE: CSO USE CASES FOR ENTERPRISE SECURITY TESTING AND MEASUREMENT How advancements in automated security testing software empower organizations to continuously measure information

More information

WHITE PAPER Cloud-Based, Automated Breach Detection. The Seculert Platform

WHITE PAPER Cloud-Based, Automated Breach Detection. The Seculert Platform WHITE PAPER Cloud-Based, Automated Breach Detection The Seculert Platform Table of Contents Introduction 3 Automatic Traffic Log Analysis 4 Elastic Sandbox 5 Botnet Interception 7 Speed and Precision 9

More information

Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence

Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence Chris Poulin Security Strategist, IBM Reboot Privacy & Security Conference 2013 1 2012 IBM Corporation Securing

More information

Vulnerability Management

Vulnerability Management Vulnerability Management Buyer s Guide Buyer s Guide 01 Introduction 02 Key Components 03 Other Considerations About Rapid7 01 INTRODUCTION Exploiting weaknesses in browsers, operating systems and other

More information

Figure 1. Number of Successful Malware Attacks Suffered in the Last 24 Months

Figure 1. Number of Successful Malware Attacks Suffered in the Last 24 Months ESG Brief Strong Cyber Protection: Keeping Bad Stuff Out and Good Stuff In Date: November 2014 Author: Jon Oltsik, Senior Principal Analyst Abstract: Malicious activity and threats are growing in volume,

More information

White. Paper. EMC Isilon: A Scalable Storage Platform for Big Data. April 2014

White. Paper. EMC Isilon: A Scalable Storage Platform for Big Data. April 2014 White Paper EMC Isilon: A Scalable Storage Platform for Big Data By Nik Rouda, Senior Analyst and Terri McClure, Senior Analyst April 2014 This ESG White Paper was commissioned by EMC Isilon and is distributed

More information

Requirements When Considering a Next- Generation Firewall

Requirements When Considering a Next- Generation Firewall White Paper Requirements When Considering a Next- Generation Firewall What You Will Learn The checklist provided in this document details six must-have capabilities to look for when evaluating a nextgeneration

More information

Advanced SOC Design. Next Generation Security Operations. Shane Harsch Senior Solutions Principal, MBA GCED CISSP RSA

Advanced SOC Design. Next Generation Security Operations. Shane Harsch Senior Solutions Principal, MBA GCED CISSP RSA Advanced SOC Design Next Generation Security Operations Shane Harsch Senior Solutions Principal, MBA GCED CISSP RSA 1 ! Why/How security investments need to shift! Key functions of a Security Operations

More information

Advanced Threat Detection: Gain Network Visibility and Stop Malware

Advanced Threat Detection: Gain Network Visibility and Stop Malware White Paper Advanced Threat Detection: Gain Network Visibility and Stop Malware What You Will Learn The Cisco Cyber Threat Defense (CTD) solution brings visibility to all the points of your extended network,

More information

The Value of Vulnerability Management*

The Value of Vulnerability Management* The Value of Vulnerability Management* *ISACA/IIA Dallas Presented by: Robert Buchheit, Director Advisory Practice, Dallas Ricky Allen, Manager Advisory Practice, Houston *connectedthinking PwC Agenda

More information

BREACHES HAPPEN. BE PREPARED. F-SECURE RAPID DETECTION SERVICE

BREACHES HAPPEN. BE PREPARED. F-SECURE RAPID DETECTION SERVICE BREACHES HAPPEN. BE PREPARED. F-SECURE RAPID DETECTION SERVICE TAKE A HOLISTIC APPROACH TO CYBER SECURITY. Sophisticated corporate cyber attacks have become commonplace. They circumvent even the best-defended

More information

Threat Intelligence and Its Role Within Enterprise Cybersecurity Practices

Threat Intelligence and Its Role Within Enterprise Cybersecurity Practices Research Report Abstract: Threat Intelligence and Its Role Within Enterprise Cybersecurity Practices By Jon Oltsik, Senior Principal Analyst With Bill Lundell, Senior Research Analyst and Jennifer Gahm,

More information

Advanced Threats: The New World Order

Advanced Threats: The New World Order Advanced Threats: The New World Order Gary Lau Technology Consulting Manager Greater China gary.lau@rsa.com 1 Agenda Change of Threat Landscape and Business Impact Case Sharing Korean Incidents EMC CIRC

More information

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief RSA Solution Brief Streamlining Security Operations with Managing RSA the Lifecycle of Data Loss Prevention and Encryption RSA envision Keys with Solutions RSA Key Manager RSA Solution Brief 1 Who is asking

More information

White. Paper. The Rise of Network Functions Virtualization. Implications for I/O Strategies in Service Provider Environments.

White. Paper. The Rise of Network Functions Virtualization. Implications for I/O Strategies in Service Provider Environments. White Paper The Rise of Network Functions Virtualization Implications for I/O Strategies in Service Provider Environments By Bob Laliberte, Senior Analyst August 2014 This ESG White Paper was commissioned

More information

Rethinking Information Security for Advanced Threats. CEB Information Risk Leadership Council

Rethinking Information Security for Advanced Threats. CEB Information Risk Leadership Council Rethinking Information Security for Advanced Threats CEB Information Risk Leadership Council Advanced threats differ from conventional security threats along many dimensions, making them much more difficult

More information

Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness

Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness Wayne A. Wheeler The Aerospace Corporation GSAW 2015, Los Angeles, CA, March 2015 Agenda Emerging cyber

More information

Optimizing Network Vulnerability

Optimizing Network Vulnerability SOLUTION BRIEF Adding Real-World Exposure Awareness to Vulnerability and Risk Management Optimizing Network Vulnerability Management Using RedSeal november 2011 WHITE PAPER RedSeal Networks, Inc. 3965

More information

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored. It takes an average

More information

Trends in Private Cloud Infrastructure

Trends in Private Cloud Infrastructure Research Report Abstract: Trends in Private Cloud Infrastructure By Mark Bowker, Senior Analyst and Bill Lundell, Senior Research Analyst With Jennifer Gahm, Senior Project Manager April 2014 Introduction

More information

The Emergence of Security Business Intelligence: Risk

The Emergence of Security Business Intelligence: Risk The Emergence of Security Business Intelligence: Risk Management through Deep Analytics & Automation Mike Curtis Vice President of Technology Strategy December, 2011 Introduction As an industry we are

More information

Solving the CIO s Challenge For More Efficient and Resilient Business Technology Supply Chain Management

Solving the CIO s Challenge For More Efficient and Resilient Business Technology Supply Chain Management Solving the CIO s Challenge For More Efficient and Resilient Business Technology Supply Chain Management Created by the Institute for Robotic Process Automation in association with Enterprise Integration

More information

Concierge SIEM Reporting Overview

Concierge SIEM Reporting Overview Concierge SIEM Reporting Overview Table of Contents Introduction... 2 Inventory View... 3 Internal Traffic View (IP Flow Data)... 4 External Traffic View (HTTP, SSL and DNS)... 5 Risk View (IPS Alerts

More information

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Clone Systems Business Security Intelligence Properly Secure Every Business Network Executive Summary

More information

This ESG White Paper was commissioned by DH2i and is distributed under license from ESG.

This ESG White Paper was commissioned by DH2i and is distributed under license from ESG. White Paper Application Virtualization: An Opportunity for IT to do More with Much Less By Mark Bowker, Senior Analyst November 2012 This ESG White Paper was commissioned by DH2i and is distributed under

More information

To the best of your knowledge, does your organization currently utilize video surveillance at any of its locations? (Percent of respondents, N=302)

To the best of your knowledge, does your organization currently utilize video surveillance at any of its locations? (Percent of respondents, N=302) Research Brief Video Surveillance: Now on IT s Watch Date: December 2013 Author: Jon Oltsik, Senior Principal Analyst, Bill Lundell, Senior Research Analyst, and John McKnight, VP Research This ESG Research

More information

Payment Card Industry Data Security Standard

Payment Card Industry Data Security Standard Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security

More information

Detect & Investigate Threats. OVERVIEW

Detect & Investigate Threats. OVERVIEW Detect & Investigate Threats. OVERVIEW HIGHLIGHTS Introducing RSA Security Analytics, Providing: Security monitoring Incident investigation Compliance reporting Providing Big Data Security Analytics Enterprise-wide

More information

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to

More information

REPORT Perimeter Security Defenses. State of Perimeter Security Defenses, Time to Think Different?

REPORT Perimeter Security Defenses. State of Perimeter Security Defenses, Time to Think Different? REPORT Perimeter Security Defenses State of Perimeter Security Defenses, Time to Think Different? Table of Contents Introduction 3 Key Findings 4 Implications 6 REPORT State of Perimeter Security Defenses

More information

EMC s Enterprise Hadoop Solution. By Julie Lockner, Senior Analyst, and Terri McClure, Senior Analyst

EMC s Enterprise Hadoop Solution. By Julie Lockner, Senior Analyst, and Terri McClure, Senior Analyst White Paper EMC s Enterprise Hadoop Solution Isilon Scale-out NAS and Greenplum HD By Julie Lockner, Senior Analyst, and Terri McClure, Senior Analyst February 2012 This ESG White Paper was commissioned

More information

Increase insight. Reduce risk. Feel confident.

Increase insight. Reduce risk. Feel confident. Increase insight. Reduce risk. Feel confident. Define critical goals with enhanced visibility then enable security and compliance across your complex IT infrastructure. VIRTUALIZATION + CLOUD NETWORKING

More information

WHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY.

WHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY. WHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY. A guide for IT security from BIOS The Problem SME s, Enterprises and government agencies are under virtually constant attack today. There

More information

Combating a new generation of cybercriminal with in-depth security monitoring

Combating a new generation of cybercriminal with in-depth security monitoring Cybersecurity Services Combating a new generation of cybercriminal with in-depth security monitoring 1 st Advanced Data Analysis Security Operation Center The Challenge Don t leave your systems unmonitored.

More information

Operational Lessons from the RSA/EMC CIRC: People, Process, & Threat Intel

Operational Lessons from the RSA/EMC CIRC: People, Process, & Threat Intel Operational Lessons from the RSA/EMC CIRC: People, Process, & Threat Intel @Ben_Smith Ben Smith, CISSP Field CTO (US East), Security Portfolio A Security Maturity Path CONTROLS COMPLIANCE IT RISK BUSINESS

More information

Italy. EY s Global Information Security Survey 2013

Italy. EY s Global Information Security Survey 2013 Italy EY s Global Information Security Survey 2013 EY s Global Information Security Survey 2013 This year s survey our 16th edition captures the responses of 1,909 C-suite and senior level IT and information

More information

SITUATIONAL AWARENESS MITIGATE CYBERTHREATS

SITUATIONAL AWARENESS MITIGATE CYBERTHREATS Gaining the SITUATIONAL AWARENESS needed to MITIGATE CYBERTHREATS Industry Perspective EXECUTIVE SUMMARY To become more resilient against cyberthreats, agencies must improve visibility and understand events

More information

Accenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges

Accenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges Accenture Intelligent Security for the Digital Enterprise Archer s important role in solving today's pressing security challenges The opportunity to improve cyber security has never been greater 229 2,287

More information