Mais conteúdo relacionado Semelhante a La Seguridad en la Economía de las Aplicaciones (20) Mais de Asociación de Marketing Bancario Argentino (20) La Seguridad en la Economía de las Aplicaciones1. La Seguridad en la Economía de las
Aplicaciones
Mayo 2015
Denyson Machado
Sr Director Sales Security - LATAM
2. 2 © 2015 CA. ALL RIGHTS RESERVED.
1http://www.gartner.com/newsroom/id/2654115
2http://www.gartner.com/newsroom/id/2352816
3Gartner predicts, 2013 - Application Development
“Software is eating the world”
- Marc Andreeson
A perfect technology storm of mobile apps,
connected products, social connections, data
analytics, and cloud computing continually raises
customer expectations for quality in every industry.3
$131B
worldwide spending
on public cloud
service2
50%
of B2B collaboration
will take place
through APIs by 20163
268B
projected number of
mobile app downloads
by 20171
APPLICATION
ECONOMY
Welcome to the
3. 3 © 2015 CA. ALL RIGHTS RESERVED.
Application Quality and User Experience are Critical
Increasing Customer Expectations & Impact
Sources: *Aberdeen Group, Reaching the Top of the Web Performance Mountain, March 2013
Digital Trends, Are you a rarity? Only 16 percent of people will try out an app more than twice, March 2013
RT.com, NASDAQ longest downtime adds to woes over glitches in electronic trading, Aug 2013
of users will abandon a web
application after just three
seconds of delay*
80-90%
of all consumer
applications will only
be used ONCE
cost of trading
losses during
Facebook IPO due
to ‘system
problems’
25%
$500M
4. 4 © 2015 CA. ALL RIGHTS RESERVED.
Your Apps are Something You are
Not just Something You do…
5. 5 © 2015 CA. ALL RIGHTS RESERVED.
Digitally Connected Banking
Huge Opportunities
2015
Brazilian bank
innovates with first
banking app for Ford
Applink
mobile banking
users by 2019 **
Sources: * McKinsey & Company, August 2014, “The future of US retail-banking distribution”
** Juniper Research, July 2014, Press Release
of customers interact
with their banks
through multiple
channels *
1.75B
65%
6. 6 © 2015 CA. ALL RIGHTS RESERVED.
Understanding Your Market & Consumers
Challenge to Meet Expectations
Source: Accenture, 2014 North America Consumer Digital Banking Survey, “The Digital Disruption in Banking”
27%
Would consider a
branchless digital
bank
71%
Consider their banking
relationship to be
transactional rather
than relationship
driven
51%
Want their bank to
proactively
recommend products
and services for their
financial needs
48%
Are interested in real-
time and forward-
looking spending
analysis
7. 7 © 2015 CA. ALL RIGHTS RESERVED.
Understanding “New Competitors”…
Source: Accenture, 2014 North America Consumer Digital Banking Survey, “The Digital Disruption in Banking”
Q: If these companies offered banking services how likely would you be to bank with them?
Percent of customers which would likely bank with each non-bank with which they do business.
14%
15%
16%
17%
17%
17%
17%
18%
19%
20%
20%
21%
21%
21%
23%
26%
26%
26%
29%
29%
29%
31%
41%
50%
Shoppers Drug Mart (Canadian only)
CVS (US only)
Bell Mobility (Canadian only)
Wallgreens (US only)
Target
UPS
Rogers Wireless (Canadian only)
Verizon Wireless (US only)
eBay
FedEx
United States Postal Service (US only)
Yahoo
Telus Mobility (Canadian only)
Canadia Post (Canadian only)
Walmart
Sprint (US only)
AT&T Mobility (US only)
Amazon
Google
Apple
Costco
T-Mobile (US only)
PayPal
Square
8. 8 © 2015 CA. ALL RIGHTS RESERVED.
3 Themes?
TO MEET
THESE
CHALLENGES,
BANKS
SHOULD
ADVANCE ON
THREE
FRONTS:
1
Become truly omnichannel by seamlessly
integrating the customer experience
across in-branch, assisted, and digital
interactions
2 Extend the ecosystem by offering a
greater range of services for their
customer
3
Offer digital personalized financial advice
and counseling to their customer to help
them better manage their financial needs
BE SECURE
9. 9 © 2015 CA. ALL RIGHTS RESERVED.
Security concerns the top
obstacle in app economy#1
-- CA Technologies with Vanson Bourne
Increase in
Breaches YoY from
2013 to 2014
78%
Leaders saw revenue
increase for security-
enabled services
(18% of Laggards)
47%
Security priority for
business is
improving mobile
experience
#2
Overall IT spend
devoted to Security
over next 3 years
>25%
Security
10. Security Enables & Protects the business in the App Economy
PROTECT THE BUSINESS
Secure access to on-premise and
cloud applications
Govern user access
across enterprise
Protect against insider threats
and external attacks
ENABLE THE BUSINESS
Accelerate the delivery of
secure applications
Deliver services across customer
channels
– from Web to Mobile to APIs
Provide consumers an Amazing
user experience
OPEN ENTERPRISE
11. 11 © 2015 CA. ALL RIGHTS RESERVED.
Developer
Communities
Partners/Divisions
Customers
Employees / Contractors
Mobile / IoT
Cloud Services
On Premise
Desktop / Web
IDENTITY IS HOW YOU
PROTECT ACCESS
TO DATA & APPLICATION
APIS ARE
HOW YOU CONNECT
DATA & APPLICATIONS
12. 12 © 2015 CA. ALL RIGHTS RESERVED.
In the App Economy the Identity is the New Perimeter
Customers
Citizens
Employees / Partners
Connected Apps / Devices
Cloud Services
On Premise Apps
13. And Secured APIs will Enable the Digital Success
APIs
IOT DEVICES
CLOUD
MOBILE
PARTNERS/EXTERNAL
DIVISIONS
EXTERNAL
DEVELOPERS
Data
Data
Your New
Digital
Business
14. 14 © 2015 CA. ALL RIGHTS RESERVED.
Security in the App
Economy
15. 15 © 2015 CA. ALL RIGHTS RESERVED.
--on average, a new type of malware was discovered
every 3.75 seconds! In 2014 as a whole, just under six
million new malware strains were seen in the wild, some
77% more than 2013's total.
-- more than double the number of distributed denial of
service attacks in the first quarter of 2015 compared to first
quarter 2014.
-- with a potentially dangerous trend in the 2015 attacks,
with peak DDoS attacks of 100 Gbps making up a
significantly bigger part of the total.
--malware developers are mainly targeting the ubiquitous
Microsoft platforms, with malware programmed as .NET
applications continuing to rise. Overall, new variants for
Windows platforms made up 99.9 percent of the new
malware variants.
16. 16 © 2015 CA. ALL RIGHTS RESERVED.
Increasingly public
breaches will cause shift
from IDM to Identity
Access Security (IAS)
PREDICTION #1
Recent breaches (Target, SONY, Lowe’s)
have IT executives running scared. As
the financial & reputational damage of
a breach increases, they will be
increasing their security budgets to
increase their controls over systems,
data, and insider actions.
70%
of Companies Report a
Security Breach in Last
12 Months
Source: Ponemon Institute Source: Ponemon Institute
Security budgets
will increase
in the next 3 years
39%
REPORT: Cybercrime costs US $12.7M a year
The cost of attacks on large companies is up by 10 percent
Average company now
compromised every four
days, with no end to the
cybercrime wave in sight
Summary: Phishing, denial-
of-service and virus attacks
are now a standard part of
doing business for most
organizations.
17. 17
© 2014 CA. All rights reserved. CA confidential and proprietary information; for internal use only.
No unauthorized use, copying or distribution.
Multi-Factor
Risk Based
Identity
Management
EmployeesCustomers
Partners
Access Controls
Privileged Access
Privileged Identity
Management
Black Hats
Web Access
Management
Federation
Cloud Services
DCs
APIs
18. 18 © 2015 CA. ALL RIGHTS RESERVED.
The rise of the Application
Economy will drive the need for
an “identity dial-tone” to span all
apps, helping to accelerate new
app deployment
PREDICTION #2
There will be an Increased need for
universal access to identity information
across the enterprise. Apps of all kinds
will need easy access to identity &
entitlement info, and it will increasing
be available thru identity system APIs.
A common “identity dial-tone” will
help simplify app development, and
spur new innovative initiatives
Identity “dial-tone”
Employees Customers Partners
Cloud Apps Mobile Apps On-Prem Apps
19. 19 © 2015 CA. ALL RIGHTS RESERVED.
Universal
authentication comes
to your pocket or purse
PREDICTION #3
There will be increased focus on authentication,
driven by factors such as Obama’s executive order
(for multi-factor authentication), chip and pin
technology, etc. Many authentication trends will
begin to converge – biometrics, geolocation,
context, etc. Organizations will strive for “zero-
touch authentication” to deliver as near a
password-free an experience for their customers
and employees as possible. Increasingly, the
phone will be used as a universal authenticator.
Device as universal
authenticator
Passwords
Conduct a
transaction
Control a
connected device
(eg open a door)
Connect
to an app
20. 20 © 2015 CA. ALL RIGHTS RESERVED.
• 10-15% market
• “Walled garden”
• iOS 8
• ~77% adoption
• 80-85% market
• Open source
• Lollipop, but let’s
look at Kit Kat…
• ~40% adoption
22. 22 © 2015 CA. ALL RIGHTS RESERVED.
IoT: Toilet Attack?
• Luxury toilet that can be
controlled via Android app
• Connection to the any toilet
is done via the Bluetooth of
the device
23. 23 © 2015 CA. ALL RIGHTS RESERVED.
Mobility & IoT drives
the emergence of API-
first architectures
PREDICTION #4
Apps (esp mobile apps) need to have
reduced delivery times. But, traditional
middleware is heavy and difficult to use
to build these apps on. The rise of mobile
and IoT will drive a move towards lighter-
weight, API-first architectures in order to
more easily connect these (and other
devices) into the digital ecosystem.
APIs
LIGHTER-WEIGHT,
API-BASED ARCHITECTURES
Developers
Customers
Employees
Cloud
Services
On-Premise
Web Mobile loT
IDENTITIES DEVICE TYPES APP TYPES
Today there are 1.5 connected devices per person in the world.
By 2020, there will be 8 devices per person
Biztech Magazine
24. 24 © 2015 CA. ALL RIGHTS RESERVED.
Increased board
visibility into corporate
security strategy
PREDICTION #5
Corporate executives & boards will be
increasingly held accountable for
breaches that damage their corporate
brand, so their level of involvement in
security strategy will increase. Security
will shift from an “IT problem” to an
“Executive problem”. Concerns over
“denial of business” (DoB) will drive
increased Board oversight.
Identify
Protect
DetectRespond
Recover
Security Strategy & Infrastructure
(example: NIST Cybersecurity Infrastructure)
Corporate &
Customer Info
Board
25. 25 © 2014 CA. ALL RIGHTS RESERVED.
APIsApps
CA SECURITY
Simple, Seamless Security
DEV & TEST DEPLOY OPERATE
PLAN MEASURE
CA MANAGEMENT CLOUD
Business Alignment
CA DEVOPS
Agile Development & Operations
Those who build the apps will own the future ...
and those apps rely on CA Technologies
26. 26 © 2015 CA. TODOS LOS DERECHOS RESERVADOS.© 2015 CA. Todos los derechos reservados.
Gracias
¿Preguntas?