Sigal summit 2014 final

Sigal Russin’s work/ Copyright@2014
Do not remove source or attribution from any slide, graph or portion of graph
1
Sigal Russin
STKI “IT Knowledge Integrators”
sigalr@stki.info
New Obstacle
run for
“delivery”
managers
Security & Networking

IT is divided into two distinct “worlds”
2

System of records
3
Reduce
Operating
Expenses
Long development and
deployment cycles

System of engagement
4
Invest
in new
systems
Touch people
In-moment decisions
Personalized & in-context
Social and analytics driven
short & rapid releases

5
CIO has 2 faces

Goals of the “engagement systems”
Deliver “best of class” customer experience
Focus on personalization “push” mode
Design for people to people interaction models
Drive relevancy with context not content
Deliver value for customers (time is the constraint for customers)
Move mobile strategies from campaign to e-commerce
Address big and small data (from BI through streaming analytics)
6

IT Delivery as a Factory!
7
XaaS
IT Delivery Services (SW + HW)

IT Delivery as a Factory!
8
Elastic
On-Demand
Usage Metered
Self-Service Access
Line of Businesses
IT Delivery Services (SW + HW)

IT Delivery Challenges
9
“Records” and “Engagement” share the
same IT Delivery problem domains
But might address these challenges
differently

IT Talent
10

11
Obstacles in the “System of records” delivery domain
Printing
infrastructure
Versatile
Communications
(Collaboration)
Obstacle
#8
API Security
Cyber Security
Identity and
access
management

Good communication is fundamental
Todays Communication network:
Data and voice in separate network
A lot of vendors
Separate maintenance for each network
More employees for each network
High costs
The solution: Unified Communication.
Combining telephony and business data on the same network. It gives the ability to combine and
use voice, data , video information in common business applications, saving and forwarding
whole instant message streams, faxes, e-mails, voice phone calls or videoconferencing sessions
as blocks of data.
12

CIOs Extend Unified Communications to Mobile Devices
Source: survey by IDG Enterprise, CIO's parent company
Why invest in UC?
61% - to boost employee productivity
42% - to increase flexibility for employees
The biggest obstacles to UC investments:
54% - the high cost
47% - systems integration headaches
33%- lack of in-house expertise
31% - security and privacy
UC deployments often cost at least $250,000, and can top $1 million
at large companies
13

14
Unified Communications Areas
Source: Gartner

15
How Many Horses In This Race?
Traditional PBX
vendors
• Cisco
• Avaya
• Siemens
• Alcatel-Lucent
OpenTouch
• Etc.
Desktop vendors
• IBM SameTime
• Microsoft LYNC
Social networking
with
Consumerization
• Google
• Skype Microsoft
• LinkedIn
• Facebook

Insights from Customer Roundtables
Maintaining the current UC infrastructure is complicated because many vendors
are involved
Different organizational cultures can lead to failure or success in UC projects
LYNC market share is very strong in Israel because most of the organizations
Microsoft based. But what about IPTEL with LYNC?
Cross organization projects that can optimize work and change organizational
culture
16

Web Browser with Real Time Communication
 No need to install
client/plug In.
 Supported in the
browser/Mobile.
 Better user
experience –Click
to call.
 Contact Center-
Meta Data of the
customers.
17

WebRTC - Web Real Time Collaboration
Google –disruptive competitor. The Google Apps Suite, which offers
functionality analogous (if not directly comparable) to Office, Exchange,
Sharepoint, Yammer and Lync.
Cisco Communications Manager (CUCM)- seeing an online contact in
your browser and being able to call their mobile directly from there, but
having your CUCM make and control the call. Also, if you take or make a
call through the CUCM, your online status or presence changes to reflect
this.
Source: http://www.irishtimes.com/blogs/eircom-business-centre/2013/03/25/top-three-trends-from
-unified-communications-expo-2013/
18

Future
Unified
Communication
19
Source:http://blog.dimensiondata.com/2013/04/the-future-of-unified-communications-and-
collaboration/

20

Unified Communication as a Service
21
Source:http://www.orange-business.com/en/blogs/enterprising-
business/unified-communications/hybrid-cloud-drives-ucaas-adoption

API obstacles
•Market transition to the POST-PC enterprise
It is an app world. The web just lives in it (Flurry Report)
•How customers experience your product or service?
•How your customers and partners access or integrate your data and resources into their
public or private sites and applications?
The solution : secure API.
22

API management & Security
23

APIs are the lifeblood of mobility
API definition - an Application programming interface
is a way for 2 computer applications to talk to each
other over a network (internet) using common
language that both understand
24

Organizations must to open up
25
Source:http://www.slideshare.net/rnewton/api-security-and-management-best-practices

26

27

API Management & Security with CA Layer 7
 Secure externalized data and
business services
 Protect against DOS and API attacks
 Wrap app with security policy &
jailbreak detection
 Cache, throttle and meter
 Learn about APIs available for use
 Grant certificates for access
 Test environment
 API usage metrics & reporting
 Accelerate API projects through
cloud delivery
 Deliver API gateway and developer
portal capabilities from the cloud
 Reach cloud, mobile and smart
technology markets faster
 Leverage existing application
infrastructures
 Convert legacy apps to REST API
 Create API composite applications
Protocol Adaptation Security & Govern
Developer Portal SaaS (Apify)
28

API Management & Security with IBM DataPower
29

Multiple
access
control
methods are
necessary.
use HTTPS
and more
strong
authenticatio
n mechanisms
OAuth, mutual (two-
way) TLS (transport
layer security)
authentication
SAML (security
assertion
markup
language)
tokens
DoS Attacks Against APIs
30
November 2010
Source: https://blog.apigee.com/detail/a_growing_threat_dos_attacks_against_apis
If you increase use of APIs, make sure you are paying
attention to DoS attacks.

End-to-End Security for the Digital Value Chain
31
Roll-Based
Access
control
DoS
Attacks
AAA via
OAuth,
SAML, and
LDAP
Policy
management
for
authorization

API-centric architecture meet security requirements
32
Developer
• Ability to create
and deploy apps
and configure
security (not code)
via the API and
self-service
management
portal
API architect
• Ability to securely
expose the back-
end services with
necessary
authentication,
authorization, and
threat protection
Security architect
• Protect high value
assets (sensitive
data) that are being
exposed via APIs,
while meeting
enterprise security
standards for
authentication,
authorization, and
auditing (AAA)
Application/business
owner
• Ability to manage
availability, risk,
and compliance
when delivering an
API service to end
users accessing
from any device at
anytime
Source: http://pages.apigee.com/rs/apigee/images/apigee-securing-the-digital-enterprise-ebook-02-2014.pdf

Business changes driven by APIs
Source:http://www.slideshare.net/balaiyer/why-do-we-need-ap-is
33

STKI Summit 2014 Frame tale: IDM project manager
34

Are you really you ?
35
 How can you know that “Avi” –CFO in your
business is not someone else? Another
employee?
 How do you recognize your employee and your
customers?
 How do you know that “Avi” had the correct
permissions to access enterprise resources?
 If “Avi” moves to another role, what are his new
permissions/access ?

Credential Theft
36

Identity Theft
2 Million Stolen Passwords Recovered
326,129 Facebook passwords (59%)
70,532 passwords for Google (13%)
59,549 for Yahoo (11%)
21,708 for Twitter (4%)
8,490 LinkedIn (2%)
37
You have to protect your sensitive business data from outsiders (especially
your employees) - take control over the identities & their accesses!

Control your sensitive business data
38

Why should we manage our identity?
Employees having
difficulty remembering
all of their accounts
and credentials.
Cloud integration
within a local network,
collaboration with
multiple cloud
suppliers.
Strict legislation and
regulations
Make information
widely available to
members of a business
Source: http://secureidnews.com/news-item/identity-and-access-management-what-is-in-store-for-2014/#sthash.GVUOvxeu.dpuf
39

Technologies to control your ID
Source: http://secureidnews.com/news-item/identity-and-access-management-what-is-in-store-for-2014/#sthash.GVUOvxeu.dpuf
40

Securing the Digital Enterprise
41
Source:http://pages.apigee.com/rs/apigee/images/apigee-securing-the-digital-enterprise-
ebook-02-2014.pdf

Inside your business
42
Source:http://cloudtweaks.com/2013/05/identity-access-management-perspective-saas-application/

IDM is not an easy project
43

44

45

Why we need IAM?
46
Finance department
Moving
Marketing department
Billing
System
ERP
finance
Employee
attendance
system
Enterprise
Portal
ERP
marketing
CRM Graphic
Design
System
Social
networks
We need
HR help!
Translate the business world into project specification process
It is not about technology! Support from organization's high management is also need.
Matching expectations of project initiators, users and desicsion makers
Hierarchical
organizational
structure

Active Directory Protection | Identity Theft Detection
47

Cross organization project, need management support and
awareness.
Most customers are in the middle or beginning of
implementing an IDM project
Regular maintenance and human resources .
Most of these projects are failed or stopped
(budget, support, maintenance etc.)
48

STKI Summit 2014 Frame tale: The Network manager
49

Networking
50
Multiple virtualized machines exchange
multiple traffic flows.
Switching routes and juggling bandwidth
can be a headache.
Network hardware costs, network
management costs – human resource
Secure all networking components
Can not control business applications- they
run separately.

General Shift in Networking
51

Current Network
Control Plane
Data Plane
52

53
SDN- Software Defined Network
Control Plane
Data PlaneData Plane
Data Plane

Packet-Forwarding
Hardware
Openflow Firmware
Packet-Forwarding
Hardware
Openflow Firmware
Packet-Forwarding
Hardware
Openflow Firmware
Packet-Forwarding
Hardware
Openflow Firmware
Network Operating System –SDN Controller
Open Interface
to Hardware
Open API
The “Software-Defined Network”
Microsoft ERP SAP CRM
“If header = x, send to port 4”
54

SDN could improve your IT and business environment
55
1 2 3
Accelerating the Traffic
visibility into network loads ,and
jams, to make intelligent
rerouting and dynamic changes
to bandwidth much easier.
TCO + ROI
reduced expenditure on
network hardware, plus
reduced network
management costs
Controlling the
organization
Traffic

SDN could improve your IT and business environment
56
4 5 6
App-Friendly Ecosystem
SaaS apps can be readily
accessible, promotes rapid
deployment of new apps, and
efficiently manages bandwidth
requirements.
Securing the Network
virtual machines and
applications, regardless of
location, while providing a
central security brain
to diagnose and treat
threats.
Embracing Analytics
Deep intelligence from an increasingly
distributed computing environment,
automate network management.
Increasing processing speeds and
providing the flexibility and scalability to
handle big and unstructured data.

Future SDN
57

Business Applications with SDN
58Source: http://demo.ipspace.net/get/OpenFlow%20Functions.pdf; https://indico.cern.ch/event/294923/contribution/0/material/slides/0.pdf
SDN can improve your business applications performance
I want my SAP
traffic to have
priority. But no
more than 20%.
Rules- Every 24
hours: transfer 10
TB of data to the
backup service
,avoid impact on
any other
services.
A new prototype
application
:create a new
isolated network ,
must not interfere
with normal
network activity.
Every IP flow has
a matching
security policy as
a flow entry.

Networking technology findings for 2014
59

FCOE not mature enough and can lead to
problems between the various teams :
networking ,storage ,DB.
Most organizations don’t believe in SDN,
because knowledgeable and expert
teams are not available yet
In wireless network don’t forget the
security and management (maybe
service provider).
Most customers do not plan to
migrate to IPV6 . They think the ISP
should lead it.
60

• SPAN Ports
• Taps
• Inline Bypass
• SPAN Ports
• Taps
• Inline Bypass
Tools Need End-to-End Network Access
Production Network
WAN Carrier Networks
Wired and Mobile
Data Center
Private Cloud
Virtualization
Core
Remote Office
Branch Office
Campus Network
Management
Application
Performance
Security
Intelligence
Customer
Experience
• SPAN Ports
• Taps
• Inline Bypass
• SPAN Ports
• Taps
• Inline Bypass
This isn’t
happening!
Why?
Network
Operations
Performance
Management
Security
Admin
Server Admin
Audit &
Privacy
Forensics
Tools Organization
61

New Needs to Solve the Tools Problem
Production Network
WAN Carrier Networks
Wired and Mobile
Data Center
Private Cloud
Virtualization
Core
Remote Office
Branch Office
Campus
Tools
End-to-End Visibility
Tool access to any point in the network
Scalability
Scales to fit the needs of any network
Manageability
Flexible macro-level management
Control
View exactly the information you need
Reduce Costs
Reduce tool costs & administrative burdens
Visibility Needs
Network
Operations
Performance
Management
Security
Admin
Server Admin
Audit &
Privacy
Forensics
Organization
Network
Management
Application
Performance
Security
Intelligence
Customer
Experience
62

STKI Summit 2014 Frame tale: The securitycyber manager
63

Security Cyber
•How much time (in seconds… ) can organization operate
properly without good defense?
 Do you have information that needs to be kept
confidential (secret)?
 Do you have information that needs to be
accurate/ Integrity?
 Do you have information that must be
available when you need it?
Solution: Cyber Security Plan.

Security Dominates the IT Conversation
65
Source:http://www.fedtechmagazine.com/article/2013/10/how-will-federal-agencies-
invest-2014-survey

STKI Survey CIO 2014 – Again Security Domains
66
8076
7168
62
5353535350
44
3229
21
12111
‫הפרויקטים‬ ‫תחומי‬,‫ב‬ ‫בארגונך‬ ‫החלו‬ ‫אשר‬-2013/‫ל‬ ‫מתוכננים‬-2014
*‫מרובה‬ ‫בחירה‬

67
Beware of Unknown Security Threats
Source: http://www.ebusinessplanet.com/category/online-business/

68

Cyber Intelligence
69

2014
70Source: CYREN

Internet of everything71

Challenges in Cyber Security
Expanding threat landscape
The increased complexity, number and sophistication of incoming threats have led to a fragmented infrastructure
approach for security provision, which is inefficient, risky and a nightmare to manage.
End-point consumerisation: IOT and M2M explosion
An increase in the number and variety of devices connected to the Internet increases the opportunity of
security breaches by orders of importance. Most security infrastructures are completely unprepared for the
escalation in event numbers and types.
Skills lack
The lack of availability of cyber security skills is very influence. Despite the professional associations that provide
security accreditation, there is still a major lack of resource with the right skills and experience to cope with
cyber security market demand. Salaries of experienced security analysts are increasing substantially, and staff
retention is proving elusive.
72
Source: http://www.icontact-archive.com/oVcotBdZudhBcQahFd9aCVMmrT_AgJpG?w=4

Cyber events 2013
‫ריגול‬–Espionage
Steal information government
agencies, embassies,
Oil and gas companies, research
institutes, provide military and social
activists.
Hit and Run Attacks
Small groups perform minor assaults and
targeted information and locate surgical
precision.
The attack usually lasts a few days/weeks,
and they have achieved what they were
looking for, Cleaning And leaving
Distributed Denial of
Service- DDoS
Activism and theft in the
virtual world
Ransomware"‫כופר‬ ‫תוכנות‬"
Malware and viruses used in the
internet crime factors blackmail
companies and private users in
the form of ransom.
Watering Hole
Attacks in which attackers infect
a website, their intended victims
Are expected to visit it, while
exposing victims of malware as
soon as they enter the site
Rise in malicious software
quality in mobile
The victim did not know he
would attack and could not
remove the offensive machine.
73

Cyber events 2013
74
The human factor is (still)
the weakest link in the
security chain
Social Engineering
Big brother is watching -
Lavabit , Silent Circle, NSA
Surveillance and invasion
of privacy information
Vulnerabilities & Zero Days
Don’t forget Patch
Management, win XP will
Not support by Microsoft
Bitcoins
Already crossed the border
1000$. So loved among the
attackers

How to deal with Cyber?
75
IT is not only changing information security tools but also an internal
vision of security inside your business.

Insights Customer Roundtable
Every organization approaches Cyber differently. Some
customers use existing information security tools.
There are customers who are trying to test new tools
related to cyber such as forensic and APT tools.
Most organizations are working to increase awareness
among employees in different ways and the importance of
the organization's information security policy.
Mobile also brings the expansion of EP in endpoint
security.
76

ISO 27032
77
Information technology — Security techniques — Guidelines for cybersecurity
Published in 2012.
Defined as the “preservation of confidentiality, integrity and availability of information in the
Cyberspace”.
Main sections:
• Overview
• Assets in the Cyberspace
• Threats against the security of the Cyberspace
• Roles of stakeholders in Cybersecurity
• Guidelines for stakeholders
• Cybersecurity controls
• Framework of information sharing and coordination
• Annex A. Cybersecurity readiness
• Annex B. Additional resources
• Annex C. Examples of related documents
77

Security on virtual machines
There is no single unified threat management tool for the virtual world
1) Intrusion detection and firewall features
2) Compliance and auditing
3) Reporting- where and how an organization is vulnerable. Check how easy is to
generate actionable reports and whether the product can automatically flag particular violations.
1) Access controls- tie access control roles to particular Active Directory users.
2) Anti-virus/anti-malware protection
You should do some basic testing of any of these products and understand how they fit into your existing
security frameworks and operations.
78
Don’t forget to cover security layer on virtual machines

79
Source: http://www.arbornetworks.com/corporate/blog/5151-ddos-attacks-the-necessity-of-multi-layered-defense

80
Security To SaaS
Business applications

Cloud-based security as a service
81
The goal is to provide real-time analysis and
a clear audit trail and reporting related to
SaaS-based application usage by the
enterprise. The monitoring can allows
options for automating or manually
terminating sessions or blocking content
download.

Cyber forecast 2014
82
“Cloud computing” providers Gaps / weaknesses / vulnerabilities.
Focus on current and ongoing process of assessment and risk management in
the cyber world.
New threats will force organizations to change concept and move static
protection proactive.
Sophistication attacks that are based on the malware mobile (IOS & Android).
Security events in health care: attacks on electronic medical equipment, leakage of
confidential information Hospitals, international facilities in the area (HIPAA).

STKI Summit 2014 Frame tale: New Business enabling technologies 3D printing
83

3D printing
Printing Today – 2D Printing:
•Production time is too long
•High costs
•Lack of availability
•Need technical personnel to quote, specify
and configure product for design & engineering integrity
•Slower product design
•Late design changes take time to integrate
The solution: 3D Printing
84

85

3D printing is already transforming the way the company does business
86

3D printing is already transforming the way the company does business
87

88
Source:http://www.nationaldefensemagazine.org/archive/2014/March/pages/3DPrinti
ngPromisestoRevolutionizeDefense,AerospaceIndustries.aspx

3D Printing- Future Printing
Innovation
Improve
Communication
Different
Materials
Personalize
products
Reduce
Development
Costs
Speed Time
to Market
Win
Business
Source:http://www.computerweekly.com/feature/How-3D-printing-impacts-manufacturing
89

Coca-Cola Israel’s Mini-Bottles
90

91

92

POTENTIAL ECONOMIC IMPACT BY 2025
SOURCE: McKinsey Global Institute analysis
93

Thank You!
94
Sigalr@stki.info

Sigal summit 2014 final

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

Semelhante a Sigal summit 2014 final

Semelhante a Sigal summit 2014 final (20)

Mais de Ariel Evans

Mais de Ariel Evans (8)

Último

Último (20)

Sigal summit 2014 final