Post on 24-May-2015
description
Sponsored by2014 Security Trends: SIEM, Endpoint
Security, Data Loss, Mobile Devices and the
Cloud
© 2013 Monterey Technology Group Inc.
Thanks to
© 2013 Monterey Technology Group Inc.
www.Lumension.com
Preview of Key Points
Who are we?
SIEM/Monitoring
Top priorities 2014
Top risks 2014
Webinar topics for 2014
Application control
Virtualization
Cloud
Mobile
Future
What’s your size?
1 to 95.2%
10 to 496.4%
50 to 995.5%
100 to 49916.1%
500 to 9998.9%
1,000 to 1,99911.7%
2,000 to 4,99913.0%
5,000+33.2%
Industry
Natural Resources
Chemicals
Automotive
Engineering and Construction
Oil & Gas
Consumer Goods
Travel & Transportation
Media and Entertainment
Utilities
Retail
Industrial Manufacturing
Communications
Aerospace & Defense
Public Sector (Federal Government)
Education and Research
Public Sector (State & Local Government)
Healthcare
Professional Services
High Technology
Financial Services
0.0% 5.0% 10.0% 15.0% 20.0% 25.0%
Who are you?
67%
26%
7%
Technical
Manager / Director
VP and above
Where are you?
73.8%
2.4%
4.1%
15.2%
4.4%
North America (US and Canada)Americas (outside NA)United KingdomEMEA (Europe, Middle East, Africa)APAC (Asia Pacific)
Biggest challenge with SIEM?
16%
37%17%
5%
18%
3%4%
Resources
Analysis
Volume
Cooperation
Technology Management
Realtime
SIEM Product
Webinar topics for 2014
Logging Event forwarding Event correlation Applications
SQL Exchange SharePoint More
Linux/Unix Cloud audit logging VMWare
APTs Prevention Detection
Endpoint BitLocker vs other solutions Monitoring endpoints
Mobile security
Virtualization security
Data protection
Top Priorities for 2014
15%
13%
11%
10%6%5%
4%
4%
4%
4%
4%3%
3%3%
3%3%1%1%1%0%0%
Compliance
Monitoring
Client Security
Business
Misc IT
Misc Security
Network Security
Patch mgt
Data Loss Prevention
Vulnerability Management
IAM and Authentication
Awareness
Virtualization
Quantified Risks
Training
Cloud
Encryptoin
Prevent Breaches
Web
Information Classification
Inventory/asset mgt
Greatest Risksfor 2014
Winner: Malware Sophistication Desktop/Laptop Mobile device
Runners up Application vulnerabilities Data security in the cloud OS vulnerabilities Spear Phishing attacks
Other End-user security awareness Data loss/leakage
Insider APT IAM
Rights Privileged accounts
Malware sophistication
Malware via endpoint (e.g., desktop, laptop)
Application vulnerabilities
Data security in the cloud
OS vulnerabilities
Spear Phishing attacks
Malware via mobile devices (e.g., smartphones, tablets)
Man-in-the-Middle or other browser attacks
DDoS attacks
Other
46.9%
46.5%
42.7%
37.1%
36.9%
35.4%
33.5%
19.8%
15.0%
6.1%
Virtualization
What do you currently/plan to virtualize?
Servers Endpoints Applications Mobile Other
Currently De-ployed
0.903318903318903
0.370851370851371
0.468975468975469
0.154401154401154
0.0461760461760462
Plan to Deploy
0.0505050505050505
0.230880230880231
0.212121212121212
0.138528138528139
0.0533910533910534
No Plans 0.0461760461760462
0.398268398268398
0.318903318903319
0.707070707070707
0.9004329004329
5%
15%
25%
35%
45%
55%
65%
75%
85%
95%
Application Control
Perceived effectiveness of security technologies
Full-disk and file encryption(mobile data protection)
Vulnerability assessment
Anti-malware
Port and device control
Host-based intrusion prevention
Anti-spyware
Endpoint data loss prevention (DLP)
Application control (whitelisting)
Personal firewalls
Mobile device management (MDM)
Other
50 55 60 65 70 75
Application Control
Perceived effectiveness of whitelisting between current/planned/non-users
Mobile Devices
9%
27%
58%
6%
Employee-Owned Only
Corporate-Owned Only
Mix
None
Mobile Devices
Biggest concern regarding mobile devices
Cloud usage
Is your organization moving towards adopting cloud-delivered applications?
Cloud usage
For those moving to the cloud, is security keeping up?
Cloud Usage
We asked about personal and business cloud usage in the organization …
Yes (37.3%) No (62.7%)Do you allow personal cloud applications on your endpoints?
Do you have policies restricting data being moved to and from the personal cloud?
Yes (51.8%)
No (48.2%)
Do you have enforcement mechanisms managing data being moved to and from the personal cloud?
No (81.1%)
Yes (39.2%) No (60.8%)
Does your organization have a business cloud for data storage and exchange of files?
Metrics (alt. view)
What metrics does your management measure you on?
other
Changing Security Paradigms
We asked several questions about where endpoint security was headed …
Bottom line
Security analytics is here to stay at UWS
Mobile, APT, Malware and Data Loss are foremost on the risk radar
Endpoint security is a common denominator for all of them
Endpoint security more important than ever Mobile device trend reinforces this Cloud trend is limited and does not change this Virtualization of endpoints and application delivery is a
complementary issue
What’s happening at endpoint security leader Lumension?
Additional Information
www.lumension.com/endpoint-management-security-suite/buy-now.aspx