Presentation is loading. Please wait.

Presentation is loading. Please wait.

1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC

Published byDenise Hornby Modified over 9 years ago

Similar presentations

Presentation on theme: "1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC"— Presentation transcript:

1 1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC Gintaras.pelenis@emc.com

2 2© Copyright 2014 EMC Corporation. All rights reserved. No Shortage of Hard Security Challenges! Infrastructure Transformation Mobile Cloud Less control over access device and back-end infrastructure Threat Landscape Transformation APTs Sophisticated Fraud Fundamentally different tactics, more formidable than ever Business Transformation More hyper-extended, more digital Extended Workforce Networked Value Chains Big Data

3 3© Copyright 2014 EMC Corporation. All rights reserved. Mainframe, Mini Computer Terminals LAN/Internet Client/Server PC Mobile Cloud Big Data Social Mobile Devices MILLIONS OF USERS THOUSANDS OF APPS HUNDREDS OF MILLIONS OF USERS TENS OF THOUSANDS OF APPS BILLIONS OF USERS MILLIONS OF APPS Source: IDC, 2012 2010 1990 1970 Emergence of the Third Platform

4 4© Copyright 2014 EMC Corporation. All rights reserved. Emergence of New Attackers Nation state actors PII, government, defense industrial base, IP rich organizations Criminals Petty criminals Organized crime Organized, sophisticated supply chains (PII, financial services, retail) Unsophisticated Non-state actors TerroristsAnti-establishment vigilantes “Hacktivists” Targets of opportunity PII, Government, critical infrastructure

5 5© Copyright 2014 EMC Corporation. All rights reserved. TIME Evolving Attack Goals and Methods Worms/ Viruses Simple DDoS Phishing Pharming APTs Multi-Stage Hacker Collaboration Disruptive Attacks Destructive Attacks Intrusive Attacks Advanced DDoS Sophisticated Mobile Attacks The Unknown??

6 6© Copyright 2014 EMC Corporation. All rights reserved. As the world goes mobile cyber crime will follow 1 TREND1 INTH3WILD http://www.emc.com/collateral/fraud-report/current-state-cybercrime-2013.pdf

7 7© Copyright 2014 EMC Corporation. All rights reserved. World wide Trojans are going deeper underground 2 TREND2 INTH3WILD

8 8© Copyright 2014 EMC Corporation. All rights reserved. Hacktivism and the ever targeted enterprise 3 TREND3 INTH3WILD

9 9© Copyright 2014 EMC Corporation. All rights reserved. Account takeover and increasing use of manual assisted cyber attacks 4 TREND4 INTH3WILD

10 10© Copyright 2014 EMC Corporation. All rights reserved. Fraud-as-a-Service Cybercriminals increase effectiveness of attacks - even leverage big data principles 5 TREND5 INTH3WILD

11 11© Copyright 2014 EMC Corporation. All rights reserved. Traditional Security Is Not Working Source: Verizon 2013 Data Breach Investigations Report 97% of breaches led to compromise within “days” or less with 72% leading to data exfiltration in the same time 78% of breaches took “weeks” or more to discover 66% took “months or more”

12 12© Copyright 2014 EMC Corporation. All rights reserved. “…prevention and preventative security controls will fail. Prevention fails on a daily basis at many organizations; it will suffice to look at antivirus tools and contrast their 99%-plus deployment rates with widespread ongoing malware infection rates.” Security Incident Response in the Age of APT, Dr. Anton Chuvakin, Gartner, September 25, 2013

13 13© Copyright 2014 EMC Corporation. All rights reserved. Intelligence is the Game Changer

14 14© Copyright 2014 EMC Corporation. All rights reserved. A New Security Approach Is Required IT CONTROLLED PERIMETER-BOUND PREVENTION SIGNATURE-BASED 3 RD PLATFORM 2 ND PLATFORM Mobile Cloud Big Data Social Mobile Devices LAN/Internet Client/Server PC USER-CENTRIC BORDERLESS DETECTION INTELLIGENCE-DRIVEN

15 15© Copyright 2014 EMC Corporation. All rights reserved.  Perimeter-based  Static Controls  Siloed Management System Historical ReactiveIntelligence Driven  Risk-based  Dynamic/Agile Controls  Contextual/Interactive Management System Shift in Security Models New

16 16© Copyright 2014 EMC Corporation. All rights reserved. SOC Manager Tier 2 Analyst Analysis & Tools Support Analyst Tier 1 Analyst Threat Intelligence Analyst Achieving Intelligence-Driven Security Critical Incident Response – process, people and technology

17 17© Copyright 2014 EMC Corporation. All rights reserved. Planning Your Journey Siloed compliance focus, disconnected risk, basic reporting Managed automated compliance, expanded risk focus, improved analysis/metrics Advantaged fully risk aware, exploit opportunity Reduce compliance cost Gain resource & risk visibility Manage known & unknown risks Identify new business opportunities

18 18© Copyright 2014 EMC Corporation. All rights reserved. Thank you

Download ppt "1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC"

Similar presentations

Cyber Crime and Technology

Cyber Crime and Technology
1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.

1© Copyright 2011 EMC Corporation. All rights reserved. The Future of the Advance Soc 3rd Annual Privacy, Access and Security Congress, Ottawa, 2012 Mike.
©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Mary Ann Fitzsimmons Regional.

©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Mary Ann Fitzsimmons Regional.
Security Life Cycle for Advanced Threats

Security Life Cycle for Advanced Threats
Welcome HITRUST 2014 Conference April 22, 2014. The Evolving Information Security Organization – Challenges and Successes Jason Taule, Chief Security.

Welcome HITRUST 2014 Conference April 22, The Evolving Information Security Organization – Challenges and Successes Jason Taule, Chief Security.
1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
UNCLASSIFIED Cybercrime: The Australian Experience Australian Cybercrime Online Reporting Network (ACORN) Conference Assistant Commissioner Tim Morris.

UNCLASSIFIED Cybercrime: The Australian Experience Australian Cybercrime Online Reporting Network (ACORN) Conference Assistant Commissioner Tim Morris.
Malware\Host Analysis for Level 1 Analysts “Decrease exposure time from detection to eradication” Garrett Schubert – EMC Corporation Critical Incident.

Malware\Host Analysis for Level 1 Analysts “Decrease exposure time from detection to eradication” Garrett Schubert – EMC Corporation Critical Incident.
1 Getting Beyond Standalone Antivirus to Advanced Threat Protection Eric Schwake Sr. Product Marketing

1 Getting Beyond Standalone Antivirus to Advanced Threat Protection Eric Schwake Sr. Product Marketing
1© Copyright 2011 EMC Corporation. All rights reserved. Advanced Persistent Threat Sachin Deshmanya & Srinivas Matta.

1© Copyright 2011 EMC Corporation. All rights reserved. Advanced Persistent Threat Sachin Deshmanya & Srinivas Matta.
The shadow war: What policymakers need to know about cybersecurity Eric Miller Vice President, Policy, Innovation, and Competitiveness Canadian Council.

The shadow war: What policymakers need to know about cybersecurity Eric Miller Vice President, Policy, Innovation, and Competitiveness Canadian Council.
©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.

©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.
A Layered Approach to Support Extranet Security Ralph Santitoro Director of Security Solutions - Nortel SUPERCOMM 2005 Panel 2 Session - June.

A Layered Approach to Support Extranet Security Ralph Santitoro Director of Security Solutions - Nortel SUPERCOMM 2005 Panel 2 Session - June.
1. 2 A High Tech Crime Investigation Lessons learned by the National High Tech Crime Center Hans Oude Alink, project leader NHTCC November 2005.

1. 2 A High Tech Crime Investigation Lessons learned by the National High Tech Crime Center Hans Oude Alink, project leader NHTCC November 2005.
Understanding and Dealing with Modern Threats Trent Greenwood, Manager Security Practioners TOLA.

Understanding and Dealing with Modern Threats Trent Greenwood, Manager Security Practioners TOLA.
© 2012 Solera Networks. Contains confidential, proprietary, and trade secret information of Solera Networks. Any use of this work without express written.

© 2012 Solera Networks. Contains confidential, proprietary, and trade secret information of Solera Networks. Any use of this work without express written.
1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.

1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.
Mobil e 65% of companies are deploying at least one social software tool. SocialClou d Digital content grew to Over 80% of new apps were distributed or.

Mobil e 65% of companies are deploying at least one social software tool. SocialClou d Digital content grew to Over 80% of new apps were distributed or.
Computer Crime and Information Technology Security

Computer Crime and Information Technology Security
Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.

Staying Ahead of the Curve in Cyber Security Bill Chang CEO, SingTel Group Enterprise.

Similar presentations

Ads by Google