More Related Content
Similar to Aujas_Gartner_Dubai_v1_Nov15
Similar to Aujas_Gartner_Dubai_v1_Nov15 (20)
Aujas_Gartner_Dubai_v1_Nov15
- 1. Copyright © Aujas Information Risk Services
Making Security Analytics Work:
From Data to Information to Insights
Sameer Shelke
Co-founder & CTO
Nov 2015
- 2. Copyright © Aujas Information Risk Services
What’s Security Analytics?
2
Collect Analyze Report
Collect data from various
sources & controls, map it
to information assets and
create a normalized model
Compare the data
collected to set of rules of
normal behavior and
analyze the results
Provide visualization
(reports, dashboards etc.)
of the analyzed results
- 3. Copyright © Aujas Information Risk Services
Why Security Analytics ? - Need for better ROSI
3
Despite of increase in security incidents & financial losses, security budgets are constrained in most
organizations. Getting better ROSI (return on security investment) continues to be very important. Hence having
a “state of security view” to understand current risk levels, its impact on business and using information
(analytics) to make security decisions is important.
The global state of information security survey 2015 – PWC.
Survey covers 9700 CIO’s, CISO’s, across 154 countries
- 4. Copyright © Aujas Information Risk Services
Why Security Analytics ? - Visibility is key
4
Oct. 2014 survey of 350 participants, 20%
of them from large orgs (>50K employees)
- 5. Copyright © Aujas Information Risk Services
Why Security Analytics ? - IOT – more risks, more data
5
3.0B 3.7B
4.9B
25B
Gartner says 4.9 billion connected “things” will be in use in 2015. In 2020, 25 billion connected “things” will be in use.
Data related to security of these “things” would implode, security analytics would be the only way to make sense out
of it.
- 6. Copyright © Aujas Information Risk Services
What are the solution options?
6
Security
Analytics
SIEMplatforms Analytics
platforms
by adding
analytics
capability
by adding
security
context
Niche
productcompanies
Specialized
products
- 7. Copyright © Aujas Information Risk Services
Data Information Insights
7
Collect Analyze Report
Data Information Insights
- 8. Copyright © Aujas Information Risk Services
Making Security Analytics work
8
Collect Analyze Report
Data Information Insights
1. Use available data & investments
2. Don’tignore unstructured data
3. Define your own normal 5. Don’twaste the opportunity
6. Change is the only constant
- 9. Copyright © Aujas Information Risk Services
Making Security Analytics work
9
1. Use available data & investments
2. Don’tignore unstructured data
Aggregators (e.g.SIEM) tools
are good data source’s
We have relevantdata in
unstructured sources likeXLS,
PDF’s,pointDB’s
Currentinvestments (security &
non-security) generaterelevant
data
- 10. Copyright © Aujas Information Risk Services
Making Security Analytics work
10
Analyze
3. Define your own normal
Resignation Pre-exit
DLP Incidents
U1
U2
U3
U4
D1
D2
Compare against
Your “normal”
Visualize results
D3
- 11. Copyright © Aujas Information Risk Services
Making Security Analytics work
11
Report
5. Don’twaste the opportunity
End of life timeline
Vulnerabilities
T1
T2
T3
T8
T6
T4
T7
T5 Client A
Client B
Client C
Client D
Compliance status
- 12. Copyright © Aujas Information Risk Services
Making Security Analytics work
12
Collect Analyze Report
Data Information Insights
1. Use available data & investments
2. Don’tignore unstructured data
3. Define your own normal 5. Don’twaste the opportunity
6. Change is the only constant
- 13. Copyright © Aujas Information Risk Services
13
Thank You
www.savpbyaujas.com
sameer.shelke@aujas.com
sameersblog.aujas.com
Bangalore | Cupertino | Delhi | Dubai | Jersey City | Mumbai