Trends In The Israeli Information Security Market 2008

2,165 views

Published on

Presented at the PC Magazine conference Sep 2008 in Israel

Published in: Technology
2 Comments
0 Likes
Statistics
Notes
  • Hi, Winston.
    Thanks for your comment and link. I'll check it as soon as possible.
    You may find me also at: http://www.linkedin.com/in/shaharmaor

    Cheers,
    Shahar.
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Interesting developments in the DLP segment. I've just started a google group for technical discussions on Content Monitoring and DLP implementations. You can find it here, membership is open for all those interested:

    http://groups.google.com/group/content-monitoring
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

No Downloads
Views
Total views
2,165
On SlideShare
0
From Embeds
0
Number of Embeds
12
Actions
Shares
0
Downloads
126
Comments
2
Likes
0
Embeds 0
No embeds

No notes for slide

Trends In The Israeli Information Security Market 2008

  1. 1. Trends in the Israeli Information Security Market 2008 Shahar Geiger Maor Analyst, STKI shahar@stki.info
  2. 2. Information Security Threatscape Your Text here Your Text here 2
  3. 3. Global Security Mega Trends -Threat Horizon Outside threats: Hackers and organized crime have joined hands Inside threats: The human factor is the key Application Attacks become more prevalent There Yourno here is Text single logical place to put a “perimeter” Your Text here around the organization:  Hackers focus on new and emerging technologies All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info 3
  4. 4. General Trends for 2008 Virtual Machine Security Implications: • Virtualization made big headlines in 2007 with major players going public • The industry hasn’t fully explored the security implications of virtual technology Your Text here Your Text here Mobile Platforms: • Interest in mobile security has never been higher • Phones become more complex, more interesting and more connected • Attackers may take advantage All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info 4
  5. 5. General Trends for 2008 – The Human Factor  CISOs tend to trust products and technologies  One persons mistake can expose a well-protected organization  Attackers know how to exploit the weaknesses of human nature: • Greed here Your Text Your Text here • “Flockquot; mentality • Trust assertive figures • The need to please  Human weaknesses have no airtight solution (Training?) All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info 5
  6. 6. The Relative Seriousness of IT Security Threats Your Text here Your Text here All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info 6
  7. 7. STKI Survey 2008: 100% 90% 80% 70% 60% 50% Israel 40% Your Text here Your Text here 30% World 20% 10% 0% Careless/risky behavior Lost or stolen laptops and At least 90% of by employees is the computer media are the most employees follow most serious internal serious technical threat security policies security threat Source: STKI, CIO Insight 2008 All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info 7
  8. 8. STKI survey results Your Text here Your Text here All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info 8
  9. 9. Am I Vulnerable?  There is no such thing as quot;securequot;  Despite the advanced systems, it's hard to know for sure  High demand for penetration testing, risk assessments Your Text here Your Text here  Many organizations are realizing the importance of a neutral party  Market is dominated by small and medium consulting companies All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info 9
  10. 10. The Cost of Security Dollar Amount Losses by Type of Attack (Top 5, Thousands $) Financial Fraud 21,124,750$ )Virus (Worms/Spyware 8,391,800$ Your Text here Your Text here System Penetration by Outsiders 6,875,000$ Theft of Confidential Data (Not Including 5,685,000$ )Mobile Devices Laptop or Mobile Theft 3,881,150$ (Source: CSI Survey 2007) 10 All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info
  11. 11. World Security Technologies Used (By Percent of Respondents) )Four Most Common( Antivirus Software 98% Firewall 97% Your Text here VPN 84% Your Text here Anti-Spyware Software 80% )Four Less Common( Public Key Infrastucture 32% Specialized Wireless Security Systems 28% EPS/NAC 27% Biometrics 18% (Source: CSI Survey 2007) All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info 11
  12. 12. What Interest Our Clients? 2007-2008 Firewall/ Miscellaneous Application Firewall Endpoint Security 20% 11% 12% Your Text here Mail/ Mobile Your Text here Market Trends Device Encryption 18% 8% NAC 7% IDM 6% URL Filtering Antivirus SIEM/SOC 6% 6% 6% All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info 12
  13. 13. STKI survey results Your Text here Your Text here All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info 13
  14. 14. Endpoint Security Your Text here Your Text here 14
  15. 15. Endpoint Security  The Endpoint is a major threat  Risk Factors: • Spyware • Viruses • Website with malicious code • External here Your Text devices carrying information Your Text here  Even when you have protection systems, they can’t be trusted: •Users Circumvent the systems for comfort •Communication problems prevent updates •New stations or guests with no protection •Infiltration of unprotected systems  The Solution: NAC… All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info 15
  16. 16. Endpoint Security – Continue  Device Management is in the spotlight  Major players enter the market – McAfee, Checkpoint, Symantec  Leading Solutions in Israel: • Checkpoint -Pointsec Protector • ControlGuard -Endpoint Access ManagerYour Text here Your Text here • McAfee -Host Intrusion Prevention • SafeEnd -Protector • Symantec -Endpoint Protection  Most of our clients use a product, or in advanced integration stages  Device Management will become default soon 16 All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info
  17. 17. Network AccessAdmission Control Your Text here Your Text here 17
  18. 18. Trends -Network Admission/ Access Control (NAC)  NAC was invented by Cisco, but never standardized  Standardization is expected in the coming years  Even the acronym of NAC isn't clear  Products exist, but experts can't agree on their effectiveness Your Text here Your Text here  There are problems with non-PC hardware  Many of our customers are interested  Majority of customers: researching or doing POC All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info 18
  19. 19. World NAC Players Your Text here Your Text here 19 Source: Gartner
  20. 20. World NAC Players Your Text here Your Text here 20
  21. 21. Israeli NAC Players Leading Solutions: • Access Layers • Cisco • Enterasys • ForeScout • Insightix Text here Your Your Text here • McAfee • Microsoft • Nortel • Symantec • XOR 21
  22. 22. STKI Insights NAC can be deployed less expensively when it is an embedded feature Many of the infrastructure-based solutions won’t not work with older LAN switch product families - Some organizations will wait for newer versions Text here Your Text here Your Some network and security vendors already have solutions that can be part of the NAC process (AC, IPS) – An important starting point for market domination  First priority: implement a guest networking control NAC is a Layer 2 vs. Layer 3 match 22
  23. 23. Data Leak/Loss Prevention Your Text here Your Text here 23
  24. 24. Data Leak /Loss Prevention (DLP)  DLP is an overall framework into which different elements fit  There are three types of data that may leak: • Data at rest • Data in transit • Data on endpoints  No single DLP focus area is foolproof, so enforcinghere three Your Text here Your Text all makes problems less likely  DLP is a growing area, and vendors react accordingly  It is suggested to use full-suite vendors in order to avoid integration problems All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info 24
  25. 25. Data Leak /Loss Prevention –World Trends Your Text here Your Text here Source: Aberdeen Report 2008 All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info 25
  26. 26. Data Leak /Loss Prevention –EMEA Trends Your Text here Your Text here Source: Aberdeen Report 2008 All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info 26
  27. 27. DLP –Market Status & Players World Leaders: • Symantec (Acquired Vontu, 2007, 350$ M) • Websense (Acquired PortAuthority 2007, 90$ M) • Reconnex (Acquired by McAfee, July 2008, 46$ M) • Tablus Text here Your (Acquired by RSA, 2007, 40$ M) Your Text here • Vericept ? Main drivers for DLP are: • Regulations such as Payment Card Industry (PCI), Accountability Act (HIPAA) • e-mail security, instant messaging (IM) and endpoint monitoring solutions All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info 27
  28. 28. Mobile Devices Security Your Text here Your Text here 28
  29. 29. Mobile Devices Security  Mobile devices like Smartphones and PDAs are becoming common  Price drops make the phones attractive  Now, some users sync, but it will expand, mostly at the workplace  Rich apps are on the horizon Your Text here Your Text here  Portable devices are prone to theft, loss and tapping (BT)  There are inadequate solutions according to Israeli users  We expect major developments and maturity  Major players enter the market All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info 29
  30. 30. Inadequate Mobile Security? Your Text here Your Text here Source: SafeNet Annual Survey 2008 30
  31. 31. STKI Survey 2008: 40% 35% 30% 25% 20% Israel 15% Your Text here Your Text here World 10% 5% 0% Adequate solution Inadequate Plan to install Don't know /No in place solution in place /Currently plan to install installing Source: STKI, CIO Insight 2008 All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info 31
  32. 32. Trends for 2009 DLP! Data Monitoring Mobile Security NAC Your Text here Your Text here 32

×