Is technology ubiquity a chance to re-connect security?Greg DayDirector of Security Strategy

The changing technology landscape

• Circa 50% Source: Citi Investment Research and Analysis (support iPads)

• 150m a year (2015) Source: Ovum

• Q3 - 14.1m

12.1mSource: http://gizmodo.com/5667042/apple-sells-more-ipads-than-macs-on-the-way-to-record-20-billion-revenue

• Circa 50% Source: IDC, Data is freely intermingled

Computing Cycles in Perspective (from Morgan Stanley)

Dev

ices

/Use

rs (

MM

in L

og S

cale

)

1,000,000

100,000

10,000

1,000

100

10

1

1960 1980 2000 2020

Mobile Internet

Desktop Internet

PC

Minicomputer

Mainframe

10B+ Units??

1B+ Units/ Users

100M Units

10M Units

1M Units

What risks do they really bring?

• Banking services already targeted– Authentication– Vulnerabilities in the apps

• Heavily used for social networking

• Apps stores add revenue – 10,000,000,000+ downloads to date!– Worth billions per year!

• Less than 1000 viruses today due to diversity

Enterprise and LOB Apps

Web andSocial Media

Basic Services

Customer FacingApps

Mobile Enterprise Apps are Rapidly EvolvingWhat are your long term goals?

Approaches to Security on Smart Devices

• Segregate data (inc wipe)

• Secure 3rd party apps

• Security controls Sandbox Full device

• Mitigate on device attacks

Integration of Smart devices to your existing security strategy - Enterprise Mobile Manager

Database

Files

Directory

Applications

Certificate Services

Messaging

Enterprise Environment

WindowsMobile

Symbian

Android

webOS

iPhone

iPad

McAfeeEMM

IT OpsSupport Provisioning

Compliance

PolicyManagement

Security &Authentication

MobileDevice

Management

Virtualization Enables technology ubiquity

• Expect 50% of the enterprise data centers workloads to be virtualized by the end of 2012 (Gartner)

– Go green, decrease datacenter footprint, improve utilization– Enables faster response reducing application deployment and migration times

• But Gartner report that– Through 2012, 60% of virtualized servers will be less secure than the physical

servers they replace, dropping to 30% by YE15– 40% of virtualization deployment projects were undertaken without involving the

information security team in the initial architecture and planning

HypervisorHypervisor

VMVM VMVM VMVM

Is your security utilizing the advantages of technology?MOVE (McAfee Optimized Virtual Environments )

• Move security processing out of each VM – Offloading • Optimized with the Hypervisor to address scalability• Enables planned capacity ~60% more VDI density • Integrated management, responsive user experience, supporting persistent

and non-persistent desktops

HypervisorHypervisor

VMVM VMVM VMVM MOVE Virtual

Appliance

MOVE Server

McAfee EPO

Cache Synchronization ProtocolCloud

Threat Intel (GTI)

Scan Engine

Changing the way we apply security in the future

Application Control• Dynamic whitelisting• Trusted applications• Trusted sources• Memory Protection• No Updates

Change Control• Change configuration audit• File Integrity Monitoring and Change

Prevention• Prevents “compliance drift”

• Keep the bad stuff out• Stop unauthorized apps

“Greater protection, faster time to compliance, lower cost”

• Deny unauthorized changes• Enforce change policy

Integrity Control = Application Control + Change Control

Security ManagementThe Problem

Security Dashboard Modestly Helpful

Decision-making still manual Based on human correlation of

available information

Net Result

Dramatic increase in Information Risk and Costs to secure

Security Purchases are Tactical

Patchwork of independent products Requiring separate management

Threats Overwhelm Existing Approach

Many product types and security layers

Can’t continue to add resources to manage new events, products

Leads to Proliferation of Security Management Consoles and Reporting Tools

Anti-virusManagement Tools 1

Network Access ControlManagement Tools

8

Anti-spywareManagement Tools 2

Host Intrusion PreventionManagement Tools

7

Desktop FirewallManagement Tools 3

Data Protection (DLP, Encryption, etc.)Management Tools

6

Policy AuditingManagement Tools 4

Web SecurityManagement Tools5

SecurityLandscape

A Re-connection strategy:Security Connected

Optimizing a Security Architecture Requires

/ Centralized security managementOpen platform for centralized management and maximum interoperability

/ Real-time Threat Intelligence Actionable protection with the delivery of correlated threat intelligence and immediate visibility into enterprise-wide security posture

/ Multi-layered protectionEffective and efficient defense in depth provided by multi-layered security approach

/ Automated complianceCompliance-ready solutions which streamline prioritization of threat responses, reporting, policy and risk management

McAfee Global Threat intelligence - Intelligent Connected Security via the Cloud

EmailFirewallIPS DLPWeb AWLePO AV

File Reputation

Web Reputation Web Categorization

Network Connection Reputation

Message Reputation

Vulnerability Information

Threat Intelligence FeedsOther feeds & analysis

Servers FirewallsEndpoints Appliances

Mobile

PROTECTIONREAL TIME THREAT FEEDS (GTI)

ACTIONABLE INFORMATION

SECURITY METRICS

ePO

DLP Web IPS SIA

Endpoint

WhiteListing

Encrypt.RiskMgmt Email Firewall

Security OptimizationSecurity Management Platform: ePO

Executive

SecurityAdmin

IT Architect

Security Management Platform

McAfee’s Open Platform for Security Risk ManagementIndustry Leadership to Drive Better Protection, Greater Compliance and Lower TCO

SIA Associate PartnerSIA Technology Partner (McAfee Compatible)

Cost Model of Enterprise Security

19

RISK

OPTIMIZATION

Optimized spend ~4% with very low risk

Compliant/Proactive spend ~8% of IT

budget on security

Medium risk

Reactive spend ~3% of IT

budget on securityHigh risk Why has it been so challenging to reduce risk?

DYNAMICPredictive and agile, the enterprise instantiates policy, illuminates events and helps the operators find, fix and target for response.

Tools BasedApplying tools and technologies to assist people in reacting faster

REACTIVE & ManualPeople only. No tools or processes. “Putting out fires”.

Greg DayDirector of Security Strategy, EMEAGreg_Day@McAfee.com

McAfeeGregDay