1 / 21

Big Data Meets Security :

Big Data Meets Security :. Taking an Intelligence-driven Security Approach. Eric Thompson IT Threat Strategist, RSA. BILLIONS OF USERS. MILLIONS OF APPS. 3 RD PLATFORM. 2010 . Mobile Cloud Big Data Social Mobile Devices. HUNDREDS OF MILLIONS OF USERS. TENS OF THOUSANDS

steffi
Download Presentation

Big Data Meets Security :

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Big Data Meets Security: Taking an Intelligence-driven Security Approach Eric Thompson IT Threat Strategist, RSA

  2. BILLIONS OF USERS MILLIONS OF APPS 3RD PLATFORM 2010 Mobile Cloud Big Data SocialMobile Devices HUNDREDS OF MILLIONS OF USERS TENS OF THOUSANDS OF APPS 2ND PLATFORM 1990 MILLIONS OF USERS THOUSANDS OF APPS LAN/Internet Client/ServerPC 1ST PLATFORM 1970 Mainframe, Mini Computer Terminals Source: IDC, 2012

  3. BILLIONS OF USERS MILLIONS OF APPS 2007 2013 2020 3RD PLATFORM Mobile Cloud Big Data SocialMobile Devices Source: IDC, 2012

  4. Attack Surface Big Data Apps Everywhere! Web Front Ended apps There’s an “app” for that 2007 2013 2020 Apps

  5. Attack Surface 40-60? 2 ¼ ZETTABYTES ZETTABYTES ZETTABYTE 2007 2013 2020 Digital Content  Exposure Reference: 1000 Terabytes = 1 Petabyte 1000 Petabytes = 1 Exabyte 1000 Exabytes = 1 Zettabyte 1000 Zettabytes = 1 Yottabyte

  6. Attack Surface Not just PCs Not justmobile devices Smartphones Mobile Ubiquity smartphone/tablet Internetof things 2007 2013 2020 Devices

  7. Attack Surface Porousnumerous portals, web based ERP and CRM Invertedno real perimeter in age of mobility and cloud Virtualno control over physical infrastructure 2007 2013 2020 Perimeter

  8. Attack Surface Total Commercialization of social media: absence of privacy MySpace Focus onmonetizing 2007 2013 2020 Social Media

  9. Threat Environment Complex Intrusion Attacks, Credential Harvesting, Man-in-the Middle DisruptiveAttacks, cross-channel, device hijacking Destructive Attacks 2007 2013 2020 Threats

  10. Intelligence-Driven Security Risk-based, contextual, and agile Risk Intelligencethorough understandingof risk to prioritize activity Adaptive Controlsadjusted dynamically basedon risk and threat level Advanced Analyticsprovide context and visibility to detect threats Information Sharingactionable intel from trusted sources

  11. Intelligence-Driven Security Model Reactive Intelligence-Driven Historical New • Cross-functional roles • Social engineers, data scientists and business analysts • Shared responsibility (not accountability) • Traditional Roles • Computer Scientists • Silos of responsibility People

  12. Intelligence-Driven Security Model Reactive Intelligence-Driven Historical New • Continuous monitoring and improvement • Rapid/agile delivery • Cross-functional / interactive governance • Static policy/procedures • Traditional delivery cycles • Siloed governance Process

  13. Intelligence-Driven Security Model Reactive Intelligence-Driven Historical New • Risk / Context-based • Dynamic/flexible controls across IT systems • Real-time actionable intelligence • Intelligence must include session, network, external • Perimeter-based • Static controls deployed in silos • Ad hoc/limited threat intelligence Technology

  14. Intelligence-Driven Security Model Monitoring 15% Monitoring 15% Response 5% Response 5% Monitoring 33% Response 33% Prevention 80% Prevention 80% Prevention 33% Intelligence-DrivenSecurity Today’sPriorities Resources

  15. New Security Model – Keys to success Be passionate about your vision for the future Prioritize early wins and ‘no regret’ moves Understand your stakeholders – their position and influence Foster a learning environment Big Data Transforms Security

  16. Security Analytics Logs Packets Enrichment Data EUROPE Incident Management THE ANALYTICS Reporting and Alerting Complex Event Processing NORTH AMERICA Investigation Free Text Speech Asset Criticality SECURITY ANALYTICS ARCHER DISTRIBUTED COLLECTION eGRC SUITE Malware Analytics Correlation Metadata Tagging Administration ASIA Compliance REAL-TIME WAREHOUSE LONG-TERM LIVE INTELLIGENCE Threat Intelligence – Rules – Parsers – Alerts – Feeds – Apps – Directory Services – Reports and Custom Actions

  17. Adaptive & Risk-Based Authentication Two-Factor High Risk Risk Engine ChallengeQ Out OfBand Step Up Authentication User Action Fraud Network Device Profile Proceed As Normal User Behavior Profile Big DataRisk Repository

  18. Adaptive & Risk-Based Authentication Two-Factor Risk Engine Download Sales Pipeline Read Email Private Cloud AdditionalAuthentication AUTHENTICATIONMANAGER & SECURID ADAPTIVEAUTHENTICATION Username &Password User Action Out OfBand Fraud Network Device Profile User Behavior Profile Public Cloud TransferFunds Access Bank Account ChallengeQ Big DataRisk Repository Additional Authentication Username &Password

  19. Identity Protection and Verification Reduce fraud, cyber attacks, identity thefts, & account takeovers Mitigate impact of trojan, phishing, pharming attacks Protect against web application fraud and abuse FRAUDACTION Gain intelligence into the latest external threats ADAPTIVEAUTHENTICATION SILVER TAIL

  20. Governance Risk and Compliance Set Policy ARCHER eGRC SUITE Manage Policy Measure & ReportOn Compliance

More Related