cio perspectives on security fabrício brasileiro regional sales manager
TRANSCRIPT
CIO Perspectives on Security
Fabrício Brasileiro
Regional Sales Manager
Key Perspectives
2 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Think Strategically about Security
Safely Enable the Business – Safe Enablement
Apply Innovative Thinking to Security Challenges
3 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Table of Contents
CIO Perspectives on Security
Changing IT and CIO Role
Good/Bad News Story
Rethinking Security Strategically
CIO Considerations for the Future
1
2
3
4
BusinessOpportunities
SecurityRisks
SaaS
Mobility + BYOD
Social + Consumerization
Cloud + Virtualization
Opportunity or Challenge?
IT Must be a Strategic Business Enabler
The Role of IT and the CIO is Changing
4 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Tectonic Shifts in BusinessGive Rise to a New Era ofAdvanced Cyber Threats
Emerging CIO Priorities – Are You Prepared?
5 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Service/Performance
Traditional Emerging Priorities
Cloud/Disintermediation
Secure Cloud
Visibility –Network and Data
Zero Trust Model
Disruptive“Kill Chain” Solutions
Close Monitoringand Analytics
Perimeter Security
Application Proliferation
Uncontrolled Data Movement
Data Center andEndpoint Security
Ineffective Endpoint andSilo’d Network Protection
6 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Table of Contents
CIO Perspectives on Security
Changing IT and CIO Role
Good/Bad News Story
Rethinking Security Strategically
CIO Considerations for the Future
1
2
3
4
Good News
7 | ©2014, Palo Alto Networks. Confidential and Proprietary.
The Basics Are Still Critically Important
Governance SecurityFrameworks Policies Standards
Risk andCompliance
Management
Identityand Access
SSO StrongPassword
Multi-FactorAuthentication Certificates
DataProtection
Encryption KeyManagement
Data LeakProtection
Backupand Archive
Logging andMonitoring
Audit Logs Measurements Correlation Retention
Bad News – Line of Security Products
Anti-APT forPort 80 APTs
Anti-APT forPort 25 APTs
Endpoint AV
DNS Protection Cloud
Network AV
DNS Protection forOutbound DNS
Anti-APT Cloud
Internet
Enterprise Network
UTM/Blades
DNS AlertEndpoint AlertWeb AlertSMTP AlertSMTP AlertSMTP AlertSMTP AlertWeb AlertDNS AlertDNS AlertSMTP AlertAPTWeb Alert Web AlertAV AlertAV AlertWeb AlertDNS AlertSMTP AlertEndpoint Alert
Lacks Integration Alert Overload Manual Response
Vendor 1
Vendor 2InternetConnection
MalwareIntelligence
Vendor 3
Vendor 4
Limited Visibility
AV – Anti Virus APT – Advanced Persistent ThreatUTM – Unified Threat Manager
Failing Security Architectures Provide a False Sense of Security
8 | ©2014, Palo Alto Networks. Confidential and Proprietary.
9 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Table of Contents
CIO Perspectives on Security
Changing IT and CIO Role
Good/Bad News Story
Rethinking Security Strategically
CIO Considerations for the Future
1
2
3
4
New Strategic Approaches to Security Are Needed
10 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Security Organizations Are Not Innovating Fast Enough
Existing controls ineffective against new threats
Controls not evolving fast enough
Attackers Are Innovating Faster
Sophistication of global attackers Increasing value of information Easier targets
Vulnerability Gap Continues to Widen
Goal: reduce threat exposure by strengthening controls
Requirements for the Future
At theInternet Edge
Between Employees and Devices within
the LAN
At theData Center
Edge and between VMs
At theMobile Device
Cloud
Within Private,Public and
Hybrid Clouds
Detect AND Prevent Threats at EveryPoint Across the Organization
Prevent attacks, both known and unknown Protect all users and applications, in the cloud or virtualized Integrate network and endpoint security Analytics that correlate across the cloud
11 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Increase Visibility and Reduce Breach Landscape
Identify and define legitimate use with leadership
Align security policies with those legit government and business uses
Isolate critical internal applications
Determine policies that protect cloud and VM use cases
Tie applications to users/groups
Allow Relevant ApplicationsMonitor Dangerous ApplicationsBlock Unwanted Applications
1
Eliminate Known Threats2
Eliminate Unknown Threats3
Focus on Relevant4
12 | ©2014, Palo Alto Networks. Confidential and Proprietary.
344 KB
172.16.1.10
source IP
64.81.2.23destination IP
tcp/443destination port
file-sharingURL category
pdffile type
roadmap.pdffile name
bjacobsuser
prodmgmtgroup
canadadestination
country
SSLprotocol
HTTPprotocol
slideshareapplication
slideshare-uploadingapplication function
Complete Context Means Tighter Security Policies
13 | © 2015, Palo Alto Networks. Confidential and Proprietary.
bjacobsuser
slideshare-uploadingapplication function
slideshareapplication
14 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Table of Contents
CIO Perspectives on Security
Changing IT and CIO Role
Good/Bad News Story
Rethinking Security Strategically
CIO Considerations for the Future
1
2
3
4
The Future of Cyber Security
Visibility and inspection across entire network and into “the cloud”
Network-segmentation and micro-segmentation
Advanced security that prevents indicators of threats and kill chain in their tracks
Mobile and BYOD security
Internet of things and embedded device endpoint security
Advanced analytics and Big Data for security analytics
Interpol-like exchanges for sharing advanced threats and campaign intelligence
15 | ©2014, Palo Alto Networks. Confidential and Proprietary.
16 | ©2014, Palo Alto Networks. Confidential and Proprietary.