Security Summit July 2009

Your Text hereYour Text here

1

Shahar Geiger Maor [email protected]

Visit My Blog: http://shaharmaor.blogspot.com/

mailto:[email protected]



http://shaharmaor.blogspot.com/


Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 2

Agenda

1 Downturn Economics

CommunicationCISOs Agenda2

Technologies (NAC, DCS, IAM SIEM)3



Israeli Information Technology Market Size

Market size 2008: 4.645 B$

Market size 2009: 4.063 B$



IT Market Share (%) by Industry



Israeli Information Security Market Size

2008 2009 2010

Governance & Risk Management (also BCP) 35.0 42% 50.0 50% 75.0

Security (projects) 95.0 -10.53% 85.0 11.76% 95.0Security (Software) 90.0 -5.56% 85.0 -5.88% 80.0

Total 220 0% 220 14% 250

GRC and Security market size (Ms of $)



Security Budgeting Difficulties –The Market is Under Stress

Source: http://metrosite.files.wordpress.com/2008/06/information_security_spending_survey_2009.pdf

Although most 2009 security budgets are set

(89% surveyed)

72% expect additional downward revisions during the remainder of the year

65% of security vendors are providing discounts for new

products purchases

53% of vendors are reducing maintenance fees



Vendor Discounting in Response to Buyer

Request




Security Budgeting Difficulties –Downturn Mechanism

Vendor bottom line

turns red

Longer sale cycle

Longer POC



More Optimism about Security

Spending

0%

5%

10%

15%

20%

25%

30%

35%

40%

45%

> -10% -10% to -5% -5%% to 5% 5% to 10% 10+%

IT Spending

Sec Spending




What’s on the CISO’s Agenda?

(STKI Madad 2008-2009)

Access18%

EPS/Anti x14%

WAF & Apps11%

Trends8%

Management8%

DB Protection7%

NAC6%

Miscellaneous6%

GRC5%

Market Players5%

Network5%

DLP4%

Hardening3%



DB/DC SEC18%

Access/Authentication15%

Miscellaneous15%DLP

10%

NAC10%

Market/Trends10%

Encryption9%

EPS5%

SIEM/SOC5%

Sec Tools5%


(STKI Madad March-June 2009)




Financial sector:

• Access and DLP: Mobile Security, OTP, Data Obfuscation

Governmental agencies and subsidiaries:

• NAC, IDM

High-Tech and Services:

• Virtualization, Cloud Computing, EPS and mobility

Cross-sector:

• SIEM-SOC, Application Security and methodologies



Security Staffing Ratios

Organization Type Ratios of Security Personnel (Israel)

Average Public Sector 0.15% of Total Users

“Sensitive” Public Sector 0.5% of Total Users



Technologies Categorization 2009

Investmentto make money

Cut costs, Increase productivity

Investmentfor regulations

Commodity ITServices

Using Implementing Looking

Business Value

Market Maturity

IAM/IDMBusiness

Project

IT Project

Size of figure =

complexity/

cost of project

SSO

Network Security

DLP

NAC DB Sec.

Manage Sec. Services

Cloud

SIEM/SOCEPSMobile

Sec.

Anti X

Vir. Sec.

GRC

Remote Access

App. Sec.



Network Access Control



NAC Insights

NAC has not been “fully digested” by Israeli customers in

2008. There should be more activity in 2009

NAC can be deployed less expensively when it is an

embedded feature of an existing vendor and customers

take notice of it

Some network and security vendors already have

solutions that can be part of the NAC process

Israeli customers first priority: network visibility and

guest network control

Network or Security? NAC is a Layer 2 vs. Layer 3

match


Data Centric Security




Data Centric Approach

“perimeter security” “Business of Security” – Security is built into the business process


Data Centric Security Arena

DLP ERM

EncryptionDatabase

Protection

EPS



DLP –Market Status

Solution Deployed20%

Plan to Deploy Soon20%

Not "There" Yet60%

DLP Deployments Status -Israel 1Q09



Identity & Access Management (IDM/IAM)



IDM/IAM Savings

Source: http://blogs.technet.com/mcs-ireland-infrastructure/default.aspx



Key Success Factors for Future IDM Project

Consider IDM also as a business project, rather

than a pure IT project

Make sure the project bridges the gap between

business and IT

Start small for easier success (Single Sign On, a

vertical project)

Choose a step-by-step approach, rather than a

mastodon implementation.

Focus on basic functionalities not on the

additional features


24

Security Information and Event

Management



Silos of Redundant Information

Management

Source: Network Intelligence



An Enterprise Platform for Compliance and

Security

SIEM

Source: Network Intelligence



SIEM\SOC “Round Table” Insights

How to “sell” SIEM project to your organization

Knowing when NOT to start a project

Reporting Systems, Logging and parsing

“Tracing the events” (real-time?)

Who defines what is “risk”? How to translate it to HD?

Maintenance and operations: What does it take?

Outsourced SOC (must be taken under consideration)


28

Shahar Geiger MaorVP & Senior Analyst

[email protected]




Date post:	18-Dec-2014
Category:	Technology
Upload:	shahar-geiger-maor
View:	834 times
Download:	1 times