Post on 30-Dec-2015
CIO Perspectives on Security
Marcos Alves
Regional Sales Manager
Protegendo seu Ambiente em tempo de Ameaças modernas
Key Perspectives
2 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Think Strategically about Security
Safely Enable the Business – Safe Enablement
Apply Innovative Thinking to Security Challenges
3 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Table of Contents
CIO Perspectives on Security
Changing IT and CIO Role
Good/Bad News Story
Rethinking Security Strategically
CIO Considerations for the Future
1
2
3
4
Suddenly, Your Board is (More) Interested in Security
4 | ©2014, Palo Alto Networks. Confidential and Proprietary.
What Are You Telling Your Board?Key threatsKey risksKey assetsBreach “inevitable,” acceptable?Risk/security posture adequate?Required investments?
BusinessOpportunities
SecurityRisks
SaaS
Mobility + BYOD
Social + Consumerization
Cloud + Virtualization
Opportunity or Challenge?
IT Must be a Strategic Business Enabler
The Role of IT and the CIO is Changing
5 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Tectonic Shifts in BusinessGive Rise to a New Era ofAdvanced Cyber Threats
The CIO Must Make Security a Top Priority
6 | ©2014, Palo Alto Networks. Confidential and Proprietary.
IT service model changing Security is higher priority for CIO
Sophisticated attackers, evolving tactics Spotlight is on CIO in the face of breaches
Cannot delegate security any longer No one is immune to advanced threats A new approach is needed
Emerging CIO Priorities – Are You Prepared?
7 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Service/Performance
Traditional Emerging Priorities
Cloud/Disintermediation
Secure Cloud
Visibility –Network and Data
Zero Trust Model
Disruptive“Kill Chain” Solutions
Close Monitoringand Analytics
Perimeter Security
Application Proliferation
Uncontrolled Data Movement
Data Center andEndpoint Security
Ineffective Endpoint andSilo’d Network Protection
Challenges and Change Introduce Tremendous Risks
8 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Reliance on Multiple Layers of Service Providers
Application Economy
Consumerization of IT
Internet of Things
Social, Mobile, Analytics, Cloud
OrganizationalRisk
RiskExposure
Rate of Change/Complexity
DecreasingVisibility
and Control
Security Can Also be an Enabler
9 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Effective outreach to customers
Collaboration and information sharing
Creation of forums and communities of interest
Data analytics for insight and competitive advantage
Faster time-to-market of information and products
Safe EnablementPrinciples
Organization Needsand Requirements
Objectives Growth Efficiency Profitability
Flexibility Product Costs
Risks Brand/Image Financial Competitive
Operational Regulatory
External Drivers Market/Industry Technology Competitors
Adopt EmergingSecurity Faster
Robust EnterpriseSecurity Architecture
Enable with theRight Security
Outcomes
Design for Prevention,Prepare for Remediation
Prevent LateralAttacker Movement
Protect theData Center
Improve patient care and access to records/information
Improve doctor-patient communications
Improve clinical research/discovery thru better information integration
10 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Table of Contents
CIO Perspectives on Security
Changing IT and CIO Role
Good/Bad News Story
Rethinking Security Strategically
CIO Considerations for the Future
1
2
3
4
Good News
11 | ©2014, Palo Alto Networks. Confidential and Proprietary.
The Basics Are Still Critically Important
Governance SecurityFrameworks Policies Standards
Risk andCompliance
Management
Identityand Access
SSO StrongPassword
Multi-FactorAuthentication Certificates
DataProtection
Encryption KeyManagement
Data LeakProtection
Backupand Archive
Logging andMonitoring
Audit Logs Measurements Correlation Retention
Bad News – Line of Security Products
Anti-APT forPort 80 APTs
Anti-APT forPort 25 APTs
Endpoint AV
DNS Protection Cloud
Network AV
DNS Protection forOutbound DNS
Anti-APT Cloud
Internet
Enterprise Network
UTM/Blades
DNS AlertEndpoint AlertWeb AlertSMTP AlertSMTP AlertSMTP AlertSMTP AlertWeb AlertDNS AlertDNS AlertSMTP AlertAPTWeb Alert Web AlertAV AlertAV AlertWeb AlertDNS AlertSMTP AlertEndpoint Alert
Lacks Integration Alert Overload Manual Response
Vendor 1
Vendor 2InternetConnection
MalwareIntelligence
Vendor 3
Vendor 4
Limited Visibility
AV – Anti Virus APT – Advanced Persistent ThreatUTM – Unified Threat Manager
Failing Security Architectures Provide a False Sense of Security
12 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Understanding the Attack Kill Chain Methodology
Reconnaissance Weaponizationand Delivery
Exploitation Command-and-Control Actions onthe Objective
Unauthorized Access Unauthorized Use
Installation
13 | ©2014, Palo Alto Networks. Confidential and Proprietary.
14 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Table of Contents
CIO Perspectives on Security
Changing IT and CIO Role
Good/Bad News Story
Rethinking Security Strategically
CIO Considerations for the Future
1
2
3
4
New Strategic Approaches to Security Are Needed
15 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Security Organizations Are Not Innovating Fast Enough
Existing controls ineffective against new threats
Controls not evolving fast enough
Attackers Are Innovating Faster
Sophistication of global attackers Increasing value of information Easier targets
Vulnerability Gap Continues to Widen
Goal: reduce threat exposure by strengthening controls
Preventing Attacks at Every Stage of the Kill Chain
16 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Reconnaissance Weaponizationand Delivery
Exploitation Command-and-Control Actions onthe Objective
Unauthorized Access Unauthorized Use
Installation
Exfiltrate Data4Lateral Movement3Deliver the Malware2Breach the Perimeter1
Requirements for the Future
At theInternet Edge
Between Employees and Devices within
the LAN
At theData Center
Edge and between VMs
At theMobile Device
Cloud
Within Private,Public and
Hybrid Clouds
Detect AND Prevent Threats at EveryPoint Across the Organization
Prevent attacks, both known and unknown Protect all users and applications, in the cloud or virtualized Integrate network and endpoint security Analytics that correlate across the cloud
17 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Advanced Security Approaches
Identify all applications, users, content, devices
Isolate application/service to prevent lateral movement
Threat detection/prevention through policies and rules
“Never trust, always verify” architecture
Automated Threat analysis eliminates costly, manual
processes
Leverage power ofglobal community
Actionablesecurity intelligence
Cross-solution threat intelligence sharing
NetworkSegmentation
Correlation
Zero Trust
ReduceBreach
Landscape
ThreatIntelligence Exchange
Analytics
ThreatPrevent and
DetectionAutomation
Visibility
18 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Increase Visibility and Reduce Breach Landscape
Identify and define legitimate use with leadership
Align security policies with those legit government and business uses
Isolate critical internal applications
Determine policies that protect cloud and VM use cases
Tie applications to users/groups
Allow Relevant ApplicationsMonitor Dangerous ApplicationsBlock Unwanted Applications
1
Eliminate Known Threats2
Eliminate Unknown Threats3
Focus on Relevant4
19 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Strengthen Correlation with Next-Generation Security Platform
NATIVELYINTEGRATED EXTENSIBLE
AUTOMATED
THREATINTELLIGENCE
CLOUD
NEXT-GENERATIONFIREWALL
ADVANCED ENDPOINTPROTECTION
20 | ©2014, Palo Alto Networks. Confidential and Proprietary.
The Evolution of The Network
21 | ©2014 Palo Alto Networks. Confidential and Proprietary.
Attacker often moving among you
VNC
SMB
pop3
snmpdns
telnet
LDAP
ftp
SSL
344 KB
172.16.1.10
source IP
64.81.2.23destination IP
tcp/443destination port
file-sharingURL category
pdffile type
roadmap.pdffile name
bjacobsuser
prodmgmtgroup
canadadestination
country
SSLprotocol
HTTPprotocol
slideshareapplication
slideshare-uploadingapplication function
Complete Context Means Tighter Security Policies
22 | © 2015, Palo Alto Networks. Confidential and Proprietary.
bjacobsuser
slideshare-uploadingapplication function
slideshareapplication
Intelligent architecture
WildFireTM
URL intelligence
Dynamic DNS
50+ 3rd party feeds
WildFire detects unknown threats on NGFW & Traps
WildFire intelligence correlated
24,000 devicesworldwide
2.5M samplesper day
15k unique malwareper day
360Msession
240Msamples
30Bartifacts
Palo Alto Networks
threat intelligence cloud
Intelligence with context
24 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Table of Contents
CIO Perspectives on Security
Changing IT and CIO Role
Good/Bad News Story
Rethinking Security Strategically
CIO Considerations for the Future
1
2
3
4
The Future of Cyber Security
Visibility and inspection across entire network and into “the cloud”
Network-segmentation and micro-segmentation
Advanced security that prevents indicators of threats and kill chain in their tracks
Mobile and BYOD security
Internet of things and embedded device endpoint security
Advanced analytics and Big Data for security analytics
Interpol-like exchanges for sharing advanced threats and campaign intelligence
25 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Key Perspectives
26 | ©2014, Palo Alto Networks. Confidential and Proprietary.
Think Strategically about Security
Safely Enable the Business – Safe Enablement
Apply Innovative Thinking to Security Challenges