Presentation is loading. Please wait.

Presentation is loading. Please wait.

Is technology ubiquity a chance to re-connect security? Greg Day Director of Security Strategy.

Published byJulius Kippes Modified over 10 years ago

Similar presentations

Presentation on theme: "Is technology ubiquity a chance to re-connect security? Greg Day Director of Security Strategy."— Presentation transcript:

1 Is technology ubiquity a chance to re-connect security? Greg Day Director of Security Strategy

2 The changing technology landscape Circa 50% Source: Citi Investment Research and Analysis (support iPads) 150m a year (2015) Source: Ovum Q3 - 14.1m 12.1m Source: http://gizmodo.com/5667042/apple-sells-more-ipads-than-macs-on-the-way-to-record-20-billion-revenuehttp://gizmodo.com/5667042/apple-sells-more-ipads-than-macs-on-the-way-to-record-20-billion-revenue Circa 50% Source: IDC, Data is freely intermingle d

3 What risks do they really bring? Banking services already targeted –Authentication –Vulnerabilities in the apps Heavily used for social networking Apps stores add revenue –10,000,000,000+ downloads to date! –Worth billions per year! Less than 1000 viruses today due to diversity

4 Enterprise and LOB Apps Web and Social Media Basic Services Customer Facing Apps Mobile Enterprise Apps are Rapidly Evolving What are your long term goals?

5 Approaches to Security on Smart Devices Segregate data (inc wipe) Secure 3 rd party apps Security controls Sandbox Full device Mitigate on device attacks

6 Integration of Smart devices to your existing security strategy - Enterprise Mobile Manager Database Files Directory Applications Certificate Services Messaging Enterprise Environment Windows Mobile Symbian Android webOS iPhone iPad McAfee EMM IT Ops Support Provisioning Compliance Policy Management Security & Authentication Mobile Device Management

7 Virtualization Enables technology ubiquity Expect 50% of the enterprise data centers workloads to be virtualized by the end of 2012 (Gartner) –Go green, decrease datacenter footprint, improve utilization –Enables faster response reducing application deployment and migration times But Gartner report that –Through 2012, 60% of virtualized servers will be less secure than the physical servers they replace, dropping to 30% by YE15 –40% of virtualization deployment projects were undertaken without involving the information security team in the initial architecture and planning Hypervisor VM

8 Secure Virtualization Challenges How can I ease management across physical and virtualized environments? Virtual images built on the fly redefine the notion of an asset Virtualized systems are no longer systems, they become data Security impacts performance Compliance and operational procedures l ess defined Lack of support for live-migration Endpoint security not designed for VDI Excessive resource utilization is slowing adoption Virtualized Desktops Virtualized Servers

9 Is your security utilizing the advantages of technology? MOVE (McAfee Optimized Virtual Environments ) Move security processing out of each VM – Offloading Optimized with the Hypervisor to address scalability Enables planned capacity ~60% more VDI density Integrated management, responsive user experience, supporting persistent and non-persistent desktops Hypervisor VM MOVE Virtual Appliance MOVE Server McAfee EPO Cache Synchronization Protocol Cloud Threat Intel (GTI) Scan Engine

10 Changing the way we apply security in the future Application Control Dynamic whitelisting Trusted applications Trusted sources Memory Protection No Updates Change Control Change configuration audit File Integrity Monitoring and Change Prevention Prevents “compliance drift” Keep the bad stuff out Stop unauthorized apps “Greater protection, faster time to compliance, lower cost” Deny unauthorized changes Enforce change policy Integrity Control = Application Control + Change Control

11 Security Management The Problem Security Dashboard Modestly Helpful  Decision-making still manual  Based on human correlation of available information Net Result  Dramatic increase in Information Risk and Costs to secure Security Purchases are Tactical  Patchwork of independent products  Requiring separate management Threats Overwhelm Existing Approach  Many product types and security layers  Can’t continue to add resources to manage new events, products

12 Leads to Proliferation of Security Management Consoles and Reporting Tools Anti-virus Management Tools 1 Network Access Control Management Tools 8 Anti-spyware Management Tools 2 Host Intrusion Prevention Management Tools 7 Desktop Firewall Management Tools 3 Data Protection (DLP, Encryption, etc.) Management Tools 6 Policy Auditing Management Tools 4 Web Security Management Tools 5 Security Landscape

13 A Re-connection strategy: Security Connected

14 Optimizing a Security Architecture Requires / Centralized security management Open platform for centralized management and maximum interoperability / Real-time Threat Intelligence Actionable protection with the delivery of correlated threat intelligence and immediate visibility into enterprise-wide security posture / Multi-layered protection Effective and efficient defense in depth provided by multi-layered security approach / Automated compliance Compliance-ready solutions which streamline prioritization of threat responses, reporting, policy and risk management

15 McAfee Global Threat intelligence - Intelligent Connected Security via the Cloud EmailFirewall IPS DLPWebAWL ePO AV File Reputation Web Reputation Web Categorization Network Connection Reputation Message Reputation Vulnerability Information Threat Intelligence Feeds Other feeds & analysis ServersFirewallsEndpointsAppliances Mobile

16 PROTECTION REAL TIME THREAT FEEDS (GTI) ACTIONABLE INFORMATION SECURITY METRICS ePO DLP Web IPSSIA Endpoint White Listing Encrypt. Risk Mgmt EmailFirewall Security Optimization Security Management Platform: ePO Executive Security Admin IT Architect Security Management Platform

17 Real Business Risk Assessment ““3,000 to 30” – Countermeasure aware risk management correlates MTIS threat feeds with discovered vulnerabilities, assets, and deployed countermeasures (intrusion protection, anti-virus, buffer overflow) Leverages GTI threat advisory information, delivered by MTIS feed Risk = (Threat X Vulnerability X Asset)/Detailed Countermeasure 17

18 McAfee’s Open Platform for Security Risk Management Industry Leadership to Drive Better Protection, Greater Compliance and Lower TCO SIA Associate Partner SIA Technology Partner (McAfee Compatible)

19 Cost Model of Enterprise Security 19 RISK OPTIMIZATION Optimized spend ~4% with very low risk Compliant/Proactive spend ~8% of IT budget on security Medium risk Reactive spend ~3% of IT budget on security High risk Why has it been so challenging to reduce risk? DYNAMIC Predictive and agile, the enterprise instantiates policy, illuminates events and helps the operators find, fix and target for response. Tools Based Applying tools and technologies to assist people in reacting faster REACTIVE & Manual People only. No tools or processes. “Putting out fires”.

20 Greg Day Director of Security Strategy, EMEA Greg_Day@McAfee.com McAfeeGregDay

Download ppt "Is technology ubiquity a chance to re-connect security? Greg Day Director of Security Strategy."

Similar presentations

www.itexpo.com October 10-13, 2006 San Diego Convention Center, San Diego California VoIP/SOA Integration Impact on IT Apps, Processes, & Overall Business.

October 10-13, 2006 San Diego Convention Center, San Diego California VoIP/SOA Integration Impact on IT Apps, Processes, & Overall Business.
Unified Communications Bill Palmer ADNET Technologies, Inc.

Unified Communications Bill Palmer ADNET Technologies, Inc.
What is Infrastructure Optimisation and Why should you care?

What is Infrastructure Optimisation and Why should you care?
Network Systems Sales LLC

Network Systems Sales LLC
IBM SMB Software Group ® ibm.com/software/smb Maintain Hardware Platform Health An IT Services Management Infrastructure Solution.

IBM SMB Software Group ® ibm.com/software/smb Maintain Hardware Platform Health An IT Services Management Infrastructure Solution.
IBM DEVELOP, NETWORK, PROMOTE & GROW Cloud Transformation: What are the risks, pitfalls and challenges to be addressed? Steve Strutt, CTO Cloud Computing,

IBM DEVELOP, NETWORK, PROMOTE & GROW Cloud Transformation: What are the risks, pitfalls and challenges to be addressed? Steve Strutt, CTO Cloud Computing,
Palo Alto Networks Jay Flanyak Channel Business Manager

Palo Alto Networks Jay Flanyak Channel Business Manager
2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
Windows Server Deployment and Management With System Center.

Windows Server Deployment and Management With System Center.
1 Dell World 2014 Dell & Trend Micro Boost VM Density with AV Designed for VDI TJ Lamphier, Sr. Director Trend Micro & Aaron Brace, Solution Architect.

1 Dell World 2014 Dell & Trend Micro Boost VM Density with AV Designed for VDI TJ Lamphier, Sr. Director Trend Micro & Aaron Brace, Solution Architect.
New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.

New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.
Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Rob Randell, CISSP, CCSK Principal Systems Engineer – Security.

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Rob Randell, CISSP, CCSK Principal Systems Engineer – Security.
System Center 2012 R2 Overview

System Center 2012 R2 Overview
What’s New: Windows Server 2012 R2 Tim Vander Kooi Systems Architect www.NetComLearning.com.

What’s New: Windows Server 2012 R2 Tim Vander Kooi Systems Architect
The future of Desktops Transform Your Desktop with Virtualization.

The future of Desktops Transform Your Desktop with Virtualization.
Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.

Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
Citrix Partner Update The Citrix Delivery Centre.

Citrix Partner Update The Citrix Delivery Centre.
Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.

Symantec Vision and Strategy for the Information-Centric Enterprise Muhamed Bavçiç Senior Technology Consultant SEE.

Similar presentations

Ads by Google