Copyright © 2017 Symantec Corporation 1
NYS Cyber Security Conference
Copyright © 2017 Symantec Corporation 2
ABSTRACT
A Day In The LIFE of Securing Our DATA With over 500 AV/NGAV vendors and tens of thousands of other cyber security companies on the marketplace, figuring out what works is tough. The average company has technologies from over 61 different Cybersecurity companies. How do you future proof the public’s money? The time is past to handle cost and deadline overruns. Budgets are tight and staffing is tighter. Etc…
OutcomeThe state is going through a massive consolidation to include a number of initiatives and technologies. This talk will walk through the life cycle of our most critical assets (data), and explore innovative strategies in which the state could align bothon premise solutions with off premise to extend the protection of data. As a prereq:, Common term to know. CASB –Cloud Access Security
Copyright © 2017 Symantec Corporation 3
GOVERANCE, RISK & COMPLIANCE
SECURE INFORMATION
ACCESS
INFORMATION PROTECTION
INFRASTRUCTURE MANAGEMENT
INFRASTRUCTURE PROTECTION
FIVE KEY SECURITY PILLARS
NEVER BEFORE HAS THE RISK TO INFORMATION BEEN AS GREAT AS IT IS TODAY. CUSTOMER INFORMATION, PATENTS, SOURCE CODE, VENDOR CONTRACTS, EMPLOYEE DATA, MARKET RESEARCH, PRODUCTION
INFORMATION – THE LIST IS ENDLESS – AS DATA QUANTITY GROWS SO TO DO THE RISKS FOR LOSS.
EFFECTIVE SECURITY REQUIRES APPROPRIATE AND UNDERSTANDABLE POLICIES. CREATING A SECURITY-AWARE
CULTURE FOR INTERNAL EMPLOYEES COUPLED WITH APPROPRIATE POLICY CONTROLS ACROSS THE ORGANIZATION.
STRIKING THE RIGHT BALANCE BETWEEN VISIBILITY TO STAKEHOLDERS, SUPPLIERS AND INTERNAL R&D IS VITAL
FOR OPERATIONAL EFFECTIVENESS. TRADITIONAL SYSTEM MANAGEMENT CAPABILITIES TO MITIGATE
VULNERABILITIES WITHIN THE OS, NETWORK AND APPLICATIONS ARE ESSENTIAL.
THE MOST COMPLEX ATTACKS ARE SOME OF THE MOST DIFFICULT TO DISCOVER. EXPLOITING VULNERABILITIES
ACROSS THE ENDPOINT, EMAIL, SERVERS AND THE CLOUD APTS PRESENT A TREMENDOUS THREAT TO EACH STAGE
OF THE BUSINESS LIFE-CYCLE. MULTIPLE LAYERS OF PREVENTATIVE CONTROLS WILL MITIGATE AN ATTACK.
WORK FROM ANYWHERE AND EVERYWHERE, BYOD AND FOLLOW-THE-SUN BUSINESS MODELS HAVE CHANGED
THE WAY THE ORGANIZATION OPERATES. TRUSTED AUTHENTICATION OF YOUR USERS AND THEIR DEVICES ARE
CRITICAL.
Copyright © 2017 Symantec Corporation 4
GOVERNANCE, RISK & COMPLIANCE
FIRST KEY SECURITY PILLAR
EFFECTIVE SECURITY REQUIRES APPROPRIATE AND UNDERSTANDABLE POLICIES. CREATING A SECURITY-AWARE
CULTURE FOR INTERNAL EMPLOYEES COUPLED WITH APPROPRIATE POLICY CONTROLS ACROSS THE ORGANIZATION.
NIST/ Cyber Security Framework Improving Critical Infrastructure Cybersecurity
Executive Order 13636February 2013
Copyright © 2017 Symantec Corporation 5
• Cloud-based control point thatintegrates DLP & Identity across cloud and on-premise
• Ensures identity and data protection for mobile users and cloud apps
• Scan and remediation of data already in cloud apps
STRONG AUTH
ENCRYPTIONDATA LOSS
PREVENTION
VisibilityCompliance
ControlIntelligence
SSO
CLOUD ACCESS SECURITY BROKER
SECOND KEY SECURITY PILLAR
SECURE INFORMATION
ACCESS
WORK FROM ANYWHERE AND EVERYWHERE, CLOUD HOSTED SYSTEMS, BYOD. TRUSTED AUTHENTICATION OF
YOUR USERS AND THEIR DEVICES ARE CRITICAL.
Copyright © 2017 Symantec Corporation 6
INFORMATION PROTECTION
INFRASTRUCTURE MANAGEMENT
INFRASTRUCTURE PROTECTION
REMAINING KEY SECURITY PILLARS
NEVER BEFORE HAS THE RISK TO INFORMATION BEEN AS GREAT AS IT IS TODAY. CUSTOMER INFORMATION, PATENTS, SOURCE CODE, VENDOR CONTRACTS, EMPLOYEE DATA, MARKET RESEARCH, PRODUCTION
INFORMATION – THE LIST IS ENDLESS – AS DATA QUANTITY GROWS SO TO DO THE RISKS FOR LOSS.
STRIKING THE RIGHT BALANCE BETWEEN VISIBILITY TO STAKEHOLDERS, SUPPLIERS AND INTERNAL R&D IS VITAL
FOR OPERATIONAL EFFECTIVENESS. TRADITIONAL SYSTEM MANAGEMENT CAPABILITIES TO MITIGATE
VULNERABILITIES WITHIN THE OS, NETWORK AND APPLICATIONS ARE ESSENTIAL.
THE MOST COMPLEX ATTACKS ARE SOME OF THE MOST DIFFICULT TO DISCOVER. EXPLOITING VULNERABILITIES
ACROSS THE ENDPOINT, EMAIL, SERVERS AND THE CLOUD APTS PRESENT A TREMENDOUS THREAT TO EACH STAGE
OF THE BUSINESS LIFE-CYCLE. MULTIPLE LAYERS OF PREVENTATIVE CONTROLS WILL MITIGATE AN ATTACK.
Copyright © 2017 Symantec Corporation
On-premisesDLP Detection
DLP Enforce Management Server
A Day In The LIFE of Securing Our DATA -SOLVED
Business Problems Solved with CASB: • Shadow IT & Data • Data Security • User Behavior Analytics
Other Integrations
Copyright © 2017 Symantec Corporation 8
GOVERNANCE, RISK & COMPLIANCE
SECURE INFORMATION
ACCESS
INFORMATION PROTECTION
INFRASTRUCTURE MANAGEMENT
INFRASTRUCTURE PROTECTION
SUMMARY AND OTHER CORRESPONDING SYMANTEC SECURITY CONTROLS
U s er Beh av io ra l A n a lys i s Correlate threat patterns
CA S B / E n d p o in t P ro tect io n Identify, manage and protect your endpoints
E m a i l S ecu r i ty. c lo u dStop web-based threats
C A S B/ Web S ecu r i tyStop web-based threats
M a n a ged S ecu r i ty S er v ices Augment in-house operational resources
I n c id ent Res p o n s e Extend your team with our experts
CA S B / T h reat I nte l l i g e n c e S er v ices Arm your team with actionable insights
D ata C enter S ecu r i ty Secure your physical, virtual, private cloud and public cloud workloads
C A S B/ M u l t i - fa c to r a u th ent i cat i o n Strong authentication made easy
CA S B / I d ent i ty M a n a gem ent Enterprise single-sign on
CA S B / D ata L o s s P revent io nTrack and secure your confidential dataC A S B/ E n cryp t io n
Encrypt your data in case it falls into the wrong hands
C A S B/ D ata L o s s P revent io nTrack and secure your confidential data
G RC Po l i cy M a n a gem ent Framework template of policies
G RC S ta n d a rd sAccess organization against compliance
standards