dbs2016: the digital transformation of security


Jim Hurley, Research Director, ISG Insights

The Digital Transformation of SecurityWhat the CIO Needs to Know


Agenda

1. Enterprise Security Today2. IoT and Boom!3. Why Deception Fabrics4. Why Cloud “Security as a Service”5. Why Data Science and Security6. Summary and Guidance


Enterprise Security TodayFragmented on-premises technical controls resulting from cleaning up yesterday’s successful threats – up and down the technology stack – and across procedural control towers

Technology controls stack

Users Applications Data Networks Devices

Process control towers Identity Access Detect Respond Recover Comply


Enterprise Security Today

Detect &recover

Identify & prevent

Security is

1. Too fragmented

2. Too reactive

3. Always recovering from Boom!

Boom!



Detect &recoverBoom!

When is boom! heard, on average?A.Never?B.220 days later?C.143 days later?D.A month to a week

later?E. A day later?F. As soon at it happens?



RATPhishing

Drive-by injection

XSS

TrickbotMambaQuadrooter

Mirai

Hancitor

Fairware

Angler

Banking trojanIt’s all about Boom!


Going Beyond Boom!

Strategic TechnologyIoT

Deception fabrics

Cloud

Data science

ImpactBoom! Gets BIG!

Put attackers on defense

NexGen Security – Today

Security ~ Predictive


IoT Boom!

What to Do?1.Move out of harms

way?2.Re-Solve the problem!

IoT Boom!


Deception Fabrics – Put Attackerson the Defensive

Example providers: Acalvio, Attivo Networks, Cymmetria, Guardicore, Illusive Networks, SafeBreach, TopSpin Security, TrapX,

Deception fabrics

Decoys

Alerts on ALL Booms! Real-time Mimics the environment Lures/decoys augment reality Touched lures/decoys – 100%

bad 0% false positives Scalable, On-prem and Cloud


Where Deception Fabrics Fit

Whatabout?

IdentityAccessRespondRecoverComply

Cloudbaseddigital

deceptionfabrics


Identity Access Detect Respond Recover Comply

NexGen “Security as a Service”

Stop Managing TechStart Managing Risk and SaaS Vendors Better and more

comprehensive coverage Integration up and down

the tech-stack Integration across

procedural towers Reduces CapEx Pay as you use Reinterpretations of

existing tech-controls

Clouddigital

deceptionfabrics

Cloud SOC &

RespondCloud

BU & DRCloud

complyCloud IAMClouddata

protection

IN and FOR the Cloud

TO the Cloud FROM the Cloud


Data Science and Security

SIEM: Yesterday’s orchestration Log collection Log analysis Event correlation Log forensics IT compliance Log monitoring Auditing

Real-time alerting User activity

monitoring Dashboards Reporting File integrity

monitoring System/device log

monitoring Log retention

Data science: Tomorrow’s learning platform

What we thinkis going on

What is Really going

on

Learning

Learning


Data Science and Security

Data science makes security

predictable


Summary

IoT and Boom! Deception Fabrics Cloud “Security as a

Service” Data Science and Security


Guidance

Assess current state Identity “to-be” objectives and

operating model Decide what stays, what goes,

and what changes Develop and manage plan Assess progress and benchmarks

Risks/benefits PoliciesSourcing/VMO

ForecastsControls/Indicators

Outcomes/qualityimprovement

www.isg-one.comimagine your future™

let’s connect…

http://www.isg-one.com/

http://www.isg-one.com/

http://www.isg-one.com/connect/