Delivering Integrated Cyber Defense in the Cloud Generationdigital-dreams.biz/events/presentations/cio2019/... · Defense in the Cloud Generation Davor Perat Senior Technology Consultant

Delivering Integrated Cyber Defense in the Cloud Generation

Davor Perat

Senior Technology Consultant

Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY

2

A History of Industry Leadership Symantec:

Symantec is founded by Gary Hendrix with a focus on artificial intelligence

1 9 8 2

Symantec achieves profitability

Symantec acquires Peter Norton Computing

John Thompson is hired to become CEO of Symantec

Acquisition of Vontu is completed to enter into the data protection space

1 9 8 9 1 9 9 0 1 9 9 9 2 0 0 7

Symantec enters the Antivirus market with a focus on Macintosh computers

1 9 8 8

NASDAQ IPO of Symantec

Symantec launches Norton Antivirus

Symantec acquires Veritas and Brightmail to enter into storage and email security

Verisign Identity and Authentication Business acquired by Symantec

1 9 8 9 1 9 9 1 2 0 0 4 2 0 1 0


3

Symantec Acquires Blue Coat and appoints Greg Clark as CEO

AUGUST 2016

Symantec integrates Blue Coat and Symantec threat data-lakes stopping 500K new threats per day

Symantec launches industry innovation with SEP14

Symantec acquires Lifelock protecting the identity information of millions

Symantec acquires Fireglass and Skycure

SEPTEMBER 2016 NOVEMBER 2016 FEBRUARY 2017 JULY 2017

Symantec divests Veritas business as it begins a pure focus on security

JANUARY 2016

Symantec launches Cloud Generation Data Protection with DLP and Blue Coat CASB integration

Symantec launches Norton Core to create the digital safety category for consumers

Symantec creates the new Symantec Ventures fund

Symantec takes leadership position in 5 Magic Quadrants – EPP, DLP, MSS, SWG, and CASB.

OCTOBER 2016 JANUARY 2017 MARCH 2017 JANUARY 2018

Celebrating The Past Two Years of Advanced Innovation Symantec:


4

The Industry Faces a Looming Fiscal Spending Crisis Fiscal Crisis

Existing Technology Footprint Annual Security Improvement

New Regulations

Labor Cost Increases

Subscription Expense Growth

Maintaining a Dual Environment (Legacy and Cloud)

SECURITY OPERATING COSTS

CURRENT SECURITY BUDGET

6-8% ANNUAL BUDGET INCREASE


5

THE COMING FISCAL CRISIS

A Dark Internet Will Require Presence at Key Termination Points The Cloud Generation Dilemma


6

A DARK INTERNET THE COMING FISCAL CRISIS

Organizations Will Need to Depend on Automatic Security Capabilities The Cloud Generation Dilemma

ARTIF IC IAL INTELL IG ENCE


7

DEEP ARTIFICIAL INTELLIGENCE & AUTOMATION


Industry Refocused on the Criticality of Prevention The Cloud Generation Dilemma


8

BEST IN CLASS TERMINATION POINTS & PROTECTION



Changing Usage Models Will Mandate Cloud Generation Architecture The Cloud Generation Dilemma


9


CLOUD GENERATION ARCHITECTURE & PLATFORMS



BEST IN CLASS TERMINATION POINTS & PROTECTION


10

Delivering Protection in The Cloud Generation

Endpoint Requirements

Best in Class Protection

Machine Learning / Artificial Intelligence

Single Agent / Efficient Architecture

Cloud Aware / Enabled

Supports all Endpoints

PROXY

EMAIL

CLOUD APPS

ENDPOINT ENDPOINT


11

Proxy Requirements

ENDPOINT

PROXY

EMAIL

CLOUD APPS

Best in Class

Strong Encrypted Traffic Management

Integrated CASB

Network Browser Isolation

Cloud, On-Premises & Virtual Form Factors



12

Email Requirements

Flexible Form Factor

Protects Intra-Company, Outbound & Inbound

Integrated Content Isolation

Best-In-Class Spam and Malware Defense

Machine Learning / Artificial Intelligence

ENDPOINT

PROXY

EMAIL

CLOUD APPS



13

Cloud Application Requirements

ENDPOINT

PROXY

EMAIL

CLOUD APPS

Visibility Over Cloud User Behavior

Control Across all Cloud Applications

User and User-Action Based Authentication

Protections Against Malicious Content

Extends Data Protection to the Cloud



14


ENDPOINT

PROXY

EMAIL


15


INTEGRATION FABRIC

• Codified Integration Model

• Simple Innovation Consumption

• Enterprise-Class Workflows

• Empowers Third-Party Participation

• One-to-One Integration Mechanics

• Heavy Programmatic Skills

• Support Intensive

• Painful Innovation Consumption

API BASED

VS


16


• Open Interface to Symantec and Third-Party Technologies

• Structures and Unifies Telemetry

• Control of Event Information for Regulatory Adherence

• Long-Term Correlation of Event and Telemetry Data

• Provides Automated Actions for Control Points

• Integration Point for External Control Structures

• MSP • Artificial Intelligence / Machine Learning • Orchestration

INTEGRATED CYBER DEFENSE EXCHANGE (ICDx)

ICDx


17

SERVICES

ICDx

Confidential - Internal Use Only - Do Not Distribute

Delivering Technology Services in The Cloud Generation

• Simple Innovation Adoption

• Integrated Service Delivery Across Termination Points

• Complete Content Visibility and Control

TECHNOLOGY SERVICES


18

ADVANCED THREAT PREVENTION

Content Analysis

Sandboxing

Endpoint Detection & Response

Full Packet Capture and Metadata ICDx



19

INFORMATION PROTECTION

DLP

Multifactor Authentication

Encryption

Information Centric Analytics

Discovery and Compliance ICDx



20


ADVANCED THREAT PREVENTION

COMPLIANCE ENFORCEMENT

INFORMATION PROTECTION

ANALYTICS

ICDx ENCRYPTED TRAFFIC MANAGEMENT


21

INTEGRATED CYBER DEFENSE PLATFORM


Massive Global Threat Telemetry

State of The Art Security Analysis

Best-in-Class Global Cyberwarriors

Automated Threat Intel Fed to Platform

THREAT RESEARCH


22



PLATFORM SERVICES

Provider Ecosystem

Third-Party Integrations

Information Exchange Layer

Managed Security Services Provider

Custom Outcomes

THREAT RESEARCH


23




24

600+ PARTNERS INQUIRIES 94 TECHNOLOGY PARTNERS 178 INTEGRATIONS


25


Headquarters Data Center

Regional Office

Roaming Users


26

Cloud Security Chaos Challenges of Disparate Cloud Security Providers


Regional Office

Roaming Users

Cloud Proxy

Identity / MFA Cloud Service

Cloud DLP Provider

Cloud App Security Broker (CASB)

Cloud Endpoint Vendor Telemetry

Cloud Sandbox Provider

Network Forensics

Email Security

1

2

3

5

6

7

8

9

10

11

Cloud Data Encryption

Provider

4

1 Connect to Cloud Proxy

Authenticate the connection 2

Validate user access to cloud application 3

Inspect document upload for sensitive material 4

Encrypt document due to sensitivity 5

Document uploaded into cloud app 6

Content is classified and tagged inside of cloud app

7

Email sent to user confirming document receipt 8

Threat inspection performed on email content 9

Full packet capture forensics 10

Endpoint activity telemetry 11

COMPLICATIONS OF CLOUD ADOPTION


27


Regional Office

Roaming Users

Cloud Proxy

Identity / MFA Cloud Service

Cloud DLP Provider

Cloud App Security Broker (CASB)

Cloud Endpoint Vendor Telemetry

Cloud Sandbox Provider

Network Forensics

Email Security

1

2

3

5

6

7

8

9

10

11

Cloud Data Encryption

Provider

4

Who Owns the Comprehensive Service Level Agreements?

Single Pane of Glass?

Redundancy & High-Availability?

Vendor Compatibility?

COMPLICATIONS OF CLOUD ADOPTION

Cloud Security Chaos Challenges of Disparate Cloud Security Providers


28


Regional Office

Roaming Users

Delivering a Simplified Security Model for the Cloud Generation Symantec Integrated Cyber Defense


29


Regional Office

Roaming Users

Delivering a Simplified Security Model for the Cloud Generation Symantec Integrated Cyber Defense


30

Documents

Delivering Integrated Cyber Defense in the Cloud Generationdigital-dreams.biz/events/presentations/cio2019/... · Defense in the Cloud Generation Davor Perat Senior Technology Consultant