RETHINKINGYour Endpoint

Security Strategy

Paul Henry | Security and Forensics Analyst

The Threat Landscape has Evolved…

Shift in Information that is Targeted

Market for stolen data is saturated» Then - Stolen personally identifiable

information sold on the black market for up to $15 per record

» Now - Credit card data has dropped to about 20 cents per record

New, more valuable target is now intellectual property (IP)

» Revenue-generating information» Much larger impact and value –

organization versus individuals

3

Data Breaches Impact Your Bottom Line

4

No Longer a Microsoft World

» Then-Priority on patching servers and Windows O/S

» Now-PC and 3rd party apps are the biggest source of enterprise risk

5

Continued Increase of Cyber Crime

Rise in malicious attacks

» Root cause of 31% of the data breaches studied (up from 24% YoY)*

Cyber attacks impact business

» 97% of respondents consider cyber attacks as the most severe threat to their ability to carry out their missions

» Harder to detect and more difficult to contain and remediate

» Financially motivated cyber criminals

* Ponemon Institute, Annual Cost of Data Breach 2011

6

Rising Cyber Terrorism… Impact of WikiLeaks

7

The Reality of Advanced Persistent Threats

More Sophisticated Threats Leveraging Multiple Attack Vectors

» Zero-day and third party application vulnerabilities

» Physical access through data ports

» Web-based attacks through the browser

The Rise of APTs…

» Highly targeted, constantly evolving, custom-developed malware

» Sony

» Stuxnet

» RSA

8

APT Example… Stuxnet

9

Trusted Insiders Open the Door to Risk

» Negligence is root cause of 41% of the data breaches studied – the #1 cause*

» Social media opens the door to even more risk of social engineering

» The applications we use for productivity open networks and information to risk

» Removable devices provide easy access, data mobility and… risk if not managed

Negligence remains the most common threat - and an increasingly expensive one

* Ponemon Institute, Annual Cost of Data Breach 2011

10

Security Status Quo is No Longer Effective

Security Best Practices Still Not Universally Followed

» Patch and configuration management

» Data protection practices

» User rights management

Ineffectiveness of Anti-Virus

» Increasing malware sophistication

» Only19% of new malware is detected on first day

» 50% of IT professionals point to malware as the leading cause of rising endpoint TCO

The New Endpoint Reality

12

Traditional Endpoint Security Strategy

Traditional “Threat Centric” Endpoint SecurityIs No Longer Relevant

BlacklistingAs The Core

Endpoint Protection

Zero Day

3rd Party Application

Risk

MalwareAs a

Service

Volume of Malware

“Basic security protection is not good enough.” Rowan Trollope SVP

“You can’t just rely on antivirus software – and we’re an antivirus company.” George Kurtz Worldwide CTO

13

Challenges of Endpoint Management

IT Operations

Challenges

IT Security

» Lack of common management console

» Increasing agent bloat

» Increasing and costly back-end Integration

» Lack of visibility and collaboration with IT security

Challenges» Need for better accuracy

» User access rights (Local Admin)

» Lack of scalability

» Silos and insufficient collaboration between IT and business operations*

Lack of integration across technologies

is the

#1 IT security

risk*

*Worldwide State of The Endpoint Report 2009

14

What’s the Impact to Your Business?

Complex IT Environment is Costly to Manage

Lumension Global State of The Worldwide Endpoint 2009

16

Multiple Consoles

» 3-6 different consoles on average

Agent Bloat

» Increasing malware sophistication

Lack of Control

» 54% of IT security pros cite managing security complexity as #1 challenge

» Decreasing visibility – disparate data

» Ad-hoc monitoring of security posture

Increasing TCO of Point Technologies

» Integration and maintenance

Lack of Enterprise-Wide Visibility

Management and visibility in silos hurts effectiveness and efficiency

» What endpoints are online/offline?

» What apps are being used?

» What devices are being used?

» What user actions are concerning?

» How is data being used?

17

Increased Complexity & Risk. Increasing CostMalware

Signatures

Endpoint TCO

Current Endpoint Security

Effectiveness

2007: 250K Monthly

Malware Signatures Identified

2011: 2M Monthly

Malware Signatures Identified

Increasing Malware

Fractured Visibility

Complex Technology

18

Traditional Balancing Act

19

security Vs. productivity

Shift to a New Endpoint Security Approach

Key Strategies

1. Rethink Endpoint Security from the Outside In

2. Shift from “Threat-Centric” to “Trust-Centric” Approach

3. Implement Defense-in-Depth Strategy

4. Reduce Complexity through Integration and Standardization

5. People, Policy and Technology Must All Play a Role in Your Strategy

…to improve endpoint security and reduce complexity

21

Strategy 1: Rethink Endpoint Security

Data has effectively moved away from the data- center to a borderless endpoint

Corporate HQ

Mobile EndpointsRemote Offices & Subsidiaries

WAN

Internet

Cloud-based Computing

Data Center

22

Start to view your IT security requirements from the outside-in and not the inside-out

Strategy 2: Shift to Trust-Centric Security

THREATCENTRIC

TRUSTCENTRIC

Strategy 3: Implement Defense-in-Depth

24

BlacklistingAs The Core

Zero Day

3rd Party Application Risk

MalwareAs a Service

Volume of Malware

Traditional Endpoint Security

Patch & Configuration

Mgmt.

Defense-in-Depth

Strategy 4: Reduce Endpoint Complexity

SingleConsole

Agile architecture

Single Promotable Agent

25

Many Consoles

Disparate Architecture

ManyAgents

IT ControlMade Simple

» Agile platform architecture

» Reduced integration and maintenance costs

» Improved endpoint performance

» Holistic endpoint visibility

Effective but not Efficient

Effective AND Efficient

All three are dependent on each other for

effective and operational endpoint security.

Strategy 5: People, Policy and Technology

26

policy

technologypeople

Summary

Shift to New Endpoint Management Approach

28

Threat centric

Point products

Multiple consoles

Multiple agents

Ad hoc processes

Reactive signatures

Ad hoc auditing

Compliance

» Trust centric

» Integrated platform

» Single console

» Single agent

» Standardized processes

» Proactive, real time

» Continuous monitoring

» IT Risk management

Lumension: Leading the IT Security Shift

» Market Leader

» Agile Platform Architecture

» Best-of-Breed Functionality

» Global Footprint

» Strong Customer and Partner Ecosystem

» Deloitte 500 & Inc. Magazine 500 Fast Growth Leader

29

Q&AFor more information come visit us at Booth #19 during these show

hours:Tuesday, June 21

11:45 a.m. – 1:45 p.m. Wednesday, June 22 12:00 p.m. – 1:30 p.m.

Global Headquarters8660 East Hartford Drive

Suite 300

Scottsdale, AZ 85255

1.888.725.7828

info@lumension.com