Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
CONFIDENTIAL AND PROPRIETARYThis presentation, including any supporting materials, is owned by Gartner, Inc. and/or its affiliates and is for the sole use of the intended Gartner audience or other intended recipients. This presentation may contain information that is confidential, proprietary or otherwise legally protected, and it may not be further copied, distributed or publicly displayed without the express written permission of Gartner, Inc. or its affiliates. © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.
2017
Pete Shoard, Research DirectorSecurity and Risk Management Leaders
Threat Landscape and Security Monitoring, 2017
1 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.1 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.
There Are About 20 Billion ThreatBlocks a Day
2 So What?
There Are About 4 Billion Google Searches Each Day
2 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.2 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.
If You Want Stats to Scare Your Bosses With, I'm Sorry2..
They're Already Scared
They're Bored With Scary Stats
3 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.
Gartner has, for decades, resisted
providing threat statistics.
How many raindrops are falling
doesn't matter.
So Stop Counting Attacks
4 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.
Instead, Start Thinking About Raincoats
5 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.
And Umbrellas and Roofs $ and What Am I Doing?
6 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.6 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.
Threat Analysis Isn't About Threats
It's About Awareness
7 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.
A Lot of Stuff Isn't Where It Used to Be
Cloud Deployment Plans Across Regions and Timelines, May 2016
6
8 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.
It's Not All Easily Found
Cloud delivery and stand-alone functionality enables shadow
IT applications
15XCompanies are using up to 15 times more cloud services to store critical company data than CIOs were aware of, or had authorized. (Cisco study, August 2015)
77%Nearly eight in ten (77%) (business) decision makers admit to using a third-party cloud application without the approval or knowledge of their IT department (NTT, April 2016)
9 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.
IT Is More Complex, but More Connected
Complexity and Heterogeneity Are the Enemies of Security
10 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.10 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.
Insiders
Partners
All IT Not Under One Roof
Customers
Information Systems Platform
Customer Experience
Platform
Ecosystems Platform
Things
Mobile
Cloud
Data and Analytics Platform
B2B
On-Premises
Edge
Cloud
On-Premises
Mobile
Mobile
IoT Platform
As if the challenge were not great enough within the enterprise
11 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.
By 2020, a third of successful attacks experienced by
enterprises will be on their shadow IT resources.
Strategic Planning Assumption (SPA)
12 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.
Roofs Are Leaky, and Getting Leakier
We're Not Even Looking At All the Roofs
Source: Gartner-generated via CVE Database
13 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.
Some Roofers Are Better Than Others:2016 Vulnerability Trends
Source: Gartner-generated via CVE Database
Red
Hat
Micro
Foc
us
SUSE
Fedor
a Pro
ject
Apa
che
Sof
twar
e
Foun
datio
n
14 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.
Through 2021, the single most impactful enterprise activity to improve
security will be patching.
Strategic Planning Assumptions (SPAs)
15 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.
The Perfect Storm: How Many Zero Days?
2013 23 00.4%
2014 24 00.3%
2015 53 00.8%
16 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.
Through 2020, 99% of vulnerabilities exploited will continue to be the
ones known by security and IT professionals for at least one year.
Strategic Planning Assumption (SPA)
18 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.
The Ransomware Weather Map
Source: Microsoft: Ransomware by Region 2Q16
19 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.
Ransomware Growth Is Not Hype
Source: Trend Micro
21 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.
Do not be distracted by the shiny objects
22 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.
Your Environment$
Threat Detection Remediation Strategy
SOC Analysts
Security DeviceManagement
Threat Intel.
PlatformSecurity Analytics
SIEM
Exploit Identification
Issue Identification
Penetration Testing
Patch
Management
Response Process
Comm
unicationContin
uity
Find The Threat Find The Weakness Have A Plan
23 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.
Keep It Simple
� Being swamped in alerts and incidents is worse than burying your head in the
sand, have an effective plan around how to deal with the output of security tools
and services.
� Solve the BIG & EASY problems first, Upgrade and Patch where possible, use
preventative controls (IPS / Firewalling) where its not.
� Identify Phased approaches that work for the organisation, allowing smaller more
effective pockets of defence to rise up first.
� Outsource where it makes sense – co-managed or fully managed services
increase the speed of deployment and reduce the burden on internal teams.
� Adopt Zero Trust if you can. Starting from a position of Zero Security can mean
that an effective strategy is to lock the doors and wait for people to knock.
24 © 2017 Gartner, Inc. and/or its affiliates. All rights reserved.
Recommended Gartner Research
� Predicts 2017: Threat and Vulnerability Management
Oliver Rochford, Greg Young and Craig Lawson (G00316869)
� Use the Gartner Playbook for a Successful SIEM Proof of Concept
Gorka Sadowski (G00338084)
� 2017 Planning Guide for Security and Risk Management
Ramon Krikken (G00312926)
� Magic Quadrant for Managed Security Services, Worldwide
Toby Bussa, Kelly M. Kavanagh, Sid Deshpande (G00299064)
� Vulnerability and Security Config Assess Solutions
Oliver Rochford, Greg Young and Craig Lawson (G00322810)
For more information, stop by Gartner Research Zone.