Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
A Data-Centric Approach to Endpoint Security
September 28, 2017
Eric Ogren Senior Analyst, Security 451 Research
Bill Bradley Director of Product Marketing Digital Guardian
About Eric Ogren • Eric Ogren is a Senior Analyst with the Information Security
team. Eric has extensive experience in software development, technology marketing, and as a security industry analyst.
• Eric contributes pragmatic perspectives for security clients on emerging market trends, company and product strategies, differentiated vendor messaging and positioning, and meeting enterprise solution purchase criteria.
• Prior to joining 451 Research, Eric held marketing leadership positions with security vendors such as RSA Security and OKENA, and technology vendors such as Digital Equipment.
2
Eric Ogren Senior Analyst, Security
About Bill Bradley
§ Leads Product Marketing Data Loss Prevention
§ 20 Years of Marketing & Sales Experience • Field Sales, Competitive Analysis,
Product Marketing & Management
§ Previously at Rapid7 and General Electric
3
Bill Bradley Director, Product Marke6ng
Basic structure for today’s conversation
4
Transforming security with the infrastructure
State of enterprise security
Evolving to data-centric approaches
The information security debt
INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017
Q11. How many full time employees (FTEs) does your IT organization currently employ? Q12. How many full time employees (FTEs) does your organization currently employ that are dedicated to information security tasks?
Average Size and Ratio of Security Team – By Company Size Information Security Respondents
5 Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017
Average Number of Employees in Information Security Average Ratio of Security Employees to IT employees
14.1%
7.6%
11.1%
0.0%
5.0%
10.0%
15.0%
20.0%
25.0%
1-999 employees 1,000-9,999 employees
10,000+ employees
5 9
54
0
10
20
30
40
50
60
1-999 employees 1,000-9,999 employees
10,000+ employees
INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017
Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017
6
Average Ratio of Security Employees to IT employees – By Industry Information Security Respondents
14.7%
14.2%
11.9%
10.8%
10.8%
10.7%
10.5%
9.7%
6.1%
4.1%
8.0%
Services
B2B Software, IT and Computer Services
Retail
Healthcare
Govt/Educ
Manufacturing
Finance
Telecommunications
Communications, Media and Publishing
Utilities
Other
Mean
INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017
Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017
Q40. Who does the head of Information Security report to?
7
Information Security Reporting Chain Respondents with a Single Information Security Executive Leader in Their Organizations
46.6%
21.9%
5.2%
5.2%
4.4%
3.3%
3.8%
9.6%
43.2%
20.1%
8.3%
7.9%
7.0%
4.8%
2.6%
6.1%
CIO, Head of Information Technology
CEO
CTO
Board of Directors
COO
CFO
Chief Risk Officer
Other
Percent of Sample Q2 2016 (n=479)
Q2 2017 (n=229)
How did we get here? It all starts with your business
8
Your Business
How did we get here? Need to bolt on security!
9
Your Business
How did we get here? New threats? New products!
10
Your Business
We’re catching on to the problems with this picture
11
An attack can go anywhere once inside security defenses
Security teams get bogged down managing all those products and all the data they produce
Security teams get isolated from the rest of IT and special skills keep us isolated
INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017
Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017
Q3. What were your top general information security concerns during the last 90 days? Please select all that apply.
12
Top Information Security Concerns – Past 90 Days Information Security Respondents
52.5%
49.1%
31.7%
19.8%
19.6%
7.3%
Hackers/Crackers with Malicious Intent
Compliance
Internal Audit Deficiencies Based on Findings
Preventing/Detecting Insider Espionage
Cyber-Warfare
Other
Percent of Sample
n = 495
INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017
Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017
Q2. For the top information security projects currently being implemented within your organization, what was the key determinant in their approval?
13
Reasons for Implementing Security Projects Information Security Respondents
21.6%
21.4%
11.1%
9.9%
9.1%
8.9%
8.7%
5.5%
3.8%
Risk Assessment
Compliance Requirement
Business Requirement
Championed by a Senior Leader (e.g., Sacred Cow)
Driven by Due Diligence (e.g., Customer Requirement)
Audit Response
Reputational/Brand Risk
Return on Investment (ROI)
Other
Percent of Sample
n = 495
INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017
Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017
Q1. What are your organization’s top information security pain points? Please select up to three.
14
Top Security Pain Points Information Security Respondents
34.1%
21.0%
20.6%
20.4%
19.0%
18.4%
17.2%
17.0%
16.6%
16.0%
14.7%
12.1%
11.9%
11.7%
11.5%
9.3%
4.6%
User Behavior
Organizational Politics/Lack of Attention to Information Security
Staffing Information Security
Lack of Budget
Security Awareness Training (Ineffectiveness or Difficulty)
Accurate, Timely Monitoring of Security Events
Endpoint Security
Malicious Software (Malware)
Cloud Security
Application Security
Data Loss/Theft
Mobile Security
Ransomware
Third-Party/Supplier Security
Keeping Up with New Technology
Firewall/Edge Network Security
Other
Percent of Sample
n = 495
INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017
Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017
Q44. Which of the following metrics does your organization use/track for information security staff? Please select all that apply.
15
Metrics To Manage Security Information Security Respondents
53.0%
42.8%
44.9%
34.2%
34.4%
31.2%
32.4%
21.9%
2.2%
47.5%
39.0%
34.4%
34.2%
32.3%
29.2%
28.3%
21.9%
4.0%
Security Incidents Resolved
Tickets Resolved (e.g., ‘Trouble Tickets’)
Audit Issues Resolved
Application Availability (e.g., Uptime/Downtime)
Project Completion
Time to Recovery/Restore from an Outage
Lack of Data Breaches
We Don’t Use Metrics
Other
Percent of Sample Q2 2016 (n=837)
Q2 2017 (n=421)
INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017
Q16. What’s the status of the use of security analytics in your information security program? Q17. What has been the key benefit of your use of security analytics?
Security Analytics Information Security Respondents
16 Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017
38.7%
34.7%
26.5%
In Use
Planned for the Next 12 Months
Not In Plan
Percent of Sample
n = 426
24.5%
23.9%
14.5%
13.8%
11.3%
6.3%
2.5%
3.1%
Better Able To Detect and Address External Attacks
Better Anomaly Detection on Our Network
Improved Incident Response/Forensics Evidence Data Capture
We’re Detecting Security Incidents Not Previously Captured
Better Ability To Understand and Respond to Anomalous User Behavior
Better Able To Detect and Address Internal Attacks
No Benefit
Other
Percent of Sample
n = 159
Security Analytics Status Key Benefit of Security Analytics
Security analytics dimensions
17
Data
Business Network
User
What are CISOs doing about it?
18
Consolidating product portfolios
Investing in security analytics
Shifting attention to operations
INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017
Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017
Q15. What are the key reasons for increasing information security focused staff? Please select all that apply.
19
Staff Increase Reasons Respondents with Increasing Security Staff
49.6%
49.1%
44.2%
25.3%
9.0%
10.5%
7.2%
48.7%
45.1%
40.0%
25.1%
7.7%
7.7%
12.3%
Significant Project(s) Driving Additional Demand
New Skills Are Required
Overall Business Growth
IT Organizational Changes (e.g., Restructuring teams)
Company Merger/Acquisition
Information Security Functions being In-Sourced from a Third-Party Provider or Managed Security Service Provider (MSSP)
Other
Percent of Sample Q2 2016 (n=391)
Q2 2017 (n=195)
20
Thank You!
Smart Consolidation on the Endpoint Digital Guardian for Data Protection
Triad of Roles
22
Incident Responder
Threat Hunter
InfoSec Analyst
Triad of Needs
23
Response Threat
Data
Myriad Solutions at the Endpoint
24
Myriad Solutions at the Endpoint
25
Myriad Solutions at the Endpoint
26
27
WELCOME TO
The Convergence of DLP & EDR
DETECT THREATS STOP DATA THEFT
From Insiders & Outside Attackers
Ransomware, Malware and Non-Malware
Based
28
WELCOME TO
The Convergence of DLP & EDR
DETECT THREATS STOP DATA THEFT
From Insiders & Outside Attackers
Ransomware, Malware and Non-Malware
Based
29
WELCOME TO
The Convergence of DLP & EDR
DETECT THREATS STOP DATA THEFT
From Insiders & Outside Attackers
Ransomware, Malware and Non-Malware
Based
Data Discovery
The Digital Guardian Data Protection Platform
Confidential 30
DG Appliance
DG Agent(s)
Data Classifica7on
Data Loss Preven7on
Endpoint Detec7on & Response
SOLU
TIONS
DIGITAL
GUAR
DIAN PLA
TFORM
Cloud Data Protec7on
DG Analy7cs & Repor7ng Cloud DG Management Console
Endpoint
Storage
Cloud
Network
Visibility to All Threats – One Console
31
Endpoint
Storage
Cloud
Network
Visibility to All Threats – One Console
32
Data Events
User Events
System Events
Endpoint
Storage
Cloud
Network
Visibility to All Threats – One Console
33
Data Events
User Events
System Events
Combining system, user and data insights provides the
visibility to protect against ALL THREATS.
Enable Your Security Team
34
Enable Your InfoSec Analysts
35
Enable Your Incident Responders
36
Enable Your Threat Hunters
37
So What?
38
Enable Business Growth
39
Questions
40
Register today for our upcoming webinar:
Insights from the Gartner 2017 Magic Quadrant for Enterprise DLP
October 26, 2017 1PM ET
41