Embed Size (px)
Citation preview
Juan Marino
Cuando la prevención no es suficiente
Ciberseguridad en La Organización Digital
Cisco Confidential 2© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential 3© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Digitalización
Camino
Amenazas
Cisco Confidential 5© 2013-2014 Cisco and/or its affiliates. All rights reserved.
el panorama de amenazas
Datakinesis
Cisco Confidential 9© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential 10© 2013-2014 Cisco and/or its affiliates. All rights reserved.
vulnerable
Fuera de Soporte
Obsoleto
92%
31%
5%
La confiabilidad genera complacencia
La conciencia erosiona la confianza
59% Confianza en contar con infraestructuraactualizada
51% Confianza en detectar unavulnerabilidad a tiempo
54% Confianza en poderdefenderse frente a un ataque
45% Confianza en poderidentificar y contener un ataque
54% Confianza en poderverificar un ataque
56% Revisa políticas de seguridad de regularmente
-5% 0% -4%
-1% +0% +0%
Nadie puede detener todos los ataques
1. La seguridad debeconsiderarse motor de crecimiento para el negocio
Atributos de una Arquitectura de Ciberseguridad
Control SimplicidadProtecciónAvanzada
Visibilidad
Seguridad Efectiva y Eficiente
Segmentación Aplicación de PolíticasResiliencia
Seguridad es la prioridad #1 de Cisco
Innovation and Commitment to Being #1 in Security
CLUS: AMP
Data Center
Sourcefire
Acquisition
Closed
Security
for ACI
RSAC: AMP
Everywhere
OpenAppID
2014 ASR
Global
Security Sales
Organization
Neohapsis
Acquired
AMP Everywhere
ThreatGRID
Acquired
Cisco ASA with
FirePOWER
Services
Security
and Trust
Organization
Managed
Threat
Defense
TalosIntegrated
Threat
Defense
2013 2015
Security
Everywhere
OpenDNS
Acquisition
Closed
Prevención
Prevención Retrospección
+
Contextla amenaza depende del contexto
Policyla política reduce la superficie de ataque
Threatfoco en la amenaza, detectar, entender, detener
Breachcomprender impacto, contener y remediar
Breach
Context
Policy
Threat
Scope
Contain
Remediate
Detect
Block
Defend
Control
Enforce
Harden
Discover
Monitor
Inventory
Map
Network / Devices
Users / Applications
Files / Data
BEFORE DURING AFTER
Breach
Context
Policy
Threat
Scope
Contain
Remediate
Detect
Block
Defend
Control
Enforce
Harden
Discover
Monitor
Inventory
Map
Network / Devices
Users / Applications
Files / Data
Control de
Acceso
BEFORE DURING AFTER
De Intrusión De Archivos
Breach
Context
Policy
Threat
Scope
Contain
Remediate
Detect
Block
Defend
Control
Enforce
Harden
Discover
Monitor
Inventory
Map
Network / Devices
Users / Applications
Files / Data
Control de
Acceso
BEFORE DURING AFTER
De Intrusión De Archivos
Breach
Context
Policy
Threat
Scope
Contain
Remediate
Detect
Block
Defend
Control
Enforce
Harden
Discover
Monitor
Inventory
Map
Network / Devices
Users / Applications
Files / Data
Control de
Acceso
BEFORE DURING AFTER
De Intrusión De Archivos
Malo ConocidoConocido /
SospechosoDesconocido
Breach
Context
Policy
Threat
Scope
Contain
Remediate
Detect
Block
Defend
Control
Enforce
Harden
Discover
Monitor
Inventory
Map
Network / Devices
Users / Applications
Files / Data
Control de
Acceso
BEFORE DURING AFTER
De Intrusión De Archivos
Malo ConocidoConocido /
SospechosoDesconocido
Contener DimensionarRemediar
Host-based Security
Wireless
L2//L3 Network
L2//L3 Network
Host-based Security
Identity Posture Assess-ment
CEO sending emailto shareholders
Salesmen accessing customer database
Switch
WAN
Flow Analytics
Access Control +TrustSec
Campus
WirelessIntrusionPrevention
Posture Assess-ment
Access Control +TrustSec
Flow Analytics
Wireless Controller
Identity Mobile Device Mgmt
Host-based Security
Wireless
L2//L3 Network
L2//L3 Network
Host-based Security
Identity Posture Assess-ment
CEO sending emailto shareholders
Salesmen accessing customer database
Switch
WAN
Flow Analytics
Access Control +TrustSec
Campus
WirelessIntrusionPrevention
Posture Assess-ment
Access Control +TrustSec
Flow Analytics
Wireless Controller
Identity Mobile Device Mgmt
Host-based Security
Wireless
L2//L3 Network
L2//L3 Network
Host-based Security
Identity Posture Assess-ment
CEO sending emailto shareholders
Salesmen accessing customer database
Switch
Flow Analytics
Access Control +TrustSec
WirelessIntrusionPrevention
Posture Assess-ment
Access Control +TrustSec
Flow Analytics
Wireless Controller
Identity Mobile Device Mgmt
BEFORE
Host-based Security
Wireless
L2//L3 Network
L2//L3 Network
Host-based Security
Identity Posture Assess-ment
CEO sending emailto shareholders
Salesmen accessing customer database
Switch
Flow Analytics
Access Control +TrustSec
WirelessIntrusionPrevention
Posture Assess-ment
Access Control +TrustSec
Flow Analytics
Wireless Controller
Identity Mobile Device Mgmt
AFTER
Host-based Security
Wireless
L2//L3 Network
L2//L3 Network
Host-based Security
Identity Posture Assess-ment
CEO sending emailto shareholders
Salesmen accessing customer database
Switch
WAN
Flow Analytics
Access Control +TrustSec
Campus
WirelessIntrusionPrevention
Posture Assess-ment
Access Control +TrustSec
Flow Analytics
Wireless Controller
Identity Mobile Device Mgmt
Data Center
L2//L3 Network
Access Control +TrustSec
To Campus
Shared Services
Zone
Next-Gen Intrusion Prevention System
App Server
Zone
PCICompliance
Zone
DatabaseZone
Flow Analytics
Host-based Security
Load Balancer
Flow Analytics
Firewall
Anti-Malware
Threat Intell-igence
Access Control +TrustSec
Next-Gen Intrusion Prevention System
Next-Generation Firewall Router
L2//L3 NetworkFirewall VPN
Switch
Web Application Firewall
Centralized Management
Policy/Configuration
Visibility/Context
AnalysisCorrelation
Analytics
Logging/Reporting
ThreatIntelligence
VulnerabilityManagement
Monitoring
To Edge
Virtualized Capabilities
WAN
Access
Control +
TrustSec
Next-Gen
Intrusion
Prevention
SystemAnti-
Malware
Threat
Intell-
igence
Access Control +TrustSec
Next-Generation Firewall Router
L2//L3
NetworkFirewall VPN
Centralized Management
Policy/Configuration
Visibility/Context
AnalysisCorrelation
Analytics
WAN
Access
Control +
TrustSec
Next-Gen
Intrusion
Prevention
SystemAnti-
Malware
Threat
Intell-
igence
Access Control +TrustSec
Next-Generation Firewall Router
L2//L3
NetworkFirewall VPN
Centralized Management
Policy/Configuration
Visibility/Context
AnalysisCorrelation
Analytics
WAN
Access
Control +
TrustSec
Next-Gen
Intrusion
Prevention
SystemAnti-
Malware
Threat
Intell-
igence
Access Control +TrustSec
Next-Generation Firewall Router
L2//L3
NetworkFirewall VPN
Centralized Management
Policy/Configuration
Visibility/Context
AnalysisCorrelation
Analytics
WAN
Data Center
L2//L3 Network
Access Control +TrustSec
To Campus
Shared Services
Zone
Next-Gen Intrusion Prevention System
App Server
Zone
PCICompliance
Zone
DatabaseZone
Flow Analytics
Host-based Security
Load Balancer
Flow Analytics
Firewall
Anti-Malware
Threat Intell-igence
Access Control +TrustSec
Next-Gen Intrusion Prevention System
Next-Generation Firewall Router
L2//L3 NetworkFirewall VPN
Switch
Web Application Firewall
Centralized Management
Policy/Configuration
Visibility/Context
AnalysisCorrelation
Analytics
Logging/Reporting
ThreatIntelligence
VulnerabilityManagement
Monitoring
To Edge
Virtualized Capabilities
WAN
BEFORE
Data Center
L2//L3 Network
Access Control +TrustSec
To Campus
Shared Services
Zone
Next-Gen Intrusion Prevention System
App Server
Zone
PCICompliance
Zone
DatabaseZone
Flow Analytics
Host-based Security
Load Balancer
Flow Analytics
Firewall
Anti-Malware
Threat Intell-igence
Access Control +TrustSec
Next-Gen Intrusion Prevention System
Next-Generation Firewall Router
L2//L3 NetworkFirewall VPN
Switch
Web Application Firewall
Centralized Management
Policy/Configuration
Visibility/Context
AnalysisCorrelation
Analytics
Logging/Reporting
ThreatIntelligence
VulnerabilityManagement
Monitoring
To Edge
Virtualized Capabilities
WAN
DURING
Data Center
L2//L3 Network
Access Control +TrustSec
To Campus
Shared Services
Zone
Next-Gen Intrusion Prevention System
App Server
Zone
PCICompliance
Zone
DatabaseZone
Flow Analytics
Host-based Security
Load Balancer
Flow Analytics
Firewall
Anti-Malware
Threat Intell-igence
Access Control +TrustSec
Next-Gen Intrusion Prevention System
Next-Generation Firewall Router
L2//L3 NetworkFirewall VPN
Switch
Web Application Firewall
Centralized Management
Policy/Configuration
Visibility/Context
AnalysisCorrelation
Analytics
Logging/Reporting
ThreatIntelligence
VulnerabilityManagement
Monitoring
To Edge
Virtualized Capabilities
WAN
AFTER
Cisco Confidential 43© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Security Services Portfolio
Optimization
Migration
Plan,
Design,
Implement
Program Strategy
Architecture & Design
Assessments
Managed Security
(SOC)
Managed
Services
Advisory Integration
Cisco Confidential 47© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Digitalización
Camino
