cio perspectives on security marcos alves regional sales manager protegendo seu ambiente em tempo de...

CIO Perspectives on Security

Marcos Alves

Regional Sales Manager

Protegendo seu Ambiente em tempo de Ameaças modernas

Key Perspectives

2 | ©2014, Palo Alto Networks. Confidential and Proprietary.

Think Strategically about Security

Safely Enable the Business – Safe Enablement

Apply Innovative Thinking to Security Challenges


Table of Contents


Changing IT and CIO Role

Good/Bad News Story

Rethinking Security Strategically

CIO Considerations for the Future

1

2

3

4

Suddenly, Your Board is (More) Interested in Security


What Are You Telling Your Board?Key threatsKey risksKey assetsBreach “inevitable,” acceptable?Risk/security posture adequate?Required investments?

BusinessOpportunities

SecurityRisks

SaaS

Mobility + BYOD

Social + Consumerization

Cloud + Virtualization

Opportunity or Challenge?

IT Must be a Strategic Business Enabler

The Role of IT and the CIO is Changing


Tectonic Shifts in BusinessGive Rise to a New Era ofAdvanced Cyber Threats

The CIO Must Make Security a Top Priority


IT service model changing Security is higher priority for CIO

Sophisticated attackers, evolving tactics Spotlight is on CIO in the face of breaches

Cannot delegate security any longer No one is immune to advanced threats A new approach is needed

Emerging CIO Priorities – Are You Prepared?


Service/Performance

Traditional Emerging Priorities

Cloud/Disintermediation

Secure Cloud

Visibility –Network and Data

Zero Trust Model

Disruptive“Kill Chain” Solutions

Close Monitoringand Analytics

Perimeter Security

Application Proliferation

Uncontrolled Data Movement

Data Center andEndpoint Security

Ineffective Endpoint andSilo’d Network Protection

Challenges and Change Introduce Tremendous Risks


Reliance on Multiple Layers of Service Providers

Application Economy

Consumerization of IT

Internet of Things

Social, Mobile, Analytics, Cloud

OrganizationalRisk

RiskExposure

Rate of Change/Complexity

DecreasingVisibility

and Control

Security Can Also be an Enabler


Effective outreach to customers

Collaboration and information sharing

Creation of forums and communities of interest

Data analytics for insight and competitive advantage

Faster time-to-market of information and products

Safe EnablementPrinciples

Organization Needsand Requirements

Objectives Growth Efficiency Profitability

Flexibility Product Costs

Risks Brand/Image Financial Competitive

Operational Regulatory

External Drivers Market/Industry Technology Competitors

Adopt EmergingSecurity Faster

Robust EnterpriseSecurity Architecture

Enable with theRight Security

Outcomes

Design for Prevention,Prepare for Remediation

Prevent LateralAttacker Movement

Protect theData Center

Improve patient care and access to records/information

Improve doctor-patient communications

Improve clinical research/discovery thru better information integration


Table of Contents



Good/Bad News Story



1

2

3

4

Good News


The Basics Are Still Critically Important

Governance SecurityFrameworks Policies Standards

Risk andCompliance

Management

Identityand Access

SSO StrongPassword

Multi-FactorAuthentication Certificates

DataProtection

Encryption KeyManagement

Data LeakProtection

Backupand Archive

Logging andMonitoring

Audit Logs Measurements Correlation Retention

Bad News – Line of Security Products

Anti-APT forPort 80 APTs

Anti-APT forPort 25 APTs

Endpoint AV

DNS Protection Cloud

Network AV

DNS Protection forOutbound DNS

Anti-APT Cloud

Internet

Enterprise Network

UTM/Blades

DNS AlertEndpoint AlertWeb AlertSMTP AlertSMTP AlertSMTP AlertSMTP AlertWeb AlertDNS AlertDNS AlertSMTP AlertAPTWeb Alert Web AlertAV AlertAV AlertWeb AlertDNS AlertSMTP AlertEndpoint Alert

Lacks Integration Alert Overload Manual Response

Vendor 1

Vendor 2InternetConnection

MalwareIntelligence

Vendor 3

Vendor 4

Limited Visibility

AV – Anti Virus APT – Advanced Persistent ThreatUTM – Unified Threat Manager

Failing Security Architectures Provide a False Sense of Security


Understanding the Attack Kill Chain Methodology

Reconnaissance Weaponizationand Delivery

Exploitation Command-and-Control Actions onthe Objective

Unauthorized Access Unauthorized Use

Installation



Table of Contents



Good/Bad News Story



1

2

3

4

New Strategic Approaches to Security Are Needed


Security Organizations Are Not Innovating Fast Enough

Existing controls ineffective against new threats

Controls not evolving fast enough

Attackers Are Innovating Faster

Sophistication of global attackers Increasing value of information Easier targets

Vulnerability Gap Continues to Widen

Goal: reduce threat exposure by strengthening controls

Preventing Attacks at Every Stage of the Kill Chain


Reconnaissance Weaponizationand Delivery

Exploitation Command-and-Control Actions onthe Objective

Unauthorized Access Unauthorized Use

Installation

Exfiltrate Data4Lateral Movement3Deliver the Malware2Breach the Perimeter1

Dave Stevens

Check animation.

Requirements for the Future

At theInternet Edge

Between Employees and Devices within

the LAN

At theData Center

Edge and between VMs

At theMobile Device

Cloud

Within Private,Public and

Hybrid Clouds

Detect AND Prevent Threats at EveryPoint Across the Organization

Prevent attacks, both known and unknown Protect all users and applications, in the cloud or virtualized Integrate network and endpoint security Analytics that correlate across the cloud


Advanced Security Approaches

Identify all applications, users, content, devices

Isolate application/service to prevent lateral movement

Threat detection/prevention through policies and rules

“Never trust, always verify” architecture

Automated Threat analysis eliminates costly, manual

processes

Leverage power ofglobal community

Actionablesecurity intelligence

Cross-solution threat intelligence sharing

NetworkSegmentation

Correlation

Zero Trust

ReduceBreach

Landscape

ThreatIntelligence Exchange

Analytics

ThreatPrevent and

DetectionAutomation

Visibility


Increase Visibility and Reduce Breach Landscape

Identify and define legitimate use with leadership

Align security policies with those legit government and business uses

Isolate critical internal applications

Determine policies that protect cloud and VM use cases

Tie applications to users/groups

Allow Relevant ApplicationsMonitor Dangerous ApplicationsBlock Unwanted Applications

1

Eliminate Known Threats2

Eliminate Unknown Threats3

Focus on Relevant4


Strengthen Correlation with Next-Generation Security Platform

NATIVELYINTEGRATED EXTENSIBLE

AUTOMATED

THREATINTELLIGENCE

CLOUD

NEXT-GENERATIONFIREWALL

ADVANCED ENDPOINTPROTECTION


The Evolution of The Network

21 | ©2014 Palo Alto Networks. Confidential and Proprietary.

Attacker often moving among you

VNC

SMB

pop3

snmpdns

telnet

LDAP

ftp

SSL

344 KB

172.16.1.10

source IP

64.81.2.23destination IP

tcp/443destination port

file-sharingURL category

pdffile type

roadmap.pdffile name

bjacobsuser

prodmgmtgroup

canadadestination

country

SSLprotocol

HTTPprotocol

slideshareapplication

slideshare-uploadingapplication function

Complete Context Means Tighter Security Policies

22 | © 2015, Palo Alto Networks. Confidential and Proprietary.

bjacobsuser

slideshare-uploadingapplication function

slideshareapplication

Intelligent architecture

WildFireTM

URL intelligence

Dynamic DNS

50+ 3rd party feeds

WildFire detects unknown threats on NGFW & Traps

WildFire intelligence correlated

24,000 devicesworldwide

2.5M samplesper day

15k unique malwareper day

360Msession

240Msamples

30Bartifacts

Palo Alto Networks

threat intelligence cloud

Intelligence with context


Table of Contents



Good/Bad News Story



1

2

3

4

The Future of Cyber Security

Visibility and inspection across entire network and into “the cloud”

Network-segmentation and micro-segmentation

Advanced security that prevents indicators of threats and kill chain in their tracks

Mobile and BYOD security

Internet of things and embedded device endpoint security

Advanced analytics and Big Data for security analytics

Interpol-like exchanges for sharing advanced threats and campaign intelligence


Key Perspectives


Think Strategically about Security

Safely Enable the Business – Safe Enablement

Apply Innovative Thinking to Security Challenges

cio perspectives on security marcos alves regional sales manager protegendo seu ambiente em tempo de...

Documents