SlideShare uma empresa Scribd logo

Security Summit July 2009

Shahar Geiger Maor
Shahar Geiger Maor

PC Magazine security summit, July 2009

TecnologiaNegócios
1 de 28
Baixar para ler offline
Your Text here Your Text here Shahar Geiger Maor shahar@stki.info Visit My Blog: http://shaharmaor.blogspot.com/ 1
Agenda 1 Downturn Economics 2 Communication CISOs Agenda Your Text here Your Text here 3 Technologies (NAC, DCS, IAM SIEM) Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 2
Israeli Information Technology Market Size Your Text here Market here 2008: Your Text size 4.645 B$ Market size 2009: 4.063 B$ Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 3
IT Market Share (%) by Industry Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 4
Israeli Information Security Market Size GRC and Security market size (Ms of $) Your Text here 2008 2009 Your Text here 2010 Governance & Risk Management (also BCP) 35.0 42% 50.0 50% 75.0 Security (projects) 95.0 -10.53% 85.0 11.76% 95.0 Security (Software) 90.0 -5.56% 85.0 -5.88% 80.0 Total 220 0% 220 14% 250 Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 5
Security Budgeting Difficulties – The Market is Under Stress Although most 2009 72% expect additional security budgets are set downward revisions during (89% surveyed) the remainder of the year Your Text here Your Text here 65% of security vendors are 53% of vendors are providing discounts for new reducing maintenance fees products purchases Source: http://metrosite.files.wordpress.com/2008/06/information_security_spending_survey_2009.pdf Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 6
Vendor Discounting in Response to Buyer Request Your Text here Your Text here Source: http://metrosite.files.wordpress.com/2008/06/information_security_spending_survey_2009.pdf Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 7
Security Budgeting Difficulties – Downturn Mechanism Longer POC Your Text here Longer Your Text here sale cycle Vendor bottom line turns red Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 8
More Optimism about Security Spending 45% 40% 35% 30% 25% Your Text here Your Text here IT Spending 20% Sec Spending 15% 10% 5% 0% > -10% -10% to -5% -5%% to 5% 5% to 10% 10+% Source: http://metrosite.files.wordpress.com/2008/06/information_security_spending_survey_2009.pdf Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 9
What’s on the CISO’s Agenda? (STKI Madad 2008-2009) Network DLP Hardening Market Players 5% 4% 3% 5% Access GRC 18% 5% Miscellaneous EPS/Anti x 6% Your Text here Your Text here 14% NAC DB Protection WAF & Apps 6% 7% 11% Management Trends 8% 8% Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 10
What’s on the CISO’s Agenda? (STKI Madad March-June 2009) Sec Tools SIEM/SOC EPS 5% 5% 5% DB/DC SEC Encryption 18% 9% Access/Authenti Market/Trends cation Your Text here Your Text here 10% 15% NAC Miscellaneous 10% DLP 15% 10% Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 11
What’s on the CISO’s Agenda? Financial sector: • Access and DLP: Mobile Security, OTP, Data Obfuscation Governmental agencies and subsidiaries: • NAC, IDM High-Tech and Services: Your Text here Your Text here • Virtualization, Cloud Computing, EPS and mobility Cross-sector: • SIEM-SOC, Application Security and methodologies Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 12
Security Staffing Ratios Organization Type Ratios of Security Personnel (Israel) Average Public Sector 0.15% of Total Users Your Text here Your Text here “Sensitive” Public Sector 0.5% of Total Users Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 13
Technologies Categorization 2009 Business Value Investment to make money Remote Access Cut costs, Increase Manage Sec. productivity IAM/IDM Services IT Project Business SSO Cloud Project App. Your Text here Anti Your Text here Sec. DLP Size of figure = Commodity IT X Mobile complexity/ EPS SIEM/SOC Sec. Services cost of project DB Vir. Network NAC Sec. Sec. Security Investment for regulations GRC Using Implementing Looking Market Maturity Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 14
Network Access Control Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 15
NAC Insights NAC has not been “fully digested” by Israeli customers in 2008. There should be more activity in 2009 NAC can be deployed less expensively when it is an embedded feature of an existing vendor and customers take notice of it Some network and security vendors alreadyText here Your Text here Your have solutions that can be part of the NAC process  Israeli customers first priority: network visibility and guest network control Network or Security? NAC is a Layer 2 vs. Layer 3 match Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 16
Data Centric Security Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 17
Data Centric Approach Your Text here Your Text here “Business of Security” – Security “perimeter security” is built into the business process Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 18
Data Centric Security Arena DLP ERM Database Encryption Protection EPS Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 19
DLP –Market Status DLP Deployments Status -Israel 1Q09 Solution Deployed 20% Your Text here PlanYour Text here to Deploy Not "There" Yet Soon 60% 20% Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 20
Identity & Access Management (IDM/IAM) Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 21
IDM/IAM Savings Your Text here Your Text here Source: http://blogs.technet.com/mcs-ireland-infrastructure/default.aspx Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 22
Key Success Factors for Future IDM Project Consider IDM also as a business project, rather than a pure IT project Make sure the project bridges the gap between business and IT  StartYour Text here easier success (Single Signhere a small for Your Text On, vertical project)  Choose a step-by-step approach, rather than a mastodon implementation. Focus on basic functionalities not on the additional features Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 23
Security Information and Event Management Your Text here Your Text here 24
Silos of Redundant Information Management Your Text here Your Text here Source: Network Intelligence Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 25
An Enterprise Platform for Compliance and Security Your Text here Your Text here SIEM Source: Network Intelligence Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 26
SIEMSOC “Round Table” Insights How to “sell” SIEM project to your organization Knowing when NOT to start a project Reporting Systems, Logging and parsing “Tracing the events” (real-time?) Who defines what is “risk”? How to translate it to HD? Your Text here Your Text here Maintenance and operations: What does it take? Outsourced SOC (must be taken under consideration) Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 27
Your Text here Your Text here Shahar Geiger Maor VP & Senior Analyst shahar@stki.info 28

Recomendados

Piaggio Group - Strategic Plan 2010-2013
Piaggio Group - Strategic Plan 2010-2013Piaggio Group - Strategic Plan 2010-2013
Piaggio Group - Strategic Plan 2010-2013
PIAGGIO GROUP INVESTOR RELATIONS
 
Primeros Auxilios 3
Primeros Auxilios 3Primeros Auxilios 3
Primeros Auxilios 3
Sistematizacion De la Enseñanza
 
Summit 2011 trends in information security
Summit 2011 trends in information securitySummit 2011 trends in information security
Summit 2011 trends in information security
Shahar Geiger Maor
 
Stki Summit 2010 Infra Services V8
Stki Summit 2010 Infra Services V8Stki Summit 2010 Infra Services V8
Stki Summit 2010 Infra Services V8
Shahar Geiger Maor
 
Information security stki summit 2012-shahar geiger maor
Information security stki summit 2012-shahar geiger maorInformation security stki summit 2012-shahar geiger maor
Information security stki summit 2012-shahar geiger maor
Shahar Geiger Maor
 
כנס אבטחת מידע מוטו תקשורת V2
כנס אבטחת מידע מוטו תקשורת V2כנס אבטחת מידע מוטו תקשורת V2
כנס אבטחת מידע מוטו תקשורת V2
Shahar Geiger Maor
 
STKI Summit 2009 -Infrastructure Services Trends
STKI Summit 2009 -Infrastructure Services TrendsSTKI Summit 2009 -Infrastructure Services Trends
STKI Summit 2009 -Infrastructure Services Trends
Shahar Geiger Maor
 
E Mail Security Solution Industry Report PowerPoint Presentation Slides
E Mail Security Solution Industry Report PowerPoint Presentation SlidesE Mail Security Solution Industry Report PowerPoint Presentation Slides
E Mail Security Solution Industry Report PowerPoint Presentation Slides
SlideTeam
 

Recomendados

Piaggio Group - Strategic Plan 2010-2013
Piaggio Group - Strategic Plan 2010-2013Piaggio Group - Strategic Plan 2010-2013
Piaggio Group - Strategic Plan 2010-2013
PIAGGIO GROUP INVESTOR RELATIONS
 
Primeros Auxilios 3
Primeros Auxilios 3Primeros Auxilios 3
Primeros Auxilios 3
Sistematizacion De la Enseñanza
 
Summit 2011 trends in information security
Summit 2011 trends in information securitySummit 2011 trends in information security
Summit 2011 trends in information security
Shahar Geiger Maor
 
Stki Summit 2010 Infra Services V8
Stki Summit 2010 Infra Services V8Stki Summit 2010 Infra Services V8
Stki Summit 2010 Infra Services V8
Shahar Geiger Maor
 
Information security stki summit 2012-shahar geiger maor
Information security stki summit 2012-shahar geiger maorInformation security stki summit 2012-shahar geiger maor
Information security stki summit 2012-shahar geiger maor
Shahar Geiger Maor
 
כנס אבטחת מידע מוטו תקשורת V2
כנס אבטחת מידע מוטו תקשורת V2כנס אבטחת מידע מוטו תקשורת V2
כנס אבטחת מידע מוטו תקשורת V2
Shahar Geiger Maor
 
STKI Summit 2009 -Infrastructure Services Trends
STKI Summit 2009 -Infrastructure Services TrendsSTKI Summit 2009 -Infrastructure Services Trends
STKI Summit 2009 -Infrastructure Services Trends
Shahar Geiger Maor
 
E Mail Security Solution Industry Report PowerPoint Presentation Slides
E Mail Security Solution Industry Report PowerPoint Presentation SlidesE Mail Security Solution Industry Report PowerPoint Presentation Slides
E Mail Security Solution Industry Report PowerPoint Presentation Slides
SlideTeam
 
Networking stki summit 2012 -shahar geiger maor
Networking stki summit 2012 -shahar geiger maorNetworking stki summit 2012 -shahar geiger maor
Networking stki summit 2012 -shahar geiger maor
Shahar Geiger Maor
 
DLP Trends -Dec 2010
DLP Trends -Dec 2010DLP Trends -Dec 2010
DLP Trends -Dec 2010
Shahar Geiger Maor
 
Trends In Infrastructure Services
Trends In Infrastructure ServicesTrends In Infrastructure Services
Trends In Infrastructure Services
Ariel Evans
 
Akamai -- Analysis and Recommendation
Akamai -- Analysis and RecommendationAkamai -- Analysis and Recommendation
Akamai -- Analysis and Recommendation
Ross Andrew Simons
 
297727851 getting-to-the-cloud-event-2015
297727851 getting-to-the-cloud-event-2015297727851 getting-to-the-cloud-event-2015
297727851 getting-to-the-cloud-event-2015
Inbalraanan
 
Infrastructure Services Market 2009
Infrastructure Services Market 2009Infrastructure Services Market 2009
Infrastructure Services Market 2009
Dr. Jimmy Schwarzkopf
 
E Mail Protection Industry Report Template PowerPoint Presentation Slides
E Mail Protection Industry Report Template PowerPoint Presentation SlidesE Mail Protection Industry Report Template PowerPoint Presentation Slides
E Mail Protection Industry Report Template PowerPoint Presentation Slides
SlideTeam
 
Idc Saa S Pricing Briefing 061709
Idc Saa S Pricing Briefing 061709Idc Saa S Pricing Briefing 061709
Idc Saa S Pricing Briefing 061709
TammyMathews
 
IT governance / Office of the CIO - Short version - Galit STKI Summit 2009
IT governance / Office of the CIO - Short version - Galit STKI Summit 2009IT governance / Office of the CIO - Short version - Galit STKI Summit 2009
IT governance / Office of the CIO - Short version - Galit STKI Summit 2009
Galit Fein
 
PCI Challenges
PCI ChallengesPCI Challenges
PCI Challenges
Shahar Geiger Maor
 
Summit 2011 trends in infrastructure services
Summit 2011 trends in infrastructure servicesSummit 2011 trends in infrastructure services
Summit 2011 trends in infrastructure services
Shahar Geiger Maor
 
Office of the CIO 2009
Office of the CIO 2009Office of the CIO 2009
Office of the CIO 2009
Dr. Jimmy Schwarzkopf
 
IT Governance/Office of the CIO Trends Stki Summit 2009
IT Governance/Office of the CIO Trends Stki Summit 2009IT Governance/Office of the CIO Trends Stki Summit 2009
IT Governance/Office of the CIO Trends Stki Summit 2009
Galit Fein
 
E Mail Security Industry Overview And Implementation Report PowerPoint Presen...
E Mail Security Industry Overview And Implementation Report PowerPoint Presen...E Mail Security Industry Overview And Implementation Report PowerPoint Presen...
E Mail Security Industry Overview And Implementation Report PowerPoint Presen...
SlideTeam
 
Endpoints stki summit 2012-shahar geiger maor
Endpoints stki summit 2012-shahar geiger maorEndpoints stki summit 2012-shahar geiger maor
Endpoints stki summit 2012-shahar geiger maor
Shahar Geiger Maor
 
AI-Driven Networks: Leveling Up Network Management
AI-Driven Networks: Leveling Up Network ManagementAI-Driven Networks: Leveling Up Network Management
AI-Driven Networks: Leveling Up Network Management
Enterprise Management Associates
 
Mdm 2009 trends
Mdm 2009 trendsMdm 2009 trends
Mdm 2009 trends
Einat Shimoni
 
Data security in cloud
Data security in cloudData security in cloud
Data security in cloud
Interop
 
Office of the CIO Trends 2010
Office of the CIO Trends 2010Office of the CIO Trends 2010
Office of the CIO Trends 2010
gueste25c51c
 
Office of the CIO Trends 2010
Office of the CIO Trends 2010Office of the CIO Trends 2010
Office of the CIO Trends 2010
Galit Fein
 
Cyber economics v2 -Measuring the true cost of Cybercrime
Cyber economics v2 -Measuring the true cost of CybercrimeCyber economics v2 -Measuring the true cost of Cybercrime
Cyber economics v2 -Measuring the true cost of Cybercrime
Shahar Geiger Maor
 
From creeper to stuxnet
From creeper to stuxnetFrom creeper to stuxnet
From creeper to stuxnet
Shahar Geiger Maor
 

Mais conteúdo relacionado

Semelhante a Security Summit July 2009

Networking stki summit 2012 -shahar geiger maor
Networking stki summit 2012 -shahar geiger maorNetworking stki summit 2012 -shahar geiger maor
Networking stki summit 2012 -shahar geiger maor
Shahar Geiger Maor
 
Akamai -- Analysis and Recommendation
Akamai -- Analysis and RecommendationAkamai -- Analysis and Recommendation
Akamai -- Analysis and Recommendation
Ross Andrew Simons
 
E Mail Protection Industry Report Template PowerPoint Presentation Slides
E Mail Protection Industry Report Template PowerPoint Presentation SlidesE Mail Protection Industry Report Template PowerPoint Presentation Slides
E Mail Protection Industry Report Template PowerPoint Presentation Slides
SlideTeam
 
E Mail Security Industry Overview And Implementation Report PowerPoint Presen...
E Mail Security Industry Overview And Implementation Report PowerPoint Presen...E Mail Security Industry Overview And Implementation Report PowerPoint Presen...
E Mail Security Industry Overview And Implementation Report PowerPoint Presen...
SlideTeam
 
Endpoints stki summit 2012-shahar geiger maor
Endpoints stki summit 2012-shahar geiger maorEndpoints stki summit 2012-shahar geiger maor
Endpoints stki summit 2012-shahar geiger maor
Shahar Geiger Maor
 
Data security in cloud
Data security in cloudData security in cloud
Data security in cloud
Interop
 

Semelhante a Security Summit July 2009 (20)

Networking stki summit 2012 -shahar geiger maor
Networking stki summit 2012 -shahar geiger maorNetworking stki summit 2012 -shahar geiger maor
Networking stki summit 2012 -shahar geiger maor
 
DLP Trends -Dec 2010
DLP Trends -Dec 2010DLP Trends -Dec 2010
DLP Trends -Dec 2010
 
Trends In Infrastructure Services
Trends In Infrastructure ServicesTrends In Infrastructure Services
Trends In Infrastructure Services
 
Akamai -- Analysis and Recommendation
Akamai -- Analysis and RecommendationAkamai -- Analysis and Recommendation
Akamai -- Analysis and Recommendation
 
297727851 getting-to-the-cloud-event-2015
297727851 getting-to-the-cloud-event-2015297727851 getting-to-the-cloud-event-2015
297727851 getting-to-the-cloud-event-2015
 
Infrastructure Services Market 2009
Infrastructure Services Market 2009Infrastructure Services Market 2009
Infrastructure Services Market 2009
 
E Mail Protection Industry Report Template PowerPoint Presentation Slides
E Mail Protection Industry Report Template PowerPoint Presentation SlidesE Mail Protection Industry Report Template PowerPoint Presentation Slides
E Mail Protection Industry Report Template PowerPoint Presentation Slides
 
Idc Saa S Pricing Briefing 061709
Idc Saa S Pricing Briefing 061709Idc Saa S Pricing Briefing 061709
Idc Saa S Pricing Briefing 061709
 
IT governance / Office of the CIO - Short version - Galit STKI Summit 2009
IT governance / Office of the CIO - Short version - Galit STKI Summit 2009IT governance / Office of the CIO - Short version - Galit STKI Summit 2009
IT governance / Office of the CIO - Short version - Galit STKI Summit 2009
 
PCI Challenges
PCI ChallengesPCI Challenges
PCI Challenges
 
Summit 2011 trends in infrastructure services
Summit 2011 trends in infrastructure servicesSummit 2011 trends in infrastructure services
Summit 2011 trends in infrastructure services
 
Office of the CIO 2009
Office of the CIO 2009Office of the CIO 2009
Office of the CIO 2009
 
IT Governance/Office of the CIO Trends Stki Summit 2009
IT Governance/Office of the CIO Trends Stki Summit 2009IT Governance/Office of the CIO Trends Stki Summit 2009
IT Governance/Office of the CIO Trends Stki Summit 2009
 
E Mail Security Industry Overview And Implementation Report PowerPoint Presen...
E Mail Security Industry Overview And Implementation Report PowerPoint Presen...E Mail Security Industry Overview And Implementation Report PowerPoint Presen...
E Mail Security Industry Overview And Implementation Report PowerPoint Presen...
 
Endpoints stki summit 2012-shahar geiger maor
Endpoints stki summit 2012-shahar geiger maorEndpoints stki summit 2012-shahar geiger maor
Endpoints stki summit 2012-shahar geiger maor
 
AI-Driven Networks: Leveling Up Network Management
AI-Driven Networks: Leveling Up Network ManagementAI-Driven Networks: Leveling Up Network Management
AI-Driven Networks: Leveling Up Network Management
 
Mdm 2009 trends
Mdm 2009 trendsMdm 2009 trends
Mdm 2009 trends
 
Data security in cloud
Data security in cloudData security in cloud
Data security in cloud
 
Office of the CIO Trends 2010
Office of the CIO Trends 2010Office of the CIO Trends 2010
Office of the CIO Trends 2010
 
Office of the CIO Trends 2010
Office of the CIO Trends 2010Office of the CIO Trends 2010
Office of the CIO Trends 2010
 

Mais de Shahar Geiger Maor

Cyber economics v2 -Measuring the true cost of Cybercrime
Cyber economics v2 -Measuring the true cost of CybercrimeCyber economics v2 -Measuring the true cost of Cybercrime
Cyber economics v2 -Measuring the true cost of Cybercrime
Shahar Geiger Maor
 
Risk, regulation and data protection
Risk, regulation and data protectionRisk, regulation and data protection
Risk, regulation and data protection
Shahar Geiger Maor
 
Infrastructure Trends -Jan 2010
Infrastructure Trends -Jan 2010Infrastructure Trends -Jan 2010
Infrastructure Trends -Jan 2010
Shahar Geiger Maor
 
Info Sec C T O Forum Nov 2009 V1
Info Sec C T O Forum Nov 2009 V1Info Sec C T O Forum Nov 2009 V1
Info Sec C T O Forum Nov 2009 V1
Shahar Geiger Maor
 
Green IT Trends in Israel July 2008
Green IT Trends in Israel July 2008Green IT Trends in Israel July 2008
Green IT Trends in Israel July 2008
Shahar Geiger Maor
 

Mais de Shahar Geiger Maor (19)

Cyber economics v2 -Measuring the true cost of Cybercrime
Cyber economics v2 -Measuring the true cost of CybercrimeCyber economics v2 -Measuring the true cost of Cybercrime
Cyber economics v2 -Measuring the true cost of Cybercrime
 
From creeper to stuxnet
From creeper to stuxnetFrom creeper to stuxnet
From creeper to stuxnet
 
Mobile payment v3
Mobile payment v3Mobile payment v3
Mobile payment v3
 
Risk, regulation and data protection
Risk, regulation and data protectionRisk, regulation and data protection
Risk, regulation and data protection
 
STKI Mobile brainstorming -MDM Panel
STKI Mobile brainstorming -MDM PanelSTKI Mobile brainstorming -MDM Panel
STKI Mobile brainstorming -MDM Panel
 
Social Sec infosec -pptx
Social Sec infosec -pptxSocial Sec infosec -pptx
Social Sec infosec -pptx
 
Cloud Security CISO club -April 2011 v2
Cloud Security CISO club -April 2011 v2Cloud Security CISO club -April 2011 v2
Cloud Security CISO club -April 2011 v2
 
Cloud security v2
Cloud security v2Cloud security v2
Cloud security v2
 
Infrastructure Trends -Jan 2010
Infrastructure Trends -Jan 2010Infrastructure Trends -Jan 2010
Infrastructure Trends -Jan 2010
 
Info Sec C T O Forum Nov 2009 V1
Info Sec C T O Forum Nov 2009 V1Info Sec C T O Forum Nov 2009 V1
Info Sec C T O Forum Nov 2009 V1
 
Green Security
Green SecurityGreen Security
Green Security
 
IPv6
IPv6IPv6
IPv6
 
Trends In The Israeli Information Security Market 2008
Trends In The Israeli Information Security Market 2008Trends In The Israeli Information Security Market 2008
Trends In The Israeli Information Security Market 2008
 
Trends in the World and Israeli Green Data Centers (2008)
Trends in the World and Israeli Green Data Centers (2008)Trends in the World and Israeli Green Data Centers (2008)
Trends in the World and Israeli Green Data Centers (2008)
 
Trends in the Israeli Infrastructure Services/STKI Summit -Update June 2008
Trends in the Israeli Infrastructure Services/STKI Summit -Update June 2008Trends in the Israeli Infrastructure Services/STKI Summit -Update June 2008
Trends in the Israeli Infrastructure Services/STKI Summit -Update June 2008
 
Green IT Trends in Israel July 2008
Green IT Trends in Israel July 2008Green IT Trends in Israel July 2008
Green IT Trends in Israel July 2008
 
Round Tables Summary
Round Tables SummaryRound Tables Summary
Round Tables Summary
 
Green IT Trends in Israel
Green IT Trends in IsraelGreen IT Trends in Israel
Green IT Trends in Israel
 
Round Tables: Summary
Round Tables: SummaryRound Tables: Summary
Round Tables: Summary
 

Último

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Último (20)

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 

Security Summit July 2009

  • 1. Your Text here Your Text here Shahar Geiger Maor shahar@stki.info Visit My Blog: http://shaharmaor.blogspot.com/ 1
  • 2. Agenda 1 Downturn Economics 2 Communication CISOs Agenda Your Text here Your Text here 3 Technologies (NAC, DCS, IAM SIEM) Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 2
  • 3. Israeli Information Technology Market Size Your Text here Market here 2008: Your Text size 4.645 B$ Market size 2009: 4.063 B$ Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 3
  • 4. IT Market Share (%) by Industry Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 4
  • 5. Israeli Information Security Market Size GRC and Security market size (Ms of $) Your Text here 2008 2009 Your Text here 2010 Governance & Risk Management (also BCP) 35.0 42% 50.0 50% 75.0 Security (projects) 95.0 -10.53% 85.0 11.76% 95.0 Security (Software) 90.0 -5.56% 85.0 -5.88% 80.0 Total 220 0% 220 14% 250 Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 5
  • 6. Security Budgeting Difficulties – The Market is Under Stress Although most 2009 72% expect additional security budgets are set downward revisions during (89% surveyed) the remainder of the year Your Text here Your Text here 65% of security vendors are 53% of vendors are providing discounts for new reducing maintenance fees products purchases Source: http://metrosite.files.wordpress.com/2008/06/information_security_spending_survey_2009.pdf Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 6
  • 7. Vendor Discounting in Response to Buyer Request Your Text here Your Text here Source: http://metrosite.files.wordpress.com/2008/06/information_security_spending_survey_2009.pdf Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 7
  • 8. Security Budgeting Difficulties – Downturn Mechanism Longer POC Your Text here Longer Your Text here sale cycle Vendor bottom line turns red Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 8
  • 9. More Optimism about Security Spending 45% 40% 35% 30% 25% Your Text here Your Text here IT Spending 20% Sec Spending 15% 10% 5% 0% > -10% -10% to -5% -5%% to 5% 5% to 10% 10+% Source: http://metrosite.files.wordpress.com/2008/06/information_security_spending_survey_2009.pdf Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 9
  • 10. What’s on the CISO’s Agenda? (STKI Madad 2008-2009) Network DLP Hardening Market Players 5% 4% 3% 5% Access GRC 18% 5% Miscellaneous EPS/Anti x 6% Your Text here Your Text here 14% NAC DB Protection WAF & Apps 6% 7% 11% Management Trends 8% 8% Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 10
  • 11. What’s on the CISO’s Agenda? (STKI Madad March-June 2009) Sec Tools SIEM/SOC EPS 5% 5% 5% DB/DC SEC Encryption 18% 9% Access/Authenti Market/Trends cation Your Text here Your Text here 10% 15% NAC Miscellaneous 10% DLP 15% 10% Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 11
  • 12. What’s on the CISO’s Agenda? Financial sector: • Access and DLP: Mobile Security, OTP, Data Obfuscation Governmental agencies and subsidiaries: • NAC, IDM High-Tech and Services: Your Text here Your Text here • Virtualization, Cloud Computing, EPS and mobility Cross-sector: • SIEM-SOC, Application Security and methodologies Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 12
  • 13. Security Staffing Ratios Organization Type Ratios of Security Personnel (Israel) Average Public Sector 0.15% of Total Users Your Text here Your Text here “Sensitive” Public Sector 0.5% of Total Users Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 13
  • 14. Technologies Categorization 2009 Business Value Investment to make money Remote Access Cut costs, Increase Manage Sec. productivity IAM/IDM Services IT Project Business SSO Cloud Project App. Your Text here Anti Your Text here Sec. DLP Size of figure = Commodity IT X Mobile complexity/ EPS SIEM/SOC Sec. Services cost of project DB Vir. Network NAC Sec. Sec. Security Investment for regulations GRC Using Implementing Looking Market Maturity Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 14
  • 15. Network Access Control Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 15
  • 16. NAC Insights NAC has not been “fully digested” by Israeli customers in 2008. There should be more activity in 2009 NAC can be deployed less expensively when it is an embedded feature of an existing vendor and customers take notice of it Some network and security vendors alreadyText here Your Text here Your have solutions that can be part of the NAC process  Israeli customers first priority: network visibility and guest network control Network or Security? NAC is a Layer 2 vs. Layer 3 match Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 16
  • 17. Data Centric Security Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 17
  • 18. Data Centric Approach Your Text here Your Text here “Business of Security” – Security “perimeter security” is built into the business process Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 18
  • 19. Data Centric Security Arena DLP ERM Database Encryption Protection EPS Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 19
  • 20. DLP –Market Status DLP Deployments Status -Israel 1Q09 Solution Deployed 20% Your Text here PlanYour Text here to Deploy Not "There" Yet Soon 60% 20% Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 20
  • 21. Identity & Access Management (IDM/IAM) Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 21
  • 22. IDM/IAM Savings Your Text here Your Text here Source: http://blogs.technet.com/mcs-ireland-infrastructure/default.aspx Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 22
  • 23. Key Success Factors for Future IDM Project Consider IDM also as a business project, rather than a pure IT project Make sure the project bridges the gap between business and IT  StartYour Text here easier success (Single Signhere a small for Your Text On, vertical project)  Choose a step-by-step approach, rather than a mastodon implementation. Focus on basic functionalities not on the additional features Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 23
  • 24. Security Information and Event Management Your Text here Your Text here 24
  • 25. Silos of Redundant Information Management Your Text here Your Text here Source: Network Intelligence Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 25
  • 26. An Enterprise Platform for Compliance and Security Your Text here Your Text here SIEM Source: Network Intelligence Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 26
  • 27. SIEMSOC “Round Table” Insights How to “sell” SIEM project to your organization Knowing when NOT to start a project Reporting Systems, Logging and parsing “Tracing the events” (real-time?) Who defines what is “risk”? How to translate it to HD? Your Text here Your Text here Maintenance and operations: What does it take? Outsourced SOC (must be taken under consideration) Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 27
  • 28. Your Text here Your Text here Shahar Geiger Maor VP & Senior Analyst shahar@stki.info 28