The document outlines the escalating threats to data security across various industries, particularly highlighting the healthcare, retail, financial services, and public sectors. It emphasizes the importance of data-centric security intelligence and analytics to protect sensitive data from internal and external threats, suggesting that traditional security measures are no longer sufficient. Informatica's solutions, such as dynamic and persistent data masking, are presented as essential tools for managing and protecting sensitive data throughout its lifecycle.

2. Threat Ready Data:
Protect data from the Inside
and the Outside
Amit Walia
Senior Vice President, General Manager
Data Integration & Security
April 23, 2015

3. Current State – Threat ready…Really?
2010
2011
2012
2013
2014

4. Industry: Healthcare
ID Theft is Even More Pervasive
44%Of all data breaches are in
Healthcare
From Identity Theft Resource Center
90%Have experienced a breach
in the last 2 years
2013 ID Experts data security survey of 91 healthcare organizations
38%Have experienced > 5 breach
incidents in
the last 2 years
20-50XMedical identities are more valuable
than financial identities

5. Industry: Retail
The Real Cost of a Data Breach
Retail data breaches makes the headlines
Customer Loyalty and Revenue Declines
Stolen data used to defraud the retail company
Jobs of C-level leaders are at stake
2014 was the year of retail data breaches
Number of stolen records continue to increase

6. Industry: Financial Services
Impacted Not Only by Direct Breach, But Also Retail Breaches
45%Of financial services have been hit
2014 Economic Crime Survey by PWC of 5000 senior executives in 99
countries
$200MCard replacement cost of Target
data breach
$40MCard replacement cost of smaller
banks for 4M cards from Target
and Neiman Marcus breaches

7. Industry: Public Sector

8. • 73% of DBA’s can view all data, increasing risk of breach
• 50% say data has been compromised or stolen by
malicious insider such as a privileged user
• The cost of a breach averages $5.5 million
per organization
Data Breach: Internal Breaches and Growing
Challenges
Ponemon Institute May 2012

9. Data Breach: Is Not IF But WHEN

10. Data is the new OIL….and everyone
wants to steal it!
Why?

11. Data Breach: Shouldn’t we Focus on Protecting
the Data?
Host
Endpoint Network Devices
Application
Data
Do You Know the Most Critical Data to Protect?
What Level of Protection Is Required?
Against Outsiders?
Against Insiders?
BUT…

12. ?What has changed?

13. 13
“We’ve moved beyond just protecting endpoints and networks. APTs combined with trends like mobility, cloud, and outsourcing require us to
have security as close to the data as possible– independent of devices, applications, databases, storage platforms, and network topologies.
We need companies like Informatica, who understand data deeply, to take a more active role in helping us to secure information.” –CISO/
CRO, leading global bank
1. Traditional Security Architectures are
Insufficient

14. 2. Data Proliferation Is Inevitable

15. Is the risk
greater
out here? Or in here?
Data Points to Internal Users
Inside the Firewall
• Accidental
• Rogue employee
• Criminal activity
• Opportunistic
3. Insiders with privileged access

16. 4. Interpretation of the Law
How do you define and enforce data residency?

17. ?Where are the risks?

18. Where is your sensitive/private data that
should be protected?
Do you know its RISK exposure?
“…only 26 percent (CEOs) say they have identified
which types of data they hold are the most
attractive to hackers…”
Washington Post, 2014
N=1587, Source: Ponemon Research, May 2014
13%
20%
15%16%
30%
19%
45%
27%
42%
26%
23% 24%
ROW EMEA North America
Yes, All Data Yes, Most Data Yes, Some Data No
Do you know where your structured sensitive
and confidential data resides?

19. Primary Research of 1500+ enterprise customers
validates key pain points
19
Source: Ponemon Institute June 2014; 1,587 Global IT and Security practitioners in 16 countries

20. You Need Insights to Manage Your Sensitive Data
Risks
Do you have this information to prioritize your security investments?
Where Is
Your
Sensitive
Data?
Where Is Its
Residency?
Where Is
It Going?
Is It
Protected?
What Are
The
Regulations
That Apply?
Who Has
Access To
It?
What Is Its
Cost If
Stolen?

21. Data-Centric Security Intelligence & Analytics
Security approach that focuses on gaining
insights about the data context to enable cost-
effective data security controls, complementing
security solutions that focus on protecting the
network perimeter, endpoints, and infrastructure.
Focus security investments on high risk data assets

22. Data Centric Security: 2 Key Components
DATA SECURITY
CONTROLS
PERSISTENT MASKING
DYNAMIC MASKING
VALIDATION & AUDIT
ARCHIVE
DATA SECURITY
INTELLIGENCE
DISCOVERY
CLASSIFICATION
PROLIFERATION ANALYSIS
RISK ASSESSMENT
REDUCE RISK
OF SENSITIVE DATA EXPOSURE

23. Data-Centric Security Maturity Model
DISCOVER
Classification
Proliferation
ANALYZE
Exposure
Risk
LDAP
IAM
DAM/DAP
DLP
SIEM
DETECT
Access
Controls
User Activity
Controls
Remediation
PROTECT ORCHESTRATE
Block
Alert
Mask
Archive
Encrypt
Tokenize
MONITOR
Baselines
Usage Patterns
Behavioral
Anomalies
PREDICT
Threats
Behaviors
COLLECT &
CORRELATE

24. Informatica Data Security
Keep Data Safe Throughout Its Lifecycle
Data
Security
Intelligence
Data
Protec2on
with
Data
Masking
Secure
Tes2ng
with
Test
Data
Management
Safely
Retain
and
Dispose
with
Data
Archive
DISCOVER
CLASSIFY
ANALYZE
MONITOR
MANAGE RISK
DYNAMIC MASKING
PERSISTENT MASKING
COMPLY
SUBSET
GENERATE
MAINTAIN
MASK TEST DATA
RETIRE LEGACY
APPLICATIONS
MANAGE RETENTION
COMPLY
REDUCE COSTS
OPTIMIZE
PERFORMANCE

25. What is it?
• Gather insights from data context
and metadata to deliver location and
risk analytics
• Leverages information from existing
data management and security
solutions
It answers:
• Where is my sensitive data?
• Is it protected?
• What country is it resident in?
• Where is it proliferating?
• Who has access to it?
• Who uses it?
• What is its value if stolen?
• What is my risk?
Data Security Intelligence: Understand Risks

26. A ‘single pane of glass' to
continuously monitor sensitive data
stores and their risks
• Enterprise-wide sensitive data
risk analytics
• Sensitive data classification &
discovery
• Proliferation analysis
• Policy-based alerting
• Integrates data security
information from 3rd parties:
• Data stores
• Data owners
• Classification
• Protection status
Secure@Source Overview

27. Informatica Data Privacy and Test Data Mgmt
Solution Architecture
Production
Dev
Test
Train
Informatica Dynamic
Data Masking
Informatica
Test Data
Management
Informatica
Data Subset
Informatica Persistent
Data Masking
Sensitive Data
Discovery
Users
Production Support
CRM
Custom
Billing
ERP
Packaged
EDW
Data Privacy
Compliance Validation
Synthetic Test Data
Informatica
Test Data Generation

28. Apply Persistent Data Masking
Protect Sensitive Information in Test & Dev
Masked Values
5992-9989-1333-5429
3724-6743-8000-2421
Masked Values
5992-9989-1333-5429
3724-6743-8000-2421
Development
Masked Values
5992-9989-1333-5429
3724-6743-8000-2421
Shuffle
Substitution
Skewing
Credit Card
Informatica Persistent
Data Masking
Testing
Training

29. Apply Dynamic Data Masking
Protect Sensitive Information in Production
(Sr. Analyst)
Original Values
5992-9989-1333-5429
3724-6743-8000-2421
Masked Values
1234-6789-1000-4422
2233-6789-3456-5555
Custom Application
(IT Administrator)
Masked Values
xxxx-xxxx-xxxx-0093
xxxx-xxxx-xxxx-7658
National ID
Credit Card
Blocking
Informatica Dynamic
Data Masking
(Offshore Support)

30. Why Informatica?
Thinking Data First: The Intelligent Data Platform Uniquely
Addresses Data Security Challenges
Intelligent Data Platform
Data Intelligence
Metadata meets machine learning
Data Infrastructure
Industry leading data integration, profiling, masking, complex event processing across all sources, anywhere
Define Once. Deploy Anywhere.
On-premise or in cloud
Data
Warehouse
Transactional
Applications
CRM ERP HR FIN
Big
Data
Unstructured
Semi-Structured
Real-time
Events
Mainframe
Systems
Cloud, Social,
Partner Data
Enterprise
Applications
Platform for Universal Data Access

31. We have successfully LOWER
RISKS, REDUCE COSTS, and
PROTECT SENSITIVE DATA for
600+ customers…

32. We have been are building off a strong foundation -
Strong showing at RSA 2013, 2014, and 2015
Informatica won awards at Product Award reception at RSA 2013, 2014 & 2015
• Gold Award for Best New Security Product - Informatica Secure@Source
• Gold Award for Database Security, Data Leakage Prevention/Extrusion Prevention -
Informatica Dynamic Data Masking
• Bronze Award for New Product - Informatica Cloud Test Data Management

33. Threat Ready
-
It’s In Your
Hands
THANK YOU