Security Challenges and

Similar documents
How a Programmable Network and SDN Help Solve Critical Security Infrastructure Requirements

Cisco Cyber Range. Paul Qiu Senior Solutions Architect

Intelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales

locuz.com SOC Services

The Internet of Everything is changing Everything

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

A New Security Model for the IoE World. Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Cybersecurity Roadmap: Global Healthcare Security Architecture

First Look Showcase. Expanding our prevention, detection and response solutions. Sumedh Thakar Chief Product Officer, Qualys, Inc.

2017 Annual Meeting of Members and Board of Directors Meeting

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group

Cisco Cyber Range. Paul Qiu Senior Solutions Architect June 2016

Agile Security Solutions

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

A Methodology to Build Lasting, Intelligent Cybersecurity Programs

First Look Showcase. Expanding our prevention, detection and response solutions. Marco Rottigni Chief Technical Security Officer, Qualys, Inc.

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

RiskSense Attack Surface Validation for IoT Systems

Cisco Firepower NGFW. Anticipate, block, and respond to threats

RSA NetWitness Suite Respond in Minutes, Not Months

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

Cybersecurity for Service Providers

Best Practices in Securing a Multicloud World

Threat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

ForeScout Extended Module for Splunk

Continuous protection to reduce risk and maintain production availability

Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

CCISO Blueprint v1. EC-Council

From Managed Security Services to the next evolution of CyberSoc Services

Designing and Building a Cybersecurity Program

Securing Digital Transformation

Snort: The World s Most Widely Deployed IPS Technology

CYBER RISK MANAGEMENT: ADDRESSING THE CHALLENGE SIMON CRUMPLIN, FOUNDER & CEO

WHITE PAPER. Operationalizing Threat Intelligence Data: The Problems of Relevance and Scale

THE ACCENTURE CYBER DEFENSE SOLUTION

DFARS Compliance. SLAIT Consulting SECURITY SERVICES. Mike D Arezzo Director of Security Services. SLAITCONSULTING.com

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

How Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity

SIEM Solutions from McAfee

Data Management and Security in the GDPR Era

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

Pervasive Security Accelerator

Cisco Advanced Malware Protection. May 2016

Business Strategy Theatre

A Risk Management Platform

EMERGING THREATS & STRATEGIES FOR DEFENSE. Paul Fletcher Cyber Security

Challenges 3. HAWK Introduction 4. Key Benefits 6. About Gavin Technologies 7. Our Security Practice 8. Security Services Approach 9

AT&T Endpoint Security

Ο ρόλος της τεχνολογίας στο ταξίδι της συμμόρφωσης με τον Γενικό Κανονισμό. Αντιγόνη Παπανικολάου & Νίκος Αναστόπουλος

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

to protect the well-being of citizens. Fairfax is also home to some Fortune 500 and large

8 Must Have. Features for Risk-Based Vulnerability Management and More

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

Operationalizing the Three Principles of Advanced Threat Detection

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

HOSTED SECURITY SERVICES

Transforming IT: From Silos To Services

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

Transforming Security from Defense in Depth to Comprehensive Security Assurance

McAfee epolicy Orchestrator

Build a Software-Defined Network to Defend your Business

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

Intelligent and Secure Network

KEDAYAM A KAAPAGAM MANAGED SECURITY SERVICES. Kaapagam Technologies Sdn. Bhd. ( T)

How to manage evolving threats on evolving ICT assets across Enterprise

Video-Aware Networking: Automating Networks and Applications to Simplify the Future of Video

Protecting Against Online Fraud. F5 EMEA Webinar August 2014

GDPR: An Opportunity to Transform Your Security Operations

One Management Realized, with Cisco Prime Infrastructure Manage Complexity. Manage Effectively. Manage Intelligently. Closing

Unlocking the Power of the Cloud

Application Security at Scale

HOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS

align security instill confidence

FOUR WAYS TO IMPROVE ENDPOINT SECURITY: MOVING BEYOND TRADITIONAL APPROACHES

Department of Management Services REQUEST FOR INFORMATION

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

deep (i) the most advanced solution for managed security services

K12 Cybersecurity Roadmap

Compare Security Analytics Solutions

FFIEC Cyber Security Assessment Tool. Overview and Key Considerations

Surprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS

NEXT GENERATION SECURITY OPERATIONS CENTER

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

REAL-WORLD STRATEGIES FOR MEDICAL DEVICE SECURITY

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

Application Security. Rafal Chrusciel Senior Security Operations Analyst, F5 Networks

Security+ SY0-501 Study Guide Table of Contents

ARC VIEW. Critical Industries Need Continuous ICS Security Monitoring. Keywords. Summary. By Sid Snitkin

Transcription:

Security Challenges and Opportunities for IoE Becoming an IoE Ready Organization Steve Martino, Chief Information Security Officer, Cisco Lokesh Sisodiya, President, ISC2, East Bay Chapter Cisco Public 1

Agenda IoE Our View Enablers Challenges Meeting the Challenges Opportunities Resources Cisco Public 2

IoE Connecting People, Process, Data and Things People - Connecting people in more relevant, valuable ways. Process Delivering the right information to the right person/machine at the right time. Data Converting data into intelligence to make better and quicker decisions. Things - Physical devices and objects connected to the Internet and each other for intelligent decision making; often called Internet of Things (IoT). Making the world more connected, more relevant and valuable than ever before. Cisco Public 3

Key Enablers for IoE IPv6 Addressing Space Scales our addressing capabilities from < 4billion to 3.4 x 10 33 Wireless technology advances Smaller, longer battery life Faster and more scalable 802.11ac Explosion of cloud providers and business models Advancements in Big Data Analytics Industry demand Cisco Public 4

Almost everything that can be used for good can also be used for bad. Michele and others Cisco Public 5

Cisco Public 6

Some Facts to Add to the Challenges Security Postures Lagging Attack Surface Exponential Growth Unparalleled Data Accessibility Clouds, Clouds, and Cloud of Clouds Cloud of Clouds Private Cloud Public Cloud Most organizations still struggle with basic block & tackle. The average number of security vendor products use is > 40. BYOD was just the beginning Hacking & malware still top for breach methods. Billions of new devices Embedded systems, sensor, wearables IP & non-ip Pivot attacks on the rise. 4 Exabytes of data in 2012 alone. 12 billion connected devices. 77+ billion apps in 2014. In 2017 Data Center hosted data will be 7.7 ZetaBytes Explosive growth in the variety and number of Cloud vendors offerings. 64% of data will be in the Cloud (UP from 40% in 2012); Increase in rogue cloud deployments. Lack of visibility into the cloud. Cisco Public 7

Rising to the Challenge Cisco Public 8

Cisco Public 9

Optimal Link in the Kill Chain Attack Continuum BEFORE Discover Enforce Harden DURING Detect Block Defend AFTER Scope Contain Remediate Recon Deliver Control Maintain The Kill Chain Weaponize Exploit Execute Cisco Public 10

A Day of Defending Cisco 14 billion NetFlows 4.7 billion DNS records 2 billion system events 6 million web transactions/day with about 143K blocked automatically (WSA) 5.4 million emails inspected, 4.1 million blocked 27TB traffic inspected equivalent to 2.2K hours of blu-ray video per day. 1.2 trillion events throughout network Cisco Public 11

Definition and Vision Key Pillars for Adapting our Strategy to Meet Needs of IoE Expert in Block & Tackle the foundation Minimize attack surface get to 100% visibility Manage and control our data know your data Adapt our cloud engagement and support model shared services, not duplicate services Achieve pervasive identity based policy (4W1H) Cisco Public 12

Better, Faster, More Agile Block & Tackle Cisco Public 13

Know Your Basics & Your Gaps IT Security Architecture Bundle Governance Identity & Access Trusted Device Data Security Detect & Contain Architecture led planning Understand posture gaps Focus on most critical areas & prioritize Secure Development Lifecycle with threat modeling Two foundational Game Changers Operationalization of 20 Critical Controls Cisco Public 14

Expanding Accountability in IT - Service Security Primes 1 or more Primes Service Executive CSO of the Service Single point of accountability Increase communication and awareness around security. Visibility with Service Exec thru Unified Security Metrics Security SMEs Service Owner Security architecture reviews Trusted advisors Service Security Prime Establishes security technology baselines Formal approval for exceptions Establishes corporate security policies and guidelines Partner Security Architect Infosec Team Cisco Public 15

Expanding Visibility - Unified Security Metrics IT Service Owners and Security Primes IT Service Executives Service Review Service Security Score Cards, Pending Mitigation Vulnerability-Performance Metric and Trending, Top 10 Vs. Bottom 10 Performance Metric ( Aging ) and Trending Ensuring Consistency Across All Reporting Areas Cisco Public 16

Operationalization of 20 Critical Controls Be sufficient in all 20 controls in Production & Extranet network Be sufficient in most critical controls across labs, engineering, and other non-it Add compensating controls where culturally not appropriate Measure posture of acquisitions using 20 controls Automate Metric & Test portion of controls Self reporting when something goes wrong Score twice a year and report metrics Incorporate into Unified Security Metrics Cisco Public 17

Minimize the Attack Surface Cisco Public 18

Definition and Vision Keys to Minimizing Attack Surface Trustworthy Products Full embodiment of Trusted Device Policy and technology to back it up Pervasive ISE with differentiated access Mature behavioral based anomaly detection Decrease Mean Time to Detect and Mean Time to Contain Instrument the network Fireamp, NGIPS, Netflow everywhere Segment the network control zones, security group tags, dataaware Cisco Public 19

Moving Towards 100% Protection of Assets 5% Security Challenges Managed/Unmanaged Desktops Spam/Malware DDoS Compromised Hosts Remotely Controlled Rapidly Changing Environment 95% 95% Foundational Solutions Anti-virus Firewalls IDS/IPS IronPort WSA/ESA Network Segmentation Log Capture/Analysis Incident Response Team Cisco Public 20

We Must Achieve Near 100% Protection of Assets Advanced Threats Targeted Spear Phishing Trojans Watering Hole Attacks Social Networking Attacks Nation State Attacks Security Challenges Managed/Unmanaged Desktops Spam/Malware DDoS Compromised Hosts Remotely Controlled Rapidly Changing Environment 5% 95% Evolving Solutions Expanded Data Collection Netflow, IP-Attribution, DNS Big Data Analysis & Playbooks DNS/RPZ, Quarantine On-line Host Based Forensics Threat/Situational Awareness Dedicated APT Team Foundational Solutions Anti-virus Firewalls IDS/IPS IronPort WSA/ESA Network Segmentation Log Capture/Analysis Incident Response Team Cisco Public 21

Manage & Control Data Cisco Public 22

Data Security Governance Strategy Govern the data Laws, contracts, and policies impose requirements on the data Roles, responsibilities, ownership, etc. sets the accountability Training, awareness, and metrics to manage behavior Govern the Data Secure Foundation Protect the Data Protect the data Manage use of data throughout the life cycle (i.e. collection disposal) Access and rights management Incubate data-level security solutions Go Broader Securing the foundation System / Application / Data security Monitoring and response Risk management Go Deeper Cisco Public 23

Data Security Framework The Holy Grail Data inventory Data retention Data Policy Library Tagging / Classifying Data import /export Data destruction Contextual Discovery Data Erasure Access management Data Privacy Masking / Encryption Access Rights Cntrl Rights management Data Backup Data Loss Prevention Secure development Secure operations API & SDKs App / Svc Catalog Hardening Threat modeling Vulnerability Scanners Patching Forensics Compliance monitoring Forensic Capabilities Data Loss Detection Investigations Security monitoring Event Monitoring Remediation Third party security Threat mining Policy Engine Big Data Analytics Behavior analysis Context Awareness Governance (Policy & People) Laws and Regulation Principles and Policy Authority Ownership Third Party Training & Awareness Secure Design Metrics 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 24

Adapt & Mature Cloud Engagement Models Cisco Public 25

Scaling Cloud Engagements Governance & Remediation Assessment Questionnaires Architecture Engagement Process Terms of Use Compliance Security Architecture Architecture Guiding Principles Assessment & Design Reviews Baseline Compliance Criteria Monitoring and Incident Response Logging & Monitoring Strategy Event Analysis Incident Response Vulnerability Management & Remediation Scanning methodology Pen Testing Methodology Remediation Cisco Public 26

Opportunities Cisco Public 27

Cisco Is Becoming an IoE-Ready Organization Maximizing the Networked Connection of our Extended Enterprise its People, Process, Data, and Things Adaptive Technology: Cisco IT s Internet of Everything Vision Combine the power of big data, analytics, distributed processing, and network innovation: to simplify operations support to extend and improve security systems in service of speed and effectiveness in the business. Cisco Public 28

Cisco IT IoE Platform Smart Spaces Advanced Threat Defense Killer Apps/Products/Services/Use Cases Event Correlation Intellectual Asset Protection Access Control Monitoring Smart Energy Supply Chain Application Enablement/API/Dev Portals Policy Management Advanced Threat Defense and Risk Mitigation Predictive Analytics Data Science Action Enablement - APIC/SDN Controller Domain Management & Orchestration Business Process Management Business Intelligence Distributed Fast Data Processing Foundational Network IoE Services Cisco Public 29

Key Take Aways Understand the benefits & risks Master the basics block & tackle Increase trust level on all fronts Expand accountability, visibility, knowledge Minimize attack surface Maximize your data management Mature your cloud engagement models Cisco Public 30

Resources & Interesting Reads http://www.cio-today.com/news/internet-devices-lure- Hackers/story.xhtml?story_id=12100B4EOO00 http://newsroom.cisco.com/feature-content?type=webcontent&articleid=1312830 http://www.cisco.com/web/in/about/leadership/cyber_security_ioe.html http://adtmag.com/articles/2014/11/20/iot-security-concerns.aspx?page=2 http://blog.trendmicro.com/internet-everything-requires-attention-old-new-cybersecurity-risks-2/ http://www.simafore.com/blog/bid/207914/data-and-analytics-form-2-of-the-4-key-pieces-ininternet-of-things http://blog.trendmicro.com/road-signs-hacked-ioe-security-takes-center-stage/ http://www.securityweek.com/top-10-things-cybersecurity-professionals-need-know-aboutinternet-everything Cisco Public 31

Thank You Cisco Public 32

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback