1 / 20

Intelligence-driven Security:

Advanced security for advanced threats. Intelligence-driven Security:. Kartik Shahani – Regional Director India /SAARC. Does it surprise you why more threats ???. The amount of storage from MB to ZB Speed from Kbps to Gbps data transfer Few Desktops to multiple mobile devices.

arvin
Download Presentation

Intelligence-driven Security:

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Advanced security for advanced threats Intelligence-driven Security: Kartik Shahani – Regional Director India /SAARC

  2. Does it surprise you why more threats ??? • The amount of storage from MB to ZB • Speed from Kbps to Gbps data transfer • Few Desktops to multiple mobile devices • From intranet to Internet • Fixed location to Mobile • Program to Multiple Apps • From nuisance to Financial loss • From basic attacks to APT • From financial to Nation State • From individuals to Countries Rapid increase in space and speeds Infrastructure Transformation Business Transformation Threat LandscapeTransformation The type of threats are changing Change in Business

  3. Market Disruptors ExtendedWorkforce NetworkedValueChains Mobile SophisticatedFraud BigData Cloud Infrastructure Transformation Business Transformation Threat LandscapeTransformation APTs Less control over access device and back-end infrastructure Fundamentallydifferent tactics, more formidable than ever More hyper-extended, more digital

  4. Advanced Threats Are Different 1 TARGETED 2 3 SPECIFIC OBJECTIVE INTERACTIVE STEALTHY Cover-UpComplete HUMAN INVOLVEMENT LOW AND SLOW System Intrusion AttackBegins Cover-Up Discovery Leap Frog Attacks Dwell Time Response Time Response Attack Identified TIME 1 2 Decrease Dwell Time Speed Response Time

  5. A New Security World It will become increasingly difficult to secure infrastructure We must focus on people, the flow of data and on transactions

  6. Intelligence-Driven Security Risk-based, contextual, and agile Risk Intelligencethorough understandingof risk to prioritize activity Adaptive Controlsadjusted dynamically basedon risk and threat level Advanced Analyticsprovide context and visibility to detect threats Information Sharingactionable intel from trusted sources and COIs

  7. Resource Shift: Budgets and People Monitoring 15% Monitoring 15% Response 5% Response 5% Monitoring 33% Response 33% Prevention 80% Prevention 80% Prevention 33% Today’sPriorities Intelligence-DrivenSecurity

  8. Planning Your Journey CONTROL COMPLIANCE IT RISK BUSINESS RISK MATURITY LEVEL

  9. Planning Your Journey Improve Identity Controls - Risk-based, step up options - Cloud-enabled Automate Compliance - Key Regulations CONTROL COMPLIANCE IT RISK BUSINESS RISK MATURITY LEVEL Defendagainst known threats Reduce risk of identity-based threats Lower compliance costs

  10. Planning Your Journey Control Sensitive Information - Discover & protect critical assets Improve IT Governance - Visibility into IT Risk - Change management - Business continuity Establish Sec Ops Baselines - Logs/Packets/Behaviors CONTROL COMPLIANCE IT RISK BUSINESS RISK MATURITY LEVEL Reducerisk surface Spotadvanced attacks Align investment/risks Ensureresilience

  11. Planning Your Journey • Implement Advanced SOC Capabilities • Detection / Incident Response • Achieve Full Visibility • Real-time internal/external awareness of risks/threats • Align Activity with Business Risk • Prioritize Assets/ Processes/ Identities CONTROL COMPLIANCE IT RISK BUSINESS RISK MATURITY LEVEL Proactivedefense Take advantageof new technology/opportunities Maintain compliance

  12. Challenges facing Private & Public Though there is an immediate need to forge a Public – Private collaboration… • Public: • Primary function is to provide homeland Security • Work on ensuring that the Nation state vectors/Actors are adequately neutralized • There is protection of individual and national information. Access is provided securely to who need it • Foreign / imported technology is diligently tested and deployed • Limited local technology / experience available for security products /services • Private: • Primary focus on increasing shareholder wealth • Ensure that they are in step / ahead of the cyber criminals • Provide technology for now and the future needs depending on the changing environment • Build long term relationships and brand value

  13. Potential way forward… • Build a G2G (Government to Government) relationship e.g. Singapore • Leverage on the young talented youth of the country • Build skills indigenously • Encourage investment through subsidies and tax benefits • Look at already existing technology and wrap it for the local requirements • Leverage the premier Agencies / Institutions / Bodies to be the ambassadors for change • Understand each others drivers and try and look at a sustainable model.

  14. Summary • Change is taking place at an incredible pace. Those who are not agile shall be extinct • Technology is getting more complex. Contextual, intelligent and automated methodologies are the future. • Collaboration imperative to beat the cyber criminals • Create an environment for long term sustenance

  15. Security Analytics Logs Packets Enrichment Data EUROPE Incident Management THE ANALYTICS Reporting and Alerting Complex Event Processing NORTH AMERICA Investigation Free Text Speech Asset Criticality SECURITY ANALYTICS ARCHER DISTRIBUTED COLLECTION eGRC SUITE Malware Analytics Correlation Metadata Tagging Administration ASIA Compliance REAL-TIME WAREHOUSE LONG-TERM LIVE INTELLIGENCE Threat Intelligence – Rules – Parsers – Alerts – Feeds – Apps – Directory Services – Reports and Custom Actions

  16. Adaptive & Risk-Based Authentication Two-Factor High Risk Risk Engine ChallengeQ Out OfBand Step Up Authentication User Action Fraud Network Device Profile Proceed As Normal User Behavior Profile Big DataRisk Repository

  17. Adaptive & Risk-Based Authentication Two-Factor Risk Engine Download Sales Pipeline Read Email Private Cloud AdditionalAuthentication AUTHENTICATIONMANAGER & SECURID ADAPTIVEAUTHENTICATION Username &Password User Action Out OfBand Fraud Network Device Profile User Behavior Profile Public Cloud TransferFunds Access Bank Account ChallengeQ Big DataRisk Repository Additional Authentication Username &Password

  18. Identity Protection and Verification Reduce fraud, cyber attacks, identity thefts, & account takeovers Mitigate impact of trojan, phishing, pharming attacks Protect against web application fraud and abuse FRAUDACTION Gain intelligence into the latest external threats ADAPTIVEAUTHENTICATION SILVER TAIL

  19. Governance Risk and Compliance Set Policy ARCHER eGRC SUITE Manage Policy Measure & ReportOn Compliance

More Related