Xerox Thought Leadership 062111


Published on

Art Coviello, RSA/The Security Division of EMC

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • The Governance and Visibility layer represents roughly $2.7b.  GRCGRC is still a relatively small market, but is very strategicIt's growing faster than any other segment within security managementIts footprint in an account can influence the purchase of other security mgmt componentsSecurity is about People (expertise), Process and Technology. GRC is key to "People" provides embedded expertise on regulation and best practices and can make that knowledge actionable by mapping policy to controls. GRC is key to process because it enables security workflowRSA in leadership position in GRC management market with Archer – but it’s market strength is largely in the IT GRC domain (it is used for non-IT GRC, but it’s typically first consumed by an account for IT GRC and then cross-sold into other applications. RSA’s chief vulnerability here is non-IT GRC players – particularly from application vendors (e.g. Oracle and SAP) who are in a better position to lead in Finance GRC and Operations. Once sold into an account, the IT GRC portion may never come up for bid.SIEM: The largest market ($704m growing at The SIEM market is a critical anchor point of Security ManagementIt's the largest segment of the Security Management marketIt's a key beach-head that can influence purchases of other componentsAs with GRC, it has high relevance to systems management efforts at VmwareTrifurcating into 3 segments: Traditional SIM/SEM applications, Lower-end log management, and Higher-end analyticsenVision: not well positioned due to monolithic architecture & lack of critical featuresApproximately one third of enVision’s losses in 2010 related to features like GUI, NetFlow, Correlation, Reporting PerformanceCompetition eating at enVision from above and belowAbove: ArcSight (HP): 2x our share in the traditional SIEM market. They lead in Financial and Federal markets (Federal accounts for 20% revenues)Below: Log management players taking share in the low-end: Q1 Labs, Splunk, NitroSecurity, LogRhythm & LogLogicContextSeveral technologies/categories are highly relevant in providing context about riskRisk = [Threats] * [Vulnerabilities] * [Value of the targeted assets]Any security control provides context, but some technologies don’t provide any security control, but rather provide visibility into one or more of the areas of risk. Some of these categories are primarily focused on security visibility (e.g . data classification, vulnerability management, forensics, targeted threat analysis). These are logical adjacencies, as their main application fit closely with our core.Some of these categories are primarily focused outside of security (e.g. configuration management or patch management. These are best done through partnershipsCurrent relevant assets include: DLP (for Data Classification and Discovery) and Cyber Crime Intelligence (CCI) service (for identifying targeted threats and compromised information and assets). VA is the largest segment ($692m) but a lot of that is services and the market is not growing fast)DLP ($164m) is growing very quickly, and classification and discovery is a big new area of focus for customersPERM (Proactive Endpoint Risk Management) is sizeable ($353m) but is likely a causality in the virtual/cloud worldSSCM (Security Software Configuration Management) is also sizeable ($313m) but more likely a feature of configuration management.
  • Xerox Thought Leadership 062111

    1. 1. The Future of Security<br />Art CovielloExecutive Chairman<br />RSA, The Security Division of EMC<br />
    2. 2. The “Community’ of Hackers<br />Organized, sophisticated supply chains (PII, financial services, retail)<br />Criminals<br />Unsophisticated<br />Anti-establishment vigilantes<br />Terrorists<br />Nation state actors<br />PII, government, defense industrial base, IP rich organizations<br />Organized crime<br />Petty criminals<br />Non-state actors<br />“Hacktivists”Targets of opportunity<br />PII, government, critical infrastructure<br />
    3. 3. On this slide we need these things to pop up randomly: Social Media, Consumer Devices, High Band Width, Cloud Computing, SaaS, PaaS, IaaS, Virtualiztion<br />Then after all those come up fade them back and put some image over that implies constant change<br />Consumer Devices<br />Social Media<br />IaaS<br />Cloud Computing<br />State of Change<br />SaaS<br />PaaS<br />Virtualization<br />High Band Width<br />
    4. 4. Approach<br />Logical, information-centric<br />Risk-based, adaptive<br />Built-in, automated<br />
    5. 5. Technology: Future Security Model<br />SECURITY MANAGEMENTLAYER<br />Systems Management<br />Remediate<br />Analyze/Correlate<br />Report<br />Compliance<br />GRC Repository<br />Aggregate<br />Map<br />Aggregate<br />CONTROL<br />MANAGEMENT<br />LAYER<br />Monitor Performance<br />Provision<br />CONTROL<br />LAYER<br />Information<br />Identity<br />Infrastructure<br />Enforce<br />Detect<br />