Your Text here                             Your Text here




         Shahar Geiger Maor shahar@stki.info

     Visit My ...
Agenda

1   Downturn Economics

2   Communication
    CISOs Agenda
    Your Text here                                     ...
Israeli Information Technology Market Size




    Your Text here                                                         ...
IT Market Share (%) by Industry




  Your Text here                                                                      ...
Israeli Information Security Market Size



                      GRC and Security market size (Ms of $)



         Your ...
Security Budgeting Difficulties –
           The Market is Under Stress



      Although most 2009                       ...
Vendor Discounting in Response to Buyer
               Request




     Your Text here                                    ...
Security Budgeting Difficulties –
                  Downturn Mechanism


                                                 ...
More Optimism about Security
               Spending
45%
40%
35%
30%
25%     Your Text here                               ...
What’s on the CISO’s Agenda?
                    (STKI Madad 2008-2009)

                         Network DLP             ...
What’s on the CISO’s Agenda?
             (STKI Madad March-June 2009)
                                                Sec...
What’s on the CISO’s Agenda?
Financial sector:
  • Access and DLP: Mobile Security, OTP, Data Obfuscation
Governmental a...
Security Staffing Ratios

Organization Type                                              Ratios of Security
              ...
Technologies Categorization 2009
Business Value
Investment
to make money                        Remote
                   ...
Network Access Control




Your Text here                                                                            Your ...
NAC Insights
NAC has not been “fully digested” by Israeli customers in
 2008. There should be more activity in 2009
NAC ...
Data Centric Security




Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or ...
Data Centric Approach




 Your Text here                                                                            Your ...
Data Centric Security Arena

                          DLP                                    ERM

                       ...
DLP –Market Status

                 DLP Deployments Status -Israel 1Q09



                                              ...
Identity & Access Management (IDM/IAM)




  Your Text here                                                               ...
IDM/IAM Savings




Your Text here                                                                            Your Text he...
Key Success Factors for Future IDM Project

Consider IDM also as a business project, rather
 than a pure IT project
Make...
Security Information and Event
          Management




Your Text here         Your Text here




                        ...
Silos of Redundant Information
          Management




Your Text here                                                    ...
An Enterprise Platform for Compliance and
                 Security




    Your Text here                                ...
SIEMSOC “Round Table” Insights

How to “sell” SIEM project to your organization
Knowing when NOT to start a project
Rep...
Your Text here   Your Text here




Shahar Geiger Maor
 VP & Senior Analyst
  shahar@stki.info


                         ...
Upcoming SlideShare
Loading in...5
×

Security Summit July 2009

935

Published on

PC Magazine security summit, July 2009

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
935
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
17
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Security Summit July 2009

  1. 1. Your Text here Your Text here Shahar Geiger Maor shahar@stki.info Visit My Blog: http://shaharmaor.blogspot.com/ 1
  2. 2. Agenda 1 Downturn Economics 2 Communication CISOs Agenda Your Text here Your Text here 3 Technologies (NAC, DCS, IAM SIEM) Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 2
  3. 3. Israeli Information Technology Market Size Your Text here Market here 2008: Your Text size 4.645 B$ Market size 2009: 4.063 B$ Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 3
  4. 4. IT Market Share (%) by Industry Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 4
  5. 5. Israeli Information Security Market Size GRC and Security market size (Ms of $) Your Text here 2008 2009 Your Text here 2010 Governance & Risk Management (also BCP) 35.0 42% 50.0 50% 75.0 Security (projects) 95.0 -10.53% 85.0 11.76% 95.0 Security (Software) 90.0 -5.56% 85.0 -5.88% 80.0 Total 220 0% 220 14% 250 Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 5
  6. 6. Security Budgeting Difficulties – The Market is Under Stress Although most 2009 72% expect additional security budgets are set downward revisions during (89% surveyed) the remainder of the year Your Text here Your Text here 65% of security vendors are 53% of vendors are providing discounts for new reducing maintenance fees products purchases Source: http://metrosite.files.wordpress.com/2008/06/information_security_spending_survey_2009.pdf Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 6
  7. 7. Vendor Discounting in Response to Buyer Request Your Text here Your Text here Source: http://metrosite.files.wordpress.com/2008/06/information_security_spending_survey_2009.pdf Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 7
  8. 8. Security Budgeting Difficulties – Downturn Mechanism Longer POC Your Text here Longer Your Text here sale cycle Vendor bottom line turns red Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 8
  9. 9. More Optimism about Security Spending 45% 40% 35% 30% 25% Your Text here Your Text here IT Spending 20% Sec Spending 15% 10% 5% 0% > -10% -10% to -5% -5%% to 5% 5% to 10% 10+% Source: http://metrosite.files.wordpress.com/2008/06/information_security_spending_survey_2009.pdf Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 9
  10. 10. What’s on the CISO’s Agenda? (STKI Madad 2008-2009) Network DLP Hardening Market Players 5% 4% 3% 5% Access GRC 18% 5% Miscellaneous EPS/Anti x 6% Your Text here Your Text here 14% NAC DB Protection WAF & Apps 6% 7% 11% Management Trends 8% 8% Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 10
  11. 11. What’s on the CISO’s Agenda? (STKI Madad March-June 2009) Sec Tools SIEM/SOC EPS 5% 5% 5% DB/DC SEC Encryption 18% 9% Access/Authenti Market/Trends cation Your Text here Your Text here 10% 15% NAC Miscellaneous 10% DLP 15% 10% Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 11
  12. 12. What’s on the CISO’s Agenda? Financial sector: • Access and DLP: Mobile Security, OTP, Data Obfuscation Governmental agencies and subsidiaries: • NAC, IDM High-Tech and Services: Your Text here Your Text here • Virtualization, Cloud Computing, EPS and mobility Cross-sector: • SIEM-SOC, Application Security and methodologies Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 12
  13. 13. Security Staffing Ratios Organization Type Ratios of Security Personnel (Israel) Average Public Sector 0.15% of Total Users Your Text here Your Text here “Sensitive” Public Sector 0.5% of Total Users Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 13
  14. 14. Technologies Categorization 2009 Business Value Investment to make money Remote Access Cut costs, Increase Manage Sec. productivity IAM/IDM Services IT Project Business SSO Cloud Project App. Your Text here Anti Your Text here Sec. DLP Size of figure = Commodity IT X Mobile complexity/ EPS SIEM/SOC Sec. Services cost of project DB Vir. Network NAC Sec. Sec. Security Investment for regulations GRC Using Implementing Looking Market Maturity Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 14
  15. 15. Network Access Control Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 15
  16. 16. NAC Insights NAC has not been “fully digested” by Israeli customers in 2008. There should be more activity in 2009 NAC can be deployed less expensively when it is an embedded feature of an existing vendor and customers take notice of it Some network and security vendors alreadyText here Your Text here Your have solutions that can be part of the NAC process  Israeli customers first priority: network visibility and guest network control Network or Security? NAC is a Layer 2 vs. Layer 3 match Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 16
  17. 17. Data Centric Security Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 17
  18. 18. Data Centric Approach Your Text here Your Text here “Business of Security” – Security “perimeter security” is built into the business process Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 18
  19. 19. Data Centric Security Arena DLP ERM Database Encryption Protection EPS Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 19
  20. 20. DLP –Market Status DLP Deployments Status -Israel 1Q09 Solution Deployed 20% Your Text here PlanYour Text here to Deploy Not "There" Yet Soon 60% 20% Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 20
  21. 21. Identity & Access Management (IDM/IAM) Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 21
  22. 22. IDM/IAM Savings Your Text here Your Text here Source: http://blogs.technet.com/mcs-ireland-infrastructure/default.aspx Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 22
  23. 23. Key Success Factors for Future IDM Project Consider IDM also as a business project, rather than a pure IT project Make sure the project bridges the gap between business and IT  StartYour Text here easier success (Single Signhere a small for Your Text On, vertical project)  Choose a step-by-step approach, rather than a mastodon implementation. Focus on basic functionalities not on the additional features Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 23
  24. 24. Security Information and Event Management Your Text here Your Text here 24
  25. 25. Silos of Redundant Information Management Your Text here Your Text here Source: Network Intelligence Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 25
  26. 26. An Enterprise Platform for Compliance and Security Your Text here Your Text here SIEM Source: Network Intelligence Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 26
  27. 27. SIEMSOC “Round Table” Insights How to “sell” SIEM project to your organization Knowing when NOT to start a project Reporting Systems, Logging and parsing “Tracing the events” (real-time?) Who defines what is “risk”? How to translate it to HD? Your Text here Your Text here Maintenance and operations: What does it take? Outsourced SOC (must be taken under consideration) Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 27
  28. 28. Your Text here Your Text here Shahar Geiger Maor VP & Senior Analyst shahar@stki.info 28
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×