Principales tendencias a considerar para su estrategia de seguridad 3D

©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone

Top Security Trends and Strategies for 2011

John Vecchi

Head of Global Product Marketing

©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 2

Top Trends of 2011

Virtualization & Cloud Computing

Threat Landscape

IT Consumerization

Consolidation & Complexity

Data Security and Loss

Web 2.0 & Social Media

Governance, Risk & Compliance (GRC)

Cost Reduction

Green IT

5

4

3

2

1

6

7

8

9


2011 Security Trends

Virtualization &

Cloud Computing 1

©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 4 ©2011 Check Point Software Technologies Ltd. | [Unrestricted] For everyone | 4

On Data Center Consolidation

CIOs will virtualize

55% of production

servers next year, up

from 42% this year2

Private cloud1

28% have one 30% plan one

1 Information Week, June 2010 2 Morgan Stanley, June 2010


Lack of skills in security team 36%

Cost of new information security solutions 28%

Can‟t port existing security tools from physical

to virtual world 26%

Lack of security best practices for server

virtualization 24%

Regulatory compliance issues 24%

Top Security Challenges for Server Virtualization What are the biggest security challenges preventing server virtualization in your

enterprise?

Lack of knowledge

in security teams

remains the

biggest challenge

in moving to

virtualized

environments.

Enterprise Strategy Group

2010 Survey of enterprise decision makers

Enterprise Virtualization Initiatives


On Cloud Computing

Top concerns with private clouds What are your greatest concerns about deploying and managing them?

Loss of control 80%

Data security 76%

Data portability and ownership 73%

Regulatory compliance 62%

Reliability 60% Morgan Stanley

2010 CIO Cloud Survey


Enterprise

Mid-market

Small Business

On project list

Top hardware / IT infrastructure priorities Are you considering building an internal or private cloud operated by IT

(not a service provider) in next 12 months?

56% 44%

64% 36%

Not currently planned

Forrester Research

2010 Enterprise and SMB Survey

55% 45%

On Cloud Priorities



IT Consumerization 2


Consumers Leading the Enterprise

Consumer

hardware

used for work

Consumer

services

used for work


Most of the

conversations

I have with Gartner

clients are about how

to securely enable

use of employee-

owned smartphones

and laptops.

John Pescatore

VP Distinguished Analyst

Gartner 2010

On IT Consumerization


Mobile

Population

Anchored

Desktop

2000 2005 2010

0

100

% P

en

etr

ati

on

80

60

40

20

Enterprise Mobile Device Population Market penetration over time

451 Group

2009/2010

Mobile Workforce Growth



Threat Landscape 3


Today’s Threat Landscape

Increasing

Sophistication

Multi-vector

Polymorphic

Blended and

multi-variant

Stuxnet

Aurora Botnets

XSS

Zeus

Trojans

Worms

Crime and Profit-driven

Cyber Crimeware

Financial theft

Intellectual

property

Criminal networks

Cyber-warfare and Hactivists

Cyber-warfare

Iran and Stuxnet

Wikileaks

Cyber „Hactivists‟


A

DW

AR

E

T

RO

JA

N

E

XP

LO

IT

B

OT

NE

T

S

CA

RE

WA

RE

R

OO

TK

IT

On Top 2010 Threats…

Most prevalent threat types


On Top 2010 Threats…

“…widely considered the most sophisticated computer threat

created to date…Stuxnet exploited four previously unknown

vulnerabilities, at a time when exploiting a single one is a big deal.” SOFTPEDIA.com 2011

Stuxnet

“Hackers seeking source code from Google, Adobe and others

used nearly 12 pieces of malware and levels of encryption to

burrow deeply into the bowels of company networks…” WIRED 2010

Operation

Aurora

“Zeus…detected only 23 percent of the time…is the No. 1 financial

Trojan—representing 44 percent of all financial malware infections

today.” Darkreading.com 2010

Zeus

Zbot


Exploits

• 2 un-patched MS vulnerabilities

• 2 undisclosed privilege escalations

• 2 stolen certificates

• SCADA / PLC payloads

Techniques • Anti-Virus evasion techniques

• Peer-2-Peer network

• Command & Control

Architecture • Single File

• File containing all payloads

Anatomy of the Threat


Infection Statistics

This is not normal


Introduce Threat to Target

Propagate inside the network

Infect Field PG machines

Mission Objectives:

Goal:

Reprogram ICS machines!


On Evolving Threats and Attacks

These are

the ones that

we know about…

69 attacks per second

Q2 2010

Attack attempts in 2010

0.5 Billion

Q3 2010 0.6 Billion



Consolidation

and Complexity 4


On Complexity and Point-product Sprawl

InformationWeek

2010 Survey of security decision makers

Biggest IT Security Challenges Which of the following are the biggest information/network security challenges

facing your company?

Managing the complexity of security 51%

Enforcing security policies 35%

Preventing data breaches from outside

attackers 29%

Preventing data theft by

employees or other insiders 23%

The requirement

to manage

security complexity

grows steadily

each year.



IPS Firewall

VPN

NAC

URL

Filtering

Top network

security

technologies and

point products

deployed

Your world:



Your world: IPS

VPN URL Filtering

And don’t forget

endpoint—nearly

doubling the

number of point

products…


On Security Vendor Consolidation

At $7.68 billion this is the biggest acquisition of a pure

play security company ever. It is also the worst... Richard Stiennon, Chief Analyst

IT-Harvest, LLC

This acquisition has more potential to be disruptive than

to deliver any near-term customer benefits.

Gartner Research Note

20 August 2010

We expect that customers that have already been angling

to jump ship will use this deal as an excuse to accelerate

those plans. Andrew Jaquith, Senior Analyst

Forrester Research



Data Security

and Loss 5


On Data Loss…

Percentage of companies breached who

were not PCI compliant. 81%

Percentage of outbound e-mail that

contains content which poses a legal,

financial or regulatory risk. 20%

Percentage of customers who end their

relationship with a company if they are

affected by a breach. 31%


On Data Proliferation…

Estimated enterprise data

growth in the next five years.* 650%

* Gartner 2010


On Top Sources of Data Loss

1

2

3

4 5

0%

5%

10%

15%

20%

25%

30%

CD

s/D

VD

s

US

Bs a

nd

Lap

top

s

Co

rpo

rate

Em

ail

Pu

bli

c W

eb

mail

WiF

i N

etw

ork

s

Risk channels:

InformationWeek 2010 Security Survey

Top five sources

of data loss

across

organizations

and enterprises

worldwide


Data Loss in the News in 2010…

2010 Data Loss Events

Shell

Corporation

loses database

of 176K

employees

February

Apple

exposed over

100K high-

profile iPad

customer

names

June

Facebook

looses user

data for 170M

subscribers

July

McDonald’s

loses an

„undisclosed‟

amount of

customer data

December

http://simplyzesty.com/wp-content/uploads/2010/12/FaceBook-Logo.png



Web 2.0 and

Social Media 6


On Web 2.0 and Applications

FACT:

If Facebook were a country,

it would be the 3rd largest in

the world.

Twitter would be the 7th

largest.



FACT:

7% of all business network

traffic is to Facebook.

44% of all online videos are

being viewed at the

workplace.


23% of the average user’s day at work

is spent doing something on the Web.

45% of the 100 most popular web

sites support user-generated

content and 60% are infected with

malware.

42% are prepared to deal with the

risks of Web 2.0 in order to capitalize

on potential business benefits.



Web

Applications

55%

Others

45% No Patch

Available

74%

Patches Available

26%

Gartner 2010

Cyber Threat Landscape

The Weakest Link Percentage of Web Application Vulnerabilities with No Vendor Supplied Patches

Insecure Application Web Sites



Governance, Risk

and Compliance 7


Regulatory Overload

SO

X

PC

I D

SS

GL

BA

E

.U. D

ata

Pri

vacy D

irecti

ve

BA

SE

L I

I

HIP

AA

-HIT

EC

H

SE

C

STA

TE

LA

WS

Prevalent IT GRC Standards


On Governance, Risk and Compliance

“Compliance has the

greatest influence on

information security costs”

InformationWeek

2010 Survey of security decision makers

Most Influential Factors On Security Program Which of the following factors have the greatest influence on your

information security program?

Industry and/or government compliance mandates 60%

Our security group‟s assessment of threats and risks

the company faces 42%

Information security best practices 37%

Threats and risks associated with

business models or processes 26%


Gartner on Virtualization…

[virtualization] will be a hot

spot for auditors, given the

greater risk of misconfiguration

and lower visibility of policy

violation. Through year-end

2011, auditors will challenge

virtualized deployments…

Neil MacDonald

VP Distinguished Analyst

Gartner 2010



Cost Reduction 8


CIOs I‟ve talked to expect

dramatic >30% cuts in

infrastructure and

operations costs.

Mark McDonald

Group Vice President, Gartner

November 2010

On Cost Reduction and Doing More with Less



Green IT 9


Global Green IT Online Surveys

April 2010

Reduce energy-related operating expenses 70%

Reduce other IT operating expenses 38%

Improve brand image with the public 35%

Environmental Motivations What are your organization‟s top three motivations for pursuing greener IT

operations?

On Green IT…


Despite the weak economy, organizations will

accelerate Green IT Plans. Why?

Savvy IT leaders use Green IT to marry ecological

aspirations with financial reality.

Why Go Green?

Forrester Research, 2010


Gartner’s top strategic technologies for 2011

Cloud Computing 1 Mobile Applications and

Media Tablets 2

Web 2.0 Social Technologies

and Communications 3


Meet IT governance, risk and

compliance requirements

Prevent the loss of sensitive data

Secure and manage Web 2.0 applications

Secure all fixed and mobile endpoints

Protect against attacks and evolving threats

Secure virtualized and cloud environments

Reduce IT security spending

‘To Do’ list for IT security leaders:


IPS URL Filtering DLP

Application

Control

Enterprise

Firewall VPN

The world’s first, best, and only fully integrated

appliance delivering consolidation, simplicity

and killer security

The case for: Eliminating Complexity

Check Point 3D Multi-Function,

Next-Generation Firewall Solution.


Check Point 3D Next-Gen Firewall

Check Point Unified Security Management

Smart-1

SmartWorkflow Software Blade

Policy Change Management

SmartEvent Software Blade

Unified Event Analysis

DLP

Software Blade

Application

Control

Software Blade

IPS

Software Blade

FW & VPN

Software Blades

URL Filtering

Software Blade

Antivirus &

Anti-Malware

Software Blade

Identity

Awareness

Software Blade

Power-1


Unified Control of All Security Layers

Gra

nu

lar V

isib

ility

Identity

Awareness

Application

Control

DLP

Mobile

Access

SmartEvent

IPS


CHECK POINT SETS A

NEW STANDARD IN LATEST

NSS GROUP IPS TEST

Industry-Leading IPS

The Check Point

IPS Software Blade

outperformed nearly every

vendor in overall accuracy

and blocking:

97.3% security

effectiveness

Multi-gigabit rated

throughput of 2.4Gbps

100% anti-evasion

coverage


End-to-end protection of data in-use, in-motion

and at-rest to stop data theft and loss.

Full Disk

Encryption

Port

Protection Network DLP

UserCheck

Technology

Media

Encryption Abra

Prevent data loss, educate users and

enforce data policies across Web, mobile

and email

The case for: Total Data Security


Plug-and-play security for public / private clouds

and dynamic virtual environments.

Security

Gateway VE

Unified

Management VMSafe Integration

VSX Virtual

Security Gateway

Inter-VM

Traffic Protection

5G Next-Gen

Firewall

The case for: Cloud Computing

and Virtualization

Comprehensive cloud and virtualization

security and unified management for both physical and virtual


The case for: Web 2.0

and Application Control

Comprehensive security control and

visibility of over 50,000 Web 2.0 applications

and widgets

50,000

Widgets

Simple,

Granular

Policies

Identity Awareness

UserCheck™

Technology

Application

Control

5,000

Applications

Detect and control application usage, while

educating users on corporate policies.


Proven compliance ARTIFACTS for risk management and mitigation and IT

governance

HIPAA

Compliance

Threat

Prevention SOX Compliance

State and

Federal

Regulations

Define,

Measure

and Control

100%

PCI DSS

Compliance

Integrated threat prevention and compliance

management for greater control, automation

and measurement.

The case for: Streamlined

Governance, Risk and Compliance


PCI DSS

DLP

HIPAA SEC SOX GLBA Federal /

State

IDS / IPS

Application

Control

Antivirus /

Anti-Spam

VPN

Firewall

Check Point

5G Solutions

IT GRC Value to the Enterprise


PCI DSS

Antivirus /

Anti-Spyware

HIPAA SEC SOX Federal State

VPN

Firewall

Encryption

Check Point

Endpoint

Solutions

IT GRC Value to the Enterprise


Securely enable both corporate and employee

owned smartphones, laptops and tablets.

Clientless

Browser

Support

Check Point

Mobile Access

Software Blade

Check Point Abra

Check Point

Mobile for iPhone

and iPad

Remote

Access VPN

Software Blade

Check Point

Endpoint

Security

The most comprehensive choice

of enterprise-grade solutions to secure the Consumerization of IT

The case for: Mobile

Device Security


Monitoring

and

Reporting

Physical and

Virtual Unified Workflow

3D Unified Risk

Mitigation Appliance

Centralized

Policies

Unified

Event

Analysis

Manage everything simply and easily on a ‘single pane

of glass’

The world‟s first, best and only fully integrated

security management solution.

The case for: Operational Efficiency

and 360° Control


A fully integrated solution that drives

down IT security costs by 25%

Lower the cost of your IT security spend.

The case for: Lowered Cost

of Ownership

Reduced

Security

Skill Gaps

Continual

Compliance

vs. Cyclic Audits

Detailed

Operational

Metrics

Pre-Configured

Next-Gen Firewall

Complete

Security

Architecture

Custom

Integration


Cloud

Computing

and

Virtualization

Networks

and Critical

Infrastructure

Comprehensive

Endpoint and Data

Security

Employee-owned

Smartphones,

Laptops and Tablets

Unified

Management

and Event Analysis

Web 2.0

and Social

Networking

Every device, every location, every threat. One

security architecture.

The case for: End-to-End Security

One integrated, best-of-suite security

infrastructure and solution from the

LEADER in IT security


Eliminate complexity with unified IPS & 3D multi-function gateway

Dramatically lower IT security costs and TCO

Demonstrate and streamline governance and compliance

Secure vital data and assets with proactive threat prevention & DLP

Safely embrace and enable Web 2.0 technology

Protect your investment with unrivaled flexibility & extensibility

Now there’s a unified solution:


Thank You!

Principales tendencias a considerar para su estrategia de seguridad 3D

Technology

Transcript of Principales tendencias a considerar para su estrategia de seguridad 3D