title crystal ball executive forum: insights on information security keynote: dave cullinane ciso,...

Download Title crystal ball executive forum: insights on information security Keynote: Dave Cullinane CISO, Washington Mutual President, ISSA Additional Speakers:

Post on 14-Dec-2015




1 download

Embed Size (px)


  • Slide 1

Title crystal ball executive forum: insights on information security Keynote: Dave Cullinane CISO, Washington Mutual President, ISSA Additional Speakers: Jim Reavis CSO, Breakwater Security Associates Rob Owens Industry Analyst, Pacific Crest Securities Greg Hampson Corporate Privacy Manager, Microsoft Breakwater Security Associates Presents: Slide 2 Breakwater Security Associates Overview Delivering security protection both nationally and globally since 1996. Our team has an average of 5+ years of information security experience and more than 8-10 years of technical or consulting experience. Our holistic approach combines planning, designing, building and supporting sophisticated security systems. Security Consulting Managed Security Services Training and Education Slide 3 Risk Management & the Changing Role of the CISO Dave Cullinane, CPP, CISSP Chief Information Security Officer, Washington Mutual, Inc International President, ISSA Slide 4 Protecting Information Assets: People, Property, Information & Reputation Critical asset that must be protected in all forms Electronic, hardcopy, intellectual Usually in all 3 forms simultaneously Not Computer/IT Security Value based information protection Value + Environment Slide 5 Information Risk Management Risk identification & management core function FFIEC Information Security Handbook Industry trend to Risk Management Focus CSO role Slide 6 What is Risk Management Anticipate Understand Act Governance Slide 7 Anticipate Identify critical information assets Identify likely threats Prepare Donn Parkers Due Care approach Response capability Monitor Participate Slide 8 Understand Business processes and initiatives External events/trends and business impacts Build knowledge base Expertise and Store of knowledge Slide 9 Act Prepared Enable effective decision-making By business units and functions Initiatives and changes Develop solutions Partnership with business Slide 10 New Paradigm Establish Risk Profile Establish Protection Profile Modify PP as RP changes Threat level Orange New business venture ROSI Slide 11 New Paradigm (Cont.) Governance Not about power About enabling effective decision making Thought leadership ability to understand trends & anticipate change, synthesize that understanding into a strategic vision, and communicate that vision to others in an informative and convincing way Metrics & Reporting Slide 12 End of Presentation Thank You. Contact Information: Dave Cillinane dave.cullinane@wamu.net 206.461.2000 Slide 13 Security Technology Trends That Matter Jim Reavis Chief Strategy Officer, Breakwater Security Associates Editor, CSOinformer Newsletter Slide 14 Thesis The world is an insecure and scary place Demand & awareness for security solutions growing Bulk of security budgets have gone to 1 st generation technologies Problems have not been solved adequately Security industry is at an inflection point Interesting innovation is occurring in the 2nd generation of security technologies Slide 15 Insecure and Scary Increased threat environment Internal/External Network demarcs increasingly blurred IT is defined as critical infrastructure but was not designed to be critical infrastructure Blended threats between traditional crime, terrorism and cyber attacks Technology adoption & complexity continues Organizations lack trained and experienced security personnel Slide 16 Demand Environment Highest profile ever (CEO, board level, Presidential commissions) Increased regulation, compliance Insurance requirements Skepticism on ROI for security dollars spent, keeps total spending relatively low (3-5% of IT budgets, according to Gartner) Slide 17 Technology Segments AntiVirus Firewall VPN Intrusion Detection Vulnerability Assessment Encryption AAA / PKI Security Info Mgt Patch Mgt Policy Mgt Content Mgt Slide 18 Follow an Attack Vulnerability discovered Vendor Patch Awareness Program Remediation Program Policy Architecture Hacker Exploit In the Wild Current Security Technology Spending Security Vendors release update for Exploit Signature Implement Workaround Exploit Identified & Categorized Users Hit Update security software Slide 19 Conventional Approach Firewalls / some VPN AntiVirus: Client & Gateway IDS shelfware Infrequent Audits Paper Policies Slide 20 Growth Segments 3As Authentication, Authorization, Administration (Identity Mgt, SSO, Policy Mgt) Intrusion Detection/Prevention (HIDS, NIDS, DDoS) Security Management (full lifecycle mgt) Content/Application Layer Security Remediation/Patch Mgt Slide 21 Predictions Proactive Approach Behavioral Technology Reduce Complexity Application Layer Insecurity Product Segment Convergence Address Evolving Threats Party Crashers Slide 22 Proactive Approach Real time, pervasive vulnerability assessment Expedited patch mgt Make policies part of the network fabric Baseline standards for minimum security requirements Slide 23 Behavorial Technology Signature-based systems miss new and mutated attacks Signature-based systems lack context, create false positives Signature-based is easy for the hacker to understand Bad Behavior Examples Application attempting direct access to address books Machine attempting to connect to unusual host (i.e. R&D to Payroll) Application attempting to modify system files Behavioral/Heuristics technology Improves AntiVirus detection rates by 5-10% Will increase accuracy of IDS Will improve spam detection Will combine with network monitoring and Meta-data applications to profile large networks and find anomalies Slide 24 Reduce Complexity AAA Self service Encryption Centralized admin Gateway / Web Integration Security Info Mgt Reduce, correlate alerts Tie IDS alerts with other security infrastructure Slide 25 Product Segment Convergence Greater ROI when combined Fewer Vendors Examples Life Cycle Vulnerability Mgt: Scanners + Patch Mgt + Tracking Systems Systems Management + Security Management All in One appliances Slide 26 Application Layer Insecurity Hackers take path of least resistance Increased network layer resiliency forces hackers to application layer Enterprise apps Web server apps Slide 27 Address Evolving Threats Wi-Fi: difficult to solve, indirect defense in depth needed Instant Messaging: encryption, auditing, authentication, non-repudiation, interoperability Mobile devices: building full security functionality into a small footprint Blended threats: data correlation Slide 28 Party Crashers Demand for more built-in technology, less vendors Microsoft Active Directory, Passport, CA Hardened Operating Systems (Host IDS overlap) Cisco Focused on adding services across infrastructure Unified Mgt platform Slide 29 Follow an Attack Vulnerability discovered Vendor Patch Awareness Program Hacker Exploit In the Wild Remediation Program Users Hit Security Vendors release update for Exploit Signature Implement Workaround Update security software Policy Architecture Exploit Identified & Categorized Current Security Technology Spending Behavioral Future Security Technology Spending Slide 30 End of Presentation Thank You. Contact Information: Jim Reavis jreavis@breakwatersecurity.com 877-952-5500 Slide 31 The State of the Security Market: Wall Streets View Rob Owens VP, Senior Research Analyst, Pacific Crest Slide 32 Pacific Crest Overview Business Focus:Full-service investment bank Industry Focus:Technology Employees:100+ Offices:Portland, Boston, Silicon Valley Research Breadth:100+ public companies in 10 sectors Investor Reach:More than 250 active institutional technology buyers Trading Strength:#1 market maker trading fewer than 150 stocks (4Q/2002) Slide 33 Singular Focus: Technology Core to the Consumer Software Enterprise Applications Internet Security Systems Management Interactive Content & Commerce Advanced Commerce & Media Content Management & Collaboration Connected Consumer Communications Technologies Network Infrastructure Wireless Communications Communications Software Core Technologies Semiconductors Semiconductor Equipment Communications Components & Equipment Slide 34 Widely Recognized Research The sunny side of the Street Mainstream Wall Street research firms have had a tough year. But specialized boutiques have never done better. (Institutional Investor, December 2002) 2002 Best Boutiques 2002 All-American Research Teams Rankings Debuting in IIs poll, Portland, Oregon-based Pacific Crest Securities, a technology research firm, edges out SoundView Technology Group for the best applications software research. (Institutional Investor, December 2002) Slide 35 The State of Internet Security Its been a rocky 12 months, the security group has underperformed the indices 2003 trends: challenging environment, but group will grow at meaningful rate M&A market to continue at strong pace Threat profile to increase Still investor optimism surrounding security investing Slide 36 Stock Performance A rocky twelve months Security stocks have underperformed the indices Slide 37 12 Month Stock Performance Symantec Check Point Entrust Netegrity NetScreen SonicWALL VeriSign WatchGuard ActivCard RSA Rainbow ISS Network Associates Secure Computing Websense Slide 38 12 Month Stock Performance Symantec 7.0% Check Point -50.7% Entrust -47.9% Netegrity -69.8% NetScreen 20.4% Network Associates -41.2% Secure Computing -70.5% SonicWALL -75.4% VeriSign -71.3% WatchGuard 23.8% Websense -43.9% ActivCard -9.9% RSA -28.0% Rainbow 18.2% ISS -54.5% Slide 39 Stock Performance Poor February performance Slide 40 Comparative Valuation Slide 41 Why the Lackluster Performance? Investor / analyst expectations out of sync with reality Challenging economy impacting sectors within technology Too much noise, not enough execution Security is a process, not an out of the box product The need is understood, but the execution has been poor Slide 42 Emerging Trends Inter