Security Summit July 2009

50 %
50 %
Information about Security Summit July 2009

Published on July 26, 2009

Author: shaharmaor

Source: slideshare.net

Description

PC Magazine security summit, July 2009

Your Text here Your Text here Shahar Geiger Maor shahar@stki.info Visit My Blog: http://shaharmaor.blogspot.com/ 1

Agenda 1 Downturn Economics 2 Communication CISOs Agenda Your Text here Your Text here 3 Technologies (NAC, DCS, IAM SIEM) Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 2

Israeli Information Technology Market Size Your Text here Market here 2008: Your Text size 4.645 B$ Market size 2009: 4.063 B$ Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 3

IT Market Share (%) by Industry Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 4

Israeli Information Security Market Size GRC and Security market size (Ms of $) Your Text here 2008 2009 Your Text here 2010 Governance & Risk Management (also BCP) 35.0 42% 50.0 50% 75.0 Security (projects) 95.0 -10.53% 85.0 11.76% 95.0 Security (Software) 90.0 -5.56% 85.0 -5.88% 80.0 Total 220 0% 220 14% 250 Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 5

Security Budgeting Difficulties – The Market is Under Stress Although most 2009 72% expect additional security budgets are set downward revisions during (89% surveyed) the remainder of the year Your Text here Your Text here 65% of security vendors are 53% of vendors are providing discounts for new reducing maintenance fees products purchases Source: http://metrosite.files.wordpress.com/2008/06/information_security_spending_survey_2009.pdf Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 6

Vendor Discounting in Response to Buyer Request Your Text here Your Text here Source: http://metrosite.files.wordpress.com/2008/06/information_security_spending_survey_2009.pdf Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 7

Security Budgeting Difficulties – Downturn Mechanism Longer POC Your Text here Longer Your Text here sale cycle Vendor bottom line turns red Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 8

More Optimism about Security Spending 45% 40% 35% 30% 25% Your Text here Your Text here IT Spending 20% Sec Spending 15% 10% 5% 0% > -10% -10% to -5% -5%% to 5% 5% to 10% 10+% Source: http://metrosite.files.wordpress.com/2008/06/information_security_spending_survey_2009.pdf Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 9

What’s on the CISO’s Agenda? (STKI Madad 2008-2009) Network DLP Hardening Market Players 5% 4% 3% 5% Access GRC 18% 5% Miscellaneous EPS/Anti x 6% Your Text here Your Text here 14% NAC DB Protection WAF & Apps 6% 7% 11% Management Trends 8% 8% Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 10

What’s on the CISO’s Agenda? (STKI Madad March-June 2009) Sec Tools SIEM/SOC EPS 5% 5% 5% DB/DC SEC Encryption 18% 9% Access/Authenti Market/Trends cation Your Text here Your Text here 10% 15% NAC Miscellaneous 10% DLP 15% 10% Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 11

What’s on the CISO’s Agenda? Financial sector: • Access and DLP: Mobile Security, OTP, Data Obfuscation Governmental agencies and subsidiaries: • NAC, IDM High-Tech and Services: Your Text here Your Text here • Virtualization, Cloud Computing, EPS and mobility Cross-sector: • SIEM-SOC, Application Security and methodologies Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 12

Security Staffing Ratios Organization Type Ratios of Security Personnel (Israel) Average Public Sector 0.15% of Total Users Your Text here Your Text here “Sensitive” Public Sector 0.5% of Total Users Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 13

Technologies Categorization 2009 Business Value Investment to make money Remote Access Cut costs, Increase Manage Sec. productivity IAM/IDM Services IT Project Business SSO Cloud Project App. Your Text here Anti Your Text here Sec. DLP Size of figure = Commodity IT X Mobile complexity/ EPS SIEM/SOC Sec. Services cost of project DB Vir. Network NAC Sec. Sec. Security Investment for regulations GRC Using Implementing Looking Market Maturity Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 14

Network Access Control Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 15

NAC Insights NAC has not been “fully digested” by Israeli customers in 2008. There should be more activity in 2009 NAC can be deployed less expensively when it is an embedded feature of an existing vendor and customers take notice of it Some network and security vendors alreadyText here Your Text here Your have solutions that can be part of the NAC process  Israeli customers first priority: network visibility and guest network control Network or Security? NAC is a Layer 2 vs. Layer 3 match Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 16

Data Centric Security Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 17

Data Centric Approach Your Text here Your Text here “Business of Security” – Security “perimeter security” is built into the business process Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 18

Data Centric Security Arena DLP ERM Database Encryption Protection EPS Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 19

DLP –Market Status DLP Deployments Status -Israel 1Q09 Solution Deployed 20% Your Text here PlanYour Text here to Deploy Not "There" Yet Soon 60% 20% Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 20

Identity & Access Management (IDM/IAM) Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 21

IDM/IAM Savings Your Text here Your Text here Source: http://blogs.technet.com/mcs-ireland-infrastructure/default.aspx Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 22

Key Success Factors for Future IDM Project Consider IDM also as a business project, rather than a pure IT project Make sure the project bridges the gap between business and IT  StartYour Text here easier success (Single Signhere a small for Your Text On, vertical project)  Choose a step-by-step approach, rather than a mastodon implementation. Focus on basic functionalities not on the additional features Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 23

Security Information and Event Management Your Text here Your Text here 24

Silos of Redundant Information Management Your Text here Your Text here Source: Network Intelligence Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 25

An Enterprise Platform for Compliance and Security Your Text here Your Text here SIEM Source: Network Intelligence Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 26

SIEMSOC “Round Table” Insights How to “sell” SIEM project to your organization Knowing when NOT to start a project Reporting Systems, Logging and parsing “Tracing the events” (real-time?) Who defines what is “risk”? How to translate it to HD? Your Text here Your Text here Maintenance and operations: What does it take? Outsourced SOC (must be taken under consideration) Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 27

Your Text here Your Text here Shahar Geiger Maor VP & Senior Analyst shahar@stki.info 28

Add a comment

Related pages

Welcome to OWASP Bay Area Application Security Summit July ...

Application Security Summit July 23rd, 2009. Mandeep Khera. OWASP Bay Area Chapter Leader. ... July 2009. Brussels May 2008 Brussels. May 2008. Poland May 2009
Read more

World Summit on Food Security 2009 - Wikipedia, the free ...

World Summit on Food Security 2009 ... FAO announced in July that Saudi Arabia ... FAO says three events in October 2009 prepared the ground for the Summit.
Read more

G8 statement on food security july 2009 - Home / CGIAR

G8 Summit statement on food security Fri Jul 10, 2009 8:41am Following is the joint statement on global food Security by world leaders gathered in the Italian
Read more

Gartner Security Summit 2009: June 28-July 1 - Greg Young

Spring is in the air, which means it is time to get my presentations in order for the annual Gartner Security Summit. The dates are June 28-July 1, and it ...
Read more

Strategic Security Summit - Darling Harbour, 17 July 2009 ...

McAfee invites you to attend an exclusive Strategic Security Summit 09 to learn how to drive better business performance by optimising security and ...
Read more

Security Summit

Security Summit è la manifestazione dedicata alla sicurezza delle informazioni, delle reti e dei sistemi informatici che, da anni, ...
Read more

Summary of the World Summit on Food Security - 16-18 ...

The World Summit on Food Security took place from 16-18 November 2009 at the UN Food and Agriculture Organization (FAO) headquarters in Rome, Italy.
Read more

G8 Summit 2009 - official website - Home

All the Official Documents of the 2009 G8 Summit ... which was disseminated in the course of the G8 Summit in L'Aquila in July. ... Energy Security ...
Read more