1 / 22

Security Trends

Security Trends. The Case for Intelligence-Driven Security. Attack Surface and Threat Environment. 40-60?. 2. ¼. ZETTABYTES. ZETTABYTES. ZETTABYTE. 2007. 2013. 2020. Digital Content. Attack Surface and Threat Environment. Big Data Apps Everywhere! . Web Front Ended apps.

sienna
Download Presentation

Security Trends

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security Trends The Case for Intelligence-Driven Security

  2. Attack Surface and Threat Environment 40-60? 2 ¼ ZETTABYTES ZETTABYTES ZETTABYTE 2007 2013 2020 Digital Content

  3. Attack Surface and Threat Environment Big Data Apps Everywhere! Web Front Ended apps There’s an “app” for that 2007 2013 2020 Apps

  4. Attack Surface and Threat Environment Internetof things (not just PCs, not just mobile) Dawn of Smartphones Smartphone/tablet ubiquity 2007 2013 2020 Devices

  5. Attack Surface and Threat Environment MySpace Focus onmonetizing Total Commercialization of social media: absence of privacy 2007 2013 2020 Social Media

  6. Attack Surface and Threat Environment NO direct control over physical infrastructure 2007 2013 2020 Perimeter

  7. Attack Surface and Threat Environment Complex Intrusion Attacks DisruptiveAttacks Destructive attacks 2007 2013 2020 Threats

  8. Historic Security Model • Perimeter based • Static/Signature based • Siloed Reactive

  9. New Model • Risk-based • Dynamic/agile • Contextual Intelligence Driven

  10. Impediments to Change Budget Inertia: Reactive model 70% 34% 20% Prevention Response 33% 10% 33% Detection & Monitoring

  11. Impediments to Change BudgetInertia Skilled personnel shortage Information sharing at scale Technology Maturity

  12. Shift In Focus. Shift In Spend $ Monitoring 33% Prevention 34% Monitoring 15% Prevention 80% Response 5% Response 33% MATURITY BusinessRisk Control Compliance IT Risk

  13. IS WHERE SECURITY MEETS BIG DATA Intelligence-Driven Security SOC | GRC | Identity | Anti-Fraud

  14. BIG DATA FUELS INTELLIGENCE-DRIVEN SECURITY

  15. Intelligence-Driven Security Risk-Based, Contextual, & Agile Risk IntelligenceThorough Understanding Of Risk To Prioritize Activity Advanced Analyticsprovide context and visibility to detect threats Adaptive Controlsadjusted dynamically basedon risk and threat level Information SharingActionable Intel From Trusted Sources & COIs

  16. Identity Ensuring Trusted Interaction Between People, Application, & Data 1 Assess Risk 2 Take Action

  17. Next-Generation Identity Auth. Manager 8.0 | Adaptive Authentication | Cloud Trust Authority Big Data Analytics Step Up Authentication Action Two-Factor Investigate Out Of Band Txt Device Profile Data Collection Change/Block Access Risk Engine Challenge Q’s High Risk User Behavior Profile Geo Location Proceed As Normal Fraud Network RSA eFraud Network

  18. Security Analytics Big Data Analytics Governance RSA Security Analytics Platform | RSA Archer GRC Suite Compliance&BusinessContext Network Packets Alerting & Reporting Data Collection Log Files Investigations Incident Management& Workflow Big Data Store Malware Analytics IT Assets Visualization Active Defense & Remediation Data Leakage Information Assets RSA Live

  19. Fraud Prevention and Web Security Silver Tail Separating Customers from Criminals Web Threat Landscape Transaction Logout Login Begin Session In the Wild • Advanced Malware (e.g. Trojans) • Phishing • Rogue Mobile App • Site Scraping • Vulnerability Probing • Layer 7 DDoS Attacks • Man in the Middle/Browser • Password Cracking/Guessing • Parameter Injection • New Account Registration Fraud • Account Takeover • New Account Registration Fraud • Promotion Abuse • Unauthorized Account Activity • Fraudulent Money Movement Fraud Action Adaptive Authentication Transaction Monitoring

  20. Next-Generation Anti-Fraud & Web Security Silver Tail, Fraud Action, Adaptive Authentication, Transaction Monitoring Big Data Analytics Response Web Traffic Alerting & Reporting Compliance&BusinessPolicy Data Collection Big Data Store Investigations Fraud Analytics Adaptive Authentication Transaction Monitoring Active Defense Visualization RSA eFraud Network + Fraud Action

  21. Risk Management & Governance Governance BusinessContinuity Management IT ComfitManagement Compliance & BusinessContext ThreatManagement ComplianceManagement Incident Management& Workflow Active Defense & Remediation Single eGRC Platform

  22. Summary • Transformation of Infrastructure, Business and Threat Makes Traditional Security Less Relevant • New Strategies Must be Based on Risk, Context and be Responsive To Rapidly Changing Environments • Big Data, Analytics Can Be Leveraged to Create Intelligence-Driven Security Models that Meet These Needs

More Related