Post on 18-Dec-2014
description
Your Text hereYour Text here
1
Shahar Geiger Maor shahar@stki.info
Visit My Blog: http://shaharmaor.blogspot.com/
Your Text hereYour Text here
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 2
Agenda
1 Downturn Economics
CommunicationCISOs Agenda2
Technologies (NAC, DCS, IAM SIEM)3
Your Text hereYour Text here
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 3
Israeli Information Technology Market Size
Market size 2008: 4.645 B$
Market size 2009: 4.063 B$
Your Text hereYour Text here
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 4
IT Market Share (%) by Industry
Your Text hereYour Text here
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 5
Israeli Information Security Market Size
2008 2009 2010
Governance & Risk Management (also BCP) 35.0 42% 50.0 50% 75.0
Security (projects) 95.0 -10.53% 85.0 11.76% 95.0Security (Software) 90.0 -5.56% 85.0 -5.88% 80.0
Total 220 0% 220 14% 250
GRC and Security market size (Ms of $)
Your Text hereYour Text here
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 6
Security Budgeting Difficulties –The Market is Under Stress
Source: http://metrosite.files.wordpress.com/2008/06/information_security_spending_survey_2009.pdf
Although most 2009 security budgets are set
(89% surveyed)
72% expect additional downward revisions during the remainder of the year
65% of security vendors are providing discounts for new
products purchases
53% of vendors are reducing maintenance fees
Your Text hereYour Text here
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 7
Vendor Discounting in Response to Buyer
Request
Source: http://metrosite.files.wordpress.com/2008/06/information_security_spending_survey_2009.pdf
Your Text hereYour Text here
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 8
Security Budgeting Difficulties –Downturn Mechanism
Vendor bottom line
turns red
Longer sale cycle
Longer POC
Your Text hereYour Text here
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 9
More Optimism about Security
Spending
0%
5%
10%
15%
20%
25%
30%
35%
40%
45%
> -10% -10% to -5% -5%% to 5% 5% to 10% 10+%
IT Spending
Sec Spending
Source: http://metrosite.files.wordpress.com/2008/06/information_security_spending_survey_2009.pdf
Your Text hereYour Text here
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 10
What’s on the CISO’s Agenda?
(STKI Madad 2008-2009)
Access18%
EPS/Anti x14%
WAF & Apps11%
Trends8%
Management8%
DB Protection7%
NAC6%
Miscellaneous6%
GRC5%
Market Players5%
Network5%
DLP4%
Hardening3%
Your Text hereYour Text here
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 11
DB/DC SEC18%
Access/Authentication15%
Miscellaneous15%DLP
10%
NAC10%
Market/Trends10%
Encryption9%
EPS5%
SIEM/SOC5%
Sec Tools5%
What’s on the CISO’s Agenda?
(STKI Madad March-June 2009)
Your Text hereYour Text here
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 12
What’s on the CISO’s Agenda?
Financial sector:
• Access and DLP: Mobile Security, OTP, Data Obfuscation
Governmental agencies and subsidiaries:
• NAC, IDM
High-Tech and Services:
• Virtualization, Cloud Computing, EPS and mobility
Cross-sector:
• SIEM-SOC, Application Security and methodologies
Your Text hereYour Text here
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 13
Security Staffing Ratios
Organization Type Ratios of Security Personnel (Israel)
Average Public Sector 0.15% of Total Users
“Sensitive” Public Sector 0.5% of Total Users
Your Text hereYour Text here
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 14
Technologies Categorization 2009
Investmentto make money
Cut costs, Increase productivity
Investmentfor regulations
Commodity ITServices
Using Implementing Looking
Business Value
Market Maturity
IAM/IDMBusiness
Project
IT Project
Size of figure =
complexity/
cost of project
SSO
Network Security
DLP
NAC DB Sec.
Manage Sec. Services
Cloud
SIEM/SOCEPSMobile
Sec.
Anti X
Vir. Sec.
GRC
Remote Access
App. Sec.
Your Text hereYour Text here
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 15
Network Access Control
Your Text hereYour Text here
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 16
NAC Insights
NAC has not been “fully digested” by Israeli customers in
2008. There should be more activity in 2009
NAC can be deployed less expensively when it is an
embedded feature of an existing vendor and customers
take notice of it
Some network and security vendors already have
solutions that can be part of the NAC process
Israeli customers first priority: network visibility and
guest network control
Network or Security? NAC is a Layer 2 vs. Layer 3
match
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 17
Data Centric Security
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 17
Your Text hereYour Text here
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 18
Data Centric Approach
“perimeter security” “Business of Security” – Security is built into the business process
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 19
Data Centric Security Arena
DLP ERM
EncryptionDatabase
Protection
EPS
Your Text hereYour Text here
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 20
DLP –Market Status
Solution Deployed20%
Plan to Deploy Soon20%
Not "There" Yet60%
DLP Deployments Status -Israel 1Q09
Your Text hereYour Text here
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 21
Identity & Access Management (IDM/IAM)
Your Text hereYour Text here
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 22
IDM/IAM Savings
Source: http://blogs.technet.com/mcs-ireland-infrastructure/default.aspx
Your Text hereYour Text here
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 23
Key Success Factors for Future IDM Project
Consider IDM also as a business project, rather
than a pure IT project
Make sure the project bridges the gap between
business and IT
Start small for easier success (Single Sign On, a
vertical project)
Choose a step-by-step approach, rather than a
mastodon implementation.
Focus on basic functionalities not on the
additional features
Your Text hereYour Text here
24
Security Information and Event
Management
Your Text hereYour Text here
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 25
Silos of Redundant Information
Management
Source: Network Intelligence
Your Text hereYour Text here
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 26
An Enterprise Platform for Compliance and
Security
SIEM
Source: Network Intelligence
Your Text hereYour Text here
Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 27
SIEM\SOC “Round Table” Insights
How to “sell” SIEM project to your organization
Knowing when NOT to start a project
Reporting Systems, Logging and parsing
“Tracing the events” (real-time?)
Who defines what is “risk”? How to translate it to HD?
Maintenance and operations: What does it take?
Outsourced SOC (must be taken under consideration)
Your Text hereYour Text here
28
Shahar Geiger MaorVP & Senior Analyst
shahar@stki.info