A Data-Centric Approach to Endpoint Security

Transcription

1 A Data-Centric Approach to Endpoint Security September 28, 2017 Eric Ogren Senior Analyst, Security 451 Research Bill Bradley Director of Product Marketing Digital Guardian

2 About Eric Ogren Eric Ogren is a Senior Analyst with the Information Security team. Eric has extensive experience in software development, technology marketing, and as a security industry analyst. Eric Ogren Senior Analyst, Security Eric contributes pragmatic perspectives for security clients on emerging market trends, company and product strategies, differentiated vendor messaging and positioning, and meeting enterprise solution purchase criteria. Prior to joining 451 Research, Eric held marketing leadership positions with security vendors such as RSA Security and OKENA, and technology vendors such as Digital Equipment. 2

3 About Bill Bradley Leads Product Marketing Data Loss Prevention 20 Years of Marketing & Sales Experience Field Sales, Competitive Analysis, Product Marketing & Management Previously at Rapid7 and General Electric Bill Bradley Director, Product Marke6ng 3

4 Basic structure for today s conversation State of enterprise security The information security debt Evolving to datacentric approaches Transforming security with the infrastructure 4

5 Average Size and Ratio of Security Team By Company Size Information Security Respondents INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017 Average Number of Employees in Information Security Average Ratio of Security Employees to IT employees % % % 14.1% % % 7.6% % employees 1,000-9,999 employees 10,000+ employees 0.0% employees 1,000-9,999 employees 10,000+ employees Q11. How many full time employees (FTEs) does your IT organization currently employ? Q12. How many full time employees (FTEs) does your organization currently employ that are dedicated to information security tasks? Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics

6 INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017 Services 14.7% Average Ratio of Security Employees to IT employees By Industry Information Security Respondents B2B Software, IT and Computer Services Retail Healthcare 10.8% 11.9% 14.2% Govt/Educ 10.8% Manufacturing 10.7% Finance 10.5% Telecommunications 9.7% Communications, Media and Publishing 6.1% Utilities 4.1% Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017 Other 8.0% Mean 6

7 INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017 Information Security Reporting Chain Respondents with a Single Information Security Executive Leader in Their Organizations Q40. Who does the head of Information Security report to? CIO, Head of Information Technology CEO CTO Board of Directors COO 5.2% 8.3% 5.2% 7.9% 4.4% 7.0% 21.9% 20.1% 46.6% 43.2% CFO 3.3% 4.8% Chief Risk Officer 3.8% 2.6% Other 9.6% 6.1% Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017 Q (n=479) Q (n=229) Percent of Sample 7

8 How did we get here? It all starts with your business Your Business 8

9 How did we get here? Need to bolt on security! Your Business 9

10 How did we get here? New threats? New products! Your Business 10

11 We re catching on to the problems with this picture An attack can go anywhere once inside security defenses Security teams get bogged down managing all those products and all the data they produce Security teams get isolated from the rest of IT and special skills keep us isolated 11

12 INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017 Hackers/Crackers with Malicious Intent 52.5% Top Information Security Concerns Past 90 Days Information Security Respondents Q3. What were your top general information security concerns during the last 90 days? Please select all that apply. Compliance Internal Audit Deficiencies Based on Findings Preventing/Detecting Insider Espionage 19.8% 31.7% 49.1% Cyber-Warfare 19.6% Other 7.3% Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017 n = 495 Percent of Sample 12

13 INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017 Risk Assessment 21.6% Reasons for Implementing Security Projects Information Security Respondents Compliance Requirement Business Requirement Championed by a Senior Leader (e.g., Sacred Cow) 11.1% 9.9% 21.4% Q2. For the top information security projects currently being implemented within your organization, what was the key determinant in their approval? Driven by Due Diligence (e.g., Customer Requirement) Audit Response Reputational/Brand Risk 9.1% 8.9% 8.7% Return on Investment (ROI) 5.5% Other 3.8% Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017 n = 495 Percent of Sample 13

14 INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017 User Behavior 34.1% Organizational Politics/Lack of Attention to Information Security 21.0% Staffing Information Security 20.6% Lack of Budget 20.4% Top Security Pain Points Information Security Respondents Q1. What are your organization s top information security pain points? Please select up to three. Security Awareness Training (Ineffectiveness or Difficulty) Accurate, Timely Monitoring of Security Events Endpoint Security Malicious Software (Malware) Cloud Security Application Security Data Loss/Theft 19.0% 18.4% 17.2% 17.0% 16.6% 16.0% 14.7% Mobile Security 12.1% Ransomware 11.9% Third-Party/Supplier Security 11.7% Keeping Up with New Technology 11.5% Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017 Firewall/Edge Network Security Other 4.6% 9.3% Percent of Sample n =

15 INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017 Metrics To Manage Security Information Security Respondents Q44. Which of the following metrics does your organization use/track for information security staff? Please select all that apply. Security Incidents Resolved Tickets Resolved (e.g., Trouble Tickets ) Audit Issues Resolved Application Availability (e.g., Uptime/Downtime) Project Completion Time to Recovery/Restore from an Outage Lack of Data Breaches 53.0% 47.5% 42.8% 39.0% 44.9% 34.4% 34.2% 34.2% 34.4% 32.3% 31.2% 29.2% 32.4% 28.3% We Don t Use Metrics 21.9% 21.9% Other 2.2% 4.0% Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017 Q (n=837) Q (n=421) Percent of Sample 15

16 Security Analytics Information Security Respondents INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017 Security Analytics Status Key Benefit of Security Analytics Better Able To Detect and Address External Attacks 24.5% In Use 38.7% Better Anomaly Detection on Our Network 23.9% Improved Incident Response/Forensics Evidence Data Capture 14.5% We re Detecting Security Incidents Not Previously Captured 13.8% Planned for the Next 12 Months 34.7% Better Ability To Understand and Respond to Anomalous User Behavior 11.3% Better Able To Detect and Address Internal Attacks 6.3% Not In Plan 26.5% No Benefit 2.5% Other 3.1% Percent of Sample Percent of Sample n = 426 n = 159 Q16. What s the status of the use of security analytics in your information security program? Q17. What has been the key benefit of your use of security analytics? 16 Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017

17 Security analytics dimensions User Data Network Business 17

18 What are CISOs doing about it? Consolidating product portfolios Investing in security analytics Shifting attention to operations 18

19 INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017 Significant Project(s) Driving Additional Demand 49.6% 48.7% Staff Increase Reasons Respondents with Increasing Security Staff New Skills Are Required Overall Business Growth 49.1% 45.1% 44.2% 40.0% Q15. What are the key reasons for increasing information security focused staff? Please select all that apply. IT Organizational Changes (e.g., Restructuring teams) Company Merger/Acquisition 9.0% 7.7% 25.3% 25.1% Information Security Functions being In-Sourced from a Third-Party Provider or Managed Security Service Provider (MSSP) 7.7% 10.5% Other 7.2% 12.3% Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017 Q (n=391) Q (n=195) Percent of Sample 19

20 Thank You! 20

21 Smart Consolidation on the Endpoint Digital Guardian for Data Protection

22 Triad of Roles InfoSec Analyst Incident Responder Threat Hunter 22

23 Triad of Needs Data Response Threat 23

24 Myriad Solutions at the Endpoint 24

25 Myriad Solutions at the Endpoint 25

26 Myriad Solutions at the Endpoint 26

27 WELCOME TO The Convergence of DLP & EDR STOP DATA THEFT From Insiders & Outside Attackers DETECT THREATS Ransomware, Malware and Non-Malware Based 27

28 WELCOME TO The Convergence of DLP & EDR STOP DATA THEFT From Insiders & Outside Attackers DETECT THREATS Ransomware, Malware and Non-Malware Based 28

29 WELCOME TO The Convergence of DLP & EDR STOP DATA THEFT From Insiders & Outside Attackers DETECT THREATS Ransomware, Malware and Non-Malware Based 29

30 The Digital Guardian Data Protection Platform SOLUTIONS Data Classifica7on Data Discovery Data Loss Preven7on Cloud Data Protec7on Endpoint Detec7on & Response DIGITAL GUARDIAN PLATFORM DG Management Console DG Agent(s) DG Appliance DG Analy7cs & Repor7ng Cloud Confidential 30

31 Visibility to All Threats One Console Endpoint Storage Cloud Network 31

32 Visibility to All Threats One Console Endpoint Data Events Storage User Events Cloud System Events Network 32

33 Visibility to All Threats One Console Endpoint Data Events Storage User Events Cloud Network System Events Combining system, user and data insights provides the visibility to protect against ALL THREATS. 33

34 Enable Your Security Team 34

35 Enable Your InfoSec Analysts 35

36 Enable Your Incident Responders 36

37 Enable Your Threat Hunters 37

38 So What? 38

39 Enable Business Growth 39

40 Questions 40

41 Register today for our upcoming webinar: Insights from the Gartner 2017 Magic Quadrant for Enterprise DLP October 26, PM ET 41