APT Protection Via Data-Centric Security. Alan Kessler President and CEO Vormetric

Similar documents
Securing Sensitive Data within Amazon Web Services EC2 and EBS

With Great Power comes Great Responsibility: Managing Privileged Users

SECURING SENSITIVE DATA WITHIN AMAZON WEB SERVICES EC2 AND EBS

CONSIDERATIONS BEFORE MOVING TO THE CLOUD

Data-Centric Security vs. Database-Level Security

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

WHAT EVERY CEO, CIO AND CFO NEEDS TO KNOW ABOUT CYBER SECURITY.

End-user Security Analytics Strengthens Protection with ArcSight

Achieving SOX Compliance with Masergy Security Professional Services

Stay ahead of insiderthreats with predictive,intelligent security

Protecting Your Data, Intellectual Property, and Brand from Cyber Attacks

Advanced Cyber Threats in State and Local Government

Vormetric Data Security

Unified Security Anywhere SOX COMPLIANCE ACHIEVING SOX COMPLIANCE WITH MASERGY SECURITY PROFESSIONAL SERVICES

Protecting What Matters Most. Terry Ray Chief Product Strategist Trending Technologies Session 11

2015 VORMETRIC INSIDER THREAT REPORT

How To Protect Your Organization From Insider Threats

Mobile, Cloud, Advanced Threats: A Unified Approach to Security

Internet threats: steps to security for your small business

Teradata and Protegrity High-Value Protection for High-Value Data

McAfee Server Security

Computer Crime & Security Survey

What keep the CIO up at Night Managing Security Nightmares

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

Mitigating Server Breaches with Secure Computation. Yehuda Lindell Bar-Ilan University and Dyadic Security

BECAUSE DATA CAN T DEFEND ITSELF

Getting real about cyber threats: where are you headed?

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

Cybersecurity Report on Small Business: Study Shows Gap between Needs and Actions

Data Center security trends

Securing and protecting the organization s most sensitive data

CyberArk Privileged Threat Analytics. Solution Brief

21/12/2015 CLOUD ADOPTION TRENDS. Agenda. Cloud Adoption. Cloud Deployment Model. Public Cloud Usage

Mobile security and your EMR. Presented by: Shawn Tester & Allen Cornwall

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

How To Hack A Corporate Network

Cloud Data Security and the Insider Threat

I ve been breached! Now what?

As threat actors target various types of networks, companies with improperly configured network infrastructures risk the following repercussions:

Copyright 2013, Oracle and/or its affiliates. All rights reserved.

defending against advanced persistent threats: strategies for a new era of attacks agility made possible

External Supplier Control Requirements

BlackRidge Technology Transport Access Control: Overview

How Do Threat Actors Move Deeper Into Your Network?

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.

Security and Privacy

THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS. Junos WebApp Secure Junos Spotlight Secure

Cloud Data Security. Sol Cates

Appalachian Regional Commission Evaluation Report. Table of Contents. Results of Evaluation Areas for Improvement... 2

Anti-exploit tools: The next wave of enterprise security

應 用 SIEM 偵 測 與 預 防 APT 緩 攻 擊

CSG & Cyberoam Endpoint Data Protection. Ubiquitous USBs - Leaving Millions on the Table

Defending Against Data Beaches: Internal Controls for Cybersecurity

Effective Methods to Detect Current Security Threats

Fighting Advanced Threats

Secure Your Mobile Workplace

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

Top 10 Database. Misconfigurations.

How to Secure Your Environment

The Protection Mission a constant endeavor

Cybersecurity: Considerations for Internal Audit. IIA Atlanta Chapter Meeting January 9, 2015

How To Protect Data From Attack On A Computer System

The Hillstone and Trend Micro Joint Solution

How to Practice Safely in an era of Cybercrime and Privacy Fears

Malware isn t The only Threat on Your Endpoints

White Paper. Data Security. The Top Threat Facing Enterprises Today

MARKET OVERVIEW. March 29, 2005 Comprehensive Database Security Requires Native DBMS Features And Third-Party Tools.

The Key to Secure Online Financial Transactions

4 Ways an Information Security Analyst Improves Business Productivity

Effective Methods to Detect Current Security Threats

Top tips for improved network security

Cyber Security. John Leek Chief Strategist

Security Solution Architecture for VDI

Keystroke Encryption Technology Explained

Chairman Johnson, Ranking Member Carper, and Members of the committee:

RETHINKING CYBER SECURITY Changing the Business Conversation

INDUSTRY OVERVIEW: HEALTHCARE

CKAHU Symposium Cyber-Security

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord

Securing Sensitive Data

Student Tech Security Training. ITS Security Office

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into

2010 AICPA Top Technology Initiatives. About the Presenter. Agenda. Presenter: Dan Schroeder, CPA/CITP Habif, Arogeti, & Wynne, LLP

Brainloop Cloud Security

Cyber Security, Fraud and Corporate Account Takeovers LBA Bank Counsel Conference December 2014

The Oracle Mobile Security Suite: Secure Adoption of BYOD

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

CloudLink CypherX - A Defendection

Networking for Caribbean Development

EXPLORING ADVANCED THREATS

Extending Threat Protection and Control to Mobile Workers with Cloud-Based Security Services > White Paper

F G F O A A N N U A L C O N F E R E N C E

Anatomy of a Healthcare Data Breach

Threat landscape how are you getting attacked and what can you do better protect yourself and your e-commerce platform

Driving Company Security is Challenging. Centralized Management Makes it Simple.

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES

DATA BREACHES: WHEN COMPLIANCE IS NOT ENOUGH

Developing Secure Software in the Age of Advanced Persistent Threats

10 Smart Ideas for. Keeping Data Safe. From Hackers

Formulate A Database Security Strategy To Ensure Investments Will Actually Prevent Data Breaches And Satisfy Regulatory Requirements

Transcription:

APT Protection Via Data-Centric Security Alan Kessler President and CEO Vormetric

Protect What Matters APT Protection Via Data-Centric Security Alan Kessler President and CEO Vormetric

Data Breach Retrospective YouTube.com/VormetricInc

How Are We Doing? Perimeter is Failing 100% 94% 416 100% of victims have up-to-date antivirus software of breaches are reported by third parties median number of days advanced attackers are on the network before being detected of breaches Involved stolen credentials Source: mandiant.com/threat-landscape/

Data-Centric Security Is An Issue Global Compliance, Cloud Adoption, Big Data, Data Breaches GLOBAL COMPLIANCE Aggressive New Regulations CLOUD ADOPTION Enterprise Security #1 Inhibitor 1 BIG DATA Big Data is a Big Target APTs DATA BREACHES 98% Stolen Records From Large Orgs 2 1. Global State of Information Security Survey by PwC, CIO magazine, and CSO magazine October 2012 2. Verizon Data Breach Investigation Report March 2012

Data is the New Currency Your Mission: Protect What Matters In the underground market economy, data is money, and much like any other market economy, principles of supply and demand drive it. i Forrester Research, Inc. Measure the Effectiveness of Your Data Privacy Program - January 2013

Data is The Target Server Data = Biggest Target laptops Records Compromised Servers Servers <1% Records Compromised 94% 2012 DATA BREACH INVESTIGATION REPORT

Security Models Must Change Old Model Weak Against New Threats Advanced Persistent Threats APTs/New Threats Personal Information Signature-Based Known Old Threats / Old Model Intellectual Property Financial Data Anti-Virus Firewalls Advanced Malware Web Gateways Worms, Virus, Spyware, Bots One-Time Events Intrusion Prevention Systems

Security Models Must Change Old Model Weak Against New Threats OLD THREATS NEW THREATS Signature Behavioral Random Moves on ADVANCED PERSISTENT THREATS Targeted Patient One-Time Persistent

Data is the Target Protecting the Perimeter is Failing

Data is the Target Who is Targeting Your Data? Insider Threats Physical theft and Privileged user APTs (Advanced Persistent Threats) Compromise credentials Escalate privileges Gain access Steal data; low and slow Vormetric Solution Provides Data Firewall Access Policies Encryption/Key Management Security Intelligence @Vormetric #DataBreach @SocialTIS

Vormetric Solution Firewall Your Data Issue Data is exposed to the environment where it resides Vormetric Solution Vormetric Policy Firewall Rules Criteria and Effect-based # User Process Action Effects 1 oracle oracle_binaries any permit, apply key, decrypt 2 root admin_tools read permit, audit, view metadata only 3 any any any deny, audit, view nothing

Vormetric Solution Access Policies / Fine-grained Control Issue Controlling who sees what under what conditions Privileged insiders can have access to all server information Vormetric Solution Privileged users do their jobs but do not see sensitive information DBA Restrict access at the file level and above Restrict access and action by user, by process, time

Vormetric Solution Advanced Encryption/Key management Issue Controlling who sees what under what conditions Vormetric Solution Encryption Database Encryption Cloud Encryption Cloud Security Key Management Fills the gap of Key Management for TDE implementations Encrypt sensitive structured and unstructured data Tightly control access, and report on who accessed protected data

Vormetric Solution Security Intelligence Issue Audit and reporting access Vormetric Solution Security intelligence gleaned from file-level and user level access activity Alarm/Denial User Action Process performed Resource Time Reveal Unauthorized Access Attempts Identify Unusual Access Patterns

Data-Centric Security Must Include Transparent, Strong, Easy, Efficient Transparent Transparent to Business Process Transparent to Apps / Users Neutral Data Type Strong Firewall Your Data Protect Privileged User Access Restrict Users and Apps Easy Easy to Implement Easy to Manage Easy to Understand Efficient Minimal Performance Impact Rational SLAs Multiple Environments Perform

Protect What Matters APT Protection Via Data-Centric Security Alan Kessler President and CEO Vormetric

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information