information security 2018: evolution/cost reduction paradox...title: sector_2018_info security and...
TRANSCRIPT
10/13/18
1
Copyright © 2018 Symantec Corporation SYMANTEC CONFIDENTIAL – INTERNAL USE ONLY
Information Security 2018: Evolution/Cost Reduction Paradox
SECTOR 2018
Ajay K. Sood@akssecure
Copyright © 2018 Symantec Corporation SYMANTEC CONFIDENTIAL – INTERNAL USE ONLY
Organizations in 2018…
2
…now collect and are store more data than ever…
… in more places than they’ve ever had it.
Creating a “follow the data” problem
ServersSecure Data
Centres
Cloud Applications
10/13/18
2
Copyright © 2018 Symantec Corporation SYMANTEC CONFIDENTIAL – INTERNAL USE ONLY
Follow the Data…
3
All this data needs to be:
… SECURELY
Created / Collected Stored Controlled Destroyed
Copyright © 2018 Symantec Corporation SYMANTEC CONFIDENTIAL – INTERNAL USE ONLY
Follow the Data…
4
• The human and financial costs of creating, storing, destroying and following this data are greater than they have ever been
• Increased threat sophistication and persistence targeting data, exposing weaknesses in data security infrastructure and processes
• Movement toward cloud infrastructure simplifies IT, while complicating the problem
• This evolving data footprint is compounded by numerous evolution trends in cybercrime
10/13/18
3
Copyright © 2018 Symantec Corporation SYMANTEC CONFIDENTIAL – INTERNAL USE ONLY
Evolution…
5
Infrastructure Attacks Cyber-Capitalization Countermeasures Regulatory
Climate
Copyright © 2018 Symantec Corporation SYMANTEC CONFIDENTIAL – INTERNAL USE ONLY
Direct Connect Creates Expanded Networks to ProtectThe Expanding Network
RegionalOffice
Headquarters Data Center
RoamingUsers
Security StackSSL Encryption
6
SSL Encryption
SSL Encryption
10/13/18
4
Copyright © 2018 Symantec Corporation SYMANTEC CONFIDENTIAL – INTERNAL USE ONLY
Evolution… of Attacks
7
Infrastructure(DDoS, Websites,
Networks)
Data(Database Dumps,
Destruction, Disclosure)
Individual(Identity Theft,Spear Phishing)
Copyright © 2018 Symantec Corporation SYMANTEC CONFIDENTIAL – INTERNAL USE ONLY
Multi-Phased and Multi-Staged Attacks
RegionalOffice
Headquarters Data Center
RoamingUsers
Security Stack
SSL Encryption
SSL Encryption
SSL Encryption
8
10/13/18
5
Copyright © 2018 Symantec Corporation SYMANTEC CONFIDENTIAL – INTERNAL USE ONLY
Evolution… of Capitalization
9
Financial Intellectual Political Personal / Human
Copyright © 2018 Symantec Corporation SYMANTEC CONFIDENTIAL – INTERNAL USE ONLY
Evolution… of Countermeasures
10
Tools Human-basedEyes on glass
SOCS
ModernIntelligence
Analytics/Big DataAI
10/13/18
6
Copyright © 2018 Symantec Corporation SYMANTEC CONFIDENTIAL – INTERNAL USE ONLY
Evolution… of Regulatory Climate
11
Breaches Lawsuits Legislation (GDPR, DPA)
Trial by social media
Copyright © 2018 Symantec Corporation SYMANTEC CONFIDENTIAL – INTERNAL USE ONLY
Less Money, More Problems
12
• Rising IT and data centre costs• Rare and expensive IT Security personnel• Training Costs• Certification Costs• Turnover
• Push to Cloud / MSP• Increased threat sophistication and persistence targeting data, exposing weaknesses in
data security infrastructure and processes
10/13/18
7
Copyright © 2018 Symantec Corporation SYMANTEC CONFIDENTIAL – INTERNAL USE ONLY
Less Money, More Problems
13
Gartner's experience is that many organizations simply do not know their security budget. This is partly because few cost accounting systems break out security as a separate line item, and many security-relevant processes are carried out by staff who are not devoted full-time to security, making
it impossible to accurately account for security personnel. In most instances, the chief information security officer (CISO) does not have
insight into security spending throughout the enterprise.
‘‘
‘‘
Copyright © 2018 Symantec Corporation SYMANTEC CONFIDENTIAL – INTERNAL USE ONLY
The Paradox
14
How do organizations succeed ?
More threats
More data
More attack vectors
(Email, Social, Mobile, App)
More regulation
More complex
data footprint
Less budget
Less time
Less staff
10/13/18
8
Copyright © 2018 Symantec Corporation SYMANTEC CONFIDENTIAL – INTERNAL USE ONLY
Accept the Paradox
15
• Accept Cybersecurity in the executive boardroom
• Accept the inevitability of failure• Explore Cyber-Armageddon
• Have appropriate response plans/teams
• Red team/Executive table-top
• Accept the adversary is formidable
• Intelligence – Consume only what you understand
• Outsource carefully and appropriately• Understand the (shared) responsibility
• Understand the output
• Augment your team and abilities – not replace
Copyright © 2018 Symantec Corporation SYMANTEC CONFIDENTIAL – INTERNAL USE ONLY
Thank you!
Ajay K. Sood@akssecure