Date post: | 18-Nov-2014 |
Category: |
Technology |
Upload: | cxo-community |
View: | 1,075 times |
Download: | 3 times |
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone
Top Security Trends and Strategies for 2011
John Vecchi
Head of Global Product Marketing
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 2
Top Trends of 2011
Virtualization & Cloud Computing
Threat Landscape
IT Consumerization
Consolidation & Complexity
Data Security and Loss
Web 2.0 & Social Media
Governance, Risk & Compliance (GRC)
Cost Reduction
Green IT
5
4
3
2
1
6
7
8
9
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 3
2011 Security Trends
Virtualization &
Cloud Computing 1
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 4 ©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 4
On Data Center Consolidation
CIOs will virtualize
55% of production
servers next year, up
from 42% this year2
Private cloud1
28% have one 30% plan one
1 Information Week, June 2010 2 Morgan Stanley, June 2010
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 5
Lack of skills in security team 36%
Cost of new information security solutions 28%
Can‟t port existing security tools from physical
to virtual world 26%
Lack of security best practices for server
virtualization 24%
Regulatory compliance issues 24%
Top Security Challenges for Server Virtualization What are the biggest security challenges preventing server virtualization in your
enterprise?
Lack of knowledge
in security teams
remains the
biggest challenge
in moving to
virtualized
environments.
Enterprise Strategy Group
2010 Survey of enterprise decision makers
Enterprise Virtualization Initiatives
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 6
On Cloud Computing
Top concerns with private clouds What are your greatest concerns about deploying and managing them?
Loss of control 80%
Data security 76%
Data portability and ownership 73%
Regulatory compliance 62%
Reliability 60% Morgan Stanley
2010 CIO Cloud Survey
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 7 ©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 7
Enterprise
Mid-market
Small Business
On project list
Top hardware / IT infrastructure priorities Are you considering building an internal or private cloud operated by IT
(not a service provider) in next 12 months?
56% 44%
64% 36%
Not currently planned
Forrester Research
2010 Enterprise and SMB Survey
55% 45%
On Cloud Priorities
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 8
2011 Security Trends
IT Consumerization 2
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 9 ©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 9
Consumers Leading the Enterprise
Consumer
hardware
used for work
Consumer
services
used for work
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 10
Most of the
conversations
I have with Gartner
clients are about how
to securely enable
use of employee-
owned smartphones
and laptops.
John Pescatore
VP Distinguished Analyst
Gartner 2010
On IT Consumerization
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 11
Mobile
Population
Anchored
Desktop
2000 2005 2010
0
100
% P
en
etr
ati
on
80
60
40
20
Enterprise Mobile Device Population Market penetration over time
451 Group
2009/2010
Mobile Workforce Growth
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 12
2011 Security Trends
Threat Landscape 3
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 13 ©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 13
Today’s Threat Landscape
Increasing
Sophistication
Multi-vector
Polymorphic
Blended and
multi-variant
Stuxnet
Aurora Botnets
XSS
Zeus
Trojans
Worms
Crime and Profit-driven
Cyber Crimeware
Financial theft
Intellectual
property
Criminal networks
Cyber-warfare and Hactivists
Cyber-warfare
Iran and Stuxnet
Wikileaks
Cyber „Hactivists‟
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 14
A
DW
AR
E
T
RO
JA
N
E
XP
LO
IT
B
OT
NE
T
S
CA
RE
WA
RE
R
OO
TK
IT
On Top 2010 Threats…
Most prevalent threat types
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 15
On Top 2010 Threats…
“…widely considered the most sophisticated computer threat
created to date…Stuxnet exploited four previously unknown
vulnerabilities, at a time when exploiting a single one is a big deal.” SOFTPEDIA.com 2011
Stuxnet
“Hackers seeking source code from Google, Adobe and others
used nearly 12 pieces of malware and levels of encryption to
burrow deeply into the bowels of company networks…” WIRED 2010
Operation
Aurora
“Zeus…detected only 23 percent of the time…is the No. 1 financial
Trojan—representing 44 percent of all financial malware infections
today.” Darkreading.com 2010
Zeus
Zbot
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 16
Exploits
• 2 un-patched MS vulnerabilities
• 2 undisclosed privilege escalations
• 2 stolen certificates
• SCADA / PLC payloads
Techniques • Anti-Virus evasion techniques
• Peer-2-Peer network
• Command & Control
Architecture • Single File
• File containing all payloads
Anatomy of the Threat
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 17
Infection Statistics
This is not normal
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 18
Introduce Threat to Target
Propagate inside the network
Infect Field PG machines
Mission Objectives:
Goal:
Reprogram ICS machines!
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 19
On Evolving Threats and Attacks
These are
the ones that
we know about…
69 attacks per second
Q2 2010
Attack attempts in 2010
0.5 Billion
Q3 2010 0.6 Billion
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 20
2011 Security Trends
Consolidation
and Complexity 4
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 21
On Complexity and Point-product Sprawl
InformationWeek
2010 Survey of security decision makers
Biggest IT Security Challenges Which of the following are the biggest information/network security challenges
facing your company?
Managing the complexity of security 51%
Enforcing security policies 35%
Preventing data breaches from outside
attackers 29%
Preventing data theft by
employees or other insiders 23%
The requirement
to manage
security complexity
grows steadily
each year.
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 22
On Complexity and Point-product Sprawl
IPS Firewall
VPN
NAC
URL
Filtering
Top network
security
technologies and
point products
deployed
Your world:
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 23
On Complexity and Point-product Sprawl
Your world: IPS
VPN URL Filtering
And don’t forget
endpoint—nearly
doubling the
number of point
products…
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 24
On Security Vendor Consolidation
At $7.68 billion this is the biggest acquisition of a pure
play security company ever. It is also the worst... Richard Stiennon, Chief Analyst
IT-Harvest, LLC
This acquisition has more potential to be disruptive than
to deliver any near-term customer benefits.
Gartner Research Note
20 August 2010
We expect that customers that have already been angling
to jump ship will use this deal as an excuse to accelerate
those plans. Andrew Jaquith, Senior Analyst
Forrester Research
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 25
2011 Security Trends
Data Security
and Loss 5
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 26 ©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 26
On Data Loss…
Percentage of companies breached who
were not PCI compliant. 81%
Percentage of outbound e-mail that
contains content which poses a legal,
financial or regulatory risk. 20%
Percentage of customers who end their
relationship with a company if they are
affected by a breach. 31%
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 27 ©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 27
On Data Proliferation…
Estimated enterprise data
growth in the next five years.* 650%
* Gartner 2010
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 28 ©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 28
On Top Sources of Data Loss
1
2
3
4 5
0%
5%
10%
15%
20%
25%
30%
CD
s/D
VD
s
US
Bs a
nd
Lap
top
s
Co
rpo
rate
Em
ail
Pu
bli
c W
eb
WiF
i N
etw
ork
s
Risk channels:
InformationWeek 2010 Security Survey
Top five sources
of data loss
across
organizations
and enterprises
worldwide
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 29 ©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 29
Data Loss in the News in 2010…
2010 Data Loss Events
Shell
Corporation
loses database
of 176K
employees
February
Apple
exposed over
100K high-
profile iPad
customer
names
June
looses user
data for 170M
subscribers
July
McDonald’s
loses an
„undisclosed‟
amount of
customer data
December
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 30
2011 Security Trends
Web 2.0 and
Social Media 6
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 31
On Web 2.0 and Applications
FACT:
If Facebook were a country,
it would be the 3rd largest in
the world.
Twitter would be the 7th
largest.
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 32
On Web 2.0 and Applications
FACT:
7% of all business network
traffic is to Facebook.
44% of all online videos are
being viewed at the
workplace.
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 33
23% of the average user’s day at work
is spent doing something on the Web.
45% of the 100 most popular web
sites support user-generated
content and 60% are infected with
malware.
42% are prepared to deal with the
risks of Web 2.0 in order to capitalize
on potential business benefits.
On Web 2.0 and Applications
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 34 ©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 34
Web
Applications
55%
Others
45% No Patch
Available
74%
Patches Available
26%
Gartner 2010
Cyber Threat Landscape
The Weakest Link Percentage of Web Application Vulnerabilities with No Vendor Supplied Patches
Insecure Application Web Sites
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 35
2011 Security Trends
Governance, Risk
and Compliance 7
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 36 ©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 36
Regulatory Overload
SO
X
PC
I D
SS
GL
BA
E
.U. D
ata
Pri
vacy D
irecti
ve
BA
SE
L I
I
HIP
AA
-HIT
EC
H
SE
C
STA
TE
LA
WS
Prevalent IT GRC Standards
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 37
On Governance, Risk and Compliance
“Compliance has the
greatest influence on
information security costs”
InformationWeek
2010 Survey of security decision makers
Most Influential Factors On Security Program Which of the following factors have the greatest influence on your
information security program?
Industry and/or government compliance mandates 60%
Our security group‟s assessment of threats and risks
the company faces 42%
Information security best practices 37%
Threats and risks associated with
business models or processes 26%
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 38
Gartner on Virtualization…
[virtualization] will be a hot
spot for auditors, given the
greater risk of misconfiguration
and lower visibility of policy
violation. Through year-end
2011, auditors will challenge
virtualized deployments…
Neil MacDonald
VP Distinguished Analyst
Gartner 2010
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 39
2011 Security Trends
Cost Reduction 8
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 40
CIOs I‟ve talked to expect
dramatic >30% cuts in
infrastructure and
operations costs.
Mark McDonald
Group Vice President, Gartner
November 2010
On Cost Reduction and Doing More with Less
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 41
2011 Security Trends
Green IT 9
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 42
Global Green IT Online Surveys
April 2010
Reduce energy-related operating expenses 70%
Reduce other IT operating expenses 38%
Improve brand image with the public 35%
Environmental Motivations What are your organization‟s top three motivations for pursuing greener IT
operations?
On Green IT…
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 43
Despite the weak economy, organizations will
accelerate Green IT Plans. Why?
Savvy IT leaders use Green IT to marry ecological
aspirations with financial reality.
Why Go Green?
Forrester Research, 2010
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 44
Gartner’s top strategic technologies for 2011
Cloud Computing 1 Mobile Applications and
Media Tablets 2
Web 2.0 Social Technologies
and Communications 3
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 45
Meet IT governance, risk and
compliance requirements
Prevent the loss of sensitive data
Secure and manage Web 2.0 applications
Secure all fixed and mobile endpoints
Protect against attacks and evolving threats
Secure virtualized and cloud environments
Reduce IT security spending
‘To Do’ list for IT security leaders:
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 46
IPS URL Filtering DLP
Application
Control
Enterprise
Firewall VPN
The world’s first, best, and only fully integrated
appliance delivering consolidation, simplicity
and killer security
The case for: Eliminating Complexity
Check Point 3D Multi-Function,
Next-Generation Firewall Solution.
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 47
Check Point 3D Next-Gen Firewall
Check Point Unified Security Management
Smart-1
SmartWorkflow Software Blade
Policy Change Management
SmartEvent Software Blade
Unified Event Analysis
DLP
Software Blade
Application
Control
Software Blade
IPS
Software Blade
FW & VPN
Software Blades
URL Filtering
Software Blade
Antivirus &
Anti-Malware
Software Blade
Identity
Awareness
Software Blade
Power-1
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 48
Unified Control of All Security Layers
Gra
nu
lar V
isib
ility
Identity
Awareness
Application
Control
DLP
Mobile
Access
SmartEvent
IPS
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 49
CHECK POINT SETS A
NEW STANDARD IN LATEST
NSS GROUP IPS TEST
Industry-Leading IPS
The Check Point
IPS Software Blade
outperformed nearly every
vendor in overall accuracy
and blocking:
97.3% security
effectiveness
Multi-gigabit rated
throughput of 2.4Gbps
100% anti-evasion
coverage
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 50
End-to-end protection of data in-use, in-motion
and at-rest to stop data theft and loss.
Full Disk
Encryption
Port
Protection Network DLP
UserCheck
Technology
Media
Encryption Abra
Prevent data loss, educate users and
enforce data policies across Web, mobile
and email
The case for: Total Data Security
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 51
Plug-and-play security for public / private clouds
and dynamic virtual environments.
Security
Gateway VE
Unified
Management VMSafe Integration
VSX Virtual
Security Gateway
Inter-VM
Traffic Protection
5G Next-Gen
Firewall
The case for: Cloud Computing
and Virtualization
Comprehensive cloud and virtualization
security and unified management for both physical and virtual
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 52
The case for: Web 2.0
and Application Control
Comprehensive security control and
visibility of over 50,000 Web 2.0 applications
and widgets
50,000
Widgets
Simple,
Granular
Policies
Identity Awareness
UserCheck™
Technology
Application
Control
5,000
Applications
Detect and control application usage, while
educating users on corporate policies.
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 53
Proven compliance ARTIFACTS for risk management and mitigation and IT
governance
HIPAA
Compliance
Threat
Prevention SOX Compliance
State and
Federal
Regulations
Define,
Measure
and Control
100%
PCI DSS
Compliance
Integrated threat prevention and compliance
management for greater control, automation
and measurement.
The case for: Streamlined
Governance, Risk and Compliance
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 54
PCI DSS
DLP
HIPAA SEC SOX GLBA Federal /
State
IDS / IPS
Application
Control
Antivirus /
Anti-Spam
VPN
Firewall
Check Point
5G Solutions
IT GRC Value to the Enterprise
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 55
PCI DSS
Antivirus /
Anti-Spyware
HIPAA SEC SOX Federal State
VPN
Firewall
Encryption
Check Point
Endpoint
Solutions
IT GRC Value to the Enterprise
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 56
Securely enable both corporate and employee
owned smartphones, laptops and tablets.
Clientless
Browser
Support
Check Point
Mobile Access
Software Blade
Check Point Abra
Check Point
Mobile for iPhone
and iPad
Remote
Access VPN
Software Blade
Check Point
Endpoint
Security
The most comprehensive choice
of enterprise-grade solutions to secure the Consumerization of IT
The case for: Mobile
Device Security
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 57
Monitoring
and
Reporting
Physical and
Virtual Unified Workflow
3D Unified Risk
Mitigation Appliance
Centralized
Policies
Unified
Event
Analysis
Manage everything simply and easily on a ‘single pane
of glass’
The world‟s first, best and only fully integrated
security management solution.
The case for: Operational Efficiency
and 360° Control
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 58
A fully integrated solution that drives
down IT security costs by 25%
Lower the cost of your IT security spend.
The case for: Lowered Cost
of Ownership
Reduced
Security
Skill Gaps
Continual
Compliance
vs. Cyclic Audits
Detailed
Operational
Metrics
Pre-Configured
Next-Gen Firewall
Complete
Security
Architecture
Custom
Integration
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 59
Cloud
Computing
and
Virtualization
Networks
and Critical
Infrastructure
Comprehensive
Endpoint and Data
Security
Employee-owned
Smartphones,
Laptops and Tablets
Unified
Management
and Event Analysis
Web 2.0
and Social
Networking
Every device, every location, every threat. One
security architecture.
The case for: End-to-End Security
One integrated, best-of-suite security
infrastructure and solution from the
LEADER in IT security
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 60
Eliminate complexity with unified IPS & 3D multi-function gateway
Dramatically lower IT security costs and TCO
Demonstrate and streamline governance and compliance
Secure vital data and assets with proactive threat prevention & DLP
Safely embrace and enable Web 2.0 technology
Protect your investment with unrivaled flexibility & extensibility
Now there’s a unified solution:
©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 61
Thank You!