Download
1 / 34

Data protection in the “new threat” age - PowerPoint PPT Presentation


  • 48 Views
  • Uploaded on

Data protection in the “new threat” age. John Kindervag, Principal Analyst. 21 June 2013. Agenda. Threats are mutating and ubiquitous Targeting Data Understanding APT Can DLP save the day ? Rethinking DLP Summary. Agenda. Threats are mutating and ubiquitous Targeting Data

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Data protection in the “new threat” age' - kita


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Data protection in the new threat age
Data protection in the “new threat” age

John Kindervag, Principal Analyst

21 June 2013


Agenda
Agenda

  • Threats are mutating and ubiquitous

  • Targeting Data

  • Understanding APT

  • Can DLP save the day?

  • Rethinking DLP

  • Summary


Agenda1
Agenda

  • Threats are mutating and ubiquitous

  • Targeting Data

  • Understanding APT

  • Can DLP save the day?

  • Rethinking DLP

  • Summary


The mutating threat landscape
The MutatingThreat Landscape

Hacktivism

Blended

Surgical

Cooperative

Devastating

The tool box

Strategic Assets

Organized Groups


The times they are a changin
The Times They Are a-Changin'

Mobility

Cloud Adoption

Advanced Threats


Web 2 0 adds new security challenges
Web 2.0 adds new security challenges

Attack surface is expanding.

Other measures must augment site reputation

Users are behaving carelessly.



Web 2 0 security concerns

Immediate threat is to end-users

Potential to infect or disrupt the corporate network

Browser-based attacks

Clickjacking

Cross Site Request Forgery

Greater Potential Data Leakage

User blogs

Social Networks

Web 2.0 Security Concerns


Agenda2
Agenda

  • Threats are mutating and ubiquitous

  • Targeting Data

  • Understanding APT

  • Can DLP save the day?

  • Rethinking DLP

  • Summary



I need RDP UK US Germany To buy NOW VIA WMZ wana buy 9

Selling (Worldwide Cvvs, Worldwide Fullz, UK, Usa Logins Worldwide Dumps, UK, UsaPaypal, Ebay Accounts...)

GOOD OFFER SELLING hacked RDP GURANTED 24HOURS UP TIME ONLY 10$

Selling fresh verginwordwidecvv


Two types of data
Two types of data

1

  • Data that someone wants to steal

2

  • Everything else

. . . they won’t steal it.


Remember the four p s

PCI

PHI

PII

IP

Remember the four P’s

75% of DLP Use Cases

3P + IP = TD


Data security and control framework
Data Security And Control Framework

Source: January 2012 “The Future Of Data Security And Privacy: Controlling Big Data”


Agenda3
Agenda

  • Threats are mutating and ubiquitous

  • Breaches happen

  • Understanding APT

  • Can DLP save the day?

  • Rethinking DLP

  • Summary



Advanced

Persistent

Threat


Apt what is it

Advanced – attack methodologies are complex and hard to detect.

Stuxnet = $100 Million to create and deploy

Often a large team sponsored by a nation state

Persistent – attacker is patient and will not give up. Thwarted attack vectors lead to new avenues of attack.

Advanced malware and 0-Day attacks may be used but do not equal an APT

APT is about Objectives

APT – What is it?


Frequency of data breaches
Frequency of data breaches detect.

25% of companies have experienced a breach during the last 12 months that they know of

Base: 1319 IT security decision-makers; Source: Forrsights Security Survey, Q3 2012


Breaches happen
Breaches Happen detect.

“How many times do you estimate that your firm's sensitive data was potentially compromised or breached in the past 12 months?"

Base = 1,319 North American and European enterprise security decision-makers responsible for network or data security at companies that have had a breach in the past 12 months

Source: Forrsights Security Survey, Q2 2012


Agenda4
Agenda detect.

  • Threats are mutating and ubiquitous

  • Breaches happen

  • Understanding APT

  • Can DLP save the day?

  • Rethinking DLP

  • Summary


Input metrics are ineffective

AV Catch Rate detect.

Patch Status

Device Access (NAC)

Malware Sandboxing

Input Metrics are Ineffective


Effective metrics

Has your networks or systems been infiltrated by malicious actors? (Intrusion)

Has your toxic data been exfiltrated from your networks or systems into the hands of malicious actors? (Breach)

Situational Awareness

Effective Metrics

Output Metrics


Agenda5
Agenda actors? (Intrusion)

  • Threats are mutating and ubiquitous

  • Breaches happen

  • Security Priorities and Trends

  • Can DLP save the day?

  • Rethinking DLP

  • Summary


Enterprise dlp adoption is low
Enterprise DLP Adoption is actors? (Intrusion)low

“What are your firm’s plans to adopt the following email security and web security technologies?

Advanced content-based email filtering (DLP technologies)"

Base = 1,293 North American and European IT security decision-makers

Source: Forrsights Security Survey, Q2 2012


Forrester has defined five types of dlp

Endpoint actors? (Intrusion)

Email

Web

Network/NAV

Gateway

Forrester has defined five types of DLP


Forrester s dlp maturity grid
Forrester’s DLP Maturity Grid actors? (Intrusion)

DLP is a feature, not a product


The Maturity Grid breaks DLP up into 25 distinct and manageable projects.

More Mature

Less Mature



More Mature manageable projects.

Less Mature


Agenda6
Agenda manageable projects.

  • Threats are mutating and ubiquitous

  • Breaches happen

  • Security Priorities and Trends

  • Can DLP save the day?

  • Rethinking DLP

  • Summary


Summary

Threats are constantly changing manageable projects.

New threats will target everything

Effective security will be as much about the process as the product

Focus on Data Exfiltration and Output Metrics

Summary


Thank you

Thank you manageable projects.

John Kindervag

+1 469.221.5372

[email protected]

Twitter: @Kindervag

www.forrester.com


ad