Security Trends. The Case for Intelligence-Driven Security. Copyright 2013 EMC Corporation. All rights reserved.

Similar documents
Analytics, Big Data, & Threat Intelligence: How Security is Transforming

ECOMMERCE AND MERCHANT FRAUD PREVENTION

Security and Privacy

The session is about to commence. Please switch your phone to silent!

RSA Web Threat Detection

CUSTOMERS & CRIMINALS: USE WEB SESSION INTELLIGENCE TO DETECT WHO IS WHO ONLINE

INTELLIGENCE DRIVEN FRAUD PREVENTION

Rashmi Knowles Chief Security Architect EMEA

Accenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges

場 次 :C-3 公 司 名 稱 :RSA, The Security Division of EMC 主 題 : 如 何 應 用 網 路 封 包 分 析 對 付 資 安 威 脅 主 講 人 :Jerry.Huang@rsa.com Sr. Technology Consultant GCR

Security Analytics for Smart Grid

THE 2014 THREAT DETECTION CHECKLIST. Six ways to tell a criminal from a customer.

SECURITY MEETS BIG DATA. Achieve Effectiveness And Efficiency. Copyright 2012 EMC Corporation. All rights reserved.

Getting Ahead of Advanced Threats

Intelligence-Driven Security

IBM QRadar Security Intelligence April 2013

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

Advanced Threats: The New World Order

How To Manage Security On A Networked Computer System

RSA Security Anatomy of an Attack Lessons learned

Top 10 Anti-fraud Tips: The Cybersecurity Breach Aftermath

I D C A N A L Y S T C O N N E C T I O N

Developing Secure Software in the Age of Advanced Persistent Threats

SECURING IDENTITIES IN CONSUMER PORTALS

Jort Kollerie SonicWALL

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales

Prevent Malware attacks with F5 WebSafe and MobileSafe. Alfredo Vistola Security Solution Architect, EMEA

What s New in Security Analytics Be the Hunter.. Not the Hunted

Intelligence Driven Security

CYBER SECURITY INFORMATION SHARING & COLLABORATION

THE EVOLUTION OF SIEM

RSA Security Analytics

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

Advanced SOC Design. Next Generation Security Operations. Shane Harsch Senior Solutions Principal, MBA GCED CISSP RSA

RSA, The Security Division of EMC. Zamanta Anguiano Sales Manager RSA

Operational Lessons from the RSA/EMC CIRC: People, Process, & Threat Intel

Cloud Security:Threats & Mitgations

BIG DATA. Shaun McLagan General Manager, RSA Australia and New Zealand CHANGING THE REALM OF POSSIBILITY IN SECURITY

10 Things Every Web Application Firewall Should Provide Share this ebook

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Westcon Presentation on Security Innovation, Opportunity, and Compromise

IBM Security IBM Corporation IBM Corporation

By: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015

The Next Generation Security Operations Center

The Cloud App Visibility Blindspot

Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program

Impact of Cybersecurity Innovations in Key Sectors (Technical Insights)

FFIEC Supplemental Guidance to Authentication in an Internet Banking Environment. Robert Farmer Senior Technology Compliance Manager

The Trusted Front Door to the Cloud

BREAKING THE KILL CHAIN AN EARLY WARNING SYSTEM FOR ADVANCED THREAT

Blending Embedded Hardware OTP, SSO, and Out of Band Auth for Secure Cloud Access

Towards Threat Wisdom

Security Overview. BlackBerry Corporate Infrastructure

電 子 銀 行 風 險 - 認 證 與 核 實. Fraud Risk Management The Past and the Future 欺 詐 風 險 管 理 - 過 去 與 未 來

Security Issues in Cloud Computing

IBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer

Introducing IBM s Advanced Threat Protection Platform

Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

IMPROVING RISK VISIBILITY AND SECURITY POSTURE WITH IDENTITY INTELLIGENCE

Risk Analytics for Cyber Security

September 20, 2013 Senior IT Examiner Gene Lilienthal

Unified Cyber Security Monitoring and Management Framework By Vijay Bharti Happiest Minds, Security Services Practice

IT Security Risks & Trends

Ahead of the threat with Security Intelligence

應 用 SIEM 偵 測 與 預 防 APT 緩 攻 擊

Cloud and Critical Infrastructures how Cloud services are factored in from a risk perspective

Securing Remote Access in the Federal Government: Addressing the Needs for Telework and Continuity of Operations. RSA Solution Brief

Partner. Copyright 2011 EMC Corporation. All rights reserved.

Security Intelligence. Information Sharing Strategies Using Trusted Collaboration

The Cloud App Visibility Blind Spot

How To Create Situational Awareness

Security Operations. Key technologies for your Security Operations Center. Davide Veneziano - RSA Technology Consultant

Awareness, Risk Management and Response to Cybersecurity Threats and Vulnerabilities

After the Attack. The Transformation of EMC Security Operations

Joining Forces: Bringing Big Data to your Security Team

TOP INNOVATIONS FOR CYBERSECURITY

Trusted Geolocation in The Cloud Technical Demonstration

Global ediscovery Client Data Security. Managed technology for the global legal profession

The Emergence of Security Business Intelligence: Risk

Advanced Persistent Threats

QRadar SIEM and Zscaler Nanolog Streaming Service

Glasnost or Tyranny? You Can Have Secure and Open Networks!

Cybersecurity The role of Internal Audit

CIAB FINANCE & DISRUPTION

A Primer on Cyber Threat Intelligence

Marble & MobileIron Mobile App Risk Mitigation

Business white paper. Missioncritical. defense. Creating a coordinated response to application security attacks

Q1 Labs Corporate Overview

RSA Archer Risk Intelligence

Web Application Security. Radovan Gibala Senior Field Systems Engineer F5 Networks

Keyfort Cloud Services (KCS)

Authentication Strategy: Balancing Security and Convenience

Birst Security and Reliability

The Hillstone and Trend Micro Joint Solution

BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports

Discover & Investigate Advanced Threats. OVERVIEW

JUNIPER NETWORKS SPOTLIGHT SECURE THREAT INTELLIGENCE PLATFORM

Transcription:

Security Trends The Case for Intelligence-Driven Security 1

Attack Surface and Threat Environment ¼ ZETTABYTE 2 40-60? ZETTABYTES ZETTABYTES 2007 2013 2020 Digital Content 2

Attack Surface and Threat Environment Web Front Ended apps There s an app for that Big Data Apps Everywhere! Apps 2007 2013 2020 3

Attack Surface and Threat Environment Dawn of Smart phones Smartphone/tablet ubiquity Internet of things (not just PCs, not just mobile) 2007 2013 2020 Devices 4

Attack Surface and Threat Environment MySpace Focus on monetizing Total Commercialization of social media: absence of privacy 2007 2013 2020 Social Media 5

Attack Surface and Threat Environment 2007 2013 2020 Perimeter NO direct control over physical infrastructure 6

Attack Surface and Threat Environment Disruptive Destructive Attacks attacks 2007 2013 2020 Complex Intrusion Attacks Threats 7

Historic Security Model Reactive Perimeter based Static/Signature based Siloed 8

New Model Intelligence Driven Risk-based Dynamic/agile Contextual 9

Impediments to Change Budget Inertia: Reactive model Prevention 34% 70% Detection & Monitoring 20% 33% Response 10% 33% 10

Impediments to Change Budget Inertia Skilled personnel shortage Information sharing at scale Technology Maturity 11

Shift In Focus. Shift In Spend Prevention 80% Monitoring 15% Response 5% $ Prevention 34% Response 33% Monitoring 33% Control Compliance IT Risk Business Risk 12

IS WHERE SECURITY MEETS BIG DATA Intelligence-Driven Security SOC GRC Identity Anti-Fraud 13

BIG DATA FUELS INTELLIGENCE-DRIVEN SECURITY

Intelligence-Driven Security Risk-Based, Contextual, & Agile Risk Intelligence Thorough Understanding Of Risk To Prioritize Activity Adaptive Controls adjusted dynamically based on risk and threat level Advanced Analytics provide context and visibility to detect threats Information Sharing Actionable Intel From Trusted Sources & COIs 15

Identity Ensuring Trusted Interaction Between People, Application, & Data 1 Assess Risk 2 Take Action 16

Next-Generation Identity Auth. Manager 8.0 Adaptive Authentication Cloud Trust Authority Big Data Analytics Action Device Profile User Behavior Profile Geo Location Risk Engine Investigate Change/Block Access Step Up Authentication Two-Factor Out Of Band Txt Challenge Q s Fraud Network Proceed As Normal RSA efraud Network 17

Security Analytics RSA Security Analytics Platform RSA Archer GRC Suite Big Data Analytics Governance Network Packets Alerting & Reporting Compliance & Business Context Log Files IT Assets Information Assets Big Data Store Investigations Malware Analytics Visualization Data Leakage Incident Management & Workflow Active Defense & Remediation RSA Live 18

Fraud Prevention and Web Security Separating Customers from Criminals Fraud Action Silver Tail Adaptive Authentication Transaction Monitoring In the Wild Begin Session Login Transaction Logout Web Threat Landscape Advanced Malware (e.g. Trojans) Phishing Rogue Mobile App Site Scraping Vulnerability Probing Layer 7 DDoS Attacks Man in the Middle/Browser Password Cracking/Guessing Parameter Injection New Account Registration Fraud Account Takeover New Account Registration Fraud Promotion Abuse Unauthorized Account Activity Fraudulent Money Movement 19

Next-Generation Anti-Fraud & Web Security Silver Tail, Fraud Action, Adaptive Authentication, Transaction Monitoring Big Data Analytics Response Web Traffic Big Data Store Alerting & Reporting Investigations Fraud Analytics Compliance & Business Policy Adaptive Authentication Transaction Monitoring Visualization Active Defense RSA efraud Network + Fraud Action 20

Risk Management & Governance Threat Management Business Continuity Management IT Comfit Management Compliance Management Governance Compliance & Business Context Incident Management & Workflow Active Defense & Remediation Single egrc Platform 21

Summary Transformation of Infrastructure, Business and Threat Makes Traditional Security Less Relevant New Strategies Must be Based on Risk, Context and be Responsive To Rapidly Changing Environments Big Data, Analytics Can Be Leveraged to Create Intelligence-Driven Security Models that Meet These Needs 22

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information