Trends in Information Security                              Shahar Geiger Maor                              VP & Senior An...
Agenda                                       Introduction          Cyber-Warfare          Data Leakage                    ...
Technologies Categorization 20102011                                                                                      ...
STKI Index-20102011                           –Top Queries to STKI                    SIEM/SOC Miscellaneous              ...
Risk ManagementShahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of ...
The Value of Secretshttp://www.csoonline.com/documents/whitepapers/rsavalueofcorpsecrets.pdf Shahar Maor’s work Copyright ...
Cyber-Warfare                                                                                                             ...
Cyber Warfare –Key Takeaways• Cyber-Warfare is Becoming A Giants’ Playground• Cyber threats are more sophisticated, target...
Cyber-Warfare is Becoming A Giants’           Playground        http://www.bbc.co.uk/news/technology-11773146   Shahar Mao...
Operation Aurorahttp://www.damballa.com/downloads/r_pubs/Aurora_Botnet_Command_Structure. 10    Shahar Maor’s work Copyrig...
Growing Number of Incidents -US                                Incidents of Malicious Cyber                          Activ...
Sources of Attacks on gov.il                                     Source: CERT.gov.ilShahar Maor’s work Copyright 2011 @STK...
Sources of Attacks on gov.il                                     Source: CERT.gov.ilShahar Maor’s work Copyright 2011 @STK...
M&As in the Cyber Underground…SpyEye made headlines this year wheninvestigators discovered it automaticallysearched for an...
Cybercrime Return on Investment Matrix        Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution ...
Underground Economy                             Products                                                                  ...
Common “Positions” in the cyber-crime             business                                        Organization Leaders    ...
Is Technology Good or Bad?Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or ...
The Social Network (…at work)http://it.themarker.com/tmit/         article/14567                                          ...
Stuxnet:                                                                                           (THE NEW YORK TIMES, 15...
Stuxnet in Action: “A Game Changer”    Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from an...
Stuxnet in Action: “A Game Changer” 10-30 developers (!!!) Stuxnet has some 4,000 functions (software that runs an avera...
Stuxnet Timeline Eraly 2008: Siemenscooperated with Idaho National Laboratory ,    to identify the                        ...
Rootkit.Win32.Stuxnet Geography  Source: http://ebiquity.umbc.edu/blogger/wp-content/uploads/2010/09/stuxnet.gif      Shah...
…Lets talk about Patch Management (PM)• Mostly Microsoft, security-related patches• “Its not the deployment, but the whole...
Data Leakage Prevention (DLP) Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic...
DLP –Key Takeaways•   Thank you, Mr. Assange! Thank you Ms. Kam!•   The human threat has never gone away•   Over-all DLP i...
Market Trends: WikiLeaksShahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or po...
What’s the Incentive?                                                                    29Shahar Maor’s work Copyright 20...
What’s the Incentive?   2,754                                              • Data loss incidents 396 (35%)                ...
Data Loss Analysis –Answering the “How” Q                     Hack                   Fraud         LostStolen X           ...
Internal vs. External Human Threats                                                                From                   ...
Incidents by Vector                           http://datalossdb.org/statisticsShahar Maor’s work Copyright 2011 @STKI Do n...
Top three most effective Data-Security              controls      http://securosis.com/reports/Securosis_Data_Security_Sur...
What will you deploy next?  http://securosis.com/reports/Securosis_Data_Security_Survey_2010.pdfShahar Maor’s work Copyrig...
Leakage Mitigation in Israel                                +       AwarenessMethodology                                  ...
DLP Insights•   2011 -The Year of DLP???•   How to Approach DLP Projects?•   No Complete Leakage Prevention•   ROI? Yes, t...
Data Leak/Loss Prevention                        - Israeli Market Positioning 1Q11                 Solutions to Watch:    ...
Information Rights Management                       - Israeli Market Positioning 1Q11                                     ...
Database Protection                        -Israeli Market Positioning 1Q11                Estimated Technology           ...
“Social Security”                                                                                                         ...
“Social Security” –Key Takeaways• Social media is all around us• Corporate network is opening up?• Most employees use soci...
10 Steps to Social-Computing                     Compliance                                                               ...
Internet Policy –Allowing Facebook?                    Israel: Cross-Sector, March 2011                                   ...
Internet Policy –Allowing Facebook?                 Industry                                                    Healthcare...
Internet Policy –Allowing Skype?                          Israel: Cross-Sector, March 2011             Limited            ...
Internet Policy –Allowing Skype?        Industry                                                    Healthcare            ...
Internet Policy –Allowing Gmail?                                   Israel: Cross-Sector, March 2011                       ...
Internet Policy –Allowing Gmail?             Industry                                                    Healthcare       ...
Internet Policy –Allowing P2P?                        Israel: Cross-Sector, March 2011                 Limited            ...
Mobile sec                                                                                                               M...
Mobile Security –Key Takeaways• New Wave of Change: “Consumerization of IT”• 38% (…and rising….) Of mobile devices are  co...
New Wave of Change: “Consumerization               of IT”                     Computing Cycles in Perspective             ...
Mobile Traffic in the Next Years                                                                                          ...
What’s Going on in Israeli Orgs?• 38% (…and rising….) Of mobile devices are  considered “smartphones”• In 26% of the marke...
What type of smartphone are you considering to           provide your employees?       Israeli Survey                     ...
What Kind of Services?                      88%90%80%70%60%50%40%30%                                                     1...
What About Your Security Policy?                                                          Insufficient                    ...
What are You Looking For?Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or p...
Mobile Security: What worries CISOs?Internal users:• No central management• How to protect corporate data on device?• Devi...
What are You Looking For?1. Manage Smartphones as if they were another   endpoint2. Multi-platform support3. Protecting bu...
Solutions (Existing Support in Israel)                                                                                    ...
Solutions (Existing Support in Israel)                  McAfee               MobileIron                       Phonaris    ...
Mobile security and management capabilities compared      Shahar Maor’s work Copyright 2011 @STKI Do not remove source or ...
MDMSecurity Solutions                              -Platform Support                                           Good       ...
ConclusionMobile is                                                  IT                                                   ...
Cloud ComputingShahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of ...
Cloud Security –Key Takeaways• Cloud Computing is here to stay• Security is an EASY showstopper• CISOs will have to be agi...
We Should Know, by now, What Cloud            Means    http://www.opengroup.org/jericho/cloud_cube_model_v1.0.pdf   Shahar...
Cloud Services Concerns        Security (especially        access issues) is still         considered a top             co...
Top Threats To Cloud Computing                                                  Abuse and                                 ...
Top Threats To Cloud Computing                      IaaS         PaaS           SaaS                                      ...
Top Threats To Cloud Computing -                    Continued                      IaaS         PaaS           SaaS       ...
Top Security and Privacy Issues Governance                                      Compliance                                ...
Security and Privacy Issues and                       Precautions    Areas                                                ...
Security and Privacy Issues and                         Precautions       Areas                                           ...
Outsourcing Activities and Precautions         Areas                                                                      ...
Division of Liabilities in the Cloud  http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-information-ass...
How to Secure the Cloud?Technologies believed to be most important in securing the cloud computing                        ...
Lack of Confidence in IT?Who is responsible for ensuring a secure cloud computing environment?                            ...
Regulations, Standards and Certifications     Regulations?????                                                            ...
Regulations, Standards and Certifications• Standards:   – AICPA: SAS 70:      • there is no published list of SAS 70 stand...
Regulations, Standards and Certifications• Guidelines:  – CSA (Cloud Security Alliance):     • CCM -Cloud Controls Matrix ...
Addressing Cloud Issues in the Israeli           Government‫0102/01 מתוך נייר עמדה בנושא: עקרונות להגנת הפרטיות במידע אישי...
Virtualization Security Solution         Existing solutions                                     Threat protection         ...
Cloud Security Solutions                                                                                              Busi...
Cloud Security Solutions                               http://www.cloudflare.com/Shahar Maor’s work Copyright 2011 @STKI D...
(Cloud-Based) Cyber-Crime Prevention                                                       Source: Seculert    Shahar Maor...
Cloud Privacy and Security -Navajo   Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any ...
Cloud Privacy and Security -Concealium                                         Source:Concealium    Shahar Maor’s work Cop...
In Short                                   Security is an                              …”We putThe cloud is               ...
Security Domains –Key Takeaways• Network Security is climbing to the Application  layer• Application Security is moving on...
Network Securityhttps://securosis.com/images/uploads/Securosis-Coverage-Map.pdf Shahar Maor’s work Copyright 2011 @STKI Do...
Next-Generation Firewall    Identify                                            Categorize                                ...
Enterprise Network Firewall                         - Israeli Market Positioning 1Q11                Solutions to Watch:  ...
Secure Remote Access                                - Israeli Market Positioning 1Q11                         Estimated Te...
Intrusion Prevention/Detection Systems -        Israeli Market Positioning 1Q11                Solutions to Watch:        ...
Network Access Control                               - Israeli Market Positioning 1Q11                     Estimated Techn...
Secure Web-Gateway                            - Israeli Market Positioning 1Q11Local Support                              ...
Email Security                              - Israeli Market Positioning 1Q11                 Hosted/Cloud Solutions:     ...
Application Securityhttps://securosis.com/images/uploads/Securosis-Coverage-Map.pdf Shahar Maor’s work Copyright 2011 @STK...
Need for Application Security Application security flaws jeopardize sensitive business  information, data integrity, avai...
AppSec –Among Top 3 Security Threats    http://www.informationweek.com/news/galleries/security/vulnerabilities/showArticle...
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Summit 2011  trends in information security
Upcoming SlideShare
Loading in...5
×

Summit 2011 trends in information security

5,071

Published on

Trends in Information Security

Published in: Technology, News & Politics
3 Comments
18 Likes
Statistics
Notes
No Downloads
Views
Total Views
5,071
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
3
Likes
18
Embeds 0
No embeds

No notes for slide

Summit 2011 trends in information security

  1. 1. Trends in Information Security Shahar Geiger Maor VP & Senior Analystwww.shaharmaor.blogspot.com http://www.facebook.com/shahar.maor http://twitter.com/shaharmaor
  2. 2. Agenda Introduction Cyber-Warfare Data Leakage Prevention “Social Mobile Cloud Security” Computing Security Market Data DomainsShahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 2
  3. 3. Technologies Categorization 20102011 Cyber “Social” Warfare Security Market Curiosity Mobile Sec IT Project Major DLP Changes IRM Cloud Size of figure = Application Security complexity/ Security cost of project Endpoint Security Security Management Network Security Using Implementing Looking Market Maturity Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic Source: STKI 3
  4. 4. STKI Index-20102011 –Top Queries to STKI SIEM/SOC Miscellaneous Encryption Regulations 3% 2% 1% 7%Vendor/Product EPS/mobile 8% 14% Market/Trends DB/DC SEC 13% 9% Access/Authenti DCS cation 9% 12% GW Network Sec 10% 12% Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic Source: STKI 4
  5. 5. Risk ManagementShahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic InformationWeek Analytics 2011 5
  6. 6. The Value of Secretshttp://www.csoonline.com/documents/whitepapers/rsavalueofcorpsecrets.pdf Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 6
  7. 7. Cyber-Warfare Cyber Warfare is a SCATTERED HLS TECHNOLOGY http://edmahoney.wordpress.com/2010/01/13/cyber-war-home-theater/Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 7
  8. 8. Cyber Warfare –Key Takeaways• Cyber-Warfare is Becoming A Giants’ Playground• Cyber threats are more sophisticated, targeted and vast than ever before• Stuxnet has changed the game• Countermeasures haven’t changed much: – Proper security standards – Technological controls – Awareness• “If a rich and equipped bad-guy wants to harm –only God will help”. Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 8
  9. 9. Cyber-Warfare is Becoming A Giants’ Playground http://www.bbc.co.uk/news/technology-11773146 Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 9
  10. 10. Operation Aurorahttp://www.damballa.com/downloads/r_pubs/Aurora_Botnet_Command_Structure. 10 Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic
  11. 11. Growing Number of Incidents -US Incidents of Malicious Cyber Activity Against Department of Defense Information Systems, 2000–2009, with Projection for 2010 http://www.uscc.gov/annual_report/2010/annual_report_full_10.pdf Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 11
  12. 12. Sources of Attacks on gov.il Source: CERT.gov.ilShahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 12
  13. 13. Sources of Attacks on gov.il Source: CERT.gov.ilShahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 13
  14. 14. M&As in the Cyber Underground…SpyEye made headlines this year wheninvestigators discovered it automaticallysearched for and removed ZeuS from infectedPCs before installing itself http://krebsonsecurity.com/2010/10/spyeye-v-zeus-rivalry-ends-in-quiet-merger/ Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 14
  15. 15. Cybercrime Return on Investment Matrix Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic Source: Cisco http://resources.idgenterprise.com/original/AST-0022126_security_annual_report_2010.pdf 15
  16. 16. Underground Economy Products PriceCredit card details From $2-$90Physical credit cards From $190 + cost of detailsCard cloners From $200-$1000Fake ATMs Up to $35,000Bank credentials From $80 to 700$ (with guaranteed balance) From 10 to 40% of the total $10 for simple account without guaranteedBank transfers and cashing checks balanceOnline stores and pay platforms From $80-$1500 with guaranteed balanceDesign and publishing of fake online stores According to the project (not specified)Purchase and forwarding of products From $30-$300 (depending on the project)Spam rental From $15SMTP rental From $20 to $40 for three months http://press.pandasecurity.com/wp-content/uploads/2011/01/The-Cyber-Crime-Black-Market.pdf Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 16
  17. 17. Common “Positions” in the cyber-crime business Organization Leaders Hosted Programmers systems Cashiers providers Distributors Fraudsters Money mules Tech experts Crackers Tellers http://www.fbi.gov/news/speeches/the-cyber-threat-whos-doing-what-to-whom Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 17
  18. 18. Is Technology Good or Bad?Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 18
  19. 19. The Social Network (…at work)http://it.themarker.com/tmit/ article/14567 http://www.ynet.co.il/articles /0,7340,L-4012562,00.html Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 19
  20. 20. Stuxnet: (THE NEW YORK TIMES, 15/1/11) http://www.nytimes.com/2011/01/16/world/middleeast/16stuxnet.html?_r=2&hp Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 20
  21. 21. Stuxnet in Action: “A Game Changer” Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 21
  22. 22. Stuxnet in Action: “A Game Changer” 10-30 developers (!!!) Stuxnet has some 4,000 functions (software that runs an average email server has about 2,000 functions) Exploits a total of four unpatched Microsoft vulnerabilities compromise two digital certificates• Self-replicates through removable drives• Spreads in a LAN through a vulnerability in the Windows Print Spooler• Copies and executes itself on remote computers through network shares• Updates itself through a peer-to-peer mechanism within a LAN• Contacts a remote command and control server• modifies code on the Siemens PLCs• Hides modified code on PLCs Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 22
  23. 23. Stuxnet Timeline Eraly 2008: Siemenscooperated with Idaho National Laboratory , to identify the July 2009: vulnerabilities of Stuxnet began computer controllers circulating around thethat the company sells world 2008-2009: July 2010: Stuxnet is Suspected exploits first discovered by have been created for VirusBlokAda Siemens SCADA systems Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 23
  24. 24. Rootkit.Win32.Stuxnet Geography Source: http://ebiquity.umbc.edu/blogger/wp-content/uploads/2010/09/stuxnet.gif Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 24
  25. 25. …Lets talk about Patch Management (PM)• Mostly Microsoft, security-related patches• “Its not the deployment, but the whole process evolving” AKA Pizza Night.• 20%-50% FTE is dedicated for PM• Common SLAs: 3…6…or sometimes 12 Months!!• VIP patches: up-to a week• Hardwarenon-security patches’ SLA: Where upgradesvendor support is needed Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 25
  26. 26. Data Leakage Prevention (DLP) Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 26
  27. 27. DLP –Key Takeaways• Thank you, Mr. Assange! Thank you Ms. Kam!• The human threat has never gone away• Over-all DLP is still very difficult to implement• Most organizations will: – Use awareness and education as their main counter measure – First try compensating controls (e.g: device control, encryption) – Will prefer GW solutions over endpoint DLP• IRM is still in the shadows of DLP Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 27
  28. 28. Market Trends: WikiLeaksShahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 28
  29. 29. What’s the Incentive? 29Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic Source: http://datalossdb.org/statistics?timeframe=all_time
  30. 30. What’s the Incentive? 2,754 • Data loss incidents 396 (35%) • Credit-card related data lossHack (48%) • How?297,704,392 • CCN compromised 751,779 • …CCNsIncident ? • Actual $$$ loss… Source:Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or (2000-2010) 30 Shahar http://datalossdb.org/statistics?timeframe=all_time portion of graphic
  31. 31. Data Loss Analysis –Answering the “How” Q Hack Fraud LostStolen X Web General Unknown CCN Disposal_Document Email Virus 0% 10% 20% 30% 40% 50% 60% Source: Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic Shahar http://datalossdb.org/statistics?timeframe=all_time (2000-2010) 31
  32. 32. Internal vs. External Human Threats From To Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 32
  33. 33. Incidents by Vector http://datalossdb.org/statisticsShahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 33
  34. 34. Top three most effective Data-Security controls http://securosis.com/reports/Securosis_Data_Security_Survey_2010.pdf Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 34
  35. 35. What will you deploy next? http://securosis.com/reports/Securosis_Data_Security_Survey_2010.pdfShahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 35
  36. 36. Leakage Mitigation in Israel + AwarenessMethodology -+IRMVaultingMail Protection + GW DLP + Encryption +Device Control - Endpoint DLPShahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 36
  37. 37. DLP Insights• 2011 -The Year of DLP???• How to Approach DLP Projects?• No Complete Leakage Prevention• ROI? Yes, there is!• Privacy, Privacy, Privacy! Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 37
  38. 38. Data Leak/Loss Prevention - Israeli Market Positioning 1Q11 Solutions to Watch: Estimated Technology CA Penetration Using Fidelis Evaluati this technolo ngNot gy using 39% 61%Local Support DLP Player Websense Worldwide Leader Symantec McAfee RSA Verdasys Safend This analysis should be used with its Checkpoint supporting documents Market Presence Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 38
  39. 39. Information Rights Management - Israeli Market Positioning 1Q11 Estimated Technology Solutions to Watch: Penetration Using this Confidela technolog y Evaluating Concealium Not using 5% 95%Local Support Player Microsoft (RMS) Worldwide Secure Islands Leader Covertix EMC Oracle Checkpoint This analysis should be used with its supporting documents Adobe Market Presence Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 39
  40. 40. Database Protection -Israeli Market Positioning 1Q11 Estimated Technology Penetration Evaluating Using this Not using technology 48% 52%Local Support Player Worldwide Sentrigo Leader Imperva IBM Oracle Fortinet This analysis should be used with its supporting documents GreenSQL Market Presence Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 40
  41. 41. “Social Security” “Social Security” is a SCATTERED IT TECHNOLOGYShahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 41
  42. 42. “Social Security” –Key Takeaways• Social media is all around us• Corporate network is opening up?• Most employees use social media for leisure time (Only minority uses it as a business tool)• CIO: Find the balance between business necessity, productivity, network considerations and security• CISO: Get involved! Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 42
  43. 43. 10 Steps to Social-Computing Compliance Step 3 – Engage Step 4 – Formal Step 1 – Take Step 2 –Establish compliance education ownership policy function early program Step 5 – Strong Step 6 – Content Step 8 – Selective password monitoring and Step 7 – Education blocking of management logging content Step 9 – Routine Step 10 – Regularaudits and review policy review of logs Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 43
  44. 44. Internet Policy –Allowing Facebook? Israel: Cross-Sector, March 2011 Limited Yes 27% 38% No 35% Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic Source: STKI 44
  45. 45. Internet Policy –Allowing Facebook? Industry Healthcare Finance Yes Yes Yes Limited 12% 37% 33% 38% No 25% Limited No 63% 67% No 25% Services High-Tech Government Limited No Limited Yes 14% 17% 23% 15% No14% Yes 72% Yes No 83% 62% Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic Source: STKI 45
  46. 46. Internet Policy –Allowing Skype? Israel: Cross-Sector, March 2011 Limited 4% Yes 18% No 78% Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic Source: STKI 46
  47. 47. Internet Policy –Allowing Skype? Industry Healthcare Finance Yes Yes 12% 37% No63% No No 88% 100% Services High-Tech Government Limited 8% Limited Yes 14% 8% No Yes 50% 50% No No 86% 84% Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic Source: STKI 47
  48. 48. Internet Policy –Allowing Gmail? Israel: Cross-Sector, March 2011 Limited 18% No Yes 24% 58% Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic Source: STKI 48
  49. 49. Internet Policy –Allowing Gmail? Industry Healthcare Finance Limited No Limited 13% 33% 25% Yes Yes 50% 50% No Limited37% No 67% 25% Services High-Tech Government Limited Limited No 29% 17% 23% No 16% Yes No 57% Yes 14% 67% Yes 77% Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic Source: STKI 49
  50. 50. Internet Policy –Allowing P2P? Israel: Cross-Sector, March 2011 Limited 4% No 96% Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic Source: STKI 50
  51. 51. Mobile sec Mobile is a SCATTERED IT TECHNOLOGYShahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 51
  52. 52. Mobile Security –Key Takeaways• New Wave of Change: “Consumerization of IT”• 38% (…and rising….) Of mobile devices are considered “smartphones”• Take control over mobile devices• Manage Smartphones as if they were another endpoint Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 52
  53. 53. New Wave of Change: “Consumerization of IT” Computing Cycles in Perspective (from Morgan Stanley) 1,000,000 Mobile 100,000 InternetDevices/Users (MM in Log Scale) Desktop 10,000 Internet 10B+ 1,000 Units?? PC 1B+ Units/ Users 100 100M Units Minicomputer 10 “ 10M Units Mainframe 1 1M Units The desktop internet ramp was just a warm-up act for 1960 1980 2000 2020 what we’re seeing happen on the mobile internet. The pace of mobile innovation is “unprecedented, I think, in ” world history. Mary Meeker, Morgan Stanley – April 2010 53 Source: McAfee Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 53 October 17, 2011
  54. 54. Mobile Traffic in the Next Years over 400 million of those devices may represent the only means of connecting to the Internet that some people will have 5 billion personal devices Source: http://www.readwriteweb.com/archives/mobile_data_traffic_surge_40_exabytes_by_2014.php Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 54
  55. 55. What’s Going on in Israeli Orgs?• 38% (…and rising….) Of mobile devices are considered “smartphones”• In 26% of the market there is no policy regarding the allowed brands Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 55
  56. 56. What type of smartphone are you considering to provide your employees? Israeli Survey 36% Word Wide Survey 35% 30% 28% 20% 15% 16% 11% 6% Win iPhone AndroidMobile 7 BlackBerry Source: STKI Source: InformationWeek Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 56
  57. 57. What Kind of Services? 88%90%80%70%60%50%40%30% 13% 8%20% 4%10% 0% Mail & Calendar Mail, Calendar No Services Dont Know & Apps Source: STKI Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 57
  58. 58. What About Your Security Policy? Insufficient 100% Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic Source: STKI 58
  59. 59. What are You Looking For?Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 59
  60. 60. Mobile Security: What worries CISOs?Internal users:• No central management• How to protect corporate data on device?• Device’s welfare ???External users:• Sensitive traffic interception• Masquerading Identity theft Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 60
  61. 61. What are You Looking For?1. Manage Smartphones as if they were another endpoint2. Multi-platform support3. Protecting business information on your device Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 61
  62. 62. Solutions (Existing Support in Israel) Good Juniper Agat Solutions Checkpoint Fancyfon Technologies Networks Junos Pulse MobileProduct Name AG ActiveSync filter Pointsec Mobile FAMOC Good for Enterprise Security Suite MDM and asset Blackberry-like In a Nut Shell Content filtering Device encryption management server Device healthcareAppliancesoftw Software software software Software Appliancesoftware are (SmartCenter™) Client No yes yes yes yes One console yes yes yes yes yes Yes. Detects Yes, including SIM Remote-wipe No No unauthorized SIM yes removal detection Device control(BT, Wi-Fi, GPS, No No yes yes no camera) configurations, files,BackupRecover Password No applications back No yes y recovery up/restore Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic Source: STKI 62
  63. 63. Solutions (Existing Support in Israel) McAfee MobileIron Phonaris Sybase Symantec Trend-Micro Enterprise Virtual Product Phonaris For Mobile Mobility Smartphone Afaria Mobile Solutions Name Enterprise Security Management Platform MDM –Android, Secure access iOS, BB, Win Mobile MDM and basicIn a Nut Shell and MDM MDM Security – Security security management Winmobile, Symbian Client Yes Yes Yes yes yes yes Very nice and Yes, a “Single Plane Yes:One console yes Yes friendly web YES of Glass”. neat web OfficeScan™ console portal Yes + tracing lostRemote-wipe yes Yes yes Yes no devices Device control (BT, Yes (not including yes Yes yes yes no Wi-Fi, GPS, Symbian) camera)BackupReco no yes no yes no no very Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic Source: STKI 63
  64. 64. Mobile security and management capabilities compared Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic Source: InfoWorld, 2010 64
  65. 65. MDMSecurity Solutions -Platform Support Good Agat Juniper Mobile- Trend- Checkpoint Fancyfon Technolog McAfee Phonaris Sybase Symantec Solutions Networks Iron Micro ies iOS Yes No Yes Yes Yes Yes Yes Yes Limited Yes NoAndroid Yes No Yes Yes Yes Yes Yes Yes Limited Yes NoSymbian Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes YesBlackBer Yes No Yes Yes Yes No Yes Yes Yes Yes No ryWinMo Yes Yes Yes Yes Yes Yes Yes No Yes Yes Yes bilePalmOS Yes Yes Yes Yes No Yes Limited No Yes No No Java based Other Yes No Yes No No No No Yes No No Feature Phones Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic Source: STKI 65
  66. 66. ConclusionMobile is IT Anotherthe new shouldn’t king of stay Managed comm. behind endpoint Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 66
  67. 67. Cloud ComputingShahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 67
  68. 68. Cloud Security –Key Takeaways• Cloud Computing is here to stay• Security is an EASY showstopper• CISOs will have to be agile and creative in order to keep up with the trend• Look for certifications, standards and guidelines ASAP• Wait for regulations in the long-term• (In the meanwhile) Find yourself a solid provider Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 68
  69. 69. We Should Know, by now, What Cloud Means http://www.opengroup.org/jericho/cloud_cube_model_v1.0.pdf Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 69
  70. 70. Cloud Services Concerns Security (especially access issues) is still considered a top concern“We won’t be involving oursecurity team in this project untilthe last possible moment,because the answer will be ‘no.’”-VP at one of the largest retailersin the world Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic Source: InformationWeek, State of Cloud, Jan 2011 70
  71. 71. Top Threats To Cloud Computing Abuse and Nefarious Use of Cloud Computing Unknown Risk Malicious Profile Insiders Shared Account or Technology Service Hijacking Issues Insecure Data Loss or Interfaces and Leakage APIs http://www.cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 71
  72. 72. Top Threats To Cloud Computing IaaS PaaS SaaS Remediation Stricter initial registration and validation processes. √ √ × Abuse andNefarious Use Enhanced credit card fraud monitoring and coordination. of Cloud Comprehensive introspection of customer network traffic. Monitoring public blacklists for one’s own network blocks. Computing Malicious Enforce strict supply chain management and conduct a Insiders √ √ √ comprehensive supplier assessment. Specify human resource requirements as part of legal contracts. Require transparency into overall information security and management practices, as well as compliance reporting. Determine security breach notification processes. Implement security best practices for installation/configuration. √ × × Shared Technology Monitor environment for unauthorized changes/activity. Issues Promote strong authentication and access control for administrative access and operations. Enforce service level agreements for patching and vulnerability remediation. Conduct vulnerability scanning and configuration audits. http://www.cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 72
  73. 73. Top Threats To Cloud Computing - Continued IaaS PaaS SaaS Remediation Insecure Analyze the security model of cloud provider interfaces.Interfaces and APIs √ √ √ Ensure strong authentication and access controls are implemented in concert with encrypted transmission. Understand the dependency chain associated with the API.Data Loss or Implement strong API access control. Leakage √ √ √ Encrypt and protect integrity of data in transit. Analyzes data protection at both design and run time. Implement strong key generation, storage and management, and destruction practices. Contractually demand providers wipe persistent media before it is released into the pool. Contractually specify provider backup and retention strategies. Account or Prohibit the sharing of account credentials between users and services. Service Hijacking √ √ √ Leverage strong two-factor authentication techniques where possible. Employ proactive monitoring to detect unauthorized activity. Understand cloud provider security policies and SLAs.Unknown Risk Disclosure of applicable logs and data. Profile √ √ √ Partial/full disclosure of infrastructure details (e.g., patch levels, firewalls, etc.). Monitoring and alerting on necessary information. http://www.cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 73
  74. 74. Top Security and Privacy Issues Governance Compliance Trust Identity and Access Software Architecture Isolation Management IncidentData Protection Availability Response Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic http://csrc.nist.gov/publications/drafts/800-144/Draft-SP-800-144_cloud-computing.pdf 74
  75. 75. Security and Privacy Issues and Precautions Areas PrecautionsGovernance Extend organizational practices pertaining to the policies, procedures, and standards used for application development and service provisioning in the cloud, as well as the design, implementation, testing, and monitoring of deployed or engaged services. Put in place audit mechanisms and tools to ensure organizational practices are followed throughout the system lifecycle.Compliance Understand the various types of laws and regulations that impose security and privacy obligations on the organization and potentially impact cloud computing initiatives, particularly those involving data location, privacy and security controls, and electronic discovery requirements. Review and assess the cloud provider’s offerings with respect to the organizational requirements to be met and ensure that the contract terms adequately meet the requirements.Trust Incorporate mechanisms into the contract that allow visibility into the security and privacy controls and processes employed by the cloud provider, and their performance over time. Institute a risk management program that is flexible enough to adapt to the continuously evolving and shifting risk landscape. Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic http://csrc.nist.gov/publications/drafts/800-144/Draft-SP-800-144_cloud-computing.pdf 75
  76. 76. Security and Privacy Issues and Precautions Areas PrecautionsArchitecture Understand the underlying technologies the cloud provider uses to provision services, including the implications of the technical controls involved on the security and privacy of the system, with respect to the full lifecycle of the system and for all system components.Identity and Access Ensure that adequate safeguards are in place to secure authentication,Management authorization, and other identity and access management functions.Software Isolation Understand virtualization and other software isolation techniques that the cloud provider employs, and assess the risks involved.Data Protection Evaluate the suitability of the cloud provider’s data management solutions for the organizational data concerned.Availability Ensure that during an intermediate or prolonged disruption or a serious disaster, critical operations can be immediately resumed and that all operations can be eventually reinstituted in a timely and organized manner.Incident Response Understand and negotiate the contract provisions and procedures for incident response required by the organization. Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic http://csrc.nist.gov/publications/drafts/800-144/Draft-SP-800-144_cloud-computing.pdf 76
  77. 77. Outsourcing Activities and Precautions Areas PrecautionsPreliminary Activities Identify security, privacy, and other organizational requirements for cloud services to meet, as a criterion for selecting a cloud provider. Perform a risk assessment, analyzing the security and privacy controls of a cloud provider’s environment with respect to the control objectives of the organization. Evaluate the cloud provider’s ability and commitment to deliver cloud services over the target timeframe and meet the security and privacy levels stipulated.Initiating and Ensure that all contractual requirements are explicitly recorded in the SLA,Coincident Activities including privacy and security provisions, and that they are endorsed by the cloud provider. Involve a legal advisor in the negotiation and review of the terms of service of the SLA. Continually assess the performance of the cloud provider and ensure all contract obligations are being met.Concluding Activities Alert the cloud provider about any contractual requirements that must be observed upon termination. Revoke all physical and electronic access rights assigned to the cloud provider and recover physical tokens and badges in a timely manner. Ensure that resources made available to the cloud provider under the SLA are returned in a usable form, and confirm evidence that information has been properly expunged. Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic http://csrc.nist.gov/publications/drafts/800-144/Draft-SP-800-144_cloud-computing.pdf 77
  78. 78. Division of Liabilities in the Cloud http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-information-assurance- Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic framework/ 78
  79. 79. How to Secure the Cloud?Technologies believed to be most important in securing the cloud computing environment Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic http://www.ca.com/files/IndustryResearch/security-cloud-computing-users_235659.pdf 79
  80. 80. Lack of Confidence in IT?Who is responsible for ensuring a secure cloud computing environment? Isnt cloud security an IT responsibility??? -So why is it 3rd? Don’t let it scatter Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic http://www.ca.com/files/IndustryResearch/security-cloud-computing-users_235659.pdf 80
  81. 81. Regulations, Standards and Certifications Regulations????? Looking for regulations? …Please wait for the next -Nothing (so far…) disaster Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 81
  82. 82. Regulations, Standards and Certifications• Standards: – AICPA: SAS 70: • there is no published list of SAS 70 standards (Recommendation: ask to review your cloud provider’s SAS 70 type Ⅰ/Ⅱ report!!!)• Certifications: – NIST (National Institute of Standards and Technology) • Recommended Security Controls for Federal Information Systems and Organizations* === > FISMA (Federal Information Security Management Act) ATO (Authorization to Operate). – CSA: • CCSK –Certified Cloud Security Knowledge Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 82
  83. 83. Regulations, Standards and Certifications• Guidelines: – CSA (Cloud Security Alliance): • CCM -Cloud Controls Matrix – NIST (National Institute of Standards and Technology): • DRAFT Guidelines on Security and Privacy in Public Cloud Computing – ENISA (European Network and Information Security Agency): • Cloud Security Information Assurance Framework * Not related directly to cloud security Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 83
  84. 84. Addressing Cloud Issues in the Israeli Government‫0102/01 מתוך נייר עמדה בנושא: עקרונות להגנת הפרטיות במידע אישי במיקור חוץ בישראל‬ http://www.justice.gov.il/NR/rdonlyres/1FB266DE-95A0-4C31-939B-3796DCB0C232/23065/positionmikurhuz.pdf ? Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 84
  85. 85. Virtualization Security Solution Existing solutions Threat protection Integrated virtual certified for protection of delivered in a virtual form- environment-aware threat virtual workloads factor protection Firewall +Intrusion Prevention▪ System auditing  Virtual network segment  Virtual host protection and▪ File integrity monitoring protection/policy enforcement network policy enforcement▪ Anti-malware  Network access control▪ Security configuration Mgmt  Virtual infrastructure monitoring Source: IBM Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 85
  86. 86. Cloud Security Solutions Business Cloud Virtual Volumes Databases in the cloudVPD™ Intrusion Porticor Web App detect. & Access Policy Firewall Site prevent. Self-serviceCompute Virtual Virtual Application Database servers servers Threat mgmt.VPD™ Crypto- Data de- Events & Logging & Key mgmt. graphy construction Alerts Distributed Storage Auditing DeploymentData Operations Source: Porticor Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 86
  87. 87. Cloud Security Solutions http://www.cloudflare.com/Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 87
  88. 88. (Cloud-Based) Cyber-Crime Prevention Source: Seculert Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 88
  89. 89. Cloud Privacy and Security -Navajo Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 89 Source: Navajo
  90. 90. Cloud Privacy and Security -Concealium Source:Concealium Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 90
  91. 91. In Short Security is an …”We putThe cloud is EASY our money in No rush!here to stay showstopper the cloud” Find yourself Look for a solid standards partner Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 91
  92. 92. Security Domains –Key Takeaways• Network Security is climbing to the Application layer• Application Security is moving on to business process• EPS: There is a new approach to fight malware• Nobody likes IAMIDM but everybody needs it• Interesting changes in the SIEMSOC arena Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 92
  93. 93. Network Securityhttps://securosis.com/images/uploads/Securosis-Coverage-Map.pdf Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 93
  94. 94. Next-Generation Firewall Identify Categorize Control Application Chaos Users/Groups Policy Many on Port 80 Critical Apps: Prioritized Bandwidth Acceptable Apps: Managed Bandwidth Re-Assembly Free Deep Packet Inspection Unacceptable Apps: Blocked Malware Blocked Cloud-based Extra-Firewall Intelligence Visualize & Manage Policy94 Source: SonicWALL Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 94
  95. 95. Enterprise Network Firewall - Israeli Market Positioning 1Q11 Solutions to Watch: Checkpoint SonicWallLocal Support Player Worldwide Juniper Leader PaloAlto Fortinet Cisco Microsoft This analysis should be used with its supporting documents Market Presence Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 95
  96. 96. Secure Remote Access - Israeli Market Positioning 1Q11 Estimated Technology Penetration Evaluating Not using Juniper 13% Using this technologyLocal Support 87% Player Worldwide Leader Checkpoint Microsoft Citrix Cisco F5 SonicWall This analysis should be used with its supporting documents Array Market Presence Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 96
  97. 97. Intrusion Prevention/Detection Systems - Israeli Market Positioning 1Q11 Solutions to Watch: Estimated Technology SonicWall Penetration Evaluati Using ngNot this using technolo 48% gyLocal Support 52% McAfee Player IBM-ISS Worldwide Juniper Leader Radware PaloAlto Checkpoint HP Look for me Cisco Fortinet This analysis should be used with its Sourcefire supporting documents (Snort) Market Presence Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 97
  98. 98. Network Access Control - Israeli Market Positioning 1Q11 Estimated Technology Penetration Evaluating Using this Not using technology 52% 48%Local Support Access Layers Player Cisco Worldwide Symantec Leader Check Point Juniper ForeScout Microsoft Insightix Enterasys Wise-Mon This analysis should be used with its McAfee supporting documents HP Market Presence Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 98
  99. 99. Secure Web-Gateway - Israeli Market Positioning 1Q11Local Support Websense Player BlueCoat Worldwide Leader SafeNet Cisco Fast Movement Microsoft (TMG) Symantec Trend Micro Fortinet This analysis should be used with its McAfee supporting documents Zscaler Market Presence Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 99
  100. 100. Email Security - Israeli Market Positioning 1Q11 Hosted/Cloud Solutions: Microsoft (Forefront) Google (Postini) Symantec (MessageLabs) Cisco (Ironport)Local Support McAfee (MX Logic) Player Cisco Symantec Worldwide Leader Fast Movement PineApp Trend Micro Microsoft McAfee This analysis should be used with its Mirapoint SafeNet supporting documents Websense Market Presence Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 100
  101. 101. Application Securityhttps://securosis.com/images/uploads/Securosis-Coverage-Map.pdf Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 101
  102. 102. Need for Application Security Application security flaws jeopardize sensitive business information, data integrity, availability and company reputation Over 97% of applications are vulnerable to attacks 90% of attacks are carried out on Application and Data layers Penetration testing is an effective, yet “ad-hoc” solution. Budgetary constraints do not allow for daily manual testing Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic 102
  103. 103. AppSec –Among Top 3 Security Threats http://www.informationweek.com/news/galleries/security/vulnerabilities/showArticle.jhtml?article Shahar Maor’s work Copyright 2011 @STKI Do not remove source or attribution from any graphic or portion of graphic ID=226700232&pgno=6&isPrev= 103

×