More Related Content
Similar to Cso oow12-summit-sonny-sing hv4 (20)
Cso oow12-summit-sonny-sing hv4
- 1. 1 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 2. The Threats are Outside
The Risks are Inside
Sonny Singh
Senior Vice President
Industries Business Unit
2 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 3. 3. Financial Loss
2. Regulatory Fines
1. Brand Decline
3 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 4. on Security
response
has been reactive,
shifted attention away
from apps and data
2007 2010
Forrester Evolution of IT Security 2011
4 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 5. • Endpoint Security
• Vulnerability Management
• Network Security
$400 – $500 • Email Security
average cost of security • Other Security breached
hacking from
breached
privilege
records web
against
records db
stolen
misuse
app server
Gartner IT Key Metrics 2010 servers
credentials
servers
Verizon Data Breach 2012
5 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 6. Verizon Data Breach 2012
hacking involved stolen credentials
APPLICATIONS
MIDDLEWARE
breached records from web/app servers
DATABASE
breached records from db servers
OPERATING SYSTEM
from privilege misuse
attacks against servers
SERVERS
breaches against off line data
STORAGE
breaches against file servers
6 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 7. LinkedIn RISKS
Sony were on the
Société Générale
7 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 8. MANAGE THE RISKS
SECURITY
INSIDE PREVENT THE THREATS
OUT
EMPOWER THE OPPORTUNITIES
8 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 9. SECURITY SECURITY SECURITY
AT EACH LAYER BETWEEN LAYERS BETWEEN SYSTEMS
SECURITY
SECURITY
SECURITY
SECURITY
SECURITY
SECURITY
SECURITY
SECURITY
SECURITY
SECURITY
SECURITY
SECURITY
SECURITY
SECURITY
9 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 10. Services & Consulting
Governance & Compliance
Identity Management SOLUTIONS
Database Security SOLUTIONS
Infrastructure Security
10 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 11. 11 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.
- 12. 12 Copyright © 2012, Oracle and/or its affiliates. All rights reserved.