View
791
Download
0
Category
Tags:
Preview:
Citation preview
RETHINKINGYour Endpoint
Security Strategy
Paul Henry | Security and Forensics Analyst
The Threat Landscape has Evolved…
Shift in Information that is Targeted
Market for stolen data is saturated» Then - Stolen personally identifiable
information sold on the black market for up to $15 per record
» Now - Credit card data has dropped to about 20 cents per record
New, more valuable target is now intellectual property (IP)
» Revenue-generating information» Much larger impact and value –
organization versus individuals
3
Data Breaches Impact Your Bottom Line
4
No Longer a Microsoft World
» Then-Priority on patching servers and Windows O/S
» Now-PC and 3rd party apps are the biggest source of enterprise risk
5
Continued Increase of Cyber Crime
Rise in malicious attacks
» Root cause of 31% of the data breaches studied (up from 24% YoY)*
Cyber attacks impact business
» 97% of respondents consider cyber attacks as the most severe threat to their ability to carry out their missions
» Harder to detect and more difficult to contain and remediate
» Financially motivated cyber criminals
* Ponemon Institute, Annual Cost of Data Breach 2011
6
Rising Cyber Terrorism… Impact of WikiLeaks
7
The Reality of Advanced Persistent Threats
More Sophisticated Threats Leveraging Multiple Attack Vectors
» Zero-day and third party application vulnerabilities
» Physical access through data ports
» Web-based attacks through the browser
The Rise of APTs…
» Highly targeted, constantly evolving, custom-developed malware
» Sony
» Stuxnet
» RSA
8
APT Example… Stuxnet
9
Trusted Insiders Open the Door to Risk
» Negligence is root cause of 41% of the data breaches studied – the #1 cause*
» Social media opens the door to even more risk of social engineering
» The applications we use for productivity open networks and information to risk
» Removable devices provide easy access, data mobility and… risk if not managed
Negligence remains the most common threat - and an increasingly expensive one
* Ponemon Institute, Annual Cost of Data Breach 2011
10
Security Status Quo is No Longer Effective
Security Best Practices Still Not Universally Followed
» Patch and configuration management
» Data protection practices
» User rights management
Ineffectiveness of Anti-Virus
» Increasing malware sophistication
» Only19% of new malware is detected on first day
» 50% of IT professionals point to malware as the leading cause of rising endpoint TCO
The New Endpoint Reality
12
Traditional Endpoint Security Strategy
Traditional “Threat Centric” Endpoint SecurityIs No Longer Relevant
BlacklistingAs The Core
Endpoint Protection
Zero Day
3rd Party Application
Risk
MalwareAs a
Service
Volume of Malware
“Basic security protection is not good enough.” Rowan Trollope SVP
“You can’t just rely on antivirus software – and we’re an antivirus company.” George Kurtz Worldwide CTO
13
Challenges of Endpoint Management
IT Operations
Challenges
IT Security
» Lack of common management console
» Increasing agent bloat
» Increasing and costly back-end Integration
» Lack of visibility and collaboration with IT security
Challenges» Need for better accuracy
» User access rights (Local Admin)
» Lack of scalability
» Silos and insufficient collaboration between IT and business operations*
Lack of integration across technologies
is the
#1 IT security
risk*
*Worldwide State of The Endpoint Report 2009
14
What’s the Impact to Your Business?
Complex IT Environment is Costly to Manage
Lumension Global State of The Worldwide Endpoint 2009
16
Multiple Consoles
» 3-6 different consoles on average
Agent Bloat
» Increasing malware sophistication
Lack of Control
» 54% of IT security pros cite managing security complexity as #1 challenge
» Decreasing visibility – disparate data
» Ad-hoc monitoring of security posture
Increasing TCO of Point Technologies
» Integration and maintenance
Lack of Enterprise-Wide Visibility
Management and visibility in silos hurts effectiveness and efficiency
» What endpoints are online/offline?
» What apps are being used?
» What devices are being used?
» What user actions are concerning?
» How is data being used?
17
Increased Complexity & Risk. Increasing CostMalware
Signatures
Endpoint TCO
Current Endpoint Security
Effectiveness
2007: 250K Monthly
Malware Signatures Identified
2011: 2M Monthly
Malware Signatures Identified
Increasing Malware
Fractured Visibility
Complex Technology
18
Traditional Balancing Act
19
security Vs. productivity
Shift to a New Endpoint Security Approach
Key Strategies
1. Rethink Endpoint Security from the Outside In
2. Shift from “Threat-Centric” to “Trust-Centric” Approach
3. Implement Defense-in-Depth Strategy
4. Reduce Complexity through Integration and Standardization
5. People, Policy and Technology Must All Play a Role in Your Strategy
…to improve endpoint security and reduce complexity
21
Strategy 1: Rethink Endpoint Security
Data has effectively moved away from the data- center to a borderless endpoint
Corporate HQ
Mobile EndpointsRemote Offices & Subsidiaries
WAN
Internet
Cloud-based Computing
Data Center
22
Start to view your IT security requirements from the outside-in and not the inside-out
Strategy 2: Shift to Trust-Centric Security
THREATCENTRIC
TRUSTCENTRIC
Strategy 3: Implement Defense-in-Depth
24
BlacklistingAs The Core
Zero Day
3rd Party Application Risk
MalwareAs a Service
Volume of Malware
Traditional Endpoint Security
Patch & Configuration
Mgmt.
Defense-in-Depth
Strategy 4: Reduce Endpoint Complexity
SingleConsole
Agile architecture
Single Promotable Agent
25
Many Consoles
Disparate Architecture
ManyAgents
IT ControlMade Simple
» Agile platform architecture
» Reduced integration and maintenance costs
» Improved endpoint performance
» Holistic endpoint visibility
Effective but not Efficient
Effective AND Efficient
All three are dependent on each other for
effective and operational endpoint security.
Strategy 5: People, Policy and Technology
26
policy
technologypeople
Summary
Shift to New Endpoint Management Approach
28
Threat centric
Point products
Multiple consoles
Multiple agents
Ad hoc processes
Reactive signatures
Ad hoc auditing
Compliance
» Trust centric
» Integrated platform
» Single console
» Single agent
» Standardized processes
» Proactive, real time
» Continuous monitoring
» IT Risk management
Lumension: Leading the IT Security Shift
» Market Leader
» Agile Platform Architecture
» Best-of-Breed Functionality
» Global Footprint
» Strong Customer and Partner Ecosystem
» Deloitte 500 & Inc. Magazine 500 Fast Growth Leader
29
Q&AFor more information come visit us at Booth #19 during these show
hours:Tuesday, June 21
11:45 a.m. – 1:45 p.m. Wednesday, June 22 12:00 p.m. – 1:30 p.m.
Global Headquarters8660 East Hartford Drive
Suite 300
Scottsdale, AZ 85255
1.888.725.7828
info@lumension.com
Recommended