IT Security Mandatory Solutions Andris Soroka 2nd of July, 2014 @LPS, RIGA
Data Security Solutions business card Specialization IT Security IT Security services (consulting, audit, pen-testing, market analysis, system testing and integration, training and technical support) Solutions and experience portfolio with more than 20 different technologies cyber-security global market leaders from more than 10 countries Trusted services provider for banks, insurance companies, government and private companies (critical infrastructure etc.)
Role of DSS in Cyber-security Development in Baltics Cyber-Security Awareness Raising Technology and knowledge transfer Most Innovative Portfolio Trusted Advisor to its Customers
Innovative Technology Transfer Number of unique projects done with different technology global leadership vendors Knowledge transfer (own employees, customers both from private & public, other IT companies in LV, EE, LT) Specialization areas include: Endpoint Security Network Security Security Management Application Security Mobile Security Data Security Cyber-security Security Intelligence Innovations technology & knowledge transfer
Cybersecurity Awareness Raising Own organized conference DSS ITSEC 5 th annual event this year (30.10.2014, RIGA) More than 400 visitors + more than 250 online live streaming watchers from LV, EE, LT 4 parallel sessions with more than 40 international speakers, including Microsoft, Oracle, Symantec, IBM, Samsung and many more everything free of charge (EVENT.DSS.LV) Participation in other events & sponsorship CERT & ISACA conferences & events RIGA COMM, HeadLight, IBM Pulse Las Vegas Roadshows and events in Latvia / Lithuania / Estonia (f.i. Vilnius Innovation Forum, Devcon, ITSEC HeadLight, business associations, VAD s) Participation in cyber security discussions, preparations, seminaries, publications etc. strategy
Welcome & lets make Baltics more safe place
Innovations in IT Security for You Security Intelligence Log Management Security Information & Events Management (SIEM) Risk Management Vulnerability Management Network Forensics Mobile Security Mobile Device Management Mobile Content Management Mobile Applications Management Secure Calls & SMS Secure file sharing and data synchronization Various Security Wireless Intrusion Prevention, DDoS & SSL DDoS protection Encryption and data leakage prevention Authentication, authorization, audit and so on
Innovations in IT Security for You What is Security Intelligence? Security Intelligence {noun \si-ˈkyu r-ə-tē in-ˈte-lə-jən(t)s\} 1. A methodology of analyzing millions and billions of security, network and application records across the organization s entire network in order to gain insight into what is actually happening in that digital world. 2. The process of combining internal, locally collected security data with external intelligence feeds and the application of correlation rules to reduce huge volumes of data into a handful of high probability offense records requiring immediate investigation to prevent or minimize the impact of security incidents Delivers actionable, comprehensive insight for managing risks, combatting threats, and meeting compliance mandates.
Innovations in IT Security for You Evolving along with changing threat landscape Logs Events Alerts Configuration information Then: Collection Log collection Signature-based detection System audit trails Network flows and anomalies External threat feeds Business process data Identity context E-mail and social activity Malware information Now: Intelligence Real-time monitoring Context-aware anomaly detection Automated correlation and analytics
Extensive Data Sources Innovations in IT Security for You Massive data gathering allows embedded intelligence to automatically detect anomalous conditions Security devices Servers and mainframes Network and virtual activity Data activity Application activity Configuration information Vulnerabilities and threats Users and identities Global threat intelligence Automated Offense Identification Massive data reduction Automated data collection, asset discovery and profiling Automated, real-time, and integrated analytics Activity baselining and anomaly detection Out-of-the box rules and templates Embedded Intelligence Prioritized Incidents Suspected Incidents
Innovations in IT Security for You Single web-based console provides superior visibility Log Management Security Intelligence Network Activity Monitoring Risk Management Vulnerability Management Network Forensics
Innovations in IT Security for You
Innovations in IT Security for You
Innovations in IT Security for You
Innovations in IT Security for You As mobile grows, so do security threats In 2014 the number of cell phones (7.3 billion) will exceed the number of people on the planet (7 billion). 1 Mobile downloads will increase to 108 billion by 2017. 2 Mobile malware is growing. Malicious code is infecting more than 11.6 million mobile devices at any given time. 3 Mobile devices and the apps we rely on are under attack. 90% of the top mobile apps have been hacked. 4
Innovations in IT Security for You
Innovations in IT Security for You 1 Configure securely 6 Monitor risk Email and apps Policy and identity Connectivity (Wi-Fi, VPN) By group, individual, or ownership 5 Manage inventory 7 Control access 8 Enforce identity Security 2 Integrate tightly 9 Automate workflow Email AD/LDAP Certificates BES Across OS For apps and devices For BYOD and corporate programs 10 Access and protect docs Docs 3 Protect privacy BYOD programs Regional regulations 11 12 Deliver apps at scale Protect app container 4 Roll out at scale 13 Tunnel app data Apps Group-based User self-service Multi-tier management 15 Wipe corporate data 14 Limit roaming costs
Our portfolio is most innovative in Baltics!
Some just basic ideas
Think security first www.dss.lv andris@dss.lv +371 29162784
Think security first