DSS ITSEC CONFERENCE - Lumension Security - Real Time Risk & Compliance Management - Riga NOV 2011

Good Morning!

“Real time IT security risk and compliance
management”

Thomas Wendrich, Director Nordics & CIS, Lumension Security

PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION

SORRY, WE DON’T ACCEPT CREDIT CARDS!

2. ENDPOINT SECURITY

Traditional
Endpoint Security

Blacklisting
As The Core

Zero Day Volume of
Malware

3rd Party Malware
Application As a
Risk Service

A Perfect Storm At The Endpoint

Rising Increasing
Costs Threats

Ineffectiveness of
AntiVirus

5

QUESTION?

“How many Malware Signatures identified?

… yearly
… monthly
… daily

Cyber Crime Altering Threat Landscape

Virus and Bots PUP Trojan
500,000

400,000

300,000

200,000

100,000

2000 2001 2002 2003 2004 2005 2006 2007

Malware Growth (Main Variations)
77 November 28, 2011
Source: McAfee Labs


2,200,000

2,000,000

1,800,000

1,600,000

1,400,000

1,200,000

1,000,000

800,000

600,000

400,000

200,000

2000 2001 2002 20032008
2004 2005 2006 2007

8 November 28, 2011
Source: McAfee Labs


3,200,000
3,000,000
2,800,000
2,600,000
2,400,000
2,200,000
2,000,000
1,800,000
1,600,000
1,400,000
1,200,000
1,000,000
800,000
600,000
400,000
200,000

2008
2009
99 November 28, 2011
Source: McAfee Labs

Macintosh

Major Wave of Fake-AV

Question?

“How many Malware Signatures identified?

… yearly
… monthly
… daily +55.000

Zeus Tracker (https://zeustracker.abuse.ch/)

…but which cloud will it be?

…Agenda

16

… confidential bank account information

IT Networks today …globally & virtually distributed

Cloud-based
Computing

Remote Offices
Mobile Endpoints & Subsidiaries

Internet WAN

Corporate
HQ

Data
Center

4. COMPLIANCE

PCI DSS, PA DSS, 27001, CoBiT, Basel II, SOX, VbV, MC SecureCode
National Bank regulations … … …

Mounting External Compliance Regulations
PII Security
3 out 4 organizations must comply with two or Standards

more regulations and corresponding audits. Sarbanes-Oxley,
Section 404

PCI Data Security PCI Data Security
43% of organizations comply with 3 or more Standards (DSS) Standards (DSS)

regulations. Basel II Basel II

SB1386 SB1386 SB1386
(CA Privacy Act) (CA Privacy Act) (CA Privacy Act)

USA Patriot Act USA Patriot Act USA Patriot Act USA Patriot Act

Gramm Leach Gramm Leach Gramm Leach Gramm Leach Gramm Leach
Bliley (GLBA) Bliley (GLBA) Bliley (GLBA) Bliley (GLBA) Bliley (GLBA)

21CFR11 21CFR11 21CFR11 21CFR11 21CFR11 21CFR11

HIPAA HIPAA HIPAA HIPAA HIPAA HIPAA HIPAA

EU Directive EU Directive EU Directive EU Directive EU Directive EU Directive EU Directive EU Directive

*The Struggle to Manage Security Compliance for Multiple Regulations”..SecurityCompliance.com

Time

Today Organizations Spend 30-50%
More On Compliance Than They Should

Our IT Networks Were Never Designed With
Compliance In Mind

Lumension-at-a-Glance

» 18% 4-Year Revenue
» Founded 1991 CAGR
» 300 Employees Worldwide » Industry-Leading Patented
Technology
» Dedicated Operations » Over 5,000 worldwide
in 8 Countries customers
» Deloitte Tech Fast 500 » ~14M Nodes Managed

Diversified customer base in Public Sector, Financial Services, Professional Services and Healthcare

24

Lumension Leads the Way

Market Share Leader: Patch Management, Enterprise Risk Management, Device Control

First cross-platform First credentialed- First to introduce First Patent pending First
and application patch based vulnerability whitelisting / patented Risk Intelligence Intelligent
management solution scanner file “shadowing” Engine Whitelisting
technology

1991 2007 2009 2010

25

What do these Companies have in Common

How about these technologies …

•Ethernet
•Graphical user interface
•Mouse
•Laser printing
•Object-oriented programming
•WYSIWYG & file formatting
•Fiber Optics
•Encryption Systems
•Optical storage
•WORM
•Natural Language processing
•Solid –State Laser

Putting the Enterprise Back in Control
Malware
Signatures

Reduce Costs with
dynamically deployed
IWL in an operational
environment
Costs of dealing
w/ Incidents
Effectiveness
of current
technologies

2009
2004
30 million Malware
3 million Malware
signatures
28
signatures

The State of Endpoint Insecurity

“Over 90% of cyber attacks exploit known
security flaws for which a remediation is
available” Gartner
» Malware has increased by 500% and major
AV firms are falling behind on documenting
known signatures. 1
» 2M+ malware signatures identified monthly
» Nearly 90% of vulnerabilities could be
exploited remotely 2.
» 19 new vulnerabilities are released per day. 3
» Average cost of a data breach $6.75M. 4
» 70% of all serious data incidents sparked by
Sources:
an insider. 5
1 : AV-test.org
2 : Aberdeen Group Vulnerability Management Report, 2008
3 : National Vulnerability Database, April 9, 2010
4 : Ponemon Institute ,2010
5 : IDC Security Report, 2007

29

The State of Endpoint Complexity
“Point technologies tax IT resources with additional
administration, integration, and maintenance,
burden while limiting user productivity”

» 3-5 different software consoles are used
in the day to day management of endpoint
security & operational functions.*
» The average endpoint has 3-5 agents
installed.*
» 49% of endpoint TCO is associated with
security and operational management.**
» 52% of IT Operations professionals cite a
lack of integration across technologies as
the #1 security risk.*
*Ponemon Institute, State of The Endpoint, 2009
** Aberdeen Research, Endpoint Security, Endpoint Management, 2009

30

Lumension® Endpoint Management Platform

Single endpoint management
solution on a unified platform

Patch & Remediation

Power Management
Application Control
» Ease of management
» Feature extensibility via separately

n Module
Antivirus
licensed modules
» Integrated endpoint security
workflows

Reduced management overhead
» Integrated console Lumension® Endpoint
Management Platform
» Centralized visibility and control
» Single agent architecture

31 31

Unified Management Console
Unified Management Console

» Role-based workflows

» Consolidated data

» Intuitive web interface
2009 Integration
» Central control &
visibility
Endpoint Operations
» Operational & strategic
Endpoint Security
reporting
Compliance
» Improved productivity

32

Modular Agent - Pluggable Enterprise Service Bus

•Single common agent delivers
and manages many capabilities
via pluggable services
Patch and Remediation
Event Queue

Application Control •Provides single, integrated
Client Transport
communication mechanism
between the L.E.M.S.S. agent
COMM

Security
and the server

•Monitors and secures L.E.M.S.S.
modules on the endpoint

33

Lumension Endpoint Management and Security Suite: Dashboard

34

Lumension Endpoint Management Platform

Endpoint Lumension Lumension
Platform

IWL

IT GRC
Management Intelligent Risk
Security Whitelisting Manager
Suite

35

OBJECTIVE? COMPLIANCE? …where we are?
Today Most Businesses & Governments are Compliance-Centric
Business value expectations

Business transformation Risk
Centric

Control and efficiency Security
Centric

Operations
support Compliance
Centric
Forrester 2010
IT Security Capability
36

Challenges in Compliance and Risk Management

Business Interests

Databases
ISO 27001
Applications
Partners Internal Policy
Processes Auditor
PCI DSS
Workstations
Facilities VbV
Networks
MC SecureCode
Servers
...
Stakeholders

What is your Security Posture?
Organizations lack the visibility across Compliance & IT Risk exposure and are
unable to take proactive action

Key Questions to ask
Can you currently assess your
? Compliance & IT Risk posture?

What’s your security posture?
? How are your departments
?
Executive
? doing in complying with
policy?
Management

? What and where are your
deficiencies?

What is the impact to your
? business if you have a data
breach?

2009 Enterprise Management Associates Survey of IT Governance Risk & Control
38

Lumension® Risk Manager: Vision and Strategy
What is the Security Posture Index?

1.Security Posture Index is a score that tells a CISO, Director
of Infosec, Security Team how secure they are…over time.

2.Security Posture Index includes:
» An index or score, shown in LRM as the Security Posture Index (SPI)
» A set of metrics measuring risk against the criticality of your assets
» Trending information showing compliance to your internal policies
» Analytics and impact analysis
» Remediation projects

39

Security Posture Index

Comprehensive
» Gain true visibility into your security posture through the measurement
of technical, procedural, and physical controls
» LRM is built on a comprehensive framework that incorporates all
types of controls

40 40


Current
» Good visibility depends
on current data
» LRM provides
automatic
assessments for data
collection through
connectors
» We capture scoring
evidence from systems
we connect to daily,
quarterly, annually

41 41


Current
» We also collect data from things
that can’t be scanned!
• Assessment workflows
• Survey capabilities

42

LRM Continuous Monitoring
Strategic Tactical

Business Impact Compliance & IT Risk Compliance Audit Operational Assessment
Exposure & Reporting

Compliance & IT Risk
Management Console

Integrated strategic compliance and IT risk visibility with tactical assessment
information to maintain continuous monitoring of organizational compliance & policy

43

LAC: Application Scanner 2.0 – Assess Files

44

LPR: Composite Inventory Report

45

LRM: Security Dashboard and Metrics
Security Posture Index (SPI) Trending

46

Questions?


COFFEE!


Thank you!


DSS ITSEC CONFERENCE - Lumension Security - Real Time Risk & Compliance Management - Riga NOV 2011

Recommended

Recommended

More Related Content

Similar to DSS ITSEC CONFERENCE - Lumension Security - Real Time Risk & Compliance Management - Riga NOV 2011

Similar to DSS ITSEC CONFERENCE - Lumension Security - Real Time Risk & Compliance Management - Riga NOV 2011 (20)

More from Andris Soroka

More from Andris Soroka (20)

Recently uploaded

Recently uploaded (20)

DSS ITSEC CONFERENCE - Lumension Security - Real Time Risk & Compliance Management - Riga NOV 2011