Presentation is loading. Please wait.

Presentation is loading. Please wait.

Protect your Digital Enterprise

Published byIlene Parrish Modified over 7 years ago

Similar presentations

Presentation on theme: "Protect your Digital Enterprise"— Presentation transcript:

1 Protect your Digital Enterprise
Sajith Rahman K Hewlett Packard Enterprise . Solution Architect-Pre-Sales Consultant. South India & Sri Lanka.

2 Today’s digital Enterprise needs a new style of protection
IaaS SaaS PaaS Off Premise On Premise USERS Protect your most business-critical digital assets and their interactions, regardless of location device APPS DATA BIG DATA BYOD Off Premise

3 Managing risk in today’s digital enterprise
Data User Interaction Application

4 Traditional data security
Everything encrypted at the end point

5 Challenges with traditional data security
Performance issues. Managing keys. Application rewrite. Data visible to privilege users. PCI scope reduction

6 Format-Preserving Encryption & Tokenization.
Preserves referential integrity Supports data of any format: name, address, dates, numbers, etc. Provides production protection and data masking Embeds the key rotation policy in the data Reduces the need to re-encrypt PCI Scope Reductions.

7 Traditional Application Security
84% of breaches target applications Applications have become the new perimeter  Develop Test Deploy

8 80% of successful attacks target the application layer
$3.8m Average Cost of breach Less than 10% of IT Security Spend on Application Security 86% of applications are in trouble 13% of applications compromised completely automatically Sources: Gartner , Ponemon Institute, Annual Study: $U.S. Cost of a Data Breach, The Open Security Foundation

9 Cyber attackers are targeting applications
Intellectual Property Customer Data Business Processes Trade Secrets Applications Hardware Security Measures Switch/Router security Firewalls NIPS/NIDS VPN Net-Forensics Anti-Virus/Anti-Spam DLP Host FW Host IPS/IDS Vuln. Assessment tools Networks

10 Operate Securing the new SDLC Secure Development Security Testing
Deploy Secure Development Find and fix as developer codes Security Testing Expand testing to web, mobile and cloud applications in production Software Security Assurance Programmatic approach to securing applications at scale

11 Application Security A proactive approach to defend the organisations from application layer threats by building security within the applications… Secure By Design Secure By Development Secure By Deployment

12 Internal Users are Now the Weakest Link
SIEM focuses on the “known”; Analytics shines a light on the “unknown A determined attacker will get in 98% of all breaches investigated, evidence of the attacker activity was available and contained in security log files (Verizon Data Breach Report) 83% of all data loss was via legitimate credentials (Verizon Data Breach Report, 100% Mandiant) Little/no visibility inside the enterprise of lateral movement, applications Lack of monitoring/tracking of internal sources / networks

13 User Behavior Analytics Overview
Identity Risk scoring & Prioritization Abnormal Behavior Detection Active Monitoring of Events Contextual Visual Investigation Learn normal Identify Weird Access UBA Activity (Events & Applications)

14 What value does UBA bring to our customers?
Find the malicious user Faster event resolution Prioritization of high risk users Investigation efficiency & visualization 5-1 ROI impact

15 Detecting not “normal” for that user
+1 +1 Frequency spike Event rarity Behavioral analysis +1 +1 Behavior profiles Peer group profiles Amount spike Peer group comparison Peer analysis Suspicious activities & transactions Suspicious account usage Suspicious system usage

16 How Destructive is Malware?
In an average week, an organization receives 17,000 malware alerts $1.27 million annually Average cost of time wasted responding to inaccurate intelligence 205 Percentage of malware alerts deemed to be reliable Median number of days threat groups were present on a victim’s network before detection Mandiant Ponemon Institute

17 DNS Malware Analytics USE CASE:
An automated service to Detect and Identify hosts inside my Enterprise which: Are positively infected with malware, bots, or other unknown threats Are trying to contact Command and Control Servers or exfiltrate data, Other perimeter or internal security products have not detected, High fidelity – Low false-positive Alerts, Enable Operational Staff (L1) to mitigate/remediate, Data feeds/Alerts fit into my existing SOC infrastructure without expansion.

18 Thank You

Download ppt "Protect your Digital Enterprise"

Similar presentations

1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.

1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.
©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Mary Ann Fitzsimmons Regional.

©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Mary Ann Fitzsimmons Regional.
Security Life Cycle for Advanced Threats

Security Life Cycle for Advanced Threats
1 1. 2 2 Jeff Hart M2 Technology IT Situational Awareness 2.

Jeff Hart M2 Technology IT Situational Awareness 2.
Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –

Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –
Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.

©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.
© 2015 Cisco and/or its affiliates. All rights reserved. 1 The Importance of Threat-Centric Security William Young Security Solutions Architect It’s Our.

© 2015 Cisco and/or its affiliates. All rights reserved. 1 The Importance of Threat-Centric Security William Young Security Solutions Architect It’s Our.
Microsoft Ignite /16/2017 4:54 PM

Microsoft Ignite /16/2017 4:54 PM
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
IBM Security Network Protection (XGS)

IBM Security Network Protection (XGS)
© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.

© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.
Www.encase.com Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,

Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,
Ken Paiboon 214.274.3436 ken@exabeam.com User Behavior Intelligence Fundamentals: Behaviors, Characteristics, and Facts Ken Paiboon 214.274.3436 ken@exabeam.com.

Ken Paiboon User Behavior Intelligence Fundamentals: Behaviors, Characteristics, and Facts Ken Paiboon
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
Security Imperatives in a New Workplace Partnering to Protect Digital Information in the 21st Century Presented by Michael Ferris, Alaska Enterprise Solutions.

Security Imperatives in a New Workplace Partnering to Protect Digital Information in the 21st Century Presented by Michael Ferris, Alaska Enterprise Solutions.
Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.

Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.
Dell Connected Security Solutions Simplify & unify.

Dell Connected Security Solutions Simplify & unify.
© 2015 ForeScout Technologies, Page 2 Source: Identity Theft Resource Center Annual number of data breaches Breaches reported Average annual cost of security.

© 2015 ForeScout Technologies, Page 2 Source: Identity Theft Resource Center Annual number of data breaches Breaches reported Average annual cost of security.
USER ACTIVITY MONITORING: MITIGATING USER-BASED RISK Presented by XXXX.

USER ACTIVITY MONITORING: MITIGATING USER-BASED RISK Presented by XXXX.

Similar presentations

Ads by Google