modernize data protection to stop data loss · joseph (aka jb) supports security & risk...
TRANSCRIPT
© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Modernize Data Protection To Stop Data LossJoseph Blankenship, Senior Analyst
2© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Analyst Bio
Joseph (aka JB) supports Security & Risk
professionals, helping clients develop
security strategies and make informed
decisions to protect against risk. He covers
security infrastructure and operations,
including artificial intelligence (AI), security
information management (SIM), security
analytics, security automation and
orchestration (SAO), email security,
distributed denial of service (DDoS), and
network security. His research focuses on
security monitoring, threat detection, insider
threat, operations, and management.Joseph Blankenship, Senior Analyst
Forrester
Bill BradleyDirector, Product Marketing
About Bill Bradley
Leads Product Marketing for DLP
20 Years of Marketing & Sales Experience
• Field Sales, Competitive Analysis, Product Marketing & Management
Previously at Rapid7 and General Electric
Confidential 3
4© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Agenda
› A Tool For Every Problem
› Data Protection Requires A Zero Trust Approach
› Wrap-Up
5© 2018 FORRESTER. REPRODUCTION PROHIBITED.
A Tool For Every Problem
6© 2018 FORRESTER. REPRODUCTION PROHIBITED.
The Story Of Most DIY Projects
Start ProjectGo To Hardware
StoreReturn Home
Figure Out You Don’t Have
Everything You Need
Return To StoreCurse A LotGive Up In Frustration
Call Professional
Repeat 3
Times
7© 2018 FORRESTER. REPRODUCTION PROHIBITED.
8© 2018 FORRESTER. REPRODUCTION PROHIBITED.
New Project = New Tool
9© 2018 FORRESTER. REPRODUCTION PROHIBITED.
The Result: A Tool For Every Problem
10© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Is Cybersecurity That Much Different?
Source: Momentum Partners
11© 2018 FORRESTER. REPRODUCTION PROHIBITED.
It’s Really Expense In Depth
Source: January 7, 2015, “Forrester's Targeted-Attack Hierarchy Of Needs: Assess Your Core Capabilities” Forrester report
12© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Biggest Security Challenges
Base: 1,700 global security technology decision-makers (1,000+ employees)
Source: Forrester Data Global Business Technographics Security Survey, 2017
22%
22%
23%
24%
25%
25%
26%
26%
29%
31%
41%
42%
Lack of visibility and influence within the organization (including difficulty makingbusiness cases)
Unavailability of products/services that fit our needs
Other priorities in the organization taking precedence over security initiatives
Inability to measure the effectiveness of our security program
Unavailability of security employees with the right skills
Lack of staff (the security team is understaffed)
Lack of budget
Building a culture of data stewardship
Day-to-day tactical activities taking up too much time
Compliance with new privacy laws
Changing/evolving nature of IT threats (internal and external)
Complexity of our IT environment
Which of the following are the biggest IT security challenges for your firm?
13© 2018 FORRESTER. REPRODUCTION PROHIBITED.
51% of firms were breached in the past 12 months.
24% of breaches were the result of internal incidents.
48% of Enterprise Firms Suffered 2+ Breaches in 2017
14© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Top 5 Data Types Breached
Source: Forrester’s The State Of Data Security And Privacy: 2017 To 2018 report
15© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Breached Companies Take Action
Base: 224 global network security decision-makers whose firms have had a security breach in the past 12 months (SMB)
Base: 349 global network security decision-makers whose firms have had a security breach in the past 12 months (Enterprise)
Source: Forrester Data Global Business Technographics® Security Survey, 2017
14%
15%
15%
16%
18%
15%
17%
17%
22%
23%
18%
17%
18%
19%
17%
22%
21%
22%
19%
21%
0% 5% 10% 15% 20% 25%
Switched IT auditors
Offered optional 2-factor authentication for customers
Increased spending on incident response programs
Increased spending on endpoint detection technology
Increased spending on or hired external IT support
Increased spending on network detection technologies
Additional security and audit requirements
Increased spending on prevention technologies
Added required 2-factor authentication for all employees
Hired additional IT security staff
“What has changed at your firm as a result of the breaches occurring in the past 12 months?”
Enterprise (1,000 or more employees) SMB (20-999 employees)
16© 2018 FORRESTER. REPRODUCTION PROHIBITED.
And You Head Out To Get More Stuff
17© 2018 FORRESTER. REPRODUCTION PROHIBITED.
18© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Data Protection Requires A Zero Trust Approach
19© 2018 FORRESTER. REPRODUCTION PROHIBITED.
5 Steps To A Zero Trust Network
1. Identify Your Sensitive Data
2. Map The Data Flows Of Your
Sensitive Data
3. Architect Your Zero Trust
Microperimeters
4. Continuously Monitor With
Security Analytics
5. Embrace Security Automation
And Orchestration
Source: Forrester’s Five Steps To A Zero Trust Network report
Forrester's Zero Trust Approach To
Information Security
20© 2018 FORRESTER. REPRODUCTION PROHIBITED.
What does Zero Trust mean for us?
› Improves visibility throughout the network and reduces time to breach detection
› Stops malware propagation
› Reduces both capital and operational expenditures on security
› Reduces the scope and cost of compliance initiatives
› Eliminates inter-silo finger-pointing
› Increases data awareness and insight
› Stops the exfiltration of toxic data into the hands of malicious actors
› Enables digital business transformation
Source: “The Eight Business And Security Benefits Of Zero Trust”
Zero Trust enables the business by adapting the firm's security architecture to support new user
populations and engagement models, rapid cloud adoption, and new devices.
21© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Take A Data-Centric Approach
Source: Forrester’s The Future Of Data Security And Privacy: Growth And Competitive Differentiation report
22© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Forrester’s Data Security And Control Framework
Source: Forrester’s The Future Of Data Security And Privacy: Growth And Competitive Differentiation report
23© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Components Of The Zero Trust Ecosystem
Source: Develop Your Zero Trust Workforce Security Strategy
24© 2018 FORRESTER. REPRODUCTION PROHIBITED.
ZTX Breakdown
Zero Trust Strategy
Zero Trust Capability
Zero Trust Technology
Zero Trust Feature
25© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Breakdown
Zero Trust Strategy
Zero Trust Capability – Data
Zero Trust Technology - Data Loss Prevention
Zero Trust Feature –Endpoint DLP
26© 2018 FORRESTER. REPRODUCTION PROHIBITED.
You Don’t Have To Buy These As Separate Products
› Find economies of scale for your security team
• Organizations often have siloed solutions that don’t work together
• Look for solutions that work better together (greater than sum of the parts)
› Solutions should be integrated
• You don’t want to be the integrator
› Look for vendors that include multiple ZTX features
• Ease of integration
• Ease of management
27© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Wrap-Up
› Most current approaches to security are “Expense In Depth”
• A tool for every problem
• Leads to needless complexity
• Makes security that much more difficult
› Data protection requires a Zero Trust approach
• Identify sensitive data
• Limit access
• Monitor activity
› Security solutions don’t always have to be separate products
• Look for integrated solutions that solve multiple problems, where possible
FORRESTER.COM
Thank you© 2018 FORRESTER. REPRODUCTION PROHIBITED.
Joseph Blankenship
www.forrester.com/Joseph-Blankenship
@infosec_jb
The Cybersecurity Challenge
We have to be right all of the time…
…Cybercriminals only have to be right once.
The Cybersecurity Solution
31
The Cybersecurity Struggle
The Cybersecurity Struggle
Endpoint Detection
& Response
Data Loss
Prevention
User & Entity
Behavior Analytics
Cloud-Native Security Architecture
36
Consolidated View of Enterprise Risk
Consolidation for More Effective Data Protection
Interested in Seeing More?
Confidential 38
https://www.youtube.com/watch?v=kVbfG7peAns&t=8s
“Consolidate Outsider and Insider Threat Protection with Digital Guardian”
Questions?
39