Westcon Presentation on Security Innovation, Opportunity, and Compromise

Transcription

1 Westcon Presentation on Security Innovation, Opportunity, and Compromise Christian A. Christiansen Program Vice President IDC Security Products & Services

2 What s Happening with Threats? 1.5B 80% 33% $1.3M 2

3 Security Evolution Unites All Platforms 3rd Platform focus on User Experience (UX) vs. cost vs. shared risk across multiple platforms 2nd Platform focused on risk and cost across PCs and servers 1st Platform focused on risk-based access on centralized servers and terminals Source: IDC 3

4 Securing Four Pillars to Enable Innovation without Disruption Cloud Mobile Social Networks Big Data (Threat Intelligence) Early detection & mitigation of targeted, unknown attacks. Granular logging and policy enforcement of internal and external regulations. Predictive Privileged Access Management, Federated Identity, Multi-factor Authentication, Data Protection, & Vulnerability Assessment Strong Authentication, Data Protection, Web/Messaging SaaS, & SSO Data Loss prevention with data protection, global regulatory policy monitoring, & real-time policy enforcement & education Raw & analyzed threat feeds from multiple sources integrated with management consoles Proactive VPN, Single Sign- On, Encryption, & Strong Passwords Mobile Device Management Keyword-based monitoring & logging Network monitoring and SIEM Reactive Access control Device Password Acceptable Use Policy Signature-based detection 4

5 5

6 Future of Security Driven by Massive Change? Installed Base (M) 300 Worldwide Internet of Things Installed Base, (Billions) Internet of Things connected Internet of Things Worldwide Wearable Shipments (Millions) Complex Accessories Smart Accessories Smart Wearables Worldwide Smartphone Installed Base (Millions) Other Windows Phone ios BlackBerry Android 6

7 Worldwide Identity & Access Management Driven by Cloud and Mobile User Experience Source: IDC, Worldwide Identity and Access Management Forecast, , #259561

8 Worldwide Security as a Service Growing Rapidly & Overshadowing On-Premise Source: IDC, Worldwide Cloud Hosted Enterprise Security Services (Security as a Service) Forecast, , #257959

9 Worldwide DDoS Prevention Products and Services Opportunity Source: IDC, Worldwide DDoS Prevention Products and Services Forecast, , #259157

10 3 rd Platform Dynamics: Security is Always an Elastic Compromise User Experience (UX) Risk Cost 10

11 Cloud Security Gets Massive as Nested Clouds Spawn New Attack Surfaces 3 rd Platform Dynamics: Cost Savings Outweighing Risk Cost Risk Cloud UX Issues & Innovations Issues Low costs override risk, except for mission-critical SaaS & IaaS applications driven by time-to-market Shadow IT creates compliance risks & opportunities Innovations SaaS-based Web Security Gateways managed customers proliferating SaaS applications (e.g., Adallom, Elastica, BitGlass, CipherCloud, Netskope, SkyHigh) Cloud Service Providers (e.g., AWS and Microsoft Azure) selling security applications that minimize implementation 11

12 Mobile Security: Not Just Devices, but also Cloud, Social, and Analytics 3 rd Platform Dynamics: User Experience (UX) Trumps Cost, but Risk is a Sharply Rising Concern Cost Risk Cloud UX Issues & Innovations Issues More than MDM Web applications privacy Malware & payment fraud IoT Attack surface Social policy violation Innovations Analytics-driven protection SaaS-based Web security gateways Policy managed Sync&Share Quickly growing enterprise applications support 12

13 Analytics for Assessing Threat Intelligence and Securing Big Data 3 rd Platform Dynamics: Risk of Customer Data Exposure Is Balanced Against Cost Cost Risk Analytics UX Issues & Innovations Issues Social networks major source of reconnaissance for phishing No separation between personal and corporate social SEC & FTC taking action against disclosures Innovations Independent data collection and analysis Protection of Big Data Assets with Encryption, Tokenization, Access Rights, and Monitoring) 13

14 A single department or a business unit ORGANIZATIONAL IMPACT Multiple departments or business units Companywide IDC FutureScape: Where Will Customers Spend? Drivers for 2016 Security Spending 4 Data Breach Impact Corporate Responsibility 10 Supply Chain Risks 2 1. Biometric Authentication 2. Supply Chain Risks 3. Application Security 4. Specialized Threat Detection 7 9 Security Analytics SaaS Security Adoption as a Service EU Data Protection Regulations 6 Tracers & Tethers 8 Self-defending Applications 3 5. Insuring Against Risk 6. Security Analytics Services 7. Data Protection 8. Modern Security Architecture Biometric Authenticated Transactions 5 9. SaaS Security Services 10. Accountability Practices 1 Cyber Insurance Maturity Source: IDC FutureScape: Worldwide IT Security Products and Security Services 2015 Predictions Moving Toward Security Integration, # TIME (MONTHS) TO MAINSTREAM

15 Essential Guidance for Customers Anticipate that threats include increasing security & privacy regulations Investigate Cloud Security Gateways to Manage and Improve SaaS with SaaS Prepare for threat ecosystems that are more sophisticated, professional, well-funded, and collaborative than enterprises and governments 15

16 Conclusion : Hot Customer Topics that Drive Security Purchases Talent Quest: High Demand for Next Generation Business/IT Skills & Scarce Supply Drive Services Cloud, Mobile, & SaaS: Digital Identity Driven By Improving User Experience to Bring Shadow IT Back Into Compliance Service Shift: Managed Security Services Driven By Old Mismanaged Infrastructure & Increasing Failure to Handle More Frequent Attacks, Don t Trust the Trusted: Internal Security Driven Behavioral Analysis of Trusted Insiders IDC Visit us at IDC.com and follow us on 16

17 Christian Christiansen IDC Program Vice President , 17