Your SlideShare is downloading. ×
DSS   ITSEC CONFERENCE - Lumension Security - Real Time Risk & Compliance Management  - Riga NOV 2011
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

DSS ITSEC CONFERENCE - Lumension Security - Real Time Risk & Compliance Management - Riga NOV 2011

664
views

Published on

Presentation from "DSS" organized ITSEC conference on 24th of November, RIga, Latvia. …

Presentation from "DSS" organized ITSEC conference on 24th of November, RIga, Latvia.

Published in: Technology, News & Politics

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
664
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Good Morning!“Real time IT security risk and compliancemanagement”Thomas Wendrich, Director Nordics & CIS, Lumension Security PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  • 2. SORRY, WE DON’T ACCEPT CREDIT CARDS!
  • 3. 1. NEW GENERATION
  • 4. 2. ENDPOINT SECURITY Traditional Endpoint Security Blacklisting As The Core Zero Day Volume of Malware 3rd Party Malware Application As a Risk Service
  • 5. A Perfect Storm At The Endpoint Rising Increasing Costs Threats Ineffectiveness of AntiVirus5
  • 6. QUESTION? “How many Malware Signatures identified? … yearly … monthly … daily
  • 7. Cyber Crime Altering Threat Landscape Virus and Bots PUP Trojan500,000400,000300,000200,000100,000 2000 2001 2002 2003 2004 2005 2006 2007 Malware Growth (Main Variations)77 November 28, 2011 Source: McAfee Labs
  • 8. Cyber Crime Altering Threat Landscape Virus and Bots PUP Trojan 2,200,000 2,000,000 1,800,000 1,600,000 1,400,000 1,200,000 1,000,000 800,000 600,000 400,000 200,000 2000 2001 2002 20032008 2004 2005 2006 2007 Malware Growth (Main Variations) 8 November 28, 2011 Source: McAfee Labs
  • 9. Cyber Crime Altering Threat Landscape Virus and Bots PUP Trojan 3,200,000 3,000,000 2,800,000 2,600,000 2,400,000 2,200,000 2,000,000 1,800,000 1,600,000 1,400,000 1,200,000 1,000,000 800,000 600,000 400,000 200,000 2008 2009 Malware Growth (Main Variations) 99 November 28, 2011 Source: McAfee Labs
  • 10. Macintosh
  • 11. Macintosh Major Wave of Fake-AV
  • 12. Question? “How many Malware Signatures identified? … yearly … monthly … daily +55.000
  • 13. Zeus Tracker (https://zeustracker.abuse.ch/)
  • 14. 3. DATA LOCATION
  • 15. …but which cloud will it be?
  • 16. …Agenda16 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  • 17. … confidential bank account information
  • 18. IT Networks today …globally & virtually distributed Cloud-based Computing Remote OfficesMobile Endpoints & Subsidiaries Internet WAN Corporate HQ Data Center
  • 19. 4. COMPLIANCEPCI DSS, PA DSS, 27001, CoBiT, Basel II, SOX, VbV, MC SecureCode National Bank regulations … … …
  • 20. Mounting External Compliance Regulations PII Security3 out 4 organizations must comply with two or Standardsmore regulations and corresponding audits. Sarbanes-Oxley, Section 404 PCI Data Security PCI Data Security43% of organizations comply with 3 or more Standards (DSS) Standards (DSS)regulations. Basel II Basel II SB1386 SB1386 SB1386 (CA Privacy Act) (CA Privacy Act) (CA Privacy Act) USA Patriot Act USA Patriot Act USA Patriot Act USA Patriot Act Gramm Leach Gramm Leach Gramm Leach Gramm Leach Gramm Leach Bliley (GLBA) Bliley (GLBA) Bliley (GLBA) Bliley (GLBA) Bliley (GLBA) 21CFR11 21CFR11 21CFR11 21CFR11 21CFR11 21CFR11 HIPAA HIPAA HIPAA HIPAA HIPAA HIPAA HIPAAEU Directive EU Directive EU Directive EU Directive EU Directive EU Directive EU Directive EU Directive*The Struggle to Manage Security Compliance for Multiple Regulations”..SecurityCompliance.com Time
  • 21. Today Organizations Spend 30-50%More On Compliance Than They Should Our IT Networks Were Never Designed With Compliance In Mind
  • 22. 5. CRISIS !! SUMMARY !!
  • 23. Thank you!
  • 24. Lumension-at-a-Glance » 18% 4-Year Revenue» Founded 1991 CAGR» 300 Employees Worldwide » Industry-Leading Patented Technology» Dedicated Operations » Over 5,000 worldwide in 8 Countries customers» Deloitte Tech Fast 500 » ~14M Nodes ManagedDiversified customer base in Public Sector, Financial Services, Professional Services and Healthcare 24 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  • 25. Lumension Leads the Way Market Share Leader: Patch Management, Enterprise Risk Management, Device Control First cross-platform First credentialed- First to introduce First Patent pending First and application patch based vulnerability whitelisting / patented Risk Intelligence Intelligent management solution scanner file “shadowing” Engine Whitelisting technology1991 2007 2009 2010 25 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  • 26. What do these Companies have in Common
  • 27. How about these technologies …•Ethernet•Graphical user interface•Mouse•Laser printing•Object-oriented programming•WYSIWYG & file formatting•Fiber Optics•Encryption Systems•Optical storage•WORM•Natural Language processing•Solid –State Laser
  • 28. Putting the Enterprise Back in Control Malware Signatures Reduce Costs with dynamically deployed IWL in an operational environment Costs of dealing w/ Incidents Effectiveness of current technologies 2009 2004 30 million Malware 3 million Malware signatures28 signatures PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  • 29. The State of Endpoint Insecurity “Over 90% of cyber attacks exploit known security flaws for which a remediation is available” Gartner » Malware has increased by 500% and major AV firms are falling behind on documenting known signatures. 1 » 2M+ malware signatures identified monthly » Nearly 90% of vulnerabilities could be exploited remotely 2. » 19 new vulnerabilities are released per day. 3 » Average cost of a data breach $6.75M. 4 » 70% of all serious data incidents sparked bySources: an insider. 51 : AV-test.org2 : Aberdeen Group Vulnerability Management Report, 20083 : National Vulnerability Database, April 9, 20104 : Ponemon Institute ,20105 : IDC Security Report, 2007 29
  • 30. The State of Endpoint Complexity “Point technologies tax IT resources with additional administration, integration, and maintenance, burden while limiting user productivity” » 3-5 different software consoles are used in the day to day management of endpoint security & operational functions.* » The average endpoint has 3-5 agents installed.* » 49% of endpoint TCO is associated with security and operational management.** » 52% of IT Operations professionals cite a lack of integration across technologies as the #1 security risk.**Ponemon Institute, State of The Endpoint, 2009** Aberdeen Research, Endpoint Security, Endpoint Management, 200930
  • 31. Lumension® Endpoint Management Platform Single endpoint management solution on a unified platform Patch & Remediation Power Management Application Control » Ease of management » Feature extensibility via separately n Module Antivirus licensed modules » Integrated endpoint security workflowsReduced management overhead » Integrated console Lumension® Endpoint Management Platform » Centralized visibility and control » Single agent architecture31 31 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  • 32. Unified Management Console Unified Management Console » Role-based workflows » Consolidated data » Intuitive web interface2009 Integration » Central control & visibility Endpoint Operations » Operational & strategic Endpoint Security reporting Compliance » Improved productivity 32 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  • 33. Modular Agent - Pluggable Enterprise Service Bus •Single common agent delivers and manages many capabilities via pluggable services Patch and Remediation Event Queue Application Control •Provides single, integrated Client Transport communication mechanism between the L.E.M.S.S. agent COMM Security and the server •Monitors and secures L.E.M.S.S. modules on the endpoint 33 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  • 34. Lumension Endpoint Management and Security Suite: Dashboard34 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  • 35. Lumension Endpoint Management Platform Endpoint Lumension Lumension Platform IWL IT GRC Management Intelligent Risk Security Whitelisting Manager Suite35
  • 36. OBJECTIVE? COMPLIANCE? …where we are? Today Most Businesses & Governments are Compliance-CentricBusiness value expectations Business transformation Risk Centric Control and efficiency Security Centric Operations support Compliance Centric Forrester 2010 IT Security Capability36 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  • 37. Challenges in Compliance and Risk ManagementBusiness Interests Databases ISO 27001 Applications Partners Internal Policy Processes Auditor PCI DSS Workstations Facilities VbV Networks MC SecureCode Servers ... Stakeholders
  • 38. What is your Security Posture? Organizations lack the visibility across Compliance & IT Risk exposure and are unable to take proactive action Key Questions to ask Can you currently assess your ? Compliance & IT Risk posture? What’s your security posture? ? How are your departments ? Executive ? doing in complying with policy? Management ? What and where are your deficiencies? What is the impact to your ? business if you have a data breach? 2009 Enterprise Management Associates Survey of IT Governance Risk & Control38 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  • 39. Lumension® Risk Manager: Vision and StrategyWhat is the Security Posture Index?1.Security Posture Index is a score that tells a CISO, Director of Infosec, Security Team how secure they are…over time.2.Security Posture Index includes: » An index or score, shown in LRM as the Security Posture Index (SPI) » A set of metrics measuring risk against the criticality of your assets » Trending information showing compliance to your internal policies » Analytics and impact analysis » Remediation projects39 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  • 40. Security Posture Index Comprehensive » Gain true visibility into your security posture through the measurement of technical, procedural, and physical controls » LRM is built on a comprehensive framework that incorporates all types of controls40 40 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  • 41. Security Posture Index Current » Good visibility depends on current data » LRM provides automatic assessments for data collection through connectors » We capture scoring evidence from systems we connect to daily, quarterly, annually41 41 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  • 42. Security Posture Index Current » We also collect data from things that can’t be scanned! • Assessment workflows • Survey capabilities42 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  • 43. LRM Continuous MonitoringStrategic Tactical Business Impact Compliance & IT Risk Compliance Audit Operational Assessment Exposure & Reporting Compliance & IT Risk Management Console Integrated strategic compliance and IT risk visibility with tactical assessment information to maintain continuous monitoring of organizational compliance & policy 43 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  • 44. LAC: Application Scanner 2.0 – Assess Files44 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  • 45. LPR: Composite Inventory Report45 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  • 46. LRM: Security Dashboard and Metrics Security Posture Index (SPI) Trending46 PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  • 47. Questions? PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  • 48. COFFEE! PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION
  • 49. Thank you! PROPRIETARY & CONFIDENTIAL - NOT FOR PUBLIC DISTRIBUTION