Upload
forgerock
View
311
Download
0
Embed Size (px)
Citation preview
Lisa O’Connor
Accenture Labs
Cybersecurity Research and Development
ForgeRock
Austin, TX
May 2, 2017
Copyright 2017 Accenture. All rights reserved. 2
NAVIGATING COMPLEX
ECOSYSTEMS
Businesses operate in a digital ecosystem that is becoming
ever more connected, collaborative and complex.
Think about your ecosystem as a neighborhood…
Copyright 2017 Accenture. All rights reserved. 4
A SELF-SUSTAINING
ENTERPRISE
UNDERSTANDS AND
RESPONDS TO WHO’S
MOVING IN AND OUT,
WHAT THEY’RE DOING,
AND WHAT THREATS
THEY PRESENT.
Has the agility to
sense & respond to
threats and vulnerabilities
as they present themselves
THE SELF-SUSTAINING ENTERPRISE
Copyright 2017 Accenture. All rights reserved. 5
Infrastructure shifts
security postures
in response to
ecosystem changes.
Uses predictive
analytics and cognitive
modeling to automate how
enterprise security “thinks”
about threats or risks.
Infrastructure
paradigms such as network
functions virtualization (NFV)
and serverless architectures
introduce the agility needed
to “react”.
Copyright 2017 Accenture. All rights reserved. 6
Proliferation of
insecure devices
Merging of personal
and professional lives
and data
Attackers “weaponizing”
the internet
CYBER RISKS IN A NEW
BUSINESS ECOSYSTEM
Businesses operate in a digital ecosystem that is
becoming ever more connected, collaborative and complex.
Copyright 2017 Accenture. All rights reserved. 7
THE NECESSARY FUNDAMENTALS
OF SELF-SUSTAINING ENTERPRISES
Continuous discovery
and classification
of new assets (user,
device or data)
Trust-based
authentication assigns a
“trust-level”
to each device
An adaptive, intelligent
security platform will
streamline security
operations and reduce
complexity
Copyright 2017 Accenture. All rights reserved. 8
THE
EVOLUTION
OF TRUST
PRINCIPLES
Digital Trust
Think digital trust is cornerstone of digital economy
33% Proactively brought ethics into Tech Vision discussion
83%
A self-sustaining approach enhances existing cybersecurity
capabilities through automation, machine learning, software-defined
networking and new approaches to infrastructure.
ENABLING THE SELF-SUSTAINING
ENTERPRISE
Copyright 2017 Accenture. All rights reserved. 9
An adaptive, intelligent platform that can deliver
a self-healing, scalable security environment
A self-sustaining approach enhances existing cybersecurity
capabilities through automation, machine learning, software-defined
networking and new approaches to infrastructure.
ENABLING THE SELF-SUSTAINING
ENTERPRISE
Copyright 2017 Accenture. All rights reserved. 10
An adaptive, intelligent platform that can deliver
a self-healing, scalable security environment
More sophisticated identity methods for seamless integration
Consistent user experience across applications, devices and internet-connected
things to manage persistent identity.
Going serverless
Applications built within a serverless architecture exist as individual functions, with a
strong definition for how data needs to flow between them. It required operational
discipline--triggers and microservices--which can be leveraged for cyber defense.
Thinking about infrastructure and security as code
Software-defined security has controls designed independently of the physical
infrastructure. Virtualizing in this way provides the flexibility and agility to control and
quarantine small parts of the network/device.
Becoming dynamic
As threats or risks change, the self-sustaining enterprise responds by segmenting,
moving and morphing assets with a much more fluid and unpredictable approach to
managing business risks, protecting assets or containing incidents.
ENABLING THE SELF-SUSTAINING
ENTERPRISE
Copyright 2017 Accenture. All rights reserved. 11
Copyright 2017 Accenture. All rights reserved. 12
Continuous Integration through DevOps
Continuous/Persistent Authorization
Microservices/Serverless
Customer Driven Authentication Experiences
Data Privacy
Device/Phone as Token
Robotic Provisioning
Biometrics
Blockchain
IOT Asset and Trust
IDENTITY
“By 2020, a typical small enterprise's IAM program will span a million people, 10 million things and billions of relationships, driving significant simplification of its approach to IAM.”Source: Gartner (May 2015)
Trends that promise to disrupt how we think about Identity
THE OPPORTUNITY
Rapid enablement of cloud, mobile and IoT Digital Identity service delivers a
richer, seamless user experience across applications, devices and internet-
connected things.
New Channels
Single View
Personalization
Relationships Privacy
Regulatory Compliance
Operational Efficiencies
Security
Seamless User Experience
RETURN ON IDENTITY
The business challenge: getting the math right on ROICopyright 2017 Accenture. All rights reserved.
Integrate products
and/or techniques that
“think” and “react”
with minimal human
effort (for example, AI
and advanced analytics)
to enable the self-sustaining
environment.
THE JOURNEY TO AGILE
CYBERSECURITY
Copyright 2017 Accenture. All rights reserved. 14
Understand the
availability and
sustainability goals
for key business
processes based on
acceptable levels of risk.
Identify applications
that can be logically
separated from their
operational components
into microservices
and events.
Consider how security
services can be shared
for reuse/consistency,
evaluate how they could be
more effectively applied to
microservices and events,
and revisit security
requirements for business
functions and services.
Identify security functions
that can be provided as a virtual
service through serverless and
network virtualized functions of
software-defined networking.
Build a robust identity and
access management system
to detect and manage new and existing
assets—including users, devices, data
and communications—to dynamically
and continuously determine how trusted
they are.
ACCENTURE LABS
NEW. APPLIED. NOW
Copyright 2017 Accenture. All rights reserved. 15
Learn more at www.accenture.com/labs
30 YEARS
of technology innovation
Applied R&D projects that deliver
BREAKTHROUGH
SOLUTIONS
Dedicated
INNOVATION
Labs in Washington D.C. and Israel
CYBERSECURITY