Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
1
Sigal ...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
IT is di...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
System o...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
System o...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
5
CIO ha...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Goals of...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
IT Deliv...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
IT Deliv...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
IT Deliv...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
IT Talen...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
11
Obsta...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Good com...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
CIOs Ext...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
14
Unifi...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
15
How M...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Insights...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Web Brow...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
WebRTC -...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Future
U...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
20
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Unified ...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
API obst...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
API mana...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
APIs are...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Organiza...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
26
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
27
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
API Mana...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
API Mana...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Multiple...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
End-to-E...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
API-cent...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Business...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
STKI Sum...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Are you ...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Credenti...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Identity...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Control ...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Why shou...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Technolo...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Securing...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Inside y...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
IDM is n...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
44
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
45
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Why we n...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Active D...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Insights...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
STKI Sum...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Networki...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
General ...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Current ...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
53
SDN- ...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Packet-F...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
SDN coul...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
SDN coul...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Future S...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Business...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Networki...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Insights...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
• SPAN P...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
New Need...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
STKI Sum...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Security...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Security...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
STKI Sur...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
67
Bewar...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
68
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Cyber In...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
2014
70S...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Internet...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Challeng...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Cyber ev...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Cyber ev...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
How to d...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Insights...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
ISO 2703...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Security...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
79
Sourc...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
80
Secur...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Cloud-ba...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Cyber fo...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
STKI Sum...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
3D print...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
85
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
3D print...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
3D print...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
88
Sourc...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
3D Print...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Coca-Col...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
91
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
92
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
POTENTIA...
Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
Thank Yo...
Upcoming SlideShare
Loading in...5
×

Sigal summit 2014 final

249

Published on

Sigal summit 2014 final
SDN,CYBER,IDM,3D PRINTNING, UC

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
249
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Transcript of "Sigal summit 2014 final"

  1. 1. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph 1 Sigal Russin STKI “IT Knowledge Integrators” sigalr@stki.info New Obstacle run for “delivery” managers Security & Networking
  2. 2. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph IT is divided into two distinct “worlds” 2
  3. 3. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph System of records 3 Reduce Operating Expenses Long development and deployment cycles
  4. 4. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph System of engagement 4 Invest in new systems Touch people In-moment decisions Personalized & in-context Social and analytics driven short & rapid releases
  5. 5. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph 5 CIO has 2 faces
  6. 6. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Goals of the “engagement systems” Deliver “best of class” customer experience Focus on personalization “push” mode Design for people to people interaction models Drive relevancy with context not content Deliver value for customers (time is the constraint for customers) Move mobile strategies from campaign to e-commerce Address big and small data (from BI through streaming analytics) 6
  7. 7. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph IT Delivery as a Factory! 7 XaaS IT Delivery Services (SW + HW)
  8. 8. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph IT Delivery as a Factory! 8 Elastic On-Demand Usage Metered Self-Service Access Line of Businesses IT Delivery Services (SW + HW)
  9. 9. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph IT Delivery Challenges 9 “Records” and “Engagement” share the same IT Delivery problem domains But might address these challenges differently
  10. 10. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph IT Talent 10
  11. 11. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph 11 Obstacles in the “System of records” delivery domain Printing infrastructure Versatile Communications (Collaboration) Obstacle #8 API Security Cyber Security Identity and access management
  12. 12. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Good communication is fundamental Todays Communication network: Data and voice in separate network A lot of vendors Separate maintenance for each network More employees for each network High costs The solution: Unified Communication. Combining telephony and business data on the same network. It gives the ability to combine and use voice, data , video information in common business applications, saving and forwarding whole instant message streams, faxes, e-mails, voice phone calls or videoconferencing sessions as blocks of data. 12
  13. 13. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph CIOs Extend Unified Communications to Mobile Devices Source: survey by IDG Enterprise, CIO's parent company Why invest in UC? 61% - to boost employee productivity 42% - to increase flexibility for employees The biggest obstacles to UC investments: 54% - the high cost 47% - systems integration headaches 33%- lack of in-house expertise 31% - security and privacy UC deployments often cost at least $250,000, and can top $1 million at large companies 13
  14. 14. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph 14 Unified Communications Areas Source: Gartner
  15. 15. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph 15 How Many Horses In This Race? Traditional PBX vendors • Cisco • Avaya • Siemens • Alcatel-Lucent OpenTouch • Etc. Desktop vendors • IBM SameTime • Microsoft LYNC Social networking with Consumerization • Google • Skype Microsoft • LinkedIn • Facebook
  16. 16. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Insights from Customer Roundtables Maintaining the current UC infrastructure is complicated because many vendors are involved Different organizational cultures can lead to failure or success in UC projects LYNC market share is very strong in Israel because most of the organizations Microsoft based. But what about IPTEL with LYNC? Cross organization projects that can optimize work and change organizational culture 16
  17. 17. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Web Browser with Real Time Communication  No need to install client/plug In.  Supported in the browser/Mobile.  Better user experience –Click to call.  Contact Center- Meta Data of the customers. 17
  18. 18. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph WebRTC - Web Real Time Collaboration Google –disruptive competitor. The Google Apps Suite, which offers functionality analogous (if not directly comparable) to Office, Exchange, Sharepoint, Yammer and Lync. Cisco Communications Manager (CUCM)- seeing an online contact in your browser and being able to call their mobile directly from there, but having your CUCM make and control the call. Also, if you take or make a call through the CUCM, your online status or presence changes to reflect this. Source: http://www.irishtimes.com/blogs/eircom-business-centre/2013/03/25/top-three-trends-from -unified-communications-expo-2013/ 18
  19. 19. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Future Unified Communication 19 Source:http://blog.dimensiondata.com/2013/04/the-future-of-unified-communications-and- collaboration/
  20. 20. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph 20
  21. 21. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Unified Communication as a Service 21 Source:http://www.orange-business.com/en/blogs/enterprising- business/unified-communications/hybrid-cloud-drives-ucaas-adoption
  22. 22. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph API obstacles •Market transition to the POST-PC enterprise It is an app world. The web just lives in it (Flurry Report) •How customers experience your product or service? •How your customers and partners access or integrate your data and resources into their public or private sites and applications? The solution : secure API. 22
  23. 23. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph API management & Security 23
  24. 24. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph APIs are the lifeblood of mobility API definition - an Application programming interface is a way for 2 computer applications to talk to each other over a network (internet) using common language that both understand 24
  25. 25. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Organizations must to open up 25 Source:http://www.slideshare.net/rnewton/api-security-and-management-best-practices
  26. 26. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph 26
  27. 27. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph 27
  28. 28. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph API Management & Security with CA Layer 7  Secure externalized data and business services  Protect against DOS and API attacks  Wrap app with security policy & jailbreak detection  Cache, throttle and meter  Learn about APIs available for use  Grant certificates for access  Test environment  API usage metrics & reporting  Accelerate API projects through cloud delivery  Deliver API gateway and developer portal capabilities from the cloud  Reach cloud, mobile and smart technology markets faster  Leverage existing application infrastructures  Convert legacy apps to REST API  Create API composite applications Protocol Adaptation Security & Govern Developer Portal SaaS (Apify) 28
  29. 29. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph API Management & Security with IBM DataPower 29
  30. 30. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Multiple access control methods are necessary. use HTTPS and more strong authenticatio n mechanisms OAuth, mutual (two- way) TLS (transport layer security) authentication SAML (security assertion markup language) tokens DoS Attacks Against APIs 30 November 2010 Source: https://blog.apigee.com/detail/a_growing_threat_dos_attacks_against_apis If you increase use of APIs, make sure you are paying attention to DoS attacks.
  31. 31. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph End-to-End Security for the Digital Value Chain 31 Roll-Based Access control DoS Attacks AAA via OAuth, SAML, and LDAP Policy management for authorization
  32. 32. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph API-centric architecture meet security requirements 32 Developer • Ability to create and deploy apps and configure security (not code) via the API and self-service management portal API architect • Ability to securely expose the back- end services with necessary authentication, authorization, and threat protection Security architect • Protect high value assets (sensitive data) that are being exposed via APIs, while meeting enterprise security standards for authentication, authorization, and auditing (AAA) Application/business owner • Ability to manage availability, risk, and compliance when delivering an API service to end users accessing from any device at anytime Source: http://pages.apigee.com/rs/apigee/images/apigee-securing-the-digital-enterprise-ebook-02-2014.pdf
  33. 33. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Business changes driven by APIs Source:http://www.slideshare.net/balaiyer/why-do-we-need-ap-is 33
  34. 34. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph STKI Summit 2014 Frame tale: IDM project manager 34
  35. 35. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Are you really you ? 35  How can you know that “Avi” –CFO in your business is not someone else? Another employee?  How do you recognize your employee and your customers?  How do you know that “Avi” had the correct permissions to access enterprise resources?  If “Avi” moves to another role, what are his new permissions/access ?
  36. 36. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Credential Theft 36
  37. 37. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Identity Theft 2 Million Stolen Passwords Recovered 326,129 Facebook passwords (59%) 70,532 passwords for Google (13%) 59,549 for Yahoo (11%) 21,708 for Twitter (4%) 8,490 LinkedIn (2%) 37 You have to protect your sensitive business data from outsiders (especially your employees) - take control over the identities & their accesses!
  38. 38. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Control your sensitive business data 38
  39. 39. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Why should we manage our identity? Employees having difficulty remembering all of their accounts and credentials. Cloud integration within a local network, collaboration with multiple cloud suppliers. Strict legislation and regulations Make information widely available to members of a business Source: http://secureidnews.com/news-item/identity-and-access-management-what-is-in-store-for-2014/#sthash.GVUOvxeu.dpuf 39
  40. 40. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Technologies to control your ID Source: http://secureidnews.com/news-item/identity-and-access-management-what-is-in-store-for-2014/#sthash.GVUOvxeu.dpuf 40
  41. 41. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Securing the Digital Enterprise 41 Source:http://pages.apigee.com/rs/apigee/images/apigee-securing-the-digital-enterprise- ebook-02-2014.pdf
  42. 42. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Inside your business 42 Source:http://cloudtweaks.com/2013/05/identity-access-management-perspective-saas-application/
  43. 43. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph IDM is not an easy project 43
  44. 44. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph 44
  45. 45. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph 45
  46. 46. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Why we need IAM? 46 Finance department Moving Marketing department Billing System ERP finance Employee attendance system Enterprise Portal ERP marketing CRM Graphic Design System Social networks We need HR help! Translate the business world into project specification process It is not about technology! Support from organization's high management is also need. Matching expectations of project initiators, users and desicsion makers Hierarchical organizational structure
  47. 47. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Active Directory Protection | Identity Theft Detection 47
  48. 48. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Insights from Customer Roundtables Cross organization project, need management support and awareness. Most customers are in the middle or beginning of implementing an IDM project Regular maintenance and human resources . Most of these projects are failed or stopped (budget, support, maintenance etc.) 48
  49. 49. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph STKI Summit 2014 Frame tale: The Network manager 49
  50. 50. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Networking 50 Multiple virtualized machines exchange multiple traffic flows. Switching routes and juggling bandwidth can be a headache. Network hardware costs, network management costs – human resource Secure all networking components Can not control business applications- they run separately.
  51. 51. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph General Shift in Networking 51
  52. 52. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Current Network Control Plane Data Plane 52
  53. 53. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph 53 SDN- Software Defined Network Control Plane Data PlaneData Plane Data Plane
  54. 54. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Packet-Forwarding Hardware Openflow Firmware Packet-Forwarding Hardware Openflow Firmware Packet-Forwarding Hardware Openflow Firmware Packet-Forwarding Hardware Openflow Firmware Network Operating System –SDN Controller Open Interface to Hardware Open API The “Software-Defined Network” Microsoft ERP SAP CRM “If header = x, send to port 4” 54
  55. 55. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph SDN could improve your IT and business environment 55 1 2 3 Accelerating the Traffic visibility into network loads ,and jams, to make intelligent rerouting and dynamic changes to bandwidth much easier. TCO + ROI reduced expenditure on network hardware, plus reduced network management costs Controlling the organization Traffic
  56. 56. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph SDN could improve your IT and business environment 56 4 5 6 App-Friendly Ecosystem SaaS apps can be readily accessible, promotes rapid deployment of new apps, and efficiently manages bandwidth requirements. Securing the Network virtual machines and applications, regardless of location, while providing a central security brain to diagnose and treat threats. Embracing Analytics Deep intelligence from an increasingly distributed computing environment, automate network management. Increasing processing speeds and providing the flexibility and scalability to handle big and unstructured data.
  57. 57. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Future SDN 57
  58. 58. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Business Applications with SDN 58Source: http://demo.ipspace.net/get/OpenFlow%20Functions.pdf; https://indico.cern.ch/event/294923/contribution/0/material/slides/0.pdf SDN can improve your business applications performance I want my SAP traffic to have priority. But no more than 20%. Rules- Every 24 hours: transfer 10 TB of data to the backup service ,avoid impact on any other services. A new prototype application :create a new isolated network , must not interfere with normal network activity. Every IP flow has a matching security policy as a flow entry.
  59. 59. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Networking technology findings for 2014 59
  60. 60. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Insights from Customer Roundtables FCOE not mature enough and can lead to problems between the various teams : networking ,storage ,DB. Most organizations don’t believe in SDN, because knowledgeable and expert teams are not available yet In wireless network don’t forget the security and management (maybe service provider). Most customers do not plan to migrate to IPV6 . They think the ISP should lead it. 60
  61. 61. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph • SPAN Ports • Taps • Inline Bypass • SPAN Ports • Taps • Inline Bypass Tools Need End-to-End Network Access Production Network WAN Carrier Networks Wired and Mobile Data Center Private Cloud Virtualization Core Remote Office Branch Office Campus Network Management Application Performance Security Intelligence Customer Experience • SPAN Ports • Taps • Inline Bypass • SPAN Ports • Taps • Inline Bypass This isn’t happening! Why? Network Operations Performance Management Security Admin Server Admin Audit & Privacy Forensics Tools Organization 61
  62. 62. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph New Needs to Solve the Tools Problem Production Network WAN Carrier Networks Wired and Mobile Data Center Private Cloud Virtualization Core Remote Office Branch Office Campus Tools End-to-End Visibility Tool access to any point in the network Scalability Scales to fit the needs of any network Manageability Flexible macro-level management Control View exactly the information you need Reduce Costs Reduce tool costs & administrative burdens Visibility Needs Network Operations Performance Management Security Admin Server Admin Audit & Privacy Forensics Organization Network Management Application Performance Security Intelligence Customer Experience 62
  63. 63. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph STKI Summit 2014 Frame tale: The securitycyber manager 63
  64. 64. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Security Cyber •How much time (in seconds… ) can organization operate properly without good defense?  Do you have information that needs to be kept confidential (secret)?  Do you have information that needs to be accurate/ Integrity?  Do you have information that must be available when you need it? Solution: Cyber Security Plan.
  65. 65. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Security Dominates the IT Conversation 65 Source:http://www.fedtechmagazine.com/article/2013/10/how-will-federal-agencies- invest-2014-survey
  66. 66. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph STKI Survey CIO 2014 – Again Security Domains 66 8076 7168 62 5353535350 44 3229 21 12111 ‫הפרויקטים‬ ‫תחומי‬,‫ב‬ ‫בארגונך‬ ‫החלו‬ ‫אשר‬-2013/‫ל‬ ‫מתוכננים‬-2014 *‫מרובה‬ ‫בחירה‬
  67. 67. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph 67 Beware of Unknown Security Threats Source: http://www.ebusinessplanet.com/category/online-business/
  68. 68. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph 68
  69. 69. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Cyber Intelligence 69
  70. 70. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph 2014 70Source: CYREN
  71. 71. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Internet of everything71
  72. 72. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Challenges in Cyber Security Expanding threat landscape The increased complexity, number and sophistication of incoming threats have led to a fragmented infrastructure approach for security provision, which is inefficient, risky and a nightmare to manage. End-point consumerisation: IOT and M2M explosion An increase in the number and variety of devices connected to the Internet increases the opportunity of security breaches by orders of importance. Most security infrastructures are completely unprepared for the escalation in event numbers and types. Skills lack The lack of availability of cyber security skills is very influence. Despite the professional associations that provide security accreditation, there is still a major lack of resource with the right skills and experience to cope with cyber security market demand. Salaries of experienced security analysts are increasing substantially, and staff retention is proving elusive. 72 Source: http://www.icontact-archive.com/oVcotBdZudhBcQahFd9aCVMmrT_AgJpG?w=4
  73. 73. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Cyber events 2013 ‫ריגול‬–Espionage Steal information government agencies, embassies, Oil and gas companies, research institutes, provide military and social activists. Hit and Run Attacks Small groups perform minor assaults and targeted information and locate surgical precision. The attack usually lasts a few days/weeks, and they have achieved what they were looking for, Cleaning And leaving Distributed Denial of Service- DDoS Activism and theft in the virtual world Ransomware"‫כופר‬ ‫תוכנות‬" Malware and viruses used in the internet crime factors blackmail companies and private users in the form of ransom. Watering Hole Attacks in which attackers infect a website, their intended victims Are expected to visit it, while exposing victims of malware as soon as they enter the site Rise in malicious software quality in mobile The victim did not know he would attack and could not remove the offensive machine. 73
  74. 74. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Cyber events 2013 74 The human factor is (still) the weakest link in the security chain Social Engineering Big brother is watching - Lavabit , Silent Circle, NSA Surveillance and invasion of privacy information Vulnerabilities & Zero Days Don’t forget Patch Management, win XP will Not support by Microsoft Bitcoins Already crossed the border 1000$. So loved among the attackers
  75. 75. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph How to deal with Cyber? 75 IT is not only changing information security tools but also an internal vision of security inside your business.
  76. 76. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Insights Customer Roundtable Every organization approaches Cyber ​​differently. Some customers use existing information security tools. There are customers who are trying to test new tools related to cyber such as forensic and APT tools. Most organizations are working to increase awareness among employees in different ways and the importance of the organization's information security policy. Mobile also brings the expansion of EP in endpoint security. 76
  77. 77. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph ISO 27032 77 Information technology — Security techniques — Guidelines for cybersecurity Published in 2012. Defined as the “preservation of confidentiality, integrity and availability of information in the Cyberspace”. Main sections: • Overview • Assets in the Cyberspace • Threats against the security of the Cyberspace • Roles of stakeholders in Cybersecurity • Guidelines for stakeholders • Cybersecurity controls • Framework of information sharing and coordination • Annex A. Cybersecurity readiness • Annex B. Additional resources • Annex C. Examples of related documents 77
  78. 78. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Security on virtual machines There is no single unified threat management tool for the virtual world 1) Intrusion detection and firewall features 2) Compliance and auditing 3) Reporting- where and how an organization is vulnerable. Check how easy is to generate actionable reports and whether the product can automatically flag particular violations. 1) Access controls- tie access control roles to particular Active Directory users. 2) Anti-virus/anti-malware protection You should do some basic testing of any of these products and understand how they fit into your existing security frameworks and operations. 78 Don’t forget to cover security layer on virtual machines
  79. 79. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph 79 Source: http://www.arbornetworks.com/corporate/blog/5151-ddos-attacks-the-necessity-of-multi-layered-defense
  80. 80. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph 80 Security To SaaS Business applications
  81. 81. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Cloud-based security as a service 81 The goal is to provide real-time analysis and a clear audit trail and reporting related to SaaS-based application usage by the enterprise. The monitoring can allows options for automating or manually terminating sessions or blocking content download.
  82. 82. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Cyber forecast 2014 82 “Cloud computing” providers Gaps / weaknesses / vulnerabilities. Focus on current and ongoing process of assessment and risk management in the cyber world. New threats will force organizations to change concept and move static protection proactive. Sophistication attacks that are based on the malware mobile (IOS & Android). Security events in health care: attacks on electronic medical equipment, leakage of confidential information Hospitals, international facilities in the area (HIPAA).
  83. 83. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph STKI Summit 2014 Frame tale: New Business enabling technologies 3D printing 83
  84. 84. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph 3D printing Printing Today – 2D Printing: •Production time is too long •High costs •Lack of availability •Need technical personnel to quote, specify and configure product for design & engineering integrity •Slower product design •Late design changes take time to integrate The solution: 3D Printing 84
  85. 85. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph 85
  86. 86. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph 3D printing is already transforming the way the company does business 86
  87. 87. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph 3D printing is already transforming the way the company does business 87
  88. 88. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph 88 Source:http://www.nationaldefensemagazine.org/archive/2014/March/pages/3DPrinti ngPromisestoRevolutionizeDefense,AerospaceIndustries.aspx
  89. 89. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph 3D Printing- Future Printing Innovation Improve Communication Different Materials Personalize products Reduce Development Costs Speed Time to Market Win Business Source:http://www.computerweekly.com/feature/How-3D-printing-impacts-manufacturing 89
  90. 90. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Coca-Cola Israel’s Mini-Bottles 90
  91. 91. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph 91
  92. 92. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph 92
  93. 93. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph POTENTIAL ECONOMIC IMPACT BY 2025 SOURCE: McKinsey Global Institute analysis 93
  94. 94. Sigal Russin’s work/ Copyright@2014 Do not remove source or attribution from any slide, graph or portion of graph Thank You! 94 Sigalr@stki.info

×