1 / 34

Data protection in the “new threat” age

Data protection in the “new threat” age. John Kindervag, Principal Analyst. 21 June 2013. Agenda. Threats are mutating and ubiquitous Targeting Data Understanding APT Can DLP save the day ? Rethinking DLP Summary. Agenda. Threats are mutating and ubiquitous Targeting Data

kita
Download Presentation

Data protection in the “new threat” age

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Data protection in the “new threat” age John Kindervag, Principal Analyst 21 June 2013

  2. Agenda • Threats are mutating and ubiquitous • Targeting Data • Understanding APT • Can DLP save the day? • Rethinking DLP • Summary

  3. Agenda • Threats are mutating and ubiquitous • Targeting Data • Understanding APT • Can DLP save the day? • Rethinking DLP • Summary

  4. The MutatingThreat Landscape Hacktivism Blended Surgical Cooperative Devastating The tool box Strategic Assets Organized Groups

  5. The Times They Are a-Changin' Mobility Cloud Adoption Advanced Threats

  6. Web 2.0 adds new security challenges Attack surface is expanding. Other measures must augment site reputation Users are behaving carelessly.

  7. Users Self-Provision

  8. Immediate threat is to end-users Potential to infect or disrupt the corporate network Browser-based attacks Clickjacking Cross Site Request Forgery Greater Potential Data Leakage User blogs Social Networks Web 2.0 Security Concerns

  9. Agenda • Threats are mutating and ubiquitous • Targeting Data • Understanding APT • Can DLP save the day? • Rethinking DLP • Summary

  10. Data is the new oil

  11. I need RDP UK US Germany To buy NOW VIA WMZ wana buy 9 Selling (Worldwide Cvvs, Worldwide Fullz, UK, Usa Logins Worldwide Dumps, UK, UsaPaypal, Ebay Accounts...) GOOD OFFER SELLING hacked RDP GURANTED 24HOURS UP TIME ONLY 10$ Selling fresh verginwordwidecvv

  12. Two types of data 1 • Data that someone wants to steal 2 • Everything else . . . they won’t steal it.

  13. PCI PHI PII IP Remember the four P’s 75% of DLP Use Cases 3P + IP = TD

  14. Data Security And Control Framework Source: January 2012 “The Future Of Data Security And Privacy: Controlling Big Data”

  15. Agenda • Threats are mutating and ubiquitous • Breaches happen • Understanding APT • Can DLP save the day? • Rethinking DLP • Summary

  16. APT

  17. Advanced Persistent Threat

  18. Advanced – attack methodologies are complex and hard to detect. Stuxnet = $100 Million to create and deploy Often a large team sponsored by a nation state Persistent – attacker is patient and will not give up. Thwarted attack vectors lead to new avenues of attack. Advanced malware and 0-Day attacks may be used but do not equal an APT APT is about Objectives APT – What is it?

  19. Frequency of data breaches 25% of companies have experienced a breach during the last 12 months that they know of Base: 1319 IT security decision-makers; Source: Forrsights Security Survey, Q3 2012

  20. Breaches Happen “How many times do you estimate that your firm's sensitive data was potentially compromised or breached in the past 12 months?" Base = 1,319 North American and European enterprise security decision-makers responsible for network or data security at companies that have had a breach in the past 12 months Source: Forrsights Security Survey, Q2 2012

  21. Agenda • Threats are mutating and ubiquitous • Breaches happen • Understanding APT • Can DLP save the day? • Rethinking DLP • Summary

  22. AV Catch Rate Patch Status Device Access (NAC) Malware Sandboxing Input Metrics are Ineffective

  23. Has your networks or systems been infiltrated by malicious actors? (Intrusion) Has your toxic data been exfiltrated from your networks or systems into the hands of malicious actors? (Breach) Situational Awareness Effective Metrics Output Metrics

  24. Agenda • Threats are mutating and ubiquitous • Breaches happen • Security Priorities and Trends • Can DLP save the day? • Rethinking DLP • Summary

  25. Enterprise DLP Adoption is low “What are your firm’s plans to adopt the following email security and web security technologies? Advanced content-based email filtering (DLP technologies)" Base = 1,293 North American and European IT security decision-makers Source: Forrsights Security Survey, Q2 2012

  26. Endpoint Email Web Network/NAV Gateway Forrester has defined five types of DLP

  27. Forrester’s DLP Maturity Grid DLP is a feature, not a product

  28. The Maturity Grid breaks DLP up into 25 distinct and manageable projects. More Mature Less Mature

  29. Forrester Maturity Level Definitions

  30. More Mature Less Mature

  31. Agenda • Threats are mutating and ubiquitous • Breaches happen • Security Priorities and Trends • Can DLP save the day? • Rethinking DLP • Summary

  32. Threats are constantly changing New threats will target everything Effective security will be as much about the process as the product Focus on Data Exfiltration and Output Metrics Summary

  33. Thank you John Kindervag +1 469.221.5372 jkindervag@forrester.com Twitter: @Kindervag www.forrester.com

More Related