cyber us government silicon valley opportunities and challenges greg oslan, ceo, narus march 2011...
Post on 21-Dec-2015
217 views
TRANSCRIPT
CyberUS Government
Silicon ValleyOpportunities and Challenges
Greg Oslan, CEO, NarusMarch 2011
SINET Workshop & Forum
Overview Market Ecosystem Public/private partnership Doing business in DC
Our World is a Cyber WorldCyber (Infrastructure): global network
of interdependent information technology infrastructures, telecommunications networks and computer processing systems
Cyberspace (Applications): virtual world in which individuals interact, exchange ideas, share information, provide social support, conduct business, direct actions, and so on, using this global network
The Global Internet Trend
Source: Morgan StanleyM – Mobile Internet UsersD – Desktop Internet Users
State of the Internet in 2010‒ 5 countries account for > 48% users‒ BRIC – fastest growth
Mobile Internet access pandemic‒ Mobile Internet Users to surpass
Desktop Internet Users (IU) by 2015‒ 2010 - 1/1.4 Billion M/D Internet
Users‒ 2015 – 2/1.7 Billion M/D Internet
Users
Mobile Internet Computing Entered the Mobile Internet Computing Cycle
– Web2.0+Connectivity/Presence– Value = Unified Communications + Multimedia +
Portability
Portability– The virtual world: Desktop experience - ANYTIME,
ANYWHERE!
Unified Communications– Users spend 70% of their online activity in social
networks
Multimedia Creation– Traditional Applications are disappearing and
new ones are gaining momentum
Source: Morgan Stanley
New Cyber User 2010
A new user profile is emerging‒ Mobile Computing is about DATA not
Voice
User generated content – breakdown‒ Music, Games and Social to drive
Most popular/used application‒ 07/09 Social Networking Users
Surpassed Email
‒ 12/09 200 Billion Minutes/Month spent on Social Networking Sites
Shift in Traffic Composition [2010] Global Internet traffic (D+M) – growth
‒ Two-fold increase expected over 2011-2012
‒ 10.88 to 20.33 PB / Month
‒ Video surpassed P2P in 2010
Global Internet traffic (M only) – growth‒ 14x traffic growth from 2010E to 2014E
‒ 250 KTB to 3.5MTB / Month
‒ Video to grow 39x by 2014
Trends in Infrastructure/Services Backhauling driving infrastructure upgrades at the
edge‒ Each tower today is oversubscribed by a factor of
50
‒ Expensive to operate with such bandwidth demands
Cloud and virtual computing platforms‒ The preferred content distribution vehicles
Evolution of Traffic Intelligence‒ From bits to content and users
Mobile Internet Computing Shaping the Threat Vector Market
Mobile devices (“Computing in your pocket”)‒ Rogue applications, portability and powerful
Social media threats (“Virtual reality”)‒ Soon became the ideal platform to distribute
threat (Twitter Spam, Facebook abusive apps)
From desktop to cloud computing‒ Cloud as a means of distribution and infection
(Google Groups, Amazon)
Application space (“Easy to hide”)‒ Facebook: 500,000 Apps/500 M+ Downloads/Year
‒ iPhone: 360,000+ Apps/4B+ Downloads/Year
The Cyber Security Market
Dynamic environment Evolving, more sophisticated threats Security investment a balance between cost
and risk Education still early in the lifecycle Traditional and new technologies
User Interface Layer
Database
SEM/SIEM
The Ecosystem: A challengeMultiple Overlapping Components
Portal
Third PartyApplications
User Application Layer
Policy / Logic Layer
Integration
Forensic Analysis Dynamic AnalysisSecurity / Intercept / Traffic Management
DDoS Zero-Day Attacks
L-4 Anomaly Detection
L-7 Anomaly Detection
Traffic Management &
Control
Security Distr
ibution & control
Mitigation
InterceptTraffic Analysis
Targeting Analytics
Data & Control Plane Security
Cyber Protection Intercept Traffic Mgmt Development Kit
Open API
Forensic Analysis
Routers
Intelligent Capture Layer
Infrastructure DPI NIC
NetFlow
Visualization
Centrifuge Exalede
SearchSplunk
Data Analytics
Cyber Security and Network Management Convergence
SLA Guarantee Indemnity
Signature-Based
Behavioral-Based
Anomaly-Based
Static
Dynamic
Forensics Data Management; Search; Storage
SEM / SIEM
Op
era
tio
ns
Processes
Policy
New Signatures
Tools
Remediation
Vulnerability
Risk Assessment
Network Design for Security- Network Vulnerability- Optimization
Installation
Management
Government/CommercialPartnership Required
We’re only secure when we’re all secure‒ What about .com; .net; etc?‒ Commercial multi-nationals vs. Government
Government too slow: typical 5 year cycle minimum‒ Priority on .mil; .gov‒ Long way to go
Security is end-to-end in both horizontal and vertical planes‒ From end device to end device‒ From platform through application
Government Business: Lessons Learned
Washington D.C. is a tough place to do business
Patience required; NIH andbureaucracy high
Security clearances Capital Washington presence Partnering key as most contract vehicles
are held by large prime integrators
Government: Lessons Learned
But………………. Has serious money High barrier to entry means higher
barrier to exit Loyal once proven Provides exit option Buy early, innovative technology
Rewarding to help your country
US Government Efforts
CNCI ESF Public policy efforts OSD pilots Money being allocated ($500M
just announced)
Challenges Remain From Valley’s Perspective
You Can Be Part of the Solution Little VC motivation to support government
market—long sales cycles, club mentality, higher risk, difficult to understand sales process/cycles; US no forn bent
Money often comes with strings: IP; export; employee make-up
Entry process difficult with poor access to contract vehicles, inability to get new contracts
Is It Worth It?
Depends on what you are selling Government typically first to truly invest in
new things that don’t have strong ROI If you’re in “security or cyber,” provides early
adopter opportunity
I Believe It Is; Will take effort from both sides!