Complete Visibility for Endpoint Compliance and SIEM Incident Response
2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and the Cloud
23
Sponsored by 2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and the Cloud © 2013 Monterey Technology Group Inc.
-
Upload
lumension -
Category
Technology
-
view
1.815 -
download
4
description
Thanks to you, the audience at UltimateWindowsSecurity, for the 2014 Survey. It was a great success with over 600 respondents! I appreciate all of you who took the time give me your thoughts. You’ve provided some great ideas for real training for free™ in the coming year and I’ve learned which topics are most important to you. That’s going to benefit all of us. In this presentation, we'll present our findings. We’ll talk about the community’s top goals for 2014, which topics you recommended I cover in 2014 and what our community sees as the greatest security concerns for 2014. And we’ll discuss other trends emerging from the data. Find out about the top trends, such as: SIEM – What are the top SIEM solutions? What is the UWS community’s top 3 biggest challenges with log/monitoring/security analytics? Endpoint Security – How widely is application whitelisting being used and what is driving its adoption? Which endpoint security technologies really work and which are just hype? Mobile Devices – Are employee owned mobile devices supported at your organization? Is your biggest concern with mobile devices malware, data loss, compliance? The Cloud – How widely are your peers embracing the cloud? Is your organization’s security policy, technology and training keeping up with the move to the cloud? Advanced Security Topics – What are your peers doing about “big data”? What about endpoints as sensors, and other new security approaches? This will be a fact-filled and fascinating presentation on where we are and where we are going on a host of different security fronts. Don’t miss it.
Transcript of 2014 Security Trends: SIEM, Endpoint Security, Data Loss, Mobile Devices and the Cloud
Sponsored by2014 Security Trends: SIEM, Endpoint
Security, Data Loss, Mobile Devices and the
Cloud
© 2013 Monterey Technology Group Inc.
Thanks to
© 2013 Monterey Technology Group Inc.
www.Lumension.com
Preview of Key Points
Who are we?
SIEM/Monitoring
Top priorities 2014
Top risks 2014
Webinar topics for 2014
Application control
Virtualization
Cloud
Mobile
Future
What’s your size?
1 to 95.2%
10 to 496.4%
50 to 995.5%
100 to 49916.1%
500 to 9998.9%
1,000 to 1,99911.7%
2,000 to 4,99913.0%
5,000+33.2%
Industry
Natural Resources
Chemicals
Automotive
Engineering and Construction
Oil & Gas
Consumer Goods
Travel & Transportation
Media and Entertainment
Utilities
Retail
Industrial Manufacturing
Communications
Aerospace & Defense
Public Sector (Federal Government)
Education and Research
Public Sector (State & Local Government)
Healthcare
Professional Services
High Technology
Financial Services
0.0% 5.0% 10.0% 15.0% 20.0% 25.0%
Who are you?
67%
26%
7%
Technical
Manager / Director
VP and above
Where are you?
73.8%
2.4%
4.1%
15.2%
4.4%
North America (US and Canada)Americas (outside NA)United KingdomEMEA (Europe, Middle East, Africa)APAC (Asia Pacific)
Biggest challenge with SIEM?
16%
37%17%
5%
18%
3%4%
Resources
Analysis
Volume
Cooperation
Technology Management
Realtime
SIEM Product
Webinar topics for 2014
Logging Event forwarding Event correlation Applications
SQL Exchange SharePoint More
Linux/Unix Cloud audit logging VMWare
APTs Prevention Detection
Endpoint BitLocker vs other solutions Monitoring endpoints
Mobile security
Virtualization security
Data protection
Top Priorities for 2014
15%
13%
11%
10%6%5%
4%
4%
4%
4%
4%3%
3%3%
3%3%1%1%1%0%0%
Compliance
Monitoring
Client Security
Business
Misc IT
Misc Security
Network Security
Patch mgt
Data Loss Prevention
Vulnerability Management
IAM and Authentication
Awareness
Virtualization
Quantified Risks
Training
Cloud
Encryptoin
Prevent Breaches
Web
Information Classification
Inventory/asset mgt
Greatest Risksfor 2014
Winner: Malware Sophistication Desktop/Laptop Mobile device
Runners up Application vulnerabilities Data security in the cloud OS vulnerabilities Spear Phishing attacks
Other End-user security awareness Data loss/leakage
Insider APT IAM
Rights Privileged accounts
Malware sophistication
Malware via endpoint (e.g., desktop, laptop)
Application vulnerabilities
Data security in the cloud
OS vulnerabilities
Spear Phishing attacks
Malware via mobile devices (e.g., smartphones, tablets)
Man-in-the-Middle or other browser attacks
DDoS attacks
Other
46.9%
46.5%
42.7%
37.1%
36.9%
35.4%
33.5%
19.8%
15.0%
6.1%
Virtualization
What do you currently/plan to virtualize?
Servers Endpoints Applications Mobile Other
Currently De-ployed
0.903318903318903
0.370851370851371
0.468975468975469
0.154401154401154
0.0461760461760462
Plan to Deploy
0.0505050505050505
0.230880230880231
0.212121212121212
0.138528138528139
0.0533910533910534
No Plans 0.0461760461760462
0.398268398268398
0.318903318903319
0.707070707070707
0.9004329004329
5%
15%
25%
35%
45%
55%
65%
75%
85%
95%
Application Control
Perceived effectiveness of security technologies
Full-disk and file encryption(mobile data protection)
Vulnerability assessment
Anti-malware
Port and device control
Host-based intrusion prevention
Anti-spyware
Endpoint data loss prevention (DLP)
Application control (whitelisting)
Personal firewalls
Mobile device management (MDM)
Other
50 55 60 65 70 75
Application Control
Perceived effectiveness of whitelisting between current/planned/non-users
Mobile Devices
9%
27%
58%
6%
Employee-Owned Only
Corporate-Owned Only
Mix
None
Mobile Devices
Biggest concern regarding mobile devices
Cloud usage
Is your organization moving towards adopting cloud-delivered applications?
Cloud usage
For those moving to the cloud, is security keeping up?
Cloud Usage
We asked about personal and business cloud usage in the organization …
Yes (37.3%) No (62.7%)Do you allow personal cloud applications on your endpoints?
Do you have policies restricting data being moved to and from the personal cloud?
Yes (51.8%)
No (48.2%)
Do you have enforcement mechanisms managing data being moved to and from the personal cloud?
No (81.1%)
Yes (39.2%) No (60.8%)
Does your organization have a business cloud for data storage and exchange of files?
Metrics (alt. view)
What metrics does your management measure you on?
other
Changing Security Paradigms
We asked several questions about where endpoint security was headed …
Bottom line
Security analytics is here to stay at UWS
Mobile, APT, Malware and Data Loss are foremost on the risk radar
Endpoint security is a common denominator for all of them
Endpoint security more important than ever Mobile device trend reinforces this Cloud trend is limited and does not change this Virtualization of endpoints and application delivery is a
complementary issue
What’s happening at endpoint security leader Lumension?
Additional Information
www.lumension.com/endpoint-management-security-suite/buy-now.aspx
