Presentation is loading. Please wait.

Presentation is loading. Please wait.

1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC

Similar presentations


Presentation on theme: "1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC"— Presentation transcript:

1 1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC

2 2© Copyright 2014 EMC Corporation. All rights reserved. No Shortage of Hard Security Challenges! Infrastructure Transformation Mobile Cloud Less control over access device and back-end infrastructure Threat Landscape Transformation APTs Sophisticated Fraud Fundamentally different tactics, more formidable than ever Business Transformation More hyper-extended, more digital Extended Workforce Networked Value Chains Big Data

3 3© Copyright 2014 EMC Corporation. All rights reserved. Mainframe, Mini Computer Terminals LAN/Internet Client/Server PC Mobile Cloud Big Data Social Mobile Devices MILLIONS OF USERS THOUSANDS OF APPS HUNDREDS OF MILLIONS OF USERS TENS OF THOUSANDS OF APPS BILLIONS OF USERS MILLIONS OF APPS Source: IDC, Emergence of the Third Platform

4 4© Copyright 2014 EMC Corporation. All rights reserved. Emergence of New Attackers Nation state actors PII, government, defense industrial base, IP rich organizations Criminals Petty criminals Organized crime Organized, sophisticated supply chains (PII, financial services, retail) Unsophisticated Non-state actors TerroristsAnti-establishment vigilantes “Hacktivists” Targets of opportunity PII, Government, critical infrastructure

5 5© Copyright 2014 EMC Corporation. All rights reserved. TIME Evolving Attack Goals and Methods Worms/ Viruses Simple DDoS Phishing Pharming APTs Multi-Stage Hacker Collaboration Disruptive Attacks Destructive Attacks Intrusive Attacks Advanced DDoS Sophisticated Mobile Attacks The Unknown??

6 6© Copyright 2014 EMC Corporation. All rights reserved. As the world goes mobile cyber crime will follow 1 TREND1 INTH3WILD

7 7© Copyright 2014 EMC Corporation. All rights reserved. World wide Trojans are going deeper underground 2 TREND2 INTH3WILD

8 8© Copyright 2014 EMC Corporation. All rights reserved. Hacktivism and the ever targeted enterprise 3 TREND3 INTH3WILD

9 9© Copyright 2014 EMC Corporation. All rights reserved. Account takeover and increasing use of manual assisted cyber attacks 4 TREND4 INTH3WILD

10 10© Copyright 2014 EMC Corporation. All rights reserved. Fraud-as-a-Service Cybercriminals increase effectiveness of attacks - even leverage big data principles 5 TREND5 INTH3WILD

11 11© Copyright 2014 EMC Corporation. All rights reserved. Traditional Security Is Not Working Source: Verizon 2013 Data Breach Investigations Report 97% of breaches led to compromise within “days” or less with 72% leading to data exfiltration in the same time 78% of breaches took “weeks” or more to discover 66% took “months or more”

12 12© Copyright 2014 EMC Corporation. All rights reserved. “…prevention and preventative security controls will fail. Prevention fails on a daily basis at many organizations; it will suffice to look at antivirus tools and contrast their 99%-plus deployment rates with widespread ongoing malware infection rates.” Security Incident Response in the Age of APT, Dr. Anton Chuvakin, Gartner, September 25, 2013

13 13© Copyright 2014 EMC Corporation. All rights reserved. Intelligence is the Game Changer

14 14© Copyright 2014 EMC Corporation. All rights reserved. A New Security Approach Is Required IT CONTROLLED PERIMETER-BOUND PREVENTION SIGNATURE-BASED 3 RD PLATFORM 2 ND PLATFORM Mobile Cloud Big Data Social Mobile Devices LAN/Internet Client/Server PC USER-CENTRIC BORDERLESS DETECTION INTELLIGENCE-DRIVEN

15 15© Copyright 2014 EMC Corporation. All rights reserved.  Perimeter-based  Static Controls  Siloed Management System Historical ReactiveIntelligence Driven  Risk-based  Dynamic/Agile Controls  Contextual/Interactive Management System Shift in Security Models New

16 16© Copyright 2014 EMC Corporation. All rights reserved. SOC Manager Tier 2 Analyst Analysis & Tools Support Analyst Tier 1 Analyst Threat Intelligence Analyst Achieving Intelligence-Driven Security Critical Incident Response – process, people and technology

17 17© Copyright 2014 EMC Corporation. All rights reserved. Planning Your Journey Siloed compliance focus, disconnected risk, basic reporting Managed automated compliance, expanded risk focus, improved analysis/metrics Advantaged fully risk aware, exploit opportunity Reduce compliance cost Gain resource & risk visibility Manage known & unknown risks Identify new business opportunities

18 18© Copyright 2014 EMC Corporation. All rights reserved. Thank you


Download ppt "1© Copyright 2014 EMC Corporation. All rights reserved. Securing the Cloud Gintaras Pelenis Field Technologist RSA, the Security Division of EMC"

Similar presentations


Ads by Google