The X-Factor in Data-Centric Security. Webinar, Tuesday July 14 th 2015

Similar documents
The BYOD security Battleground

Continuous Third-Party Security Monitoring Powers Business Objectives And Vendor Accountability

Cybersecurity The role of Internal Audit

IBM Software Top tips for securing big data environments

08/10/2013. Data protection and compliance. Agenda. Data protection life cycle and goals. Introduction. Data protection overview

Metrics that Matter Security Risk Analytics

Best Practices For Public Cloud Security Part Three Of A Three-Part Series On Public Cloud Security

RightsWATCH. Data-centric Security.

ECM: Key Market Trends and the Impact of Business Intelligence

TRITON APX. Websense TRITON APX

Why Endpoint Backup Is More Critical Than Ever

State of Security Survey GLOBAL FINDINGS

A Forrester Consulting Thought Leadership Paper Commissioned By Brother. December 2014

Application Performance Management Is Critical To Business Success

Connect and Protect: The Importance Of Security And Identity Access Management For Connected Devices

Latest IT Trends For Secure Mobile Collaboration

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Cyber Security Risks for Banking Institutions.

Breaking Down the Silos: A 21st Century Approach to Information Governance. May 2015

Certified Identity and Access Manager (CIAM) Overview & Curriculum

FIVE KEY CONSIDERATIONS FOR ENABLING PRIVACY IN HEALTH INFORMATION EXCHANGES

Data- centric Security: A New Information Security Perimeter Date: March 2015 Author: Jon Oltsik, Senior Principal Analyst

Kuppinger Cole Virtual Conference The Three Elements of Access Governance

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES

Formulate A Database Security Strategy To Ensure Investments Will Actually Prevent Data Breaches And Satisfy Regulatory Requirements

TRITON AP-WEB COMPREHENSIVE REAL-TIME PROTECTION AGAINST ADVANCED THREATS & DATA THEFT

Defending Against Data Beaches: Internal Controls for Cybersecurity

Accelerate BI Initiatives With Self-Service Data Discovery And Integration

Leverage Micro- Segmentation To Build A Zero Trust Network

The Comprehensive National Cybersecurity Initiative

Raytheon Oakley Systems

Privacy, Identity, And Security: A Spotlight On How Financial Services Firms Can Help Protect Customer Identity

Adopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services.

Teradata and Protegrity High-Value Protection for High-Value Data

TRITON AP-ENDPOINT STOP ADVANCED THREATS AND SECURE SENSITIVE DATA FOR ROAMING USERS

WHITE PAPER. Attack the Attacker HOW A MANAGED SECURITY SERVICE IMPROVES EFFICIENCY AND SAVES COST

Solutions for Health Insurance Portability and Accountability Act (HIPAA) Compliance

Digital Business Requires Application Performance Management

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

Enterprise Data Protection

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES

Access is power. Access management may be an untapped element in a hospital s cybersecurity plan. January kpmg.com

Enterprises Seek The Benefits Of Hybrid Cloud, And Work To Overcome The Challenges

Comprehensive real-time protection against Advanced Threats and data theft

ProtectWise: Shifting Network Security to the Cloud Date: March 2015 Author: Tony Palmer, Senior Lab Analyst and Aviv Kaufmann, Lab Analyst

IBM Software Four steps to a proactive big data security and privacy strategy

Payment Card Industry Data Security Standard

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

Appendix. Key Areas of Concern. i. Inadequate coverage of cybersecurity risk assessment exercises

Cybersecurity and internal audit. August 15, 2014

Microsoft s cybersecurity commitment

The State of Data Security Intelligence. Sponsored by Informatica. Independently conducted by Ponemon Institute LLC Publication Date: April 2015

OPTIMUS SBR. Optimizing Results with Business Intelligence Governance CHOICE TOOLS. PRECISION AIM. BOLD ATTITUDE.

Into the cybersecurity breach

REVOLUTIONIZING ADVANCED THREAT PROTECTION

Improving The Retail Experience Through Fast Data

The Expanding Role Of Mobility In The Workplace

Utility of the Future Virtual Event Series Monthly Virtual Studio Event Series for Utilities

Seven Things To Consider When Evaluating Privileged Account Security Solutions

A Strategic Approach to Customer Engagement Optimization. A Verint Systems White Paper

TODAY S AGENDA. Trends/Victimology. Incident Response. Remediation. Disclosures

Managed Mobility Cloud Services Gain Momentum With European Midmarket Organizations

Preemptive security solutions for healthcare

Data Privacy: The High Cost of Unprotected Sensitive Data 6 Step Data Privacy Protection Plan

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

Addressing the Full Attack Continuum: Before, During, and After an Attack. It s Time for a New Security Model

SITUATIONAL AWARENESS MITIGATE CYBERTHREATS

How Predictive Marketing Analytics Boosts B2B Business Performance

Cyber Security :: Insights & Recommendations for Secure Operations. N-Dimension Solutions, Inc.

Global Headquarters: 5 Speen Street Framingham, MA USA P F

Strategically Detecting And Mitigating Employee Fraud

Rethinking Information Security for Advanced Threats. CEB Information Risk Leadership Council

File Sync And Share Grows In The Enterprise: Capture The Benefits And Manage The Risks

Strengthen security with intelligent identity and access management

Internal audit of cybersecurity. Presentation to the Atlanta IIA Chapter January 2015

Stay ahead of insiderthreats with predictive,intelligent security

ENTERPRISE COMPUTING ENVIRONMENT. Creating connections THROUGH SERVICE & WORKFORCE EXCELLENCE

Transcription:

The X-Factor in Data-Centric Security Webinar, Tuesday July 14 th 2015

*The Insider Threat SpotlIght Report Tuesday July 14th 2015 WEBINAR: The X-Factor in Data" 2

Agenda Introductions & House Rules A Data-Centric Approach Is Required For Security Today Are You Controlling Information Disclosure? RightsWATCH Live Demo Questions & Answers Tuesday July 14th 2015 WEBINAR: The X-Factor in Data" 3

Introductions Heidi Shey Heidi serves Security & Risk Professionals in solutions for data security and privacy and for security architecture and operations. Her research focus is on data discovery and classification, secure file sharing and collaboration, cybersecurity and privacy topics such as policy and regulatory concerns, biometrics, and consumer security. Rui Melo Biscaia Rui serves as the Director of Product Management for Watchful Software, and is responsible for the company's product direction and go-to-market Tuesday July 14th 2015 WEBINAR: The X-Factor in Data" 4

Some House Rules You are muted centrally. You don t need to mute/unmute yourself This webinar is being recorded. The recording will be available tomorrow at www.watchfulsoftware.com The Q&A session will be at the end You are welcomed to enter questions anytime, using the Chat feature in the GoToWebinar Control Panel Tuesday July 14th 2015 WEBINAR: The X-Factor in Data" 5

Agenda Introductions & House Rules A Data-Centric Approach Is Required For Security Today Are You Controlling Information Disclosure? RightsWATCH Live Demo Questions & Answers Tuesday July 14th 2015 WEBINAR: The X-Factor in Data" 6

A Data-Centric Approach Is Required For Security Today Heidi Shey, Senior Analyst

Yesterday s approach to data security 2015 Forrester Research, Inc. Reproduction Prohibited 8

is insufficient for today s reality 2015 Forrester Research, Inc. Reproduction Prohibited 9

is insufficient for today s reality Your employees get work done in different ways Source: Forrester s Business Technographics Global Telecom And Mobility Workforce Survey, 2014 2015 Forrester Research, Inc. Reproduction Prohibited 10

is insufficient for today s reality Your employees get work done in different ways 52% of information workers use multiple devices for work Source: Forrester s Business Technographics Global Telecom And Mobility Workforce Survey, 2014 2015 Forrester Research, Inc. Reproduction Prohibited 11

is insufficient for today s reality Your data is everywhere 2015 Forrester Research, Inc. Reproduction Prohibited 12

is insufficient for today s reality The threat landscape has changed Nation state sponsored Hactivist Cybercriminal Insiders 2015 Forrester Research, Inc. Reproduction Prohibited 13

is insufficient for today s reality 2015 Forrester Research, Inc. Reproduction Prohibited 14

is insufficient for today s reality Your employees have varying attitudes about data 51% are actually aware of or understand their company s data use/handling policies 56% say they follow security policies Source: Forrester's Business Technographics Global Devices And Security Workforce Survey, 2014 2015 Forrester Research, Inc. Reproduction Prohibited 15

Defense in depth is a good concept Defense 2015 Forrester Research, Inc. Reproduction Prohibited 16

but often turns into expense in depth 2015 Forrester Research, Inc. Reproduction Prohibited 17

Causes of expense in depth Lack of an overarching strategy 2015 Forrester Research, Inc. Reproduction Prohibited 18

Causes of expense in depth Lack of an overarching strategy Insufficient due diligence; feature/capability overlap and redundancy 2015 Forrester Research, Inc. Reproduction Prohibited 19

Causes of expense in depth Lack of an overarching strategy Insufficient due diligence; feature/capability overlap and redundancy Difficulty integrating different solutions; too many silos 2015 Forrester Research, Inc. Reproduction Prohibited 20

It s time for a data-centric strategy Put your controls closer to the data 2015 Forrester Research, Inc. Reproduction Prohibited 21

Forrester s data security and control framework Data discovery Define Data classification 2015 Forrester Research, Inc. Reproduction Prohibited 22

Forrester s data security and control framework Data discovery Define Data classification 2015 Forrester Research, Inc. Reproduction Prohibited 23

Forrester s data security and control framework Data discovery Define Data classification Data intelligence Dissect Data analytics 2015 Forrester Research, Inc. Reproduction Prohibited 24

Forrester s data security and control framework Data discovery Define Data classification Data intelligence Dissect Data analytics Defend Access Inspect Dispose Kill 2015 Forrester Research, Inc. Reproduction Prohibited 25

Key technologies and their outlook Why these 20 technologies? Restrict and strictly enforce access control to data. Monitor and identify abnormal patterns of network or user behavior. Block exfiltration of sensitive data. Render successful theft of data harmless. Source: Forrester s April 2014 TechRadar : Data Security, Q2 2014 2014 Forrester Research, Inc. Reproduction Prohibited 26

Key technologies and their outlook Capabilities evolve, converge Discovery and classification Sharing and collaboration Data loss prevention Rights management Key management Source: Forrester s April 2014 TechRadar : Data Security, Q2 2014 2014 Forrester Research, Inc. Reproduction Prohibited 27

Benefits of a data centric strategy Know your data 2014 Forrester Research, Inc. Reproduction Prohibited 28

Benefits of a data centric strategy Know your data Align security with business initiatives 2014 Forrester Research, Inc. Reproduction Prohibited 29

Benefits of a data centric strategy Know your data Align security with business initiatives Prioritize data controls and investment 2014 Forrester Research, Inc. Reproduction Prohibited 30

Benefits of a data centric strategy Know your data Align security with business initiatives Prioritize data controls and investment Build a foundation for data security and privacy culture 2014 Forrester Research, Inc. Reproduction Prohibited 31

Benefits of a data centric strategy Know your data Align security with business initiatives Transform data security and privacy into a business differentiator Prioritize data controls and investment Build a foundation for data security and privacy culture 2014 Forrester Research, Inc. Reproduction Prohibited 32

Poll What do you anticipate as your biggest challenge for a data-centric approach to security? 1. Data classification 2. Budget; justification for investment 3. Staffing constraints 4. Prioritizing our investments 5. Addressing compliance requirements Tuesday July 14th 2015 WEBINAR: The X-Factor in Data" 33

Agenda Introductions & House Rules A Data-Centric Approach Is Required For Security Today Are You Controlling Information Disclosure? RightsWATCH Live Demo Questions & Answers Tuesday July 14th 2015 WEBINAR: The X-Factor in Data" 34

Are you controlling information disclosure? Rui Melo Biscaia, Director of Product Management

Are you controlling information disclosure? The sheer amount of data to protect is overwhelming Cloud, BYO and 3 rd parties ultimately mean Data has Left the Building Data exists to be consumed, thus security MUST become Data-Centric Rendering your data useless is the strongest answer to the not IF but WHEN issue Tuesday July 14th 2015 WEBINAR: The X-Factor in Data" 36

Forrester s data security and control framework Data discovery Data classification Need to locate, index, and catalogue data for better control RightsWATCH: Discovers data files in repositories and tags it according to the data toxicity Always analyses content, context and file attributes to discover and classify every single data file, wherever the file resides Tuesday July 14th 2015 WEBINAR: The X-Factor in Data" 37

Forrester s data security and control framework (II) Data intelligence Data analytics Need to provide business and other contextual insights about data, while identifying changing threats to data and guides decision-making RightsWATCH: Provides intelligent time access and content expiration controls over data Delivers a comprehensive audit trail on who is doing, what, when and how with data that is valuable to the business and to security Tuesday July 14th 2015 WEBINAR: The X-Factor in Data" 38

Forrester s data security and control framework (III) Access Inspect Dispose Kill Need to ensure the right user gets access to the right data at the right time; understand patterns to identify risks; mitigate risk by discarding data; and ensure data can t be used or sold RightsWATCH: Applies the principle of least privilege, by enforcing RBAC over data Logs a comprehensive audit trail to mitigate the malicious internal user Delivers a proper classification tags for data disposal purposes Tuesday July 14th 2015 Leverages encryption to devalue WEBINAR: and/or The X-Factor remote in Data" Kill data 39

RightsWATCH is Data-centric Security Tuesday July 14th 2015 WEBINAR: The X-Factor in Data" 40

Agenda Introductions & House Rules A Data-Centric Approach Is Required For Security Today Are You Controlling Information Disclosure? RightsWATCH Live Demo Questions & Answers Tuesday July 14th 2015 WEBINAR: The X-Factor in Data" 41

RightsWATCH Live Demo Tuesday July 14th 2015 WEBINAR: The X-Factor in Data" 42

Agenda Introductions & House Rules A Data-Centric Approach Is Required For Security Today Are You Controlling Information Disclosure? RightsWATCH Live Demo Questions & Answers Tuesday July 14th 2015 WEBINAR: The X-Factor in Data" 43

The X-Factor in Data-Centric Security Questions & Answers Webinar, Tuesday July 14 th 2015

Thank You! Heidi Shey +1 617.613.6076 hshey@forrester.com Rui Melo Biscaia +351 21 714 5430 rui.biscaia@watchfulsoftware.com

The X-Factor in Data-Centric Security Webinar, Tuesday July 14 th 2015

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information