CIO Perspectives on Security

Fabrício Brasileiro

Regional Sales Manager

Key Perspectives

2 | ©2014, Palo Alto Networks. Confidential and Proprietary.

Think Strategically about Security

Safely Enable the Business – Safe Enablement

Apply Innovative Thinking to Security Challenges

3 | ©2014, Palo Alto Networks. Confidential and Proprietary.

Table of Contents

CIO Perspectives on Security

Changing IT and CIO Role

Good/Bad News Story

Rethinking Security Strategically

CIO Considerations for the Future

1

2

3

4

BusinessOpportunities

SecurityRisks

SaaS

Mobility + BYOD

Social + Consumerization

Cloud + Virtualization

Opportunity or Challenge?

IT Must be a Strategic Business Enabler

The Role of IT and the CIO is Changing

4 | ©2014, Palo Alto Networks. Confidential and Proprietary.

Tectonic Shifts in BusinessGive Rise to a New Era ofAdvanced Cyber Threats

Emerging CIO Priorities – Are You Prepared?

5 | ©2014, Palo Alto Networks. Confidential and Proprietary.

Service/Performance

Traditional Emerging Priorities

Cloud/Disintermediation

Secure Cloud

Visibility –Network and Data

Zero Trust Model

Disruptive“Kill Chain” Solutions

Close Monitoringand Analytics

Perimeter Security

Application Proliferation

Uncontrolled Data Movement

Data Center andEndpoint Security

Ineffective Endpoint andSilo’d Network Protection

6 | ©2014, Palo Alto Networks. Confidential and Proprietary.

Table of Contents

CIO Perspectives on Security

Changing IT and CIO Role

Good/Bad News Story

Rethinking Security Strategically

CIO Considerations for the Future

1

2

3

4

Good News

7 | ©2014, Palo Alto Networks. Confidential and Proprietary.

The Basics Are Still Critically Important

Governance SecurityFrameworks Policies Standards

Risk andCompliance

Management

Identityand Access

SSO StrongPassword

Multi-FactorAuthentication Certificates

DataProtection

Encryption KeyManagement

Data LeakProtection

Backupand Archive

Logging andMonitoring

Audit Logs Measurements Correlation Retention

Bad News – Line of Security Products

Anti-APT forPort 80 APTs

Anti-APT forPort 25 APTs

Endpoint AV

DNS Protection Cloud

Network AV

DNS Protection forOutbound DNS

Anti-APT Cloud

Internet

Enterprise Network

UTM/Blades

DNS AlertEndpoint AlertWeb AlertSMTP AlertSMTP AlertSMTP AlertSMTP AlertWeb AlertDNS AlertDNS AlertSMTP AlertAPTWeb Alert Web AlertAV AlertAV AlertWeb AlertDNS AlertSMTP AlertEndpoint Alert

Lacks Integration Alert Overload Manual Response

Vendor 1

Vendor 2InternetConnection

MalwareIntelligence

Vendor 3

Vendor 4

Limited Visibility

AV – Anti Virus APT – Advanced Persistent ThreatUTM – Unified Threat Manager

Failing Security Architectures Provide a False Sense of Security

8 | ©2014, Palo Alto Networks. Confidential and Proprietary.

9 | ©2014, Palo Alto Networks. Confidential and Proprietary.

Table of Contents

CIO Perspectives on Security

Changing IT and CIO Role

Good/Bad News Story

Rethinking Security Strategically

CIO Considerations for the Future

1

2

3

4

New Strategic Approaches to Security Are Needed

10 | ©2014, Palo Alto Networks. Confidential and Proprietary.

Security Organizations Are Not Innovating Fast Enough

Existing controls ineffective against new threats

Controls not evolving fast enough

Attackers Are Innovating Faster

Sophistication of global attackers Increasing value of information Easier targets

Vulnerability Gap Continues to Widen

Goal: reduce threat exposure by strengthening controls

Requirements for the Future

At theInternet Edge

Between Employees and Devices within

the LAN

At theData Center

Edge and between VMs

At theMobile Device

Cloud

Within Private,Public and

Hybrid Clouds

Detect AND Prevent Threats at EveryPoint Across the Organization

Prevent attacks, both known and unknown Protect all users and applications, in the cloud or virtualized Integrate network and endpoint security Analytics that correlate across the cloud

11 | ©2014, Palo Alto Networks. Confidential and Proprietary.

Increase Visibility and Reduce Breach Landscape

Identify and define legitimate use with leadership

Align security policies with those legit government and business uses

Isolate critical internal applications

Determine policies that protect cloud and VM use cases

Tie applications to users/groups

Allow Relevant ApplicationsMonitor Dangerous ApplicationsBlock Unwanted Applications

1

Eliminate Known Threats2

Eliminate Unknown Threats3

Focus on Relevant4

12 | ©2014, Palo Alto Networks. Confidential and Proprietary.

344 KB

172.16.1.10

source IP

64.81.2.23destination IP

tcp/443destination port

file-sharingURL category

pdffile type

roadmap.pdffile name

bjacobsuser

prodmgmtgroup

canadadestination

country

SSLprotocol

HTTPprotocol

slideshareapplication

slideshare-uploadingapplication function

Complete Context Means Tighter Security Policies

13 | © 2015, Palo Alto Networks. Confidential and Proprietary.

bjacobsuser

slideshare-uploadingapplication function

slideshareapplication

14 | ©2014, Palo Alto Networks. Confidential and Proprietary.

Table of Contents

CIO Perspectives on Security

Changing IT and CIO Role

Good/Bad News Story

Rethinking Security Strategically

CIO Considerations for the Future

1

2

3

4

The Future of Cyber Security

Visibility and inspection across entire network and into “the cloud”

Network-segmentation and micro-segmentation

Advanced security that prevents indicators of threats and kill chain in their tracks

Mobile and BYOD security

Internet of things and embedded device endpoint security

Advanced analytics and Big Data for security analytics

Interpol-like exchanges for sharing advanced threats and campaign intelligence

15 | ©2014, Palo Alto Networks. Confidential and Proprietary.

16 | ©2014, Palo Alto Networks. Confidential and Proprietary.