Upload File

Download - Rethink Security - Gartner Presentation by Kirk House.pptx (Read

Transcript
Page 1: Rethink Security - Gartner Presentation by Kirk House.pptx (Read

Re-Think Security

Kirk House

Cloud Security Alliance - SDP Enterprise Working Group Global Director, Enterprise Architecture - The Coca Cola Company

Page 2: Rethink Security - Gartner Presentation by Kirk House.pptx (Read

2

If Only I Could… Reduce cyber risk Traditional point products are not stopping malicious cyberattacks

Improve business agility IT security needs to find a way to say “yes” to new business initiatives and secure business agility

Page 3: Rethink Security - Gartner Presentation by Kirk House.pptx (Read

3

Cross Enterprise

Contractors

Remote Workers

Third-Party Vendors

Supply Chain

Corporate Employees

Enterprise Perimeter

Page 4: Rethink Security - Gartner Presentation by Kirk House.pptx (Read

4

Page 5: Rethink Security - Gartner Presentation by Kirk House.pptx (Read

5

App2

App5

App1

App4 App3

App6

Traditional Data Center App1

App2

App3

App3

Associate

Partner

Security

Security

Security

Security

Security

Security

Security

Associate Partner

Page 6: Rethink Security - Gartner Presentation by Kirk House.pptx (Read

6

How are attackers

getting in?

What is going on?

Where is my risk?

What am I doing?

Page 7: Rethink Security - Gartner Presentation by Kirk House.pptx (Read

7

App

1.  Isolate each application, so it’s invisible to everyone 2.  Verify user authenticity and authorization, and device and software integrity 3.  Connect the authorized user and trusted device to only the protected applications

Trusted Device

Page 8: Rethink Security - Gartner Presentation by Kirk House.pptx (Read

8

App

BYOD

Ecosystem Collaborators

Internal App Isolation

Any App, Anywhere

Any User, Anywhere

Any Device, Managed or Not

Managed

App

Cloud App Protection

Internal Employees

Un Managed

Any Network

Dedicated Network Internet

Page 9: Rethink Security - Gartner Presentation by Kirk House.pptx (Read

9

KOOfficeorExternalLocation

Internet

VPN

IdentityProvider/Siteminder

EnterpriseWAN

App

App

App

DBase

Storage

App

App

Public*aaS

KODataCenter

User

IdentityProvider

RED Lines are Vulnerable

Common Attacks •  Cyber Attack Server exploitation:

constant attacks Misconfigurations Vulnerabilities Injections Denial of Service

•  Credential theft: ⅔ of Verizon

DBIR Phishing Keyloggers Brute force

•  Connection hijacking: stealthiest

Man-in-the-Middle Certificate forgery DNS poisoning

Page 10: Rethink Security - Gartner Presentation by Kirk House.pptx (Read

10

Common Attacks •  Cyber Attack Server exploitation:

constant attacks Misconfigurations Vulnerabilities Injections Denial of Service

•  Credential theft: ⅔ of Verizon

DBIR Phishing Keyloggers Brute force

•  Connection hijacking: stealthiest

Man-in-the-Middle Certificate forgery DNS poisoning

KOOfficeorExternalLocation

Internet

SoftwareDefinedPerimeter

VPN

IdentityProvider/Siteminder

EnterpriseWAN

App

App

App

DBase

Storage

App

App

Public*aaSOrOtherExternal

KODataCenter

User

SAML

IdentityProvider

Page 11: Rethink Security - Gartner Presentation by Kirk House.pptx (Read

11

1 Device verification Identity

System

2 Identity & role verification

Business Solutions

3 Approved access

4 TLS Tunnel Config

5 Application Access

SDP Client

SDP Gateway

SDP Controller

Page 12: Rethink Security - Gartner Presentation by Kirk House.pptx (Read

12

1 Device verification Identity

System

2 Identity & role verification

Business Solutions

3 Approved access

4 TLS Tunnel Config

5 Application Access

SDP Client

SDP Gateway

SDP Controller

Page 13: Rethink Security - Gartner Presentation by Kirk House.pptx (Read

13


Top Related

Rethink marketing
Rethink marketing
Rethink Bold
Rethink Bold
Gartner EEE 2013 EA - Gartner Açılış Sunumu
Gartner EEE 2013 EA - Gartner Açılış Sunumu
‘the age of no retirement?’ RETHINK, rework & act» RETHINK: THE GENERATIONAL DIVIDE » RETHINK: DESIGN FOR POSITIVE CHANGE » RETHINK: THE LANGUAGE » RETHINK: CREATING AND SHARING
‘the age of no retirement?’ RETHINK, rework & act» RETHINK: THE GENERATIONAL DIVIDE » RETHINK: DESIGN FOR POSITIVE CHANGE » RETHINK: THE LANGUAGE » RETHINK: CREATING AND SHARING
RETHINK DATA
RETHINK DATA
Gartner Security & Risk Management · Guru Steve Riley To-the-Point: Making Application Control Manageable Jon Ameto To the Point: It’s time to rethink network ... October 22 -
Gartner Security & Risk Management · Guru Steve Riley To-the-Point: Making Application Control Manageable Jon Ameto To the Point: It’s time to rethink network ... October 22 -
Gartner Application Architecture, Development ... · Gartner Application Architecture, Development & Integration Summit 2013 ... Tutorial: Beginning Mobile ... Gartner Application
Gartner Application Architecture, Development ... · Gartner Application Architecture, Development & Integration Summit 2013 ... Tutorial: Beginning Mobile ... Gartner Application
Rethink ModeShiftWeb
Rethink ModeShiftWeb