security transformatie in de nederlandse gemeenten · fortinet threat intelligence newsletters,...
TRANSCRIPT
© Copyright Fortinet Inc. All rights reserved. © Copyright Fortinet Inc. All rights reserved.
Security Transformatie in de Nederlandse Gemeenten
Ton Sips
Team Lead
System Engineering Public
Jasper de Jong
accountmanager Lokake overheid
Dreigingsbeeld Nederlandse Gemeente 2018
Bron: IBD
Agenda
• Dreigingsbeeld Nederlandse Gemeente 2018
• AVG – Verantwoordingsplicht
• Security Transformation
• Security Fabric
Mensen maken fouten Gemeenten zijn, net als alle
organisatie, kwetsbaar.
Dreigingen liggen ook (vlak)
buiten de eigen organisatie.
De waan van de dag
bepaalt de agenda
We weten niet wat
we niet weten!
Risico’s 2017
Bron: Informatie Beveiligingsdienst
Trends & Ontwikkelingen
Doorontwikkeling van
Ransomware ICS, IoT & Smart Cities Schaarste op de Arbeidsmarkt
Cloud Shadow IT
Bron: Informatie Beveiligingsdienst
Vijf prioriteiten in 2018 en verder
Elimineer kwetsbaarheden
Plan B Maak uw medewerkers
de eerste verdegingslinie
Maak uw CISO belangrijk(er)
Organiseer het samen
Bron: Informatie Beveiligingsdienst
AVG - Verantwoordingsplicht
Aan het maatschappelijk verkeer afleggen van verantwoording
over de effectieve werking van het getroffen beheers- en
beveiligingsmaatregelen gericht op het beschermen van
persoonsgegevens
Bestuursverslag
Bevestiging Audit of
bestuurlijk gesprek
RvB, directie
RvB, directie
Verantwoording aan
Maatschappelijk
verkeer
Bevestiging door
Internal Auditor
FG: advies
FG: advies
FG: toezicht
RvB, directie
1e lijn, Waaronder
CISO
Declaration of
Accountability (DoA)
Privacy & Security
boekhouding
Aantoonbare continue
effectieve werking van beheer-
en beveiligingsmaatregelen
Organiseren passende beheer-
en beveiligingsmaatregelen
Inrichting IT en processen
Beleid
Governance & Compliance
Bron: Duthler Associates
[Security Transformation]
is the integration of security into all areas of digital technology resulting in
fundamental changes to how security is architected, deployed and operated.
17
“All organizations should now assume that they are in a
state of continuous compromise.”
- Gartner, 14-2-2014
A TRUE STATEMENT?
Source: Gartner. Designing an Adaptive Security Architecture for Protection From Advanced Attacks. February 2014.
18
Email Remains the #1 Attack Vector
49% of malware was
installed via email
attachment1
$675m estimated cost of business
email compromise, from
15,670 incidents in 2017
15,071 Unique malware variants in
1Q18, an average of 170
every day of the quarter
Notes/Sources:
1. Verizon 2018 Data Breach Report. April 2018.
2. Fortinet Threat Intelligence Newsletters, 2018.
3. FBI. IC3. 2017 Internet Crime Report. May 2018.
4. Gartner Market Guide for Secure Email Gateways, 2017.
Advanced threats easily bypass the
signature-based prevention mechanisms
an SEG has traditionally used.
19
Given the Time Unknown Malware Remains Undetected
Random Detection
(average ~260 days)
DURATION
IMP
AC
T
Infection Reduction of time to detect
=
Reduction of impact
20
Cybersecurity is Complex
Threat
Security
Infrastructure
Governance
Cyber
SD
-WA
N
Internet of Things S
pa
m
Bo
tne
t
IPS
NGFW
EndPoint
Vulnerability Assessment
Fir
ew
all
SDN
SIEM
Operation Technologies
San
db
ox
Phishing
Exploit
AZ
UR
E
Security DDoS
Analytics
BY
OD
An
tivir
us
Malware
Application Control
WAF
Mobile Security
AW
S
Go
og
le C
lou
d
Se
cu
re E
ma
il G
ate
way
Targ
ete
d A
ttacks
Ra
ns
om
wa
re
DNS
Policy
PCI
HIPPA
GD
PR
DMZ WiFi
Go
ve
rna
nc
e
Segmentation Data Center DevSecOps
Cloud
10
0G
SSL
21
Fortinet Is Well-Positioned to Lead the 3rd Evolution of Network Security
EXPANDING NETWORK SECURITY INTO THE FABRIC, CLOUD, AND IOT
1990 2000 2010 2020
FIREWALL
Connectivity
SOFTWARE SECURITY
PROCESSORS SECURITY FABRIC
NGFW UTM
Content FABRIC
Infrastructure
3rd Generation
23
FORTINET SECURITY FABRIC
BROAD
INTEGRATED
AUTOMATED
Visibility & Protection of the
Digital Attack Surface
Detection of Advanced Threats
Response & Continuous Trust
Assessment
NETWORK
FortiGate-VM Partner API
FortiMail FortiAP | FortiSwitch
FortiClient FortiWeb
FortiSandbox
FortiManager, FortiAnalyzer, FortiSIEM
FortiOS
FortiGuard
24
FORTINET SECURITY FABRIC
BROAD
INTEGRATED
AUTOMATED
Visibility & Protection of the
Digital Attack Surface
Detection of Advanced Threats
Response & Continuous Trust
Assessment
NETWORK
FortiGate-VM Partner API
FortiMail FortiAP | FortiSwitch
FortiClient FortiWeb
FortiSandbox
FortiManager, FortiAnalyzer, FortiSIEM
FortiOS
FortiGuard
25
The Broadest Security Portfolio in the Industry BUILT FROM THE GROUND UP TO DELIVER TRUE INTEGRATION END TO END
Network Security
Multi-Cloud Security
Endpoint Security
Email Security
Application Security
Secure Unified Access
Advanced Threat Protection
Management & Analytics
FortiGate
Enterprise Firewall
FortiGate
Cloud Firewall
Network Security
FortiClient
EPP FortiWeb
Web Application
Firewall
FortiMail
Secure Email
Gateway
FortiSandbox
Advanced Threat
Protection
FortiAnalyzer Central Logging /Reporting
FortiManager Central Security Management
FortiSIEM Security Information &
Event Management
FortiGate
Virtual Firewall
Network Security
FortiAP
Wireless
Infrastructure
FortiSwitch
Switching
Infrastructure
Endpoint
IoT Multi
Cloud Applications
Web Unified
Access Email Threat
Protection
Advanced Management
Analytics
FortiCASB
IPS
SWG
SD-WAN
VPN
Network
FortiADC
Application
Delivery
controller
FortiAuthenticator
Identity and Access
Management
FortiDDOS
Anti-DDOS
26
Fabric Ready Ecosystem Partners Expand the Reach of the Fabric
IOT/OT/NAC/IDENTITY
CLOUD/NFV/SDN
SECURITY/SIEM
FABRIC
CONNECTORS
FABRIC
APIs
TECHNOLOGY
ENDPOINT MANAGEMENT
27
FORTINET SECURITY FABRIC
BROAD
INTEGRATED
AUTOMATED
Visibility & Protection of the
Digital Attack Surface
Detection of Advanced Threats
Response & Continuous Trust
Assessment
NETWORK
FortiGate-VM Partner API
FortiMail FortiAP | FortiSwitch
FortiClient FortiWeb
FortiSandbox
FortiManager, FortiAnalyzer, FortiSIEM
FortiOS
FortiGuard
28
INTEGRATED:
29
FORTINET SECURITY FABRIC
BROAD
INTEGRATED
AUTOMATED
Visibility & Protection of the
Digital Attack Surface
Detection of Advanced Threats
Response & Continuous Trust
Assessment
NETWORK
FortiGate-VM Partner API
FortiMail FortiAP | FortiSwitch
FortiClient FortiWeb
FortiSandbox
FortiManager, FortiAnalyzer, FortiSIEM
FortiOS
FortiGuard
30
Sandbox/
Anomaly Detection…
EndPoint Device/File Quarantine
2c
Gateway
technology
Block Objects 2a
FortiGuard Labs
Intelligence Sharing 3b
Real-time intelligence updates 3a
Quarantine Devices/Block Traffic 2b
File Submission
and Response
1
intelligence updates
4
Fortinet
Customers
SECURITY FABRIC
AUTOMATION
31
FORTINET SECURITY FABRIC
BROAD
INTEGRATED
AUTOMATED
Visibility & Protection of the
Digital Attack Surface
Detection of Advanced Threats
Response & Continuous Trust
Assessment
NETWORK
FortiGate-VM Partner API
FortiMail FortiAP | FortiSwitch
FortiClient FortiWeb
FortiSandbox
FortiManager, FortiAnalyzer, FortiSIEM
FortiOS
FortiGuard