Post on 16-May-2020
1 | Confidential IDG May 17th 2017 Mikkel Børve
AGENDA • COMPLEXITY OF TODAY’S IT SECURITY MANAGEMENT
• MOVING (SECURITY) TO THE CLOUD
• HOW TO BE IN CONTROL
2 | Confidential
SECURING YOUR ASSETS – A BALANCING ACT
Permissive Rules Introduces business risk
Tightening Rules Slow response to the
business request
4 | Confidential
4 STEPS APPROACH FOR ALIGNMENT
STEP 1 Align your security plan with company business strategy
STEP 2
Align application delivery, security and network teams
STEP 3
Utilize automation solutions to: Respond quicker to the change requests from the business Remove Error-prone activities Maintain compliance throughout the process
STEP 4 Implement solutions for quick response to attacks
Helping 1500+ enterprises and 20 of the Fortune 50 ALIGNING SECURITY WITH YOUR BUSINESS
10 | Confidential
Moving to the Cloud
YOU BETTER BE PREPARED “By 2020, more compute power will have been sold by Infrastructure as a service (IaaS) and Platform as a service (PaaS) cloud providers than sold and deployed into enterprise data centers” Gartner
December 2016 11 | Confidential
THE SECURITY POSTURE IN A CLOUD ENVIRONMENT • Organizations want to reap the benefits of cloud adoption gaining speed
and agility • The security posture becomes an afterthought rather than a well thought
out and planned process • The result is a security officer’s nightmare – a “jungle” of assets across
multiple environments, some of which are not even known to the officer
12 | Confidential
13 | Confidential
HYBRID CLOUD NETWORK CHALLENGES
MAIN SECURITY CHALLENGES
Regulatory Compliance
Ensuring regulatory and corporate compliance
Visibility Lack of unified
visibility across the hybrid environment
Change Management Manual and error-
prone change management
processes
15 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
The Move to Cloud, Mobile and Digital Business Requires Changes in how we Approach Security
Hardware
People
Applications & Services
Workspace
Processes
Information Top down — information, process-and application-centric security Business-driven security
Bottom up — device and OS fixation; "lockdown“ Asset-centric security
Network
OS
Data Center
ACI
HOW TO BE IN CONTROL
Visibility Automatic Provisioning Business Context
Data Center FWs (L4-L7 services) Perimeter & Upstream FWs
17 | Confidential
HOW WE ADDRESS THE CHALLENGE
BusinessFlow
FireFlow
Firewall Analyzer
ALGOSEC CAPABILITIES
19 | Confidential