2. Pini Cohen and Sigal Russin’s work/
Copyright@2013
Do not remove source or attribution from any
slide, graph or portion of graph
Customers Main Issues in 2012
• Cyber security -Smarter & Complexity attacks,
APT, DDOS
• BYOD - Security on Mobile –MDM
• Network monitoring -SIEM
• NAC –network access control
• WI-FI as a service
• Control & Monitoring of Administrative
• Unauthorized Device Detection
• DLP- Data loss prevention
• Cloud security
• Regulation – ISO
2
3. Pini Cohen and Sigal Russin’s work/
Copyright@2013
Do not remove source or attribution from any
slide, graph or portion of graph
Security
• Security 2013
• Social engineering
• Identity management
• Cloud storage services
3
4. Pini Cohen and Sigal Russin's work
Copyright@2013
Do not remove source or attribution
from any slide, graph or portion of
graph 4
Security
5. Pini Cohen and Sigal Russin’s work/
Copyright@2013
Do not remove source or attribution from any
slide, graph or portion of graph
Industry groups represented by percent of breaches
5
Source: Verison , 2012 DATA BREACH INVESTIGATIONS REPORT
Security
6. Pini Cohen and Sigal Russin’s work/
Copyright@2013
Do not remove source or attribution from any
slide, graph or portion of graph
Social tactics by percent of breaches within Social
6
Source: Verison , 2012 DATA BREACH INVESTIGATIONS REPORT
Security
7. Pini Cohen and Sigal Russin’s work/
Copyright@2013
Do not remove source or attribution from any
slide, graph or portion of graph
7
Source: Ponemon Institute
Security
8. 8
Pini Cohen and Sigal Russin's work
Copyright@2013
Do not remove source or attribution
from any slide, graph or portion of
graph
1
3
2
9. Pini Cohen and Sigal Russin’s work/
Copyright@2013
Do not remove source or attribution from any
slide, graph or portion of graph
9
Security
10. Pini Cohen and Sigal Russin's work
Copyright@2013
Do not remove source or attribution
from any slide, graph or portion of
graph
Identity & Access Management
10
11. Pini Cohen and Sigal Russin’s work/
Copyright@2013
Do not remove source or attribution from any
slide, graph or portion of graph
11
Security
12. Pini Cohen and Sigal Russin’s work/
Copyright@2013
Do not remove source or attribution from any
slide, graph or portion of graph
12Source: veracode
13. Pini Cohen and Sigal Russin's
work Copyright@2013
Do not remove source or
attribution from any slide, graph
or portion of graph 13
"Forrester: “Most data breaches caused by employees
30% - 'simple loss or theft‘
27% - 'inadvertant misuse by an employee‘
25% - 'external attack‘
12% - 'malicious insiders‘
Source: information week 2012
Security
14. Pini Cohen and Sigal Russin’s work/
Copyright@2013
Do not remove source or attribution from any
slide, graph or portion of graph
Turn Insiders Into Assets - Security Awareness Program
14
Source: information week 2012
Focus on changing user behavior- training your employee
(videos)
Test and retest - testing employee reaction to an actual test
like: phishing e-mails.
Teach the individual- tailored training to the company and
the individuals who work there (USB devices).
Even a failure can be a success- employee reports, susceptible
to social engineering.
15. Pini Cohen and Sigal Russin’s work/
Copyright@2013
Do not remove source or attribution from any
slide, graph or portion of graph
Most Intellectual Property Theft Involves Company Insiders
• Perimeter defenses do not absolutely protect a network, vetting
suppliers is not a sure way to protect against compromised
hardware. You should monitor for anomalies in your network.
• Keep Policy Up To Date!
15
Source: information week 2012, Verison
Security
16. Pini Cohen and Sigal Russin’s work/
Copyright@2013
Do not remove source or attribution from any
slide, graph or portion of graph
Best Practices for Defending Yourself
16
Out of office replies- do not give a stranger personally
identifiable information.
Email Links and Attachments-never open a link or an attachment
from someone you don’t know.
Phone Calls-requiring that employees use verbal code words to
verify their identity.
On-Premise Badge and Security- use cameras, guards and
mantraps before a secure doorway.
Unlocked Computers and Laptops- always be vigilant!
Source: http://blog.neustar.biz/dont/social-engineering-5-tips-and-best-practices-for-defending-against-it/
17. Pini Cohen and Sigal Russin’s work/
Copyright@2013
Do not remove source or attribution from any
slide, graph or portion of graph
17
Security
18. Pini Cohen and Sigal Russin’s work/
Copyright@2013
Do not remove source or attribution from any
slide, graph or portion of graph
18
Security
19. Pini Cohen and Sigal Russin’s work/
Copyright@2013
Do not remove source or attribution from any
slide, graph or portion of graph
Don’t risk your Data!
19
Source: Ponemon Institute
20. Pini Cohen and Sigal Russin’s work/
Copyright@2013
Do not remove source or attribution from any
slide, graph or portion of graph
Cloud Storage Services Definition
• A network of distributed data centers which typically uses cloud
computing technologies like virtualization, and offers some kind
of interface for storing data.
• To increase the availability of the data, it may be redundantly
stored at different locations.
• Many cloud storage providers are active on the market, offering
various kinds of services to their customers.
20
Source: https://www.sit.fraunhofer.de/fileadmin/dokumente/studien_und_technical_reports/Cloud-Storage-Security_a4.pdf
Security
21. Pini Cohen and Sigal Russin’s work/
Copyright@2013
Do not remove source or attribution from any
slide, graph or portion of graph
Cloud Storage Features
21
Source: https://www.sit.fraunhofer.de/fileadmin/dokumente/studien_und_technical_reports/Cloud-Storage-Security_a4.pdf
Security
22. Pini Cohen and Sigal Russin’s work/
Copyright@2013
Do not remove source or attribution from any
slide, graph or portion of graph
Case Study : DROPBOX
22
APIBrowser
Dropbox uses Amazon Web Services (AWS) for storage and transfer.
Dropbox does not verify the email address at registration, hence it is open
for incrimination attacks.
Client-side encryption is not supported.
It is unclear which flavor of sharing is used if non-subscribers are included
(closed user group vs. publication).
In 2011 accounts could be accessed without a password,
and in 2012 spam emails were sent to Dropbox users.
SouIe: https://www.sit.fraunhofer.de/fileadmin/dokumente/studien_und_technical_reports/Cloud-Storage-Security_a4.pdf
Security
23. Pini Cohen and Sigal Russin’s work/
Copyright@2013
Do not remove source or attribution from any
slide, graph or portion of graph
23
Source: The FixYa Cloud Storage Report. Novmber 2012
Security
24. Pini Cohen and Sigal Russin’s work/
Copyright@2013
Do not remove source or attribution from any
slide, graph or portion of graph
Security Concerns
• SkyDrive uses SSL to encrypt files during transport, but files are
unencrypted once at rest on Microsoft’s servers.
• Data Leak
24
Source: Ponemon Institute
25. Pini Cohen and Sigal Russin’s work/
Copyright@2013
Do not remove source or attribution from any
slide, graph or portion of graph
Secured Alternative Solutions
• Use Local encryption for protecting your data
• IBM Collaboration Cloud
• Box.net
• SpiderOak
• Sharefile –Citrix
• WatchDox
• Acronis
• Application Rapping
• Symantec
• F5
25
67% viewed third-party
applications as a significant
risk – second to mobile
security risk.
Security
26. Pini Cohen and Sigal Russin’s work/
Copyright@2013
Do not remove source or attribution from any
slide, graph or portion of graph
WatchDox
26
ACCESS documents on any device
SHARE documents across organizations
CONTROL documents at all times
Security
27. Pini Cohen and Sigal Russin's work
Copyright@2013
Do not remove source or attribution
from any slide, graph or portion of
graph
WatchDox Makes Document Security Easy
Email Sharing
Group Collaboration
Cross-Device Sync
WatchDox
Exchange
WatchDox
Workspaces
WatchDox
Sync
• Security is added seamlessly, automatically
• Documents encrypted at all times: rest, transit, use
28.
29.
30. Pini Cohen and Sigal Russin's work
Copyright@2013
Do not remove source or attribution
from any slide, graph or portion of
graph
Recommendations
• Review your security policy related to social engineering
• DO NOT allow using free cloud storage OR
• Allow employee BYOA but secure it with encryption tools
• Use a collaboration tool for better productivity & security
• Start Identity & access management project
• Education ,awareness Training!
30
31. Pini Cohen and Sigal Russin's work
Copyright@2013
Do not remove source or attribution
from any slide, graph or portion of
graph
Data Leakage Prevention -Israeli Market Positioning 1Q13
31
LocalSupport
Market Presence/Perception
Websense
McAfee
Symantec
GTB
Verdasys
EMC
Safend
Fidelis
CA
Checkpoint
Player
Worldwide
Leader
32. Pini Cohen and Sigal Russin's work
Copyright@2013
Do not remove source or attribution
from any slide, graph or portion of
graph 32
Security Consultants -Israeli Market View 1Q13 (Partial List)
Source: STKI
*DataSec, **Oasis-Tech
33. Pini Cohen and Sigal Russin's work
Copyright@2013
Do not remove source or attribution
from any slide, graph or portion of
graph 33
Security System Integrators -Israeli Market View 1Q13 (Partial List)
Source: STKI
*Netcom
**Spider
^Oasis-Tech
^^Decimus
34. Pini Cohen and Sigal Russin's work
Copyright@2013
Do not remove source or attribution
from any slide, graph or portion of
graph
Networking General trends-2013
34
Software-
defined
networking will
replace current
NAC
Wireless local
area network
(WLAN) for
guests and
BYOD (VoWLAN)
Network
visibility in
virtualized
environments
35. Pini Cohen and Sigal Russin's work
Copyright@2013
Do not remove source or attribution
from any slide, graph or portion of
graph
Network Visibility Benefits
Improve the performance of your network with cloud computing,
video streaming, mobility etc.
Utilize security issues and application performance management.
Good view of your network traffic down to the packet level.
You don’t need to go through an emergency change control at the
start of the incident just to get these taps!
35
Networking
36. Pini Cohen and Sigal Russin's work
Copyright@2013
Do not remove source or attribution
from any slide, graph or portion of
graph
Port Mirroring
• Requires an engineer to configure the switch or switches.
• Eliminate corrupt packets or packets which below a minimum size.
• Switches may drop layer 1 and select layer 2 errors depending on high
priority.
• Need to troubleshoot common physical layer problems such as faulty
NIC.
• A network devices can support a restricted number of port mirrors.
It is very important for security and analysis the same data with
many devices.
36
37. Cyber Security Challenges – No Visibility
NETWORK INFRASTRUCTURE
Traffic
Data Center
Device
New Applications
New Protocols, Encrypted Traffic
BYOD
Mixture of devices, Policies & Compliance
Cloud / Virtualization
Applications go virtual, Inter-VM traffic
Traffic Growth
Number of links, Size of links, amount of traffic
Cloud /
Virtualization
38. Solution - Visibility with NPB
NETWORK
INFRASTRUCTURE
Traffic
Data Center
Device
Cloud /
Virtualization
Network Packet Broker
MONITORING
TOOLS
40. Pini Cohen and Sigal Russin's work
Copyright@2013
Do not remove source or attribution
from any slide, graph or portion of
graph
Data Leakage Prevention -Israeli Market Positioning 1Q13
40
LocalSupport
Market Presence/Perception
Websense
McAfee
Symantec
GTB
Verdasys
EMC
Safend
Fidelis
CA
Checkpoint
Player
Worldwide
Leader
41. Pini Cohen and Sigal Russin's work
Copyright@2013
Do not remove source or attribution
from any slide, graph or portion of
graph
Customer Center Infrastructure -Israeli Market Positioning 1Q13
41
LocalSupport
Market Presence/Perception
Player
Worldwide
Leader
Cisco
Alcatel-Lucent
Avaya
Interactive Intelligence
Cosmocom
Siemens EC
Aspect
42. Pini Cohen and Sigal Russin’s work/
Copyright@2013
Do not remove source or attribution from any
slide, graph or portion of graph
Network Access Control -Israeli Market Positioning 1Q13
42
LocalSupport
Market Presence/Perception
Player
Worldwide
Leader
Access Layers
Wise-Mon
Fore Scout
Cisco
Juniper
Symantec
Microsoft
Checkpoint
HP
Enterasys
43. Pini Cohen and Sigal Russin's work
Copyright@2013
Do not remove source or attribution
from any slide, graph or portion of
graph
Output Management-Israeli Market Positioning 1Q13
43
LocalSupport
Market Presence/Perception
Player
Worldwide
LeaderAman
Adobe
Auto font
Consist
ISIS-Papyrus
Vendors to watch :
HP
44. Pini Cohen and Sigal Russin's work
Copyright@2013
Do not remove source or attribution
from any slide, graph or portion of
graph
HP Exstream
44
45. Thanks for your patience and hope you enjoyed
45
Pini Cohen and Sigal Russin's work Copyright@2013
Do not remove source or attribution from any slide, graph or portion of graph