Trends in the Israeli Information Security Market
2008Shahar Geiger MaorAnalyst, STKI
Your Text hereYour Text here
2
Information Security Threatscape
Your Text hereYour Text here
3
Global Security Mega Trends -Threat Horizon
Outside threats: Hackers and organized crime have
joined hands
Inside threats: The human factor is the key
Application Attacks become more prevalent
There is no single logical place to put a “perimeter”
around the organization: Hackers focus on new and emerging technologies
All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info
Your Text hereYour Text here
4
General Trends for 2008
Virtual Machine Security Implications:
• Virtualization made big headlines in 2007 with major
players going public
• The industry hasn’t fully explored the security implications
of virtual technology
Mobile Platforms:
• Interest in mobile security has never been higher
• Phones become more complex, more interesting and more
connected
• Attackers may take advantage
All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info
Your Text hereYour Text here
5
General Trends for 2008 – The Human
Factor
CISOs tend to trust products and technologies
One persons mistake can expose a well-protected organization
Attackers know how to exploit the weaknesses of human nature:• Greed
• “Flock" mentality
• Trust assertive figures
• The need to please
Human weaknesses have no airtight solution(Training?)
All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info
Your Text hereYour Text here
6
The Relative Seriousness of IT
Security Threats
All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info
Your Text hereYour Text here
7
STKI Survey 2008:
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
Israel
World
Careless/risky behavior by employees is the
most serious internal security threat
Lost or stolen laptops and computer media are the most
serious technical threat
At least 90% of employees follow security policies
All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info
Source: STKI, CIO Insight 2008
Your Text hereYour Text here
8
STKI survey results
All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info
Your Text hereYour Text here
9
Am I Vulnerable?
There is no such thing as "secure"
Despite the advanced systems, it's hard to know for sure
High demand for penetration testing, risk assessments
Many organizations are realizing the importance of a neutral party
Market is dominated by small and medium consulting
companies
All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info
Your Text hereYour Text here
10
The Cost of Security
All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info
$3,881,150
$5,685,000
$6,875,000
$8,391,800
$21,124,750
Laptop or Mobile Theft
Theft of Confidential Data (Not Including Mobile Devices)
System Penetration by Outsiders
Virus (Worms/Spyware)
Financial Fraud
Dollar Amount Losses by Type of Attack (Top 5, Thousands $)
(Source: CSI Survey 2007)
Your Text hereYour Text here
11
World Security Technologies Used
18%
27%
28%
32%
80%
84%
97%
98%
Biometrics
EPS/NAC
Specialized Wireless Security Systems
Public Key Infrastucture
(Four Less Common)
Anti-Spyware Software
VPN
Firewall
Antivirus Software
(Four Most Common)
(By Percent of Respondents)
All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info
(Source: CSI Survey 2007)
Your Text hereYour Text here
12
What Interest Our Clients? 2007-2008
Firewall/ Application
Firewall
12%
Endpoint Security11%
Mail/ Mobile Device Encryption
8%NAC7%
SIEM/SOC6%
IDM6%
Antivirus6%
URL Filtering6%
Market Trends18%
Miscellaneous20%
All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info
Your Text hereYour Text here
13
STKI survey results
All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info
Your Text hereYour Text here
14
Endpoint Security
Your Text hereYour Text here
15
Endpoint Security
The Endpoint is a major threat Risk Factors:
• Spyware• Viruses• Website with malicious code• External devices carrying information
Even when you have protection systems, they can’t be trusted:• Users Circumvent the systems for comfort• Communication problems prevent updates• New stations or guests with no protection• Infiltration of unprotected systems
The Solution: NAC…
All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info
Your Text hereYour Text here
16
Endpoint Security – Continue
Device Management is in the spotlight
Major players enter the market – McAfee, Checkpoint, Symantec
Leading Solutions in Israel:• Checkpoint -Pointsec Protector
• ControlGuard -Endpoint Access Manager
• McAfee -Host Intrusion Prevention
• SafeEnd -Protector
• Symantec -Endpoint Protection
Most of our clients use a product, or in advanced integration stages
Device Management will become default soon
All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info
Your Text hereYour Text here
17
Network Access\Admission Control
Your Text hereYour Text here
18
Trends -Network Admission/ Access Control (NAC)
NAC was invented by Cisco, but never standardized
Standardization is expected in the coming years
Even the acronym of NAC isn't clear
Products exist, but experts can't agree on their
effectiveness
There are problems with non-PC hardware
Many of our customers are interested
Majority of customers: researching or doing POC
All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info
Your Text hereYour Text here
19
World NAC Players
Source: Gartner
Your Text hereYour Text here
20
World NAC Players
Your Text hereYour Text here
21
Israeli NAC Players
Leading Solutions:• Access Layers• Cisco• Enterasys• ForeScout• Insightix• McAfee• Microsoft• Nortel• Symantec• XOR
Your Text hereYour Text here
22
STKI Insights
NAC can be deployed less expensively when it is an
embedded feature
Many of the infrastructure-based solutions won’t not
work with older LAN switch product families - Some
organizations will wait for newer versions
Some network and security vendors already have
solutions that can be part of the NAC process (AC, IPS) –
An important starting point for market domination
First priority: implement a guest networking control
NAC is a Layer 2 vs. Layer 3 match
Your Text hereYour Text here
23
Data Leak/Loss Prevention
Your Text hereYour Text here
24
Data Leak /Loss Prevention (DLP)
DLP is an overall framework into which different elements fit
There are three types of data that may leak:
• Data at rest
• Data in transit
• Data on endpoints
No single DLP focus area is foolproof, so enforcing all three
makes problems less likely
DLP is a growing area, and vendors react accordingly
It is suggested to use full-suite vendors in order
to avoid integration problems
All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info
Your Text hereYour Text here
25
Data Leak /Loss Prevention –World Trends
All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info
Source: Aberdeen Report 2008
Your Text hereYour Text here
26
Data Leak /Loss Prevention –EMEA Trends
All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info
Source: Aberdeen Report 2008
Your Text hereYour Text here
27
DLP –Market Status & Players
World Leaders:
• Symantec (Acquired Vontu, 2007, 350$ M)
• Websense (Acquired PortAuthority 2007, 90$ M)
• Reconnex (Acquired by McAfee, July 2008, 46$ M)
• Tablus (Acquired by RSA, 2007, 40$ M)
• Vericept ?
Main drivers for DLP are:
• Regulations such as Payment Card Industry (PCI),
Accountability Act (HIPAA)
• e-mail security, instant messaging (IM) and
endpoint monitoring solutions
All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info
Your Text hereYour Text here
28
Mobile Devices Security
Your Text hereYour Text here
29
Mobile Devices Security
Mobile devices like Smartphones and PDAs are becoming common
Price drops make the phones attractive
Now, some users sync, but it will expand, mostly at the workplace
Rich apps are on the horizon
Portable devices are prone to theft, loss and tapping (BT)
There are inadequate solutions according to Israeli users
We expect major developments and maturity
Major players enter the market
All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info
Your Text hereYour Text here
30
Inadequate Mobile Security?
Source: SafeNet Annual Survey 2008
Your Text hereYour Text here
31
STKI Survey 2008:
0%
5%
10%
15%
20%
25%
30%
35%
40%
Adequate solution in place
Inadequate solution in place
Plan to install /Currently installing
Don't know /No plan to install
Israel
World
All Rights Reserved @STKI Moshav Bnei Zion, Israel +972 9 74 444 74 www.stki.info
Source: STKI, CIO Insight 2008
Your Text hereYour Text here
32
Trends for 2009
DLP!
Data Monitoring
Mobile Security
NAC